Monday, 16 November 2009

The Cyberwar Plan


By Shane Harris
National Journal
Nov. 14, 2009

Cover Story

In May 2007, President Bush authorized the National Security Agency, based at Fort Meade, Md., to launch a sophisticated attack on an enemy thousands of miles away without firing a bullet or dropping a bomb.

At the request of his national intelligence director, Bush ordered an NSA cyberattack on the cellular phones and computers that insurgents in Iraq were using to plan roadside bombings. The devices allowed the fighters to coordinate their strikes and, later, post videos of the attacks on the Internet to recruit followers. According to a former senior administration official who was present at an Oval Office meeting when the president authorized the attack, the operation helped U.S.
forces to commandeer the Iraqi fighters' communications system. With this capability, the Americans could deceive their adversaries with false information, including messages to lead unwitting insurgents into the fire of waiting U.S. soldiers.

Former officials with knowledge of the computer network attack, all of whom requested anonymity when discussing intelligence techniques, said that the operation helped turn the tide of the war. Even more than the thousands of additional ground troops that Bush ordered to Iraq as part of the 2007 "surge," they credit the cyberattacks with allowing military planners to track and kill some of the most influential insurgents. The cyber-intelligence augmented information coming in from unmanned aerial drones as well as an expanding network of human spies. A Pentagon spokesman declined to discuss the operation.

Bush's authorization of "information warfare," a broad term that encompasses computerized attacks, has been previously reported by National Journal and other publications. But the details of specific operations that specially trained digital warriors waged through cyberspace aren't widely known, nor has the turnaround in the Iraq ground war been directly attributed to the cyber campaign. The reason that cyber techniques weren't used earlier may have to do with the military's long-held fear that such warfare can quickly spiral out of control. Indeed, in the months before the U.S. invasion of Iraq in March 2003, military planners considered a computerized attack to disable the networks that controlled Iraq's banking system, but they backed off when they realized that those networks were global and connected to banks in France.

emails

a

The Register - Security

IQ test

The Register - Security: Anti-Virus

HackWire - Hacker News