A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask

/in


“That’s not nice, and it’s not a good norm,” says Schneider. She says that much of the US government’s slow approach to cyberattacks stems from its care to ensure it avoids unintentionally hitting civilians as well as breaking international law or triggering dangerous blowback.

Still, Schneider concedes that Caceres and Angus have a point: The US could be using its cyber forces more, and some of the explanations for why it doesn’t amount to bureaucracy. “There are good reasons, and then there are bad reasons,” says Schneider. “Like, we have complicated organizational politics, we don’t know how to do things differently, we’re bad at using this type of talent, we’ve been doing it this way for 50 years, and it worked well for dropping bombs.”

America’s offensive hacking has, by all appearances, gotten less aggressive and less nimble over the past half decade, Schneider points out. Starting in 2018, for instance, General Paul Nakasone, then the head of Cyber Command, advocated a “defend forward” strategy aimed at taking cyber conflict to the enemy’s network rather than waiting for it to occur on America’s turf. In those years, Cyber Command launched disruptive hacking operations designed to cripple Russia’s disinformation-spouting Internet Research Agency troll farm and take down the infrastructure of the Trickbot ransomware group, which some feared at the time might be used to interfere in the 2020 election. Since then, however, Cyber Command and other US military hackers appear to have gone relatively quiet, often leaving the response to foreign hackers to law enforcement agencies like the FBI, which face far more legal constraints.

Caceres isn’t entirely wrong to criticize that more conservative stance, says Jason Healey, who until February served as a senior cybersecurity strategist at the US Cybersecurity and Infrastructure Security Agency. He responds to Caceres’ cyberhawk arguments by citing the Subversive Trilemma, an idea laid out in a 2021 paper by the researcher Lennart Maschmeyer: Hacking operations have to choose among intensity, speed, and control. Even in earlier, more aggressive years, US Cyber Command has tended to turn up the dial…

Source…