Cyber Scene #52 - Cyber: Capitol Offense and Counter

Cyber Scene #52 -

Cyber: Capitol Offense and Counter

Since the last publication of Cyber Scene, a mere 2+ weeks ago, the world has been rocked by two seismic events, both located on Capitol Hill.

Cyber has had, and is playing, a top billing role in both, for worse and better.

The 6 January 2021 insurrectionists' attack on the Capitol and the members of Congress within, was fomented and organized principally via social media. Be it friend or foe, or both, cyber as the means of communication has been a world bedrock structure.

From a constitutional perspective, the first wave would largely be construed as having evolved into a "foe." As reported generally by all media sources--from mainstream sources and those historically not--the consensus argues that the incitement, organization, funding across the US, and the assault itself, was cyber-driven.

Kevin Roose reports in "Who's Boss? 2 Tech Giants" that Twitter and Facebook, which served as the dominant communications platforms coming from the White House to those arriving for the rally and attack, implemented their existing anti-hate incitement policy by shutting down the then-President's Twitter and Facebook accounts. In addition to the cries of "censorship" and "death of free speech," both of which have been a recurring subject of Congressional hearings over the last few years, the article underscores the power of Big Tech. Both Jack Dorsey (CEO, Twitter) and Mark Zuckerberg (CEO Facebook), were reluctant to act and "appear to hate playing the role of speech police." However, they considered this a particularly unique case.

Unsurprisingly, Parler, "a small but rapidly growing social network" associated with right-wing Americans, according to the 16 January Economist ("Said the spider to the fly: Donald Trump's ban from online platforms underlines their power"), nearly quadrupled its downloads by 8 January on its Apple app. Parler lost 12 million accounts when, by the publication date of the Economist article, Amazon's cloud-computing infrastructure arm, AWS, which supports "millions of services and websites," -cut the cord.

The article goes on to point out that the legality of this action is founded on Section 230 of the Communications Decency Act that allows for the removal of any "objectionable" content if done in good faith. Even though some legal eagles will object, challenging the definition of "objectionable" considering the constitutionally protected freedom of speech, the article opines that Microsoft, Google, and other giant services will steer clear of supporting either Parler or similar companies.

Donations also played a role in the attack. Cyber again provided the means (literally, in a financial sense) to the end (fortunately, not literally). The 17 January Sunday NYT article ("Before Capitol Riot, Thousands Made Small Donations Online") reminds us that funding tends to underwrite political actions. In addition to wealthy donors, the article cites several sources of many thousands of small donors via GoFundMe or GiveSendGo. It notes that PayPal cut off the latter by 11 January 2021 as this information came to light. Some of the fundraising was even captured at the entrance to the Capitol shortly before the arrival of the crowds on 6 January and recorded via online videos.

The cyber presence of the run-up to the attack, the attack itself, and post-attack online tracking of the event has proven to be very useful to FBI, state, and local law enforcement. It seems that an insurrection selfie, posted in situ, does not likely allow for subsequent "5th" pleas for inadmissible status in a courthouse. This has led to significant, cyber-based roundups of physical, financial, or "spiritual" perpetrators.

The House Oversight and Reform Committee Chair Carolyn B. Maloney (D-NY) has called for a formal investigation into Parler and other sites that "bristled with violent chatter," according to the Washington Post's Tom Hamburger and Craig Timberg of 21 January ("House Oversight Committee chairwoman requests FBI probe of Parler") in the context of the siege of the Capitol. What may propel this investigation, according to the Chair's letter to FBI Director Christopher Wray, is Parler's use of a Russian-owned web services company, DDoS-Guard, that also has Russian government clients.

As the FBI executes its post-mortem at the federal, state, and local levels, rounding up the unusual suspects, including some veterans, and bringing them to justice, the non-prosecutorial wing of the US Judicial system has been hard at work, looking strategically at the future.

Its point of departure is the National Defense Authorization Act (NDAA) for Fiscal Year 2021 (which began on 1 October 2020). This is noteworthy for being the only (and strongly bipartisan) bill for which Congress (House on 28 December 2020 and Senate on 1 January 2021) overrode the recent President's veto during his entire 4-year administration. On 2 January 2021, Lawfareblog.com's Paul Rosenzweig ("The NDAA Pushes Forward on Cyber Metrics") published an analysis under its "Day Zero: Cybersecurity Law and Policy" of cyber metrics called for by the NDAA. Among the extensive inclusions in the bill, which is "chock full of interesting tidbits," he cites Congress's wisdom in requiring guidelines for establishing a rapid procurement process for software acquisition. Perhaps the confirmation (by the Senate on 22 January 2021) of Secretary of Defense Lloyd Austin will make his past military "time-is-of-the-essence" mark in moving this and other cyber implementations forward quickly.

On 15 January 2021, Andrew J. Grotto, wrote on cybersecurity and deterrence, also for Lawfareblog.com ("How to Make the National Cyber Director Position Work"), also related to the FY2021 NDAA, and also chock full of interesting tidbits itself. One of the most prominent is the NDAA's requirement for the President to nominate the first national cyber director for Senate confirmation. This requires a new organization, centralization, and depth, drawing from past "czar" experiences at the National Security Council (NSC), as well as many other complicated issues. He suggests that the Office of the National Cyber Director be integrated into the NSC where, traditionally, inter-agency coordination takes place for advice to the White House. He also referenced the dismantling of cyber centers across the inter-agency during the prior administration. However, Cyber Scene is pleased to have promising, timely news upon which to focus.

Timely, indeed. As of 22 January 2021, according to Reuters' Christopher Bing and Joseph Menn, the new administration will be announcing its new cybersecurity team ("After big hack of US government Biden enlists 'world class' cybersecurity team"). The authors characterize them collectively as "a group of national security veterans with deep cyber experience." While the nominees bring exceedingly deep-bench public sector experience to the all-encompassing inter-agency team, the article cites two anonymous sources (one former official and one analyst) who believe "that the collective group's experience is almost entirely in the public sector." These unnamed sources have not done their homework. Firstly, it is to be expected that those dealing in cybersecurity may not wish to provide extensive security details, public or private sector, blasted across the internet unless required. For those vetted during a Senate confirmation process, the Senators will be properly informed. However, open sources, including Wikipedia, confirm at least the following private sector sampling of experience regarding the qualifications of the team cited for imminent cyber posting. The following open-source additions from Wikipedia and easy Google sites are arranged by new position, name of nominee, and an example of private sector experience. Some projected nominees have many decades spanning both sectors. The intent is to link these individuals through a National Security Council structure.