At the request of his national intelligence director, Bush ordered an NSA cyberattack on the cellular phones and computers that insurgents in Iraq were using to plan roadside bombings. The devices allowed the fighters to coordinate their strikes and, later, post videos of the attacks on the Internet to recruit followers. According to a former senior administration official who was present at an Oval Office meeting when the president authorized the attack, the operation helped U.S. forces to commandeer the Iraqi fighters’
communications system. With this capability, the Americans could deceive their adversaries with false information, including messages to lead unwitting insurgents into the fire of waiting U.S. soldiers.
Former officials with knowledge of the computer network attack, all of whom requested anonymity when discussing intelligence techniques, said that the operation helped turn the tide of the war. Even more than the thousands of additional ground troops that Bush ordered to Iraq as part of the 2007 “surge,” they credit the cyberattacks with allowing military planners to track and kill some of the most influential insurgents.
Some journalists have obliquely described the effectiveness of computerized warfare against the insurgents. In The War Within, investigative reporter Bob Woodward reports that the United States employed “a series of top-secret operations that enable [military and intelligence agencies] to locate, target, and kill key individuals in extremist groups such as Al Qaeda, the Sunni insurgency, and renegade Shia militias. … ” The former senior administration official said that the actions taken after Bush’s May 2007 order were the same ones to which Woodward referred. (At the request of military and White House officials, Woodward withheld “details or the code word names associated with these groundbreaking programs.”)
Cyber-defenders know what to prepare themselves for because the United States has used the kinds of weapons that now target the Pentagon, federal agencies, and American corporations. They are designed to steal information, disrupt communications, and commandeer computer systems. The U.S. is forming a cyberwar plan based largely on the experience of intelligence agencies and military operations. It is still in nascent stages, but it is likely to support the conduct of conventional war for generations to come. Some believe it may even become the dominant force.
Over the past few years, however, the cyber-cohort has gained influence among the ranks of military strategists, thanks in large part to the ascendancy of Gen. Petraeus. The man widely credited with rescuing the U.S. mission in Iraq is also a devotee of “information operations,” a broad military doctrine that calls for defeating an enemy through deception and intimidation, or by impairing its ability to make decisions and understand the battlefield. In past conflicts, the military has jammed enemy communication systems with electromagnetic waves or dropped ominous leaflets from planes warning enemy forces of imminent destruction. Today, cyber-warriors use the global telecommunications network to commandeer an adversary’s phones or shut down its Web servers. This activity is a natural evolution of the information war doctrine, and Petraeus has elevated its esteem.
Military officers describe cyberspace as the fifth domain of war, after land, sea, air, and space. But cyberspace is unique in one important respect — it’s the only battlefield created by humans.
“We have invented this, and it cuts across those other four,” said retired Air Force Lt. Gen. Harry Raduege, who ran the Defense Information Systems Agency from 2000 to 2005.
“You can’t win the cyberwar if you don’t win the war for talent,” said Max Stier, the president of the Partnership for Public Service, an advocacy group that helped write the study. The co-author was Booz Allen Hamilton, the government contracting firm where former intelligence Director McConnell now runs the cyber-security business.
The Defense Department graduates only about 80 students per year from schools devoted to teaching cyber-warfare. Defense Secretary Robert Gates has said that the military is “desperately short” of cyber-warriors and that the Pentagon wants four times as many graduates to move through its teaching programs over the next two years.
On May 5 of this year, lawmakers on the House Armed Services Subcommittee on Terrorism and Unconventional Threats and Capabilities asked the NSA’s Alexander whether the attacks on Estonia and Georgia met the definition of cyberwar. “On those, you’re starting to get closer to what would be [considered war],” he said. “The problem you have there is who — the attribution.”
The U.S. conducted its first focused experiments with cyberattacks during the 1999 bombing of Yugoslavia, when it intervened to stop the slaughter of ethnic Albanians in Kosovo. An information operations cell was set up as part of the bombing campaign. The cell’s mission was to penetrate the Serbian national air defense system, published accounts and knowledgeable officials said, and to make fake signals representing aircraft show up on Serbian screens. The false signals would have confused the Serbian response to the invasion and perhaps destroyed commanders’ confidence in their own defenses.
According to a high-level military briefing that Federal Computer Week obtained in 1999, the cyber-operation “could have halved the length of the [air] campaign.” Although “all the tools were in place … only a few were used.” The briefing concluded that the cyber-cell had “great people,” but they were from the “wrong communities” and “too junior” to have much effect on the overall campaign. The cyber-soldiers were young outsiders, fighting a new kind of warfare that, even the briefing acknowledged, was “not yet understood.”
Only four years after the war in Yugoslavia, planners again held off on releasing a potentially virulent weapon against Iraq. In the plan to disable the Iraqi banking network in advance of the U.S. invasion, the Pentagon determined that it might also bring down French banks and that the contagion could spread to the United States.
“It turns out that their computer systems extend well outside Iraq,” a senior Air Force official told Aviation Week & Space Technology in March 2003. “We’re also finding out that Iraq didn’t do a good job of partitioning between the military and civilian networks. Their telephone and Internet operations are all intertwined. Planners thought it would be easy to get into the military through the telephone system, but it’s all mixed in with the civilian [traffic]. It’s a mess.” This official said that to penetrate the military systems, the United States would risk what planners began calling “collateral computer network attack damage.”
Because of the widespread damage that cyber-weapons can cause, military and intelligence leaders seek presidential authorization to use them. “They’re treated like nuclear weapons, so of course it takes presidential approval,” the former military officer said. McConnell, the ex-intelligence director, has compared the era of cyberwar to “the atomic age” and said that a coordinated attack on a power grid or transportation or banking systems “could create damage as potentially great as a nuclear weapon over time.”
The Obama administration’s former White House chief of cyber-security, Melissa Hathaway, has called for international cyberspace agreements. In a number of speeches in 2008 while still with the Bush administration, Hathaway proposed a Law of the Sea Treaty for the Internet, which, she said, is the backbone of global commerce and communications, just as the oceans were centuries ago.
The odds for a broad international framework aren’t good, however.
In September, a panel of national security law experts convened by the American Bar Association and the National Strategy Forum, a Chicago-based research institute, concluded that the prospects for any multinational agreement are bleak. “The advantages of having a cyber-warfare capacity are simply too great for many international actors to abjure its benefits,” the panel stated.
In this historical analogy, experts have embraced a Cold War deterrent to prevent the cyber-Armageddon that military and intelligence officials have been warning about — mutually assured destruction.
Presumably, China has no interest in crippling Wall Street, because it owns much of it. Russia should be reluctant to launch a cyberattack on the United States because, unlike Estonia or Georgia, the U.S. could fashion a response involving massive conventional force. The United States has already learned that it makes no sense to knock out an enemy’s infrastructure if it disables an ally’s, and possibly America’s own. If nations begin attacking one another’s power grids and banks, they will quickly exchange bombs and bullets. Presumably, U.S. war planners know that. And it may be the most compelling reason to keep their cyber-weapons sharp but use them sparingly.