Slashdot Mirror
Get Cyber-Mercenaries Suggests Ex NSA, CIA Director
siliconbits writes "One of the architects of US foreign policy under George W. Bush, General Michael Hayden, suggested that the US Government should consider creating a "Digital Blackwater" during a conversation at an event called the Aspen Security Forum. Blackwater was the US private military group founded in 1997 and which has been renamed as Xe Services LLC, a move possibly linked with a number of controversies that arose after the company expanded its security-related operations into Iraq and Afghanistan. Recruiting mercenaries, Hayden suggested 'might be one of those big new ideas in terms of how we have to conduct ourselves in this new cyber domain.'"
Because mercenaries worked so well for them.
If one is familar with US history, in the 1800s, the meanest people around were not private armies or police. It was the hired guys like the Pinkertons who would come in and smash heads for the big businessmen.
These guys even had judges under them, where people could be arrested, tried, and hanged all done privately.
Do we want national security again in the hands of private business that is accountable to nothing but the bottom dollar?
By the time somebody in the government says it is a good idea, somebody in the clandestine operations has already set it up to be done.
They aren't as dumb as they're made out to be. People might notice their failures. The goal is for the successes to never even merit a whiff of attention.
But let's hope they don't go for a Teeth of the Tiger approach. Tom Clancy's fetishes are not pleasant.
They seem to be doing a good job in taking down sites and pushing agendas. Maybe they can earn money while doing taking down China and the likes...
Previewing comments are for sissies!
... at all cost ey?
It's seems a common trend: a clear indicative of the end of and empire is that it starts to depend on mercenaries for its protection.
When conducting in the cyber domain. Please be careful to avoid minors.
Maybe I'm wrong here but when looking at what's available on the "open market" right now it seems you've got security researchers, old-school hackers who tend to not really trust the government and actual criminals (in the sense that they're in it for the money and have few if any scruples).
Not really a good pool to hire mercenaries from, it'd be like hiring regular mercenaries from a pool filled with a bunch of guys who have the skills but are more interested in defensive measures (security researchers), roving bands of anarchists who pick their battles solely based on what would be the most interesting challenge and who don't like governments and of course bands of heavily armed criminals much like the "armies" of the south american drug cartels.
I just don't think it would work out well. Of course, if they manage to create a new group of actual "cyber-mercenaries" that's a whole other thing but it's also not a sure thing (being able to create that group, that is).
Greylisting is to SMTP as NAT is to IPv4
So, the idea is to put together a bunch of criminal genius types who operate on the worlds computer networks with impunity. What could possibly go wrong?
"In 2002, a 'l33t haxx0r unit was sent to prison by a MPAA court for a crime they didn't commit. These men promptly escaped from a minimum security basement to the San Francisco underground. Today, still wanted by the RIAA they survive as hackers for hire. If you have a problem, if no one else can help, and if you can find them....maybe you can hire The lambda."
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Anyone that has ever read Machiavelli's the Prince knows that mercenaries are bound to bite you in the ass sooner or later. And while the US has made light use of mercenary troops, we've already seen BlackWater have to change it's name to "Xe Services" after it's outrageous actions caused such a shit storm around the world.
You take a maverick group like Blackwater, give them greyhats with a black lining and put them in charge of cyberwarfare, it's only a matter of time till they abuse it to such an extent that they create more problems than they are worth or worse, are ordered to spy on or act against US citizens on US soil in an overt attempt to circumvent US laws regarding the actions of the US gov't.
Hiring mercenaries makes sense when a war is so extensive you can't possibly field all the forces you need yourself. You do have to be comfortable with the fact that mercenaries have their own set of rules and their behavior, not entirely under your governance, is going to reflect on you.
The United States is intentionally capable of fighting multiple wars at once. We have no need to take the risk of mercenaries giving us a bad name. America privatizing warfare is nothing but a handout to somebody's buddies and is completely unnecessary.
...is just the right combination of bullshit and immorality the world has been waiting for!
and take US Taxpayer money and put it in their offshore bank accounts. No more for-profit mercenaries like blackwater or Xe or whatever they are called this week.
In 2002, a 'l33t haxx0r unit was sent to prison by a MPAA court for a crime they didn't commit. These men promptly escaped from a minimum security basement to the San Francisco underground. Today, still wanted by the RIAA they survive as hackers for hire. If you have a problem, if no one else can help, and if you can find them....maybe you can hire The lambda team."
That's what I get for trying to go for the cheap joke.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
The whole Blackwater thing was a cash-grab by Cheney and Halliburton (which owned Blackwater), abusing the "sole-source" rules for contract awards. It's one of the reasons PNAC started the war.
And the Blackwater teams weren't good guys, or even bad guys turned good. They were crooks, spoiling for a fight. Their fuckups cost as much as their original contract, and crippled diplomacy, causing even more cost.
Moral: don't use mercs. If you want them to fight for you, conscript them and teach them you mean business about discipline before you let them loose on the battlefield.
Double-down on that for cyber-thugs, who think they're fucking invisible.
Yet another excuse to outsource. That is all.
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
One of the architects of US foreign policy under George W. Bush.
Any person with that in their resume should be banned from any contact with public service or public policy whatsoever.
Booz-Allen, Palantir, HB Gary Federal, Mantech, ... There's already a bunch of "cyber" security companies that contract with the DoD that do "offensive" operations. Why does the government need to create another one? Is it just so US intelligence can get around Congressional oversight (as if there is any now!) again?
I now of an image of geeky grossly overweight "cyber-mercs" with bad hygiene dressed as Roman Legionaries.
2. Cheaper. Real soldiers tend to cost more - because we pay for their training, long term support, etc.
3. Lost lives are civilians, not military. Who cares if a merc dies, but congressman have to care about American soldiers.
Of those three reasons, only Deniability applies to cyber soldiers. Civilian firms tend to be more expensive not less and cyber soldiers don't die, they just get 'schooled'.
There is one possible extra benefit for cyber-mercs. That is getting a higher quality coder. But the problem there is that the government can afford certain more expensive equipment than private firms. Throw in patriotism and the top coders might prefer a government salary to being a merc.
excitingthingstodo.blogspot.com
Instead of going through all this wasted effort, how about we just fix computer security and be done with it?
Default permissive environments are the problem.
Capability based security is the answer.
No incursion on our few remaining liberties, no more virus scanners, worms, etc... no more DRM... what's not to like?
It's almost like they didn't learn anything from Blackwater. Either that, or they just seriously don't give a shit about the repercussions of hiring people you can't control.
You mean like the Jean-Claude Van Damme movie? ...or more like in R.I.F.T.S. and Warhammer 40,000 and Cyberpunk and GURPS? ...or perhaps like James Cameron's Terminator, as portrayed by none other than Arnold Schwarzenegger himself?
Anybody ever in one of those organizations ever suggested the US to let go?
They need to roll some joints and let go.
The need to let go of trying to have an empire, USA can't have an empire, it doesn't have the wealth - production capacity, to have an empire. Empires are the last stage of a dying super-power, because that's the time that the government grew so much, it became the dominant industry, while all other industries are collapsing due to underproduction and resource mis-allocation towards the government and its preferred monopolies.
How about letting go of trying to be an empire and reducing the government instead, firing 99% of the government employees and contractors, wouldn't it be another great experiment that USA could be first in and show the world how it's done, how an economy can be rebuilt not by force of government intervention but by the Free people that US citizens supposedly used to be. Being Free, isn't that why people came to US?
You can't handle the truth.
Every time one of these ex-XYZ or ex-Army or current ones open their mouth, it becomes abundantly clear how clueless they are about nature of the digital worlds and how hopeless it is to entrust the DoD/Government's digital security in their hands.
We already have cyber security mercenary groups. They go by the names of "Accenture" or "IBM" or "McKinsey"... but they prefer to be called "Consulting companies"... "Mercenary groups" is so... tacky.
It's my turn on the military-industrial complex's gravy train!
oh, wait:
"He is currently a principal at the Chertoff Group, a security consultancy co-founded by former Homeland Security Secretary Michael Chertoff.[3] "
http://en.wikipedia.org/wiki/Michael_Hayden_(general)
G
The Kruger Dunning explains most post on
interesting way to describe events like the Blackwater Baghdad shootings...
and I think the US has digital mercaneries working in a gray area - think of all the private IT security companies working for the government (anonymous/lulzsec targets are sufficient examples: ManTech, HBGary)
If there can be online pirates, there can be online privateers. Say the US declares Cyber-war on China. Instead of needing to hire, outfit and finance a full Cyber-Army, just declare "any American who hacks China can a) do so legally and b) keep any valuable stuff they steal". Maybe even pay bounties - $10,000 to take down the People's Congress website for a day, $100,000 for each classified document stolen, etc. Private corporations might pay, too - I'm sure Apple would pay a decent amount for someone to damage whatever factory is currently producing iPod knock-offs. Or even just regular corporate espionage, just more publicly since it's legalized.
Then all you really need to focus on is defense, and defense is a lot easier for the big slow guy. Since you get an instant army whenever you go on the attack, you can pretty much just play a slow, conservative defense game.
I like the policy "Summon a greater monster to kill a monster." The previous generation empowered Islamic Fundamentalists to kill Communism, this generation will create Private Armies to curb Terrorism, the next generation will create something to destroy nuke-powered stateless private armies.
Trust us. We need to have this capability, because it's vital to our security. Trust us. Sure, we spy, torture, seize, and grope without warrants. But you can believe us when we say we protect your rights.
Whether the feds want to hire these guys for real or just build a database of names so they can round them up later, this is a pretty good scam. They don't have to hire anybody, just write down your name and address. Then, if anything goes wrong, they can track you for life to see who you talk to, what you do, etc. It's a beautiful scam. Then again, maybe they do really want to announce to the whole world that they are hiring hackers. Yeah, that's probably it.
and the best way to do this is to use people who are subject to Status of Forces agreements, and under control of the civilian authority. Use Marines to guard embassies, Security Police to guard Airbases, &c.
I wouldn't hire Blackwater, Xe, Chertoff Group &c. to pick up my trash.
Sphinx of black quartz, judge my vow.
Reading the U.S. Constitution for a modern era. Bring on the digital Letters of Marque and Reprisal!
Avast, matey! Batten down the routers and prepare to repel boarders!
I'm in.
Learning HOW to think is more important than learning WHAT to think.
Just what we need at home; more psycho contractors to torment US civilians while enjoying limitless impunity and Elvis music, as they cruise around the interweb looking for anything that has an IP. Crap. see cyber gangsta for my view on the matter: http://tinyurl.com/3v9z5bo
Laws are like sausages. It's better not to see them being made. - Otto von Bismarck
Rather than "hire" a bunch of people and support staff, and buildings, and technology, just use capitalism!
Start a website called US Digital Bounty Hunter Service. Post targets and corresponding bounty amounts.
Sit back and enjoy the show!
or
1) Post Cyber Warfare Bounties
2) ???
3) PROFIT!!!
Blackwater consisted of men unfit for the Army who were kicked out due to mental instability. These berzerkers were hired by Blackwater where they tortured and killed civilians without any regard to law, and would run back home to the USA crying every time they got in trouble. They were paid rapists, torturers, and murderers on the public dime to literally cause mayhem and do little else. Most of the security assignments were complete failures, though we never stopped paying through the nose for their "services".
Blackwater, in short, was a rip-off. We got very little out of it, it cost a lot, and an incredible number of people were hurt by our hand-picked team of psychotic deviants. Now we want a digital version? I guarantee if this happens, we'll see them extorting and harassing innocent civilians here. Eventually they'd get shut down, but not after the damage has been done.
Just remember that this was a Bush administration idea. Some of the very worst, most depraved thinking has come from that administration, and none of the items on their "To Do" list should be carried out.
Just you wait for the digital cyber blackwatergate. *rimshot* Try the fish, I'll be here all week.
These digital mercenaries, just like the more firearms related kinds are doing, would want to keep the gravy train going.
One would think that the NSA and CIA would have heard of Machiavelli.
Retirement becomes this noble hero. I believe that the General's boss was a short sighted, self centered, twit. And this general followed him into battle. Maybe to the General outsourcing his Depends is acceptable, but I believe that there are more than enough good Americans that can handle this job, very well.
Republican since 1971
Currently, almost all IT support in the US government is contracted out ... so in a way, they're already hiring mercenaries, but I won't get into that bat.
All you need to do is to have a pool of talent within the government that under normal situations does pentests at the request of government agencies / divisions / whatever, and in a situation when something big happens, they can be pulled from those assignments to actively attack something.
This way, they get practice, we harden our systems, but it's not just some random hacker being contracted to make an attack ... they'd be regular government employees (although, likely contractors), who have had the necessary background checks, etc.
Build it, and they will come^Hplain.
Putting mercenaries in the middle of critical IT infrastructure can only seem like a good idea to people who will profit out of that. Data can be copied. Good luck containing leaks once someone (or a corporation) who sells himself to whoever offers more puts his/her paws on it. Corporations and government do not mix well, as their goals are conflicting.
This sounds like a really bad idea.
Outsourcing cyberdefense has worked so fucking well in the past, judging by what a few script kiddies (i.e. Anonymous) can do.
hayden was in charge of NSA during the Trailblazer IT fiasco, which caused Congress to severly restrict NSAs spending ability.
Trailblazers end products were, well, basically they mostly dont exist. it was abandoned.
but SAIC and others made a lot of money off of it.
now who will make money off of an IT blackwater? SAIC, probably. or at least, SAIC alumni.
mass murderers, rapist, torturers, and regional warlords.
you know. the good guys.
even within the Pentagon, most folks think The Prince is either a Pixar movie or a reference to Will Smith.