Network War: The US Military Formidable Hacker Posse

If attack is the best form of defense, then the US military establishment is on the war-path in cyberspace.

According to an article recently published in Wired News, entitled "U.S. Military's Elite Hacker Crew", the U.S. military "has assembled the world's most formidable hacker posse: a super-secret, multimillion-dollar weapons program that may be ready to launch bloodless cyberwar against enemy networks -- from electric grids to telephone nets. "

A unit called the Joint Functional Component Command for Network Warfare (JFCCNW) has been set up to take overall responsibility for defending the US Department of Defense's computer networks. It is believed to be comprised of staff from the CIA, the National Security Agency, the FBI, the four military branches, some civilian experts and military representatives from allied nations.

The JFCCNW is also responsible for the "highly classified, evolving mission of Computer Network Attack", the CNA.

 

 

The group's existence came to light during a U.S. Senate Armed Services Committee hearing in March 2005, when military leaders from U.S. Strategic Command, or Stratcom, disclosed its existence.

The U.S. administration has never hidden the fact that it has invested heavily in defending its computer networks, which were apparently targeted nearly 75,000 times with intrusion attempts last year. But the Department of Defense has never admitted to having the capability to launch an offensive action in cyberspace.

Photo credit: David Alonso

In straightforward military terms, this capability means that the U.S. can destroy an enemy's computer network or sabotage radar.

The Wired article quotes Dan Verton, a former U.S. Marine intelligence officer and the author of the book "Black Ice", which investigates the threats cyber terrorism and vandalism could have on military and financial networks.

Verton said the Defense Department talks often about the millions it spends on defending its networks, but the department has never admitted to launching a cyber attack. It means they can penetrate enemy computers, steal or manipulate data and:

"set loose a worm to take down command-and-control systems so the enemy is unable to communicate and direct ground forces, or fire surface-to-air missiles, for example."

Verton says military personnel have told him numerous "black programs" involving CNA capabilities are ongoing, while new polices and rules of engagement are now on the books.

According to a former CNA commander, Air Force Maj. Gen. John Bradley, during a speech at a 2002 Association of Old Crows conference (a leading think tank on information and electronic warfare):

"I've got to tell you we spend more time on the computer network attack business than we do on computer network defense because so many people at very high levels are interested."

It is believed that the U.S. military first used this type of capability in Serbia in the mid-1990s. One story widely reported, but never confirmed, described how a team of military operatives was dropped into Serbia, and after cutting a wire leading to a major radar hub, planted a device that emitted phantom targets on Serb radar.

In the Summer of 2004, the internet-posted execution of American civilian Nicholas Berg sparked a debate about the offensive capabilities of the CNA program. The debate focused on whether the U.S. should shut down a website as soon as it posts such brutality, irrespective of what the implications are for free speech or what another nation's laws are. Others believe that 'terrorist sites' should remain up and running for 'intelligence' purposes.

This type of capability, however, opens up very many more questions for debate. It gives the U.S. military the means to shut down or destroy any online resource that it deems 'offensive'.

That, these days, can cover a great deal. And when a site is shut down, or a network destroyed, somewhere in the world, who's to know who's behind it.

Furthermore, as Dan Verton says:

"The reality is, once you press that Enter button, you can't control it. If the government were to release a virus to take down an enemies' network, their radar, their electrical grid, you have no control what the virus might do after that."