âThat’s not nice, and itâs not a good norm,â says Schneider. She says that much of the US governmentâs slow approach to cyberattacks stems from its care to ensure it avoids unintentionally hitting civilians as well as breaking international law or triggering dangerous blowback.
Still, Schneider concedes that Caceres and Angus have a point: The US could be using its cyber forces more, and some of the explanations for why it doesnât amount to bureaucracy. âThere are good reasons, and then there are bad reasons,â says Schneider. “Like, we have complicated organizational politics, we donât know how to do things differently, weâre bad at using this type of talent, weâve been doing it this way for 50 years, and it worked well for dropping bombs.â
Americaâs offensive hacking has, by all appearances, gotten less aggressive and less nimble over the past half decade, Schneider points out. Starting in 2018, for instance, General Paul Nakasone, then the head of Cyber Command, advocated a âdefend forwardâ strategy aimed at taking cyber conflict to the enemyâs network rather than waiting for it to occur on Americaâs turf. In those years, Cyber Command launched disruptive hacking operations designed to cripple Russiaâs disinformation-spouting Internet Research Agency troll farm and take down the infrastructure of the Trickbot ransomware group, which some feared at the time might be used to interfere in the 2020 election. Since then, however, Cyber Command and other US military hackers appear to have gone relatively quiet, often leaving the response to foreign hackers to law enforcement agencies like the FBI, which face far more legal constraints.
Caceres isnât entirely wrong to criticize that more conservative stance, says Jason Healey, who until February served as a senior cybersecurity strategist at the US Cybersecurity and Infrastructure Security Agency. He responds to Caceresâ cyberhawk arguments by citing the Subversive Trilemma, an idea laid out in a 2021 paper by the researcher Lennart Maschmeyer: Hacking operations have to choose among intensity, speed, and control. Even in earlier, more aggressive years, US Cyber Command has tended to turn up the dial for control, Healey says, prioritizing it over those other variables. But he notes there may in fact be certain targetsâsuch as ransomware gangs or hackers working for Russiaâs no-holds-barred GRU military intelligence agencyâwho might warrant resetting those dials. âFor those targets,â says Healey, âyou really can release the hounds.â
P4x Is Dead, Viva P4x
As for Caceres himself, he says heâs not opposed to American hacking agencies taking a conservative approach to limiting their damage or protecting civiliansâas long as they take action. âThere’s being conservative,â he says, âand then there’s doing fuck all.â
On the argument that more aggressive cyberattacks would lead to escalation and counterattacks from foreign hackers, Caceres points to the attacks those foreign hackers are already carrying out. The ransomware group AlphV’s catastrophic attack on Change Healthcare in February, for instance, crippled medical claim platforms for hundreds of providers and hospitals, effects about as disruptive for civilians as any cyberattack can be. âThat escalation is already happening,â Caceres says. âWeâre not doing anything, and theyâre still escalating.â
Caceres says he hasnât entirely given up on convincing someone in the US government to adopt his more gloves-off approach. Ditching the P4x handle and revealing his real name is, in some sense, his last-ditch attempt to get the US governmentâs attention and restart the conversation.
But he also says he wonât be waiting for the Pentagonâs approval before he continues that approach on his own. âIf I keep going with this alone, or with just a few people that I trust, I can move a lot faster,â he says. âI can fuck shit up for the people who deserve it, and I don’t have to report to anyone.â
The P4x handle may be dead, in other words. But the P4x doctrine of cyberwarfare lives on.
+ There are no comments
Add yours