@War: The Rise of the Military-Internet Complex (36 page)

But time is running short. Governments and corporations are making the rules as they go, and their actions have had a more tangible effect than many have realized. It's incumbent on everyone who touches cyberspace—which is undeniably a collective—to find what Eisenhower called “essential agreement on issues of great moment, the wise resolution of which will better shape the future of the nation.” As anxious as Eisenhower was about the emergence of powerful and potentially destructive new technologies, he was more wary of a “scientific-technological elite” who claimed to know best how to make decisions that free people could make for themselves. It was the entitlement of the military-industrial complex that Eisenhower feared most. And his reminder to remain vigilant to the “rise of misplaced power” resonates as much now as it did then. “We should take nothing for granted. Only an alert and knowledgeable citizenry can compel the proper meshing of the huge industrial and military machinery of defense with our peaceful methods and goals, so that security and liberty may prosper together.”

B
OOK WRITING IS
a solitary experience. But publishing a book is a collaborative act. Actually, it's a series of them. I'd like to mention a few people whose guidance, encouragement, support, and time was especially valuable to me along this book's journey.

I long ago ran out of superlatives to describe my agent, Tina Bennett, which, I can attest, is a common problem among her clients. She is one of the most thoughtful people I know, and a tireless advocate for her writers and their work. This is our second book together, and as with the first, she sharpened and refined my ideas and helped me realize what I wanted to say. A writer can have no better companion.

Which is why I'm absurdly lucky to have two of them. I would trust my editor, Eamon Dolan, with my firstborn, which I suppose I did. This is also our second book together, and not that I needed to be reminded of his gifts and generosity, but I was. Eamon didn't just make this book better with his graceful editing and assiduous attention to detail. He helped to conceive a frame for the story. It's not an exaggeration to say that this would have been a different book if not for Eamon—and it would have been an inferior one.

Thank you also to Tina and Eamon's colleagues. Svetlana Katz never missed a beat, answered my every question, and saved my bacon on one occasion. And Ben Hyman kept me on track for the many deadlines that come before and after one actually finishes writing a book. I'm grateful to Margaret Wimberger, who carefully copyedited my manuscript, finding plenty of figurative bolts to tighten and wrinkles to iron. Thanks also to Larry Cooper for shepherding the manuscript through production to eventual publication.

Simon Trewin at WME was an early champion for me and the book in London. He guided my proposal to Simon Thorogood at Headline Publishing Group, whose enthusiasm for this project has been unflagging. I'm so pleased that the book found a home with them, and that more people will have a chance to read it because of their efforts.

I'm grateful to my new friends and colleagues at New America, both for their support for this book and my research and for the intellectual community they've created. I've been thrilled to be a part of it, especially because I've admired the work of New America's scholars for years. Special thanks to Andrés Martinez and Becky Shafer, who so ably corraled and guided our band of fellows. Becky and Kirsten Berg also assisted with research on some crucial chapters in the book, and I'm grateful for their help. Thanks also to Peter Bergen for his kindness and all he's done to support me and my work. Tim Maurer created a series of superb discussions on cyber security that deepened and sharpened my thinking. I'm grateful to Arizona State University and President Michael Crow for their support of my research on the future of war. And thanks to Anne-Marie Slaughter, New America's president and CEO, for her leadership, encouragement, and enthusiasm.

I was the luckiest writer in town to have Denise Wills as my editor for three years at
Washingtonian
magazine, and I'm luckier still to have her as a friend. She's the dream editor—both a coach and a collaborator. So is Noah Shachtman, who brought me back to the news business at
Foreign Policy.
We had rambunctious fun in the few months we worked together, which happened to coincide with the biggest news event of 2013. Good timing, Papi.

Thanks to my colleagues at
Foreign Policy
for making me happy to come to work every day, especially Yochi Dreazen and our news team. Thanks also to Ben Pauker, Peter Scoblic, Mindy Kay Bricker, and David Rothkopf for all they've done guiding this fast-moving and fast-growing ship.

I owe a particular debt of gratitude to the voluminous and insightful reporting of several journalist colleagues whose work informed my own research, including Siobhan Gorman and Danny Yadron at the
Wall Street Journal;
David Sanger, Nicole Perlroth, and John Markoff at the
New York Times;
Ellen Nakashima at the
Washington Post;
Tony Romm at
Politico;
Spencer Ackerman at the
Guardian
and formerly of
Wired
's Danger Room blog; Kim Zetter, also of
Wired
and author of its Threat Level blog; Joseph Menn at Reuters; and Michael Riley at
Bloomberg Businessweek.
Each of them has done groundbreaking work on this terrain.

Thanks to my friend and favorite lunch companion, Ben Wittes, whose blog
Lawfare
is an indispensable destination for serious thinking about national security. Ben has been an unfailing counselor and guide to me over the years, supremely generous with his time and ideas.

Carol Joynt has been a source of fun and laughter, support and wisdom. She's a true pal, and an ace reporter, who has taught and inspired me. Thanks also to Spencer Joynt, both for letting his dear mom stay out late and for his friendship.

Dave Singleton continues to be the best friend a guy can have. It's hard to find someone who can embrace, and frequently tolerate, the many sides of yourself. We met nearly fifteen years ago, and we didn't know at the time we had something so rare. But we do now.

Christopher Kerns makes me laugh hard and think hard at the same time. His willingness to say what he means and to mean what he says has made me a sharper thinker and a stronger journalist. I cherish our conversations, whether over a drink or a long car ride.

Special thanks go to my friends Jason Kello and Jason Wilson, whose thoughtful insights into cyber security—what it looks like now and where it's going—inform so many parts of this book. Their enthusiasm for this subject is infectious. Their ability to translate technical complexity into clear, compelling language is remarkable.

My longtime mentor and friend Anne Laurent has a special place at the heart of everything I write. More than a decade ago she put me on the path of writing about the intersection of technology and security. Surely I wouldn't be here if not for her.

Thanks to my family, particularly my mother and father, Ed and Carol Harris, for being teachers and teammates, and always at the moments I needed them most. To Troy, Susan, and Madelyn Harris, thank you for reminding me every day about the constancy of family. My grandmother, Bettiann Kinney, who taught me to tell stories, continues to be a source of inspiration in more ways than I'd ever expected. To my mother-in-law, Mary de Feo, and my (now legal) extended family, thank you for bringing so much laughter and happiness into my life, and for welcoming me into yours.

Finally, to my husband, Joe de Feo, what could I possibly tell you that you don't already know? Somehow you manage to make me happier every day than I was the last. The months I spent writing this book, sitting with the two little monsters in one room and you working in the other, were some of the happiest we've shared. Thank you for everything you've done for me, and for us. Thank you for centering me. And thank you for being there when I come home. It's my favorite part of the day.

 

Prologue

 

[>]
He was an ex-military officer:
This account is based on interviews with a number of former Defense Department officials, as well as news reports.

[>]
About 7.5 million lines:
“Joint Strike Fighter: Strong Risk Management Essential as Program Enters Most Challenging Phase,” US Government Accountability Office, GAO-09-711T, May 20, 2009,
http://www.gao.gov/products/GAO-09-711T
.

[>]
In 2006
it held at least $33.5 billion:
“Top 200 Contractors,”
Government Executive
, August 15, 2007,
http://www.govexec.com/magazine/2007/08/top-200-contractors/25086/
.

[>]
The spies had made off:
“Computer Spies Breach Fighter-Jet Project,”
Wall Street Journal
, April 21, 2009,
http://online.wsj.com/news/articles/SB124027491029837401
.

[>]
The spies had penetrated:
“Security Experts Admit China Stole Secret Fighter Jet Plans,”
Australian
, March 12, 2012,
http://www.theaustralian.com.au/news/world/security-experts-admit-china-stole-secret-fighter-jet-plans/story-fnb64016-1226296400154#mm-premium
.

[>]
It bore a number of design:
Andrea Shalal-Esa, “Pentagon Sees Risks, Progress on Lockheed's F-35 Jet,” Reuters, April 24, 2013,
http://www.reuters.com/article/2013/04/25/us-lockheed-fighter-idUSBRE93O00E20130425
.

[>]
The CEOs weren't sure:
Author interviews with meeting participants and others who were briefed afterward, as well as Defense Department officials who worked on the DIB program. Interviews included Robert Lentz, the deputy assistant defense secretary who oversaw the initiative; James Lewis, a cyber security expert with the Center for Strategic and International Studies in Washington, DC; and Steve Hawkins, vice president of information security solutions at Raytheon, 2009. Also air force general Michael Basla, 2013.

[>]
“A lot of people went”:
Author interview with James Lewis, April 2009.

[>]
After the meeting the Defense Department:
Author interviews with current and former Defense Department and Homeland Security Department officials, as well as corporate executives, 2009 and 2013.

[>]
“cyber Pearl Harbor”:
Panetta spoke aboard the Intrepid Sea, Air & Space Museum in New York City on October 12, 2012,
http://www.defensenews.com/article/20121012/DEFREG02/310120001/Text-Speech-by-Defense-U-S-Secretary-Leon-Panetta
.

[>]
Five months earlier President Barack Obama:
Barack Obama, “Taking the Cyberattack Threat Seriously,”
Wall Street Journal
, July 19, 2012,
http://online.wsj.com/news/articles/SB10000872396390444330904577535492693044650
.

[>]
FBI director James Comey:
Comey testified before the Senate Committee on Homeland Security and Governmental Affairs on November 14, 2013,
http://www.fbi.gov/news/testimony/homeland-threats-and-the-fbis-response
.

[>]
In 2014
the government planned:
Chris Strohm and Todd Shields, “Obama Boosts Pentagon Cyber Budget Amid Rising Attacks,”
Bloomberg.com
, April 11, 2013,
http://www.bloomberg.com/news/2013-04-10/lockheed-to-general-dynamics-target-shift-to-cyber-spend.html
.

[>]
To put that in some perspective:
Federal Climate Change Expenditures Report to Congress
, August 2013,
http://www.whitehouse.gov/sites/default/files/omb/assets/legislative_reports/fcce-report-to-congress.pdf
.

 

1. The First Cyber War

 

[>]
Bob Stasio never planned:
Author interview, October 2013.

[>]
In May 2007:
The account of the meeting is based on two lengthy interviews with Mike McConnell, then the president's director of national intelligence, as well as an interview with Fran Townsend, then Bush's counterterrorism adviser, and Dale Meyerrose, a retired air force general who was then a senior official in the Office of the Director of National Intelligence. The operational details of the NSA and the military's cyber activities in Iraq come from three former military intelligence officers who participated in the operations and asked not to be identified. Other officials, including David Petraeus, former commander of US forces in Iraq, have spoken publicly about cyber operations in Iraq and the contribution they made to the US victory there.

[>]
The president had already okayed:
In addition to the author's own interviews with current and former US officials and computer security experts, information about the Stuxnet campaign was drawn from voluminous research papers and news articles, of which the following provided key details: Ralph Langner, “Stuxnet's Secret Twin,”
Foreign Policy
, November 21, 2013,
http://www.foreignpolicy.com/articles/2013/11/19/stuxnets_secret_twin_iran_nukes_cyber_attack#sthash.nq7VuMAC.8FWcquMx.dpbs
; David Sanger, “Obama Order Sped Up Wave of Cyberattacks Against Iran,”
New York Times
, June 1, 2012,
http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=all
; James Bamford, “The Secret War,”
Wired
, June 12, 2013,
http://www.wired.com/threatlevel/2013/06/general-keith-alexander-cyberwar/all/
; and Jim Finkle, “Researchers Say Stuxnet Was Deployed Against Iran in 2007,” Reuters, February 26, 2013,
http://www.reuters.com/article/2013/02/26/us-cyberwar-stuxnet-idUSBRE91P0PP20130226
.

[>]
The prior year had been one of the bloodiest:
Casualty statistic from
iCasualties.org
,
http://icasualties.org/Iraq/index.aspx
.