…the U.S. intelligence services break into computers and computer networks abroad at an astounding rate, certainly on a greater scale than any other intelligence service in the world.
How will the United States respond when Russia and China and Iran start naming and indicting U.S. officials? Maybe the United States thinks its concealment techniques are so good that the type of detailed attribution it made against the Russians is infeasible. (The Shadow Brokers revealed the identities of specific NSA operators, so even if the National Security Agency is great at concealment as a matter of tradecraft that is no protection against an insider threat.) Maybe Russia and China and Iran won’t bother indicting U.S. officials unless and until the indictments actually materialize into a trial, which they likely never will. But what is the answer in principle? And what is the U.S. policy (if any) that is being communicated to military and civilian operators who face this threat? What is the U.S. government response to former NSA official Jake Williams, who worked in Tailored Access Operations and who presumably spoke for many others at NSA when he said that “charging military/gov hackers is dumb and WILL eventually hurt the US”?
The post has many other points of interest, a number of them uncomfortable truths.