Inside Cyber Warfare - Jeffrey Carr [2]
Now, 38 years later, I find myself investigating a realm that remains a sci-fi mystery to many leaders and policymakers of my generation, while younger people who have grown up with computers, virtual reality, and online interactions of all kinds are perfectly comfortable with it. For this reason, I predict that the warfighting domain of cyberspace won’t truly find its own for another five to eight years, when military officers who have grown up with a foot in both worlds rise to senior leadership roles within the Department of Defense.
How This Book Came to Be
This book exists because of an open source intelligence (OSINT) experiment that I launched on August 22, 2008, named Project Grey Goose (Figure 1). On August 8, 2008, while the world was tuning in to the Beijing Olympics, elements of the Russian Federation (RF) Armed Forces invaded the nation of Georgia in a purported self-defense action against Georgian aggression. What made this interesting to me was the fact that a cyber component preceded the invasion by a few weeks, and then a second, much larger wave of cyber attacks was launched against Georgian government websites within 24 hours of the invasion date. These cyber attacks gave the appearance of being entirely spontaneous, an act of support by Russian “hacktivists” who were not part of the RF military. Other bloggers and press reports supported that view, and pointed to the Estonian cyber attacks in 2007 as an example. In fact, that was not only untrue, but it demonstrated such shallow historical analysis of comparable events that I found myself becoming more and more intrigued by the pattern that was emerging. There were at least four other examples of cyber attacks timed with RF military actions dating back to 2002. Why wasn’t anyone exploring that, I wondered?
Figure 1. The official logo of Project Grey Goose
I began posting what I discovered to my blog IntelFusion.net, and eventually it caught the attention of a forward deployed intelligence analyst working at one of the three-letter agencies. By “forward deployed” I refer to those analysts who are under contract to private firms but working inside the agencies. In this case, his employer was Palantir Technologies. “Adam” (not his real name) had been a long-time subscriber to my blog and was as interested in the goings-on in Georgia as I was. He offered me the free use of the Palantir analytic platform for my analysis.
After several emails and a bunch of questions on my part, along with my growing frustration at the overall coverage of what was being played out in real time in the North Caucasus, I flashed on a solution. What would happen if I could engage some of the best people inside and outside of government to work on this issue without any restrictions, department politics, or bureaucratic red tape? Provide some basic guidance, a collaborative work space, and an analytic platform, and let experienced professionals do what they do best? I loved the idea. Adam loved it. His boss loved it.
On August 22, 2008, I announced via my blog and Twitter an open call for volunteers for an OSINT experiment that I had named Project Grey Goose. Prospective volunteers were asked to show their interest by following a temporary Twitter alias that I had created just for this enrollment. Within 24 hours, I had almost 100 respondents consisting of college students, software engineers, active duty military officers, intelligence analysts, members of law enforcement, hackers, and a small percentage of Internet-created personas who seemed to have been invented just to see if they could get in (they didn’t). It was an astounding display of interest, and it took a week for a few colleagues