With the constant media attention to the alleged Russian involvement in the last American election, there is perhaps more media attention to the issue of cyber-warfare than ever before. In this context, Shane Harris’ book, @ War: the Rise of the Military-Internet Complex is provides a sweeping overview of how the U.S. government and its corporate allies have sought to respond and use cyber tools for espionage and war.
Harris has a background as a journalist, and he has extensively interviewed people in both the U.S. federal government and industry. His work provides a deep understanding of how these actors view cyber-conflict. The book is particularly good at showing how corporations are intricately connected the armed forces in cyber-warfare: “Without the cooperation of the companies, the United States couldn’t fight cyber wars. In that respect, the new military-Internet complex is the same as the industrial one before it” (Harris, p. xxiii).
At the same time, this book views this issue through an American lens, and at times has an unreflective view of technology’s role in war. Ever since the Vietnam War, the United States has relied on technology to win wars, while not similarly prioritizing cultural, strategic and historical awareness. One can see this issue in the opening section of the book, which examines U.S. efforts to use cyber-espionage to target ISIS in Iraq, in what he describes as a triumph: “Indeed, cyber warfare -the combination of spying and attack- was instrumental to the American victory in Iraq in 2007, in ways that have never been fully explained or appreciated” (Harris, p. xxii). Even though his description of U.S. operations in Iraq is fascinating, this part of the work has not aged well, and confronts the reader with technology’s limitations more than its capabilities.
Cyber-warfare may seem less attractive now that Russia has used these techniques, and less effective since the rise of ISIL. In some respects, the celebration of cyber-warfare seems to posit a new model of counter-insurgence warfare (COIN). But the evidence doesn’t seem to bear this out. The book’s first chapter portrayed U.S. intelligence operations in Iraq as a turning point, but the situation rapidly deteriorated after the period covered in this narrative. Major cities in Iraq -such as Mosul and Fallujah- fell to the insurgents in 2014. These cities were only recently reclaimed after bloody warfare, in which cyber-warfare played a marginal role. In the end, Harris’ work reads as a glorification of technology’s role in warfare, but the example of Iraq suggests that technology has not fundamentally changed the nature of guerrilla warfare. Why else did ISIL explode into existence so quickly if U.S. tactics were so successful? One would have little sense of these limitations from Harris’ opening chapter: “This was the most sophisticated global tracking system ever devised, and it worked with lethal efficiency” (Harris, 23). In this narrative, cyber-warfare led to U.S. victory in Iraq: “When the last US troops left Iraq in December 2011, the nine-year war had taken nearly forty-five hundred lives. But it had also given birth to a new form of fighting” (Harris, p. 38). Similar statements are also made by U.S. military figures about Afghanistan (Harris, pp. 79). There is a lack of broader context for all these arguments.
At the same time, in later sections of his book Harris examines U.S. intelligence failures: 9/11, the belief that Iraq had weapons of mass-destruction, and the rise of ISIS (Harris, p. 32). Still, Harris doesn’t engage in as deep a discussion of issues related to the morality or legality of NSA’s actions as does Scott Horton in Lords of Secrecy, until well into the book. While he touches on these issues in the first half of the work(Harris, p. 45), these topics are secondary until chapter five. Harris also clearly had high-level access to sources. But at times his descriptions of individual figures is almost hagiographic: “When McConnell had left the NSA, cyber war was in its infancy. In his absence, it entered adolescence. Now, he would take it into adulthood” (Harris, pp. 42).
Despite these limitations, this book makes fascinating reading. Whether discussing Chinese cyber espionage against Congress and industry (Harris, pp. 53, 63, 65, 172-179, 204-209), or the government’s efforts to shape university curriculum (Harris, pp. 66), his study is a wealth of detail. In particular, his discussion of the Tailored Access Operations office (TAO) of the NSA is rich and disturbing. The NSA hacked the Mexican President’s email (Harris, pp. 76), and worked hand-in-glove with the CIA. For anyone who believes that TOR (The Onion Router) provides anonymity on the web, a quick read of how NSA set up nodes in the system (in alliance with the British) provides some useful insight into TOR’s nature (Harris, p. 85). The campaign was largely a failure (Harris, 86), so far as we know.
By far the best aspect of the book is its ability to show how U.S. security and intelligence services shape the basic infrastructure of our communications systems and the internet in a way that facilitates surveillance (Harris, pp. 88, 93, 96). The lengths to which NSA will go to are astonishing, and reduce all of our security. In chapter Five, “The Enemy Among Us,” Harris examines some of the moral issues that earlier sections of the work skirted. To me, this was the best chapter in the book, and one that every U.S. citizen could profitably read. The following chapter, “Mercenaries,” provides a rich look at the privatization of cyber-warfare. Private companies now do the kind of espionage, Harris claims, that once was the purview of nation-states (Harris, p. 105).
Harris’ book is an interesting, well-written tour of its subject, which is filled with fascinating details. Despite the fact that at times it tends to provide too little context regarding cyber-warfare’s limitations, the book’s detail and depth are impressive. The discussion of the alliance between the U.S. government and business in the cyber realm is detailed and well-researched. The book also describes shocking U.S. vulnerabilities and losses in this area (Harris, p. 140). Chapter twelve describes probes of natural gas pipeline companies (Harris, 187-189), which suggested that the United States’ energy infrastructure might be at risk. By the end of the work you’ll be putting tape over your laptop’s camera, purchasing a digital password manager, and checking the data leakages from your apps. You’ll also have a much better understanding of the true reach of U.S. and Chinese cyber operations. Recommended.
One last thought. The former East German State had one of the most efficient and far reaching intelligence services ever known, which was called the State Security Service, or Stasi. It had an immense network of informants, a complex system of phone tapping and bugs, and an array of legal and political powers of which the NSA can only dream. In November 1989 it proved utterly incapable of stopping the collapse of the Communist regime, and it was dissolved that December. My point is that no intelligence service -no matter how powerful or feared- can take the place of an effective political strategy, whether within a nation or during a war.
With all of the focus on digital surveillance, it’s worth remembering this fact. Ever since Vietnam, the United States has put its faith in technology’s ability to win wars. Digital surveillance seems unlikely to allow the United States to escape messy political realities in the Middle East this century any more effectively than it did in southeast Asia in the 1960s.