Segal - The Hacked World Order: How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age

Copyright 2016 by Adam Segal.

Published in the United States by PublicAffairs, a Member of the Perseus Books Group

All rights reserved.

Printed in the United States of America.

A Council on Foreign Relations Book

No part of this book may be reproduced in any manner whatsoever without written permission except in the case of brief quotations embodied in critical articles and reviews. For information, address PublicAffairs, 250 West 57th Street, 15th Floor, New York, NY 10107.

PublicAffairs books are available at special discounts for bulk purchases in the U.S. by corporations, institutions, and other organizations. For more information, please contact the Special Markets Department at the Perseus Books Group, 2300 Chestnut Street, Suite 200, Philadelphia, PA 19103, call (800) 810-4145, ext. 5000, or e-mail .

Book design by Jack Lenzo

Library of Congress Cataloging-in-Publication Data

Names: Segal, Adam, 1968 author.

Title: The hacked world order: how nations fight, trade, maneuver, and manipulate in the digital age / Adam Segal.

Description: New York: PublicAffairs, 2016. | Includes bibliographical references and index.

Identifiers: LCCN 2015030885| ISBN 9781610394161 (ebook)

Subjects: LCSH: Internet and international relations. | Technology and international relations. | Internet in espionage. | Cyberterrorism. | CyberspacePolitical aspects. | HackingPolitical aspects. | BISAC: POLITICAL SCIENCE / International Relations / General. | POLITICAL SCIENCE / Political Freedom & Security / International Security. | COMPUTERS / Internet / Security.

Classification: LCC JZ1254 .S44 2016 | DDC 327.10285/4678dc23 LC record available at http://lccn.loc.gov/2015030885

First Edition

10 9 8 7 6 5 4 3 2 1

The Council on Foreign Relations (CFR) is an independent, nonpartisan membership organization, think tank, and publisher dedicated to being a resource for its members, government officials, business executives, journalists, educators and students, civic and religious leaders, and other interested citizens in order to help them better understand the world and the foreign policy choices facing the United States and other countries. Founded in 1921, CFR carries out its mission by maintaining a diverse membership, with special programs to promote interest and develop expertise in the next generation of foreign policy leaders; convening meetings at its headquarters in New York and in Washington, DC, and other cities where senior government officials, members of Congress, global leaders, and prominent thinkers come together with CFR members to discuss and debate major international issues; supporting a Studies Program that fosters independent research, enabling CFR scholars to produce articles, reports, and books and hold roundtables that analyze foreign policy issues and make concrete policy recommendations; publishing Foreign Affairs, the preeminent journal on international affairs and U.S. foreign policy; sponsoring Independent Task Forces that produce reports with both findings and policy prescriptions on the most important foreign policy topics; and providing up-to-date information and analysis about world events and American foreign policy on its website, www.cfr.org. The Council on Foreign Relations takes no institutional positions on policy issues and has no affiliation with the U.S. government. All views expressed in its publications and on its website are the sole responsibility of the author or authors.

For my children, Lily and Noah Segal

CONTENTS

J ust as historians consider 1947 as the year that two clear sides in the Cold War emerged, we will look back at the year that stretches roughly from June 2012 to June 2013 as Year Zero in the battle over cyberspace. It was by no means the first year to witness an important cyberattack or massive data breach; those had arguably happened several times before. In the 1990s the United States used cyber weapons against Serbia, and in 2007 hackers stole credit and debit card information from at least 45 million shoppers at T.J.Maxx and Marshalls. In 2008 hackers, suspected to be working with the Russian intelligence services, breached the Pentagons classified networks. But it was in 2012 that nation-states around the world visibly reasserted their control over the flow of data and information in search of power, wealth, and influence, finally laying to rest the already battered myth of cyberspace as a digital utopia, free of conventional geopolitics. The assault on this vision was comprehensive, global, and persistent.

The conflict in cyberspace will only become more belligerent, the stakes more consequential. An estimated 75 percent of the worlds population now has access to a mobile phone, and the Internet connects 40 percent of the planets population, roughly 2.7 billion people. Information and communications networks are embedded in our political, economic, and social lives. Individuals and civil society now participate in global politics in new ways, but sovereign states can do astonishing and terrifying things that no collection of citizens or subjects can carry out. We will all be caught in the fallout as the great powers, and many of the lesser ones, attack, surveil, influence, steal from, and trade with each other.

YEAR ZERO: A TIMELINE

Year Zero began with a newspaper article. In June 2012, US officials leaked details of a computer attack on Irans nuclear program, code-named Olympic Games, that had begun under President George W. Bush. For years, the United States had been trying to stop Iran from building a bomb through diplomatic pressure and financial sanctions. Someone, probably the Mossad, Israels intelligence agency, had also been assassinating Iranian scientists: a remote-controlled bomb attached to a motorcycle killed Masoud Alimohammadi, a physics professor, just as he stepped outside his home in the north of Tehran. Cyberattacks formed a quieter, much less deadly component of this campaign.

The malware (malicious software) known as Stuxnet, allegedly developed by the United States in cooperation with Israel and first detected in 2010, surreptitiously slowed down and sped up the motors in Iranian centrifuges being used to enrich uranium and opened and closed valves that connected six cascades of centrifuges. Eventually the motors tore themselves apart, and Iran had to replace 1,000 damaged machines. As it was doing its damage, Stuxnet provided false feedback to operators so that they had no idea what was going on. The goal was to make the changes so imperceptible that the Iranians would think the destruction stemmed from bad parts, faulty engineering, incompetence, or all three. Ralph Langner, a German cybersecurity expert who was among the first to decode bits of Stuxnet, estimated that 50 percent of the malwares development costs went into efforts to hide the attack. One US government official told the New York Times that Stuxnet aimed to mess with Irans best scientific minds and make them feel they were stupid.

Although the Iranians admitted some infections of their computer systems, the ultimate strategic effect of the malware on their nuclear program remains unclear. Reza Taghipour, an official in Irans Ministry of Communications and Information Technology, downplayed the new weapon: The effect and damage of this spy worm in government systems is not serious. Some US government officials claimed that it set Irans nuclear program back eighteen months to two years; other technical experts said the attack did little to slow down Iranian efforts and in fact may have sped them up. As the Iranian scientists worked to get the centrifuges running properly, they made improvements in their performance and design that resulted in greater output.