The Perfect Weapon by New York Times national security correspondent David Sanger, is the most important book you will read this year.
Before I describe the book, let me start with something essential to know about it: The Perfect Weapon reads like a thriller. It does not get technical or difficult. This is something you will read for enjoyment, not as a homework assignment. It is riveting and fascinating and reads fast. It will profoundly shape your understanding of almost everything going on today in American politics and foreign policy by giving you just enough background to be interesting without drifting into numbing detail. Although it will help your knowledge of current events, the author is not trying to sell a partisan agenda. Republicans and Democrats should read this book. It is not red or blue. You can react however you wish. But you will have far more information after you read it to decide what to believe and who to support.
The Perfect Weapon tells stories from the last twenty years about how nations began to use technology as a weapon. Every nation – particularly including the United States – has had reasons to avoid a public discussion of cyberwarfare. We have heard anecdotes about hackers taking down Sony, and files released by Edward Snowden, and malware hitting Iranian nuclear reactors, but details have been scarce and it’s been impossible to see the big picture.
This book has the big picture but it includes all the interesting details. You’ll see the inside of Chinese hacker dens. You’ll follow intelligence agencies that have captured the cameras inside Russian offices and are literally looking over the shoulders of Russian hackers. There are virus-laden USB drives scattered by Russian agents in a parking lot outside a US base in the Middle East, leading to the first significant breach of the Pentagon’s classified networks. It will make sense that North Korea has to send its hackers all over the world so they can use better Internet connections than are available at home. (But don’t underestimate them. You’ll find out why.)
The fear of devastating cyberattacks is at the center of American defense strategy. It is arguably more important to our decision-makers than anything to do with conventional warfare. Our military leaders and intelligence agencies are spending more time and resources on cyber battles than any of us realize. Every year intelligence agencies prepare a global “Threat Assessment” for Congress; for several years cyberattacks have been the number one threat on the list. But intelligence officials and their military counterparts do not want to discuss the scope of America’s cyber capabilities openly, for fear of diminishing whatever narrow advantage the country retains over its adversaries.
Sanger has been covering foreign policy and cyberwarfare for the New York Times for thirty years. He is perhaps the best person in the country to write this story. Nothing in the book is secret today, but much of it was secret at the time it was happening, and quite a lot was only uncovered due to reporting by Sanger and other dedicated journalists.
Sanger tells stories about events in the news from the last twenty years, and in every case, he provides background and details that were unfamiliar to me – and I consider myself to be a pretty serious news junkie. Conversations and leaked documents and court orders and obscure conference presentations are all sifted and organized so that Sanger can make it easy to understand the real stories and how they fit into the growing cyber landscape.
What are the stories?
Stuxnet In 2012, the United States and Israel jointly launched the most sophisticated cyberattack in history against Iran, using highly targeted viruses named “Stuxnet” to damage the equipment at Iranian nuclear facilities. Virtually all offensive cyber operations are covert operations, so the US and Israel have never publicly admitted responsibility, but the details are now well known by insiders. The Iranian program suffered serious setbacks that delayed them for a year and may have been part of the reason Iran came to the table to sign accords about future development. But it also brought a difficult contradiction into focus, which continues to be a problem today: our government professes great outrage about cyberattacks against the US, but will not tolerate any discussion of our own capabilities and intentions – in part because we are launching the same type of attacks and when all is said and done, we did it first.
Snowden In the end, all it took to expose many secrets about US cyber capabilities was “a single contractor at the NSA with grievances about the government, a substantial ego, and easy, unmonitored access to the agency’s deepest secrets.” You’ve heard Snowden’s name for years but Sanger provides the answers to the questions that have been unclear: How did he get access to all those materials? What was revealed? The Snowden documents drew back the covers on a decade-long program that employed thousands of engineers and contractors to build new cyber weapons that could be used for espionage or potentially to cripple or destroy foreign networks.
Encryption You’ll get fascinating background about the battle between the FBI and Apple over the San Bernardino shooter’s locked iPhone. But that was a public outburst of a bigger debate about whether and to what extent US intelligence agencies should be able to tap into domestic and worldwide communications. Concerns about encryption and privacy are important reasons that Google has embarked on building its own global network of undersea cables. This book will help you understand the significance of last week’s announcement of a Google cable between Virginia and France.
Chinese hackers A few years ago James Comey said, “There are two kinds of big companies in the United States. There are those who’ve been hacked by the Chinese and those who don’t know they’ve been hacked by the Chinese.” Welcome to an unmarked twelve-story building in Shanghai in a run-down neighborhood surrounded by massage parlors and noodle joints. The office building contains the hackers stealing terabytes of data from American corporations. For a while, a US contractor was able to activate the cameras on the hackers’ laptops and see their faces and their keystrokes. Identifying them as hackers didn’t involve ambiguous conclusions based on insufficient evidence; it was based on watching them do the hacking in real time. The investigators even learned the hackers’ names when they logged into their Facebook accounts.
North Korea and the Sony hack We’re used to seeing Kim Jong-Un as a buffoon and a clown. Maybe there’s some truth to that. But quickly after he came to power, Kim built an army of more than six thousand skilled hackers, many based outside the country (frequently in places that had beach resorts). The North Koreans learned something important from Iran: “When confronting an enemy that has Internet-connected banks, trading systems, oil and water pipelines, dams, hospitals, and entire cities, the opportunities to cause trouble are endless.”
In 2014, we were using cyberweapons to attack North Korea’s missile system. It is likely not a coincidence that North Korea had a year-long series of missile failures – and began to succeed when they switched to a different control set run on different computers. Meanwhile, North Korea was obsessed with Sony Pictures and a bad Seth Rogen movie. (“How do you know it’s a bad movie?” Obama asked during a briefing. “Sir, it’s a Seth Rogen movie . . .” answered the aide.) North Korea’s strike against Sony took down a major American corporation, but the official American response was muted because it wasn’t a destructive hit on US infrastructure – and because we were at the same time engaged in far more intrusive attacks on the North Korean government. In fact, US intel guys didn’t even want Obama to acknowledge that we knew the North Koreans were behind the attack, for fear it would reveal the implants we had lurking in North Korea’s systems.
Russia and the Ukraine Russia has used the Ukraine as its test bed for cyber attacks for years, first copying mail and files from government and corporate computers, then launching the destructive NotPetya ransomware and bringing the entire country to a standstill, with as many as 30% of all the computers in the country taken out of commission. Think about that, then consider that Russia has code lurking inside American utilities, financial markets, and cell phone networks. The Ukrainians had escaped some of the most serious damage to their power grid because it still relied on big non-computerized switches – switches that are no longer used in our own fully-computerized power grid. The Russians have continued to harass the Ukraine with cyberattacks, to keep the government off balance and to learn better techniques for cyber attacks against other countries.
The DNC hack and the 2016 election campaign Here’s the full story of the DNC hack during the 2016 election campaign, with all the details that are obscured or left out of the jumbled accounts we usually see. The story of the biggest political hack in US history includes phone messages that weren’t passed to the right people, expletives on a tapped phone line, and Russian agents on a cross-country tour to learn more about American politics. John Podesta, Clinton’s campaign manager, clicked on a link in a message that appeared to be from Google and entered his password – just like the messages that you get every day. The message was fake and the Russians burrowed into his email. (Podesta was actually security conscious and asked the IT department to let him know if the message was fake. A technician intended to reply that the Google message was “illegitimate” and instead accidentally said it was “legitimate” – a mistake which haunts him.)
By early 2016, two different Russian groups (one controlled by Russia’s intelligence apparatus, one controlled by the military) were deep inside the entire DNC network. The US government was reluctant to attribute the hack to the Russians for the usual reasons. The Russians created some uncertainty by creating a fictional character, “Guccifer 2.0”, to take credit for the hack and feed the stolen data to Wikileaks. The book will make you privy to all the conversations in the government about whether to go public about Russian involvement, and whether retaliation was called for. There was significant concern about the possibility that the Russians might directly tamper with the machines counting American ballots – and lots of evidence that they might do exactly that, from passwords stolen from election officials to hacked voter registration systems. In the end, after public and private warnings, the Russians did not directly hack our election by changing vote totals. But Russia did manipulate Americans using social media, a vulnerability we did not fully appreciate until after the election. I’ll write more about that another time.
NSA hack There was one more hack that received fairly widespread attention and may have been more damaging than the Snowden leaks: the NSA was hacked and a group named the Shadow Brokers released a large number of hacking tools that the NSA had used to place implants in foreign systems. The leak gave foreign governments the tools to implement their own hacks, and to remove our implants. There is no definitive proof that the Russians were behind the Shadow Brokers, but the details point toward the same Russian-financed and sponsored groups.
The stories continue through February or March 2018, with more fascinating details that were not well known publicly. For example, when the White House announced closures of two Russian embassies, it didn’t say that one of them was being used by the Russians to bore underground and tap into a major telephone trunk line that would give them access to phone conversations and electronic messaging. Sanger explains how missed signals and misjudgment led to Russia’s interference with our election, but without blame; rather, the failure was our lack of understanding about how creatively the Russians were using their cyber skills around the world. Sanger ends the book with discussions of how the Russians used Facebook, our attempts to use cyber weapons against ISIS, and the reactions of companies like Google, Microsoft and Facebook that think globally as much or more than they consider themselves to be US citizens.
We are living through a revolution that is as profound as the introduction of the atomic bomb, but one that is being discussed and played out in far greater secrecy. Offense is wildly outpacing defense and our infrastructure is at risk from devastating cyber attacks by countries large and small. Moving aggressively to expand our offensive capabilities carries risks of miscalculation and escalation. We need our leadership to lead a defensive program to lock down our infrastructure and critical systems, and that requires a more open discussion of cyber threats, including a public debate based on clear and accurate facts about our offensive and defensive capabilities.
Sanger’s book will boost your understanding of the most critical issue of our times. Every headline I read today is affected by things I understand differently since I read this book. Read The Perfect Weapon!