In February 2009, Susan Burk, the first Deputy Coordinator for Homeland Security in the State Department’s Office of the Coordinator for Counterterrorism, sent out secret instructions from Washington to its embassies around the world. Ambassadors were instructed to carry out recognizance and analyze the situation in each country in respect to its significance to US security concerns. The authorities and politicians in the countries were not to be informed or consulted.
One of those who received the order was Chargé d'affaires Robert Silverman, second in command at the US Embassy in Stockholm. His assignment was to determine if anything in Sweden were to be included in the USA’s secret list of essential infrastructure that must be protected. Silverman concluded that Sweden ought to receive a higher priority. In a classified report to Washington he recommended that two Swedish objects be added to the secret inventory of vital assets.
The first was a commercial enterprise in the pharmaceutical industry. The other object, Sweden’s telecom network, had significantly greater implications for security, concluded Silverman. In his report to Washington he wrote: “Although Sweden does not posses a direct undersea cable from the U.S., Sweden is a central European communications hub. For example, Swedish company TeliaSonera is an international carrier that owns and manages 43,000 km of fiber optic cable linking Russia and the Baltics to the rest of Europe and the U.S. If these lines of communications were to be destroyed, disrupted, or exploited, it may compromise global communications.”
He made special note that Telia Sonera cables headed eastwards. What Silverman referred to in other words is Sweden’s part in the Internet and its significance for regions to the east. There is a firm basis for his evaluation. Telia Sonera ranks among the largest members of the global telecom network. The Nordic telecom is one a few companies whose infrastructure compose the central nervous structure of the Internet. These companies are the backbone of the Internet that transport large amounts of traffic over long distances and give access to the smaller elements that are tied into the network.
The current list of international infrastructure objects that the USA is determined to protect is classified, but there are strong indications of concurrence with the views put forth by Silverman. The end recipient of his report was the Department of Homeland Security, created by President George Bush after the attacks of September 11 to coordinate defense against terrorism. It was there that intelligence about the telecommunications network was compiled to draw conclusions and defensive measures.
The actions taken for the protection of the world’s cyber infrastructure are incorporated in an arrangement known as the National Infrastructure Protection Plan. The plan, whose name implies national considerations, is plainly international in scope. In the diplomatic cables released by Wikileaks show the breadth of the US security zone as global.
The section of the plan in consideration of IT infrastructure defense places great emphasis on Cyber Storm, a defense exercise in response to simulated attacks by terrorists and hostile states. Cyber Storm existed in a joint international collaboration whose inner workings are open to just a few participants. Sweden is a member of the inner circle.
Among the leading members is the US Defense Department. During 2010, the Pentagon worked in high gear to prepare the USA for the heightened security demands. In a historical shift, the strategic leadership has reformed itself, creating a new organ specialized in digital warfare. Cyber Command, the new institution, became operational in October 2010.
US Defense Secretary William Lynn then said that the cyber domain is as important as the land, sea, air and space domains to the military, and protecting military networks is crucial to the Defense Department's success on the battlefield.
The new mindset of Cyber Command includes tactical considerations. Passive defense in the form of fire walls has been augmented by active sentry work that includes the possibility of offensively targeting hostile forces. The US now actively defends digital networks of national strategic importance.
At the top of Cyber Command is four-star Army General Keith Alexander, who is furthermore head of the National Security Agency (NSA), yet another organ of the convoluted labyrinth of US security and defense. NSA is responsible for digital espionage, reading and monitoring web communications in the search for threats to the USA.
In confirmation hearings before the US Congress Alexander used the opportunity to criticize the laws and regulations that limit the military’s ability to act with full force in cyber space. His wishes were fulfilled.
In a controversial decision in October of 2010 lawmakers gave the executive branch of government the authority to act when civil infrastructure is threatened. The White House may now authorize the Department of Homeland Security and Alexander’s cyber soldiers to take offensive action to defend critical infrastructure both within and beyond US borders.
The US invited Sweden to take part in Cyber Storm. One of those who participated from the Swedish side was Ingvar Hellquist, a former army colonel who works as a security consultant. Confirming that Sweden has a weighty role in the global network, he said:
“It is of evident importance that one of the Internet's hubs is in our region. There aren’t so many countries that have one. That we are an advanced and attractive partner for collaboration is in part because we became a central point in the network. And when such [technology] is in place, it isn’t the sort of infrastructure that one can easily transfer.”
Hellquist and others in the Swedish intelligence community who spoke to DN present a similar picture. “We are adept at IT security and our knowledge is reason for our inclusion,” commented Richard Oehme, head of the Swedish Civil Contingencies Agency’s (MSB) office for the protection of information.
Cyber Storm tested the response of the institutions that make up the US secret list of objects to be defended in the event of attack. The exercise rehearsed in 2010 considered a scenario in which the vital areas of the Internet were attacked, causing the lost of human life and disturbance to governmental authorities and the private sector.
Parallel to Cyber Storm, Sweden carried out its own security exercise, in which MSB and the National Defence Radio Establishment (FRA) took part. The exercise examined the question of how IT disturbances to the electrical power grid should be handled. In the Cyber Storm Sweden focused on the exchange of information, explained Richard Oehme.
“It concerned the function of communications channels. Who is one to call when something happens? These types of incidents are fast-spreading. One must take into account the international aspect when testing,” Oehme told DN.
The Swedish government would not comment on how it sees American interests in the Swedish network.
“We have no reason to comment on speculation about other countries’ security interests in a particular country’s infrastructure,” said Mikael Östlund, Press Secretary for Defense Minister Sten Tolgfors.
Regarding collaboration with the Washington, the Swedish government refers to the Agreement between Sweden and US “on Cooperation in Science and Technology in Homeland Security Matters.” The agreement identifies technology for the surveillance and identification of terror related activities as an area for collaboration. No conflict with Swedish foreign or security polices are acknowledged.
“Our collaboration does not affect either Sweden’s sovereignty or military neutrality, however, on the other hand, international collaboration strengthens Sweden’s capacity in important areas,” said Östlund.
Telia Sonera declined to comment on the information about the company’s network in US diplomatic cables.
Translation and summary by Davrell Tien