Ghost Fleet’s climactic cyberwar scene reached a depth of stupidity suitable for a SyFy made-for-TV movie, only without the self-awareness. It would have been laugh-out-loud funny had the authors not been telegraphing what was going to happen for about 100 pages.
We have already covered most of what is wrong with the cyberwar climax on page 288 of Ghost Fleet. At the start of the scene, a Chinese superhacker is moving to shut off Akron’s power supply. The set-up, of course, makes no sense. The superhacker is attacking using software “modeled after the Americans’ Project Aurora malware.” You can go to this video to see what a cyberattack really looks like. She would not be flicking rings to “initiate attack protocols.” Maybe she would fool around with the utility’s control panel after the malware had executed, but she wouldn’t be “initiating” anything.
Second, and more importantly, there is no way on God’s Green Earth that the United States would still be vulnerable to the Aurora vulnerability more than a year (or two; the book is remarkably unclear on chronology) into the war. Consider: “Mitigation is relatively inexpensive and straightforward. It entails placing a hardware device between each substation and its loads. That device monitors for the rapid out-of-phase condition associated with an AUORA event and isolates the substation from its loads before the torque of the grid can be applied to the equipment loads.” Sure, the United States might be vulnerable at the start of the war. But if the enemy doesn’t attack immediately, then it won’t be able to attack at all.
But the real idiocy is at the end of the scene, where our Chinese attacker is thwarted by … Anonymous. Yes, freedom’s secret weapon. Anonymous get a very Hollywood moment where the Chinese hacker’s virtual reality gear and interface to her hacking tools is obstructed by a rendering of a wall of Guy Fawkes masks. Anonymous then proceeds to take over the systems that keep her drugged up (WTF?) and kills her and all the rest of the cyberwarriors.
Anonymous is presented as an ally of convenience than “good guys” or “patriots” for the U.S. At that point, the accuracy stops.
The book paints Anonymous as a coherent and effective force. The truth is rather different. Fact checking their cohesion and ability is not terribly hard. In fact, Anonymous just conducted an operation. One deemed #OpParis.
After the attacks in Paris, Anonymous announced they would go after Daesh, aka “the Islamic State.” They planned to take down twitter accounts associated with Daesh and compromising forums and systems associated with the same. After a week of their #OpParis, Anonymous reported taking down more than 20,000 twitter accounts and claimed to have doxxed several Daesh recruiters. (“Doxxing” means posting private information about names, locations, generally personal details, etc.)
Already one might start to wonder whether the authors of Ghost Fleet were grinding an ideological axe or (more likely) writing a scene they knew was immensely stupid in the hope of getting a movie deal. Taking down Twitter feeds and doxxing Daesh sympathizers is a long way from killing Chinese government operatives by remote control.
Except Anonymous is even less capable than than its claims about OpParis reports would indicate. After all, accounts that were supposedly taken down included such Daesh supporters as the New York Times, U.S. President, BBC and Hillary Clinton.
Multiple sources reported most of the twitter accounts were active still after the so-called attacks. Twitter stated the lists of supposed Daesh accounts provided from some Anonymous members were wildly inaccurate. So is the claim they took down 20,000 accounts complete hogwash? Is there a way to reconcile Anonymous’ statements with the observations of the outside world?
Yes, actually, there is. At least for some of their claims.
To do so though will require examining how Anonymous attacked its targets. While there are a number of skilled hackers, the majority of Anonymous is little more than what we call script kiddies. These are users of prepackaged software meant to compromise systems. How such software works, we’ve talked about before. Such software is not, however, anywhere as near as sophisticated as Stuxnet or other real cyberweapons.
Anonymous essentially spammed the Twitter accounts so people could not, while under attack, use them. They sent wave after wave of messages including Rick Astley’s 1987 Song “Never Gonna Give You up.”
Yup. Essentially Anonymous rickrolled the supposed Daesh accounts, spamming all incoming communication and making conversation impossible. The accounts were taken out … but only temporarily. As soon as Anonymous stopped their attacks, the accounts were usable again. This is what is called a denial of service attack, and, frankly, it’s a weak one. In other words, Anonymous didn’t take anything out. All it did was make a few accounts temporarily unusable until Twitter’s management stopped the nonsense.
That brings us to the greatest problem with Anonymous: its a volunteer organization attracting support based on enthusiasm and interest. Its a militia, of a sort. But it not a militia driven by concern for people’s homes or life. Rather, most Anonymous volunteers do what they do for the “lolz;” their own amusement. When they get bored, they stop. #OpParis petered out. The Islamic State steams on.
I’ll mention here that when Anonymous decided to doxx people who collaborated with the Zetas, they learned right quick that it was a bad idea. As for other ways of cyber-attacking the cartels, so far there has been nothing. The cartels are not running scared of Anonymous.
To be sure, there are probably talented hackers out there affiliated with Anonymous, but the vast majority of them are not. That majority is the cyber equivalent of bunch of high school kids egging a house. Nothing more.
And certainly not the insanely powerful group portrayed in Ghost Fleet. And I see no way for the current group to somehow transmogrify itself into an all-powerful collective in only nine years ... or ever.
In short, the way the authors portrayed cyberwar may succeed as a way to catch a Hollywood agent’s attention. It failed on every other metric. Which is really quite disappointing, given that they have the knowledge to have written a good book.