The Perfect Weapon
Page 31
The post-Snowden opposition to cooperating with the military broke out anew in the early spring of 2018 on the Google campus, just blocks from the DIUx headquarters. News of Google’s plans to participate in “Project Maven,” a pilot Pentagon program that uses artificial intelligence techniques to process “wide area motion imagery” that detects moving vehicles and moving weapons systems, sparked an internal uprising. As word spread through the company, thousands of Google’s employees signed a letter that opened with this declaration: “We believe that Google should not be in the business of war.” The letter rejected the company’s assurances that its work was not helping the Pentagon “operate or fly drones” or launch weapons. Google employees rightly saw those assurances as a dodge—the project might not be aiding current weapons, but clearly the Pentagon intended for the results to be incorporated into future weapons.
“The technology is being built for the military,” the employees wrote, “and once it’s delivered it could easily be used to assist in these tasks.” Then came the punch line: “By entering into this contract, Google will join the ranks of companies like Palantir, Raytheon and General Dynamics.” The statement concluded by urging the company to draft a “clear policy stating that neither Google nor its contractors will ever build warfare technology.”
The rebellion was not limited to Google. At the same moment, Microsoft was quietly getting dozens of other firms to sign on to an agreement that they would never knowingly help any government—the United States or its adversaries—build cyberweapons for use against “innocent civilians.” They vowed to help any country that finds itself attacked.
At the core of these uprisings is a concept of corporate identity that is the complete reverse of the Cold War. Raytheon and General Dynamics flourished because they were part of an American defense establishment that armed the Western alliance. They were serving governments, not consumers, and so of course they willingly picked a side.
Google and Microsoft do not share this view. Their customers are global, and the bulk of their revenue comes from outside the United States. They view themselves, understandably, as essentially neutral—loyal to the customer base first and individual governments second.
Washington, in contrast, still views them as “American companies,” beneficiaries of American freedoms. In the Pentagon’s view, their expertise and technology should flow first to defend the nation that allowed them to form and flourish. These are two completely distinct worldviews, which, at least in peacetime, will never be aligned.
CHAPTER XII
LEFT OF LAUNCH
MARY LOUISE KELLY (NPR): Is there a Stuxnet for North Korea?
JOHN BRENNAN (CIA DIRECTOR UNDER PRESIDENT OBAMA): [Laughter] Next question.
—December 2016
In the spring of 2016, North Korea’s missiles started falling out of the sky—if they even made it that high.
In test after test, Kim Jong-un’s Musudan missile—the pride of his fleet—was exploding on the launch pad, crashing seconds after launch, or traveling a hundred miles or so before plunging prematurely into the Sea of Japan. For a missile that Kim imagined would enable him to threaten the American air base on Guam and form the technological basis for a larger missile that could reach Hawaii or Los Angeles, the failures were a disaster.
All told, Kim Jong-un ordered eight Musudan tests between mid-April and mid-October 2016. Seven failed, some spectacularly, before he ordered a full suspension of the effort. An 88 percent failure rate was unheard-of, especially for a proven design. The Musudan was based on a compact but long-range missile the Soviets had built in the 1960s for launching from submarines. Its small size but high power made it perfect for Kim’s new strategy: shipping missiles around the country on mobile launchers and storing them in mountain tunnels, where American satellites would have trouble finding them.
As part of his effort to boost the range and lethality of the North’s missile fleet, Kim had invested heavily in modifying the Soviet engines. The Musudan was far more complex than the Scud, the short-range missiles the North had made billions selling to Egypt, Pakistan, Syria, Libya, and Yemen, among other nations. Developing the Musudan technology was critical for Kim: He hoped it would pave the way for a whole new generation of single-stage and multistage missiles. With those in his arsenal, he could make good on his threat that no American base in the Pacific—and ultimately no American city—would be beyond his reach.
The North had been in the missile-launching business for a long time and had gained a reputation for mastering the art. So the serial run of Musudan failures in 2016—three in April, two in May and June, then two more in October, after the North had taken a pause to figure out what was happening to them—was confounding. The history of missile testing suggested that everyone suffered a lot of failures in the beginning, then figured it out and made things work. That’s what happened during the race between the United States and the Soviet Union to build intercontinental ballistic missiles in the 1950s and ’60s, an era marked by many spectacular crashes before the engineers and missileers figured out the technology. The Musudan experience reversed the usual trend. After years of successful tests of other missiles, it was as if North Korea’s engineers forgot everything they’d learned.
Kim and his scientists were highly aware of what the United States and Israel had done to the Iranian nuclear program, and they had tried to insulate themselves from the same kind of attack. But the high failure rate of the missiles forced the North Korean leader to reassess the possibility that someone—maybe the Americans, maybe the South Koreans—was sabotaging his system. By October 2016, reports emerged that Kim Jong-un had ordered an investigation into whether the United States had somehow incapacitated the electronic guts of the missiles, perhaps getting inside their electronics or their command-and-control systems. And there was always the possibility that an insider was involved, or even several.
After each North Korean failure, the Pentagon would announce that it had detected a test, and frequently would even celebrate the missile’s failure. “It was a fiery, catastrophic attempt at a launch that was unsuccessful,” a Pentagon spokesman told reporters in April 2016, after the first full test of the Musudan, timed to celebrate the birthday of the country’s founder, Kim Il-sung. When subsequent attempts failed, the official news release from the Pentagon included dryly worded boilerplate that “The North American Aerospace Defense Command determined the missile launch from North Korea did not pose a threat to North America.” The statements never speculated about what went wrong.
But there was a lot of speculation inside the Pentagon, the NSA, and the White House, among the select group who knew about the classified US program to escalate cyber and electronic attacks against North Korea, with a particular focus on its missile tests. Each explosion, each case of a missile going off course and falling into the sea, prompted the same urgent question: “Was this because of us?”
It had been more than two years since Obama, alarmed by North Korea’s progress, had pressed the Pentagon in early 2014 to drastically accelerate the effort to bring down North Korea’s missiles—and turned again to cyber and electronic sabotage for the solution to geopolitical tensions. A lot had happened since then. The Sony attack had focused the administration’s attention on North Korea, but on its cyberattacks, not its missile program. The negotiations with Iran—which led to a deal in the summer of 2015 that shipped 97 percent of Iran’s nuclear fuel out of the country, setting back its efforts by a decade or more—consumed the attention of Washington’s nuclear experts. Russia emerged as a far greater aggressor, and China demonstrated, with surprising vigor, that it was in search of influence, economic dominance, and a military presence in places it had never before ventured. The emergence of Donald Trump made for captivating television as he transformed from a late-show punch line to an unstoppable candidate.
Through it all, Obama’s North Korea sabotage
effort churned ahead, silently.
The Obama administration’s hope, of course, was that after two years of figuring out how to get inside North Korea’s missile program, the United States had developed a worthy successor to Olympic Games: a way to delay by several years the day when the North would be able to threaten American cities with nuclear weapons. “It’s too late to roll back the nuclear weapons program itself,” William Perry, the former secretary of defense, told me. “Disrupting their tests would be a pretty effective way of stopping their ICBM program.” It was the US government’s only hope. The public strategy—which the White House briefly called “strategic patience”—was a failure. No diplomacy was under way. A military strike was far too risky. That left only covert action. And in countering proliferation, as one veteran of the process said to me wearily, “the best you can do is buy time.”
The American-led cyber and electronic attacks on North Korea’s missile program were vastly more complicated than the plan to go after the underground centrifuges in Iran years before. The Natanz nuclear plant was a comparatively easy target: It was a fixed site in a highly wired society, where engineers, diplomats, business executives, and scholars flowed in and out—all potential candidates to bring the malware into the country. And as the NSA and the Mossad were writing code to destroy the underground centrifuges, they had the luxury of time. As one veteran cyber warrior noted, if you got the code wrong, you could take it back to the shop, tinker with it, and try again in a week, a month, or six months. If the centrifuges then spun up or down too quickly and destroyed themselves, it was a pretty good bet the code had worked.
Going after North Korea’s missiles was a completely different challenge. Access was miserable. The missiles were fired from multiple sites around the country, and increasingly from mobile launchers, in an elaborate shell game that was intended to mask the time and location of launches. And timing was everything. There was a tiny window for action to interfere with a launch: just as the missile was being fueled and prepared for liftoff, or in the seconds just after liftoff.
Even as North Korea’s missiles exploded or fell into the sea, it was maddeningly difficult to understand exactly why. What proportion, if any, of the North’s troubles arose from Obama’s initiative? And what proportion was from other causes? Indeed, throughout the Pentagon and at the NSA and Cyber Command, the project targeting North Korea’s missile program had created a lot of skeptics who doubted that a cousin of Olympic Games explained the North’s troubles.
With every Musudan launch, the raw data about how the missiles performed—speed, trajectory, engine performance—were picked up by American early warning satellites and radar. The information then flowed back to the Pacific Command in Hawaii, to the Strategic Command in Omaha, and to Adm. Rogers’s teams at Cyber Command and the NSA. The data were then picked apart by the Korea hands and weapons-of-mass-destruction experts at the CIA and fed into the computers of the Defense Intelligence Agency’s Missile and Space Intelligence Center in Huntsville, Alabama. “I bet NASA didn’t spend as much time breaking down moon launches as we’ve spent looking at Kim’s missile tests,” one American official later told me.
But in the end, no one could convincingly determine whether the program Obama had ordered was working. When the missiles flew or shattered, they took with them the best evidence of their precise condition at the time of failure. Centrifuges slowed, but missiles vanished. The teams of cyber and electronic experts who had been targeting the North Korean systems for years would show up at the Pentagon and draw a direct line from the cyber and electronic warfare program to Kim Jong-un’s rocket troubles. Clearly, they had a strong interest in making that case: They wanted to show results from the huge, secret American investment in cyberweapons, at least in part to secure funding for new initiatives at Cyber Command. But according to several officials, they could never prove that any individual launch failed because of American interference.
Then the missile analysts would arrive, with alternative explanations. Yes, they conceded, the high rate of failure could have been accelerated because of the all-hands-on-deck effort to find ways into North Korea’s systems. But there was no way to tell for sure. There were other possible explanations. The failures could have happened because of bad parts—especially because the United States and its allies had been running programs for more than a decade to get inside the North’s supply chain. Or they could have happened because the North Korean engineers weren’t as smart as they thought they were. Or maybe they were welding the rocket casings wrong.
“You have to be cautious whenever the enthusiasts of cyberattacks come in and claim victory,” one former official advised me.
Whatever the true reason, the American plan to throw the missiles off-course succeeded at one thing: It made Kim Jong-un and his quartet of missile builders paranoid. The four members of the leadership who showed up in photographs surrounding the young leader during launches were clearly wondering whether sabotage, incompetence, or a series of unlucky accidents was the source of their misfortune. In that regard, the cyber sabotage effort initiated by the United States triggered the same kind of anxieties in North Korea that Stuxnet had caused in Iran, where the centrifuges seemed to be spinning normally—until unexplained disaster struck. The psychological effects may have been as important as the physical effects.
Nonetheless, the notoriously volatile young North Korean leader—known for executing his uncle and mounting a nerve-gas attack that killed his half-brother—proved remarkably tolerant when it came to the shortcomings of his rocket team. “We have never heard of him killing scientists,” said Choi Hyun-kyoo, a researcher in South Korea who runs NK Tech, which manages a database of North Korean scientific publications. “He is someone who understands that trial and error are part of doing science.”
Kim’s missile whisperers could only hope his leniency would continue.
* * *
—
Before the North Korean missiles began blowing up, I remembered only vaguely hearing the term “left of launch.”
I knew the basics: that “left of launch” meant working to stop missiles before they were fired, when they are presumably easier to target. The phrase had an echo from the war in Iraq, where the military often used the shorthand “left of boom” to describe their effort to find and dismantle roadside bombs before they did damage.
But as a matter of international law and geopolitics, “left of launch” was far more fraught. At its core was the idea that the United States was prepared to mount a strike against another nation in peacetime, getting inside their infrastructure to attack their missile and command-and-control systems before they could be used against the United States. Of course, if a president ordered such a strike in the traditional way—say, by sending bombers in to destroy a missile base in peacetime—it would likely trigger a war. The hope was that by turning to cyberweapons or other sabotage, the United States could slip in far more subtly, deny responsibility for whatever happened, and get away without being caught.
Not surprisingly, on the rare occasions when the Pentagon talked about “left of launch” in public—and it did not happen often—they made it sound far more benign. They never used the word “preemption,” knowing that word would raise a host of legal and political problems, starting with the obvious one: that only Congress can declare wars. Officials never even described “left of launch” as one of the president’s options for covert action, something he could initiate by signing a presidential “finding” authorizing the intelligence agencies to take action in the defense of the United States.
Instead, “left of launch” was treated simply as another form of missile defense, a way to improve the chances of success for more traditional missile defenses—the antimissile systems that were supposed to hit an incoming nuclear warhead before it reached American shores.
Those traditional systems needed all the help they could get. The United
States began working on antimissile defenses after the Soviet Union test-fired the world’s first ICBM in 1957. That launch spurred President Dwight D. Eisenhower to initiate a crash program that swept in many of the nation’s best scientists. Sixty years and more than $300 billion later, the concept of traditional missile-defense systems hadn’t changed much. The aim was still to “hit a bullet with a bullet”—in other words, to intercept a warhead in midflight with a precision-guided antimissile system launched, often into space, from Alaska, California, or a ship at sea.
Given the number of Soviet missiles that could be launched at once, any American system would be overwhelmed. Later, after the Soviet Union fell, President George W. Bush focused on North Korea, which at the time could only hope to lob a few missiles in the direction of the United States. In late 2002, Bush announced that his administration was deploying long-range antimissile interceptors at a giant, muddy base just south of Fairbanks with a sister installation in California.
Once again, optimism outran experience. The number of successful interceptions in trial runs was embarrassing—roughly 50 percent, and that rate of success was achieved in tests conducted under ideal conditions. Soon the Pentagon stopped making public any quantifiable measurements. The truth was just too painful. Whenever senators pushed for more details, someone would tell them they would be happy to take it up in a classified session.
In light of these disappointments, at the Pentagon, and even among the defense contractors who were dependent on multibillion-dollar contracts for traditional missile interceptors, “left of launch” grew in importance. If missiles could be stopped on the ground, or in the first few seconds of flight, the interceptors would not have to be launched at all—they would become a backup defense, instead of a primary defense. The savviest of the contractors, eager to bid on the new business, began talking about “missile defeat” programs instead of “missile defense” programs. But the biggest of those contractors quietly worried that if cyber and electronic methods of taking down missiles proved too successful, they could put their multibillion-dollar traditional antimissile programs out of business. The big money was still in bending metal and making interceptors—not in writing code.