One of the missions for U.S. special forces troops deployed against ISIS in Iraq will be gathering intelligence for American cyber-commandos, who are already striking the Islamic State’s computer systems. The Obama administration has warned American utility companies about the danger of cyberattacks against our infrastructure, possibly as a result of hostilities in the Middle East.
Reuters cites Secretary of Defense Ashton Carter explaining how “cyber attacks, particularly in Syria, were designed to prevent Islamic State from commanding its forces, and Washington was looking to accelerate the cyber war against the Sunni militant group.”
“The methods we’re using are new. Some of them will be surprising,” Carter promised at a Pentagon news conference.
Joint Chiefs chairman General Joseph Dunford added that cyber attacks would be part of the effort to recapture Mosul from the Islamic State, depriving ISIS of its Iraqi stronghold.
Naturally, both Carter and Dunford said it would jeopardize the security and effectiveness of this electronic espionage to discuss its details, with Dunford saying he did not want ISIS to know the difference between U.S. hacker attacks and the “friction that’s just associated with the normal course of events in dealing in the Information Age.”
That is the strategy embraced by all top-shelf hackers. Confusion and uncertainty are vital resources; the best hacks go unnoticed by the target for a long time. This recalls the even older wisdom of spies and code-breakers from the analog era, who understood the importance of preventing the enemy from realizing his secure communications had been compromised.
The Baltimore Sun reported on Tuesday that DoD was calling upon military hackers at Fort Meade to attack the Islamic State, and described Defense Secretary Carter’s comments as a “striking shift in the way the government talks about its ability to launch cyberattacks against its enemies.”
The Sun quoted cyberweapons expert Trey Herr of George Washington University suggesting that ISIS would provide a useful, universally-hated target for testing out new U.S. cyberwarfare techniques, while noting that ISIS systems are unlikely to provide a challenge that would require American computer commandos to employ their most cutting-edge weapons. One of the primary challenges facing the anti-ISIS squads will be conducting offensive electronic operations without interfering with intelligence gathering.
When the U.S. Cyber Command is up to full strength, sometime in 2018, it will include some 6,000 hackers organized into 133 teams, with 27 of them dedicated to aggressive electronic warfare. The Baltimore Sun reports that each cyber-commando requires about 18 months and $200,000 of training to reach a basic level of proficiency.
Defensive operations will be important as well. The New York Times reported on Monday that the partially successful attack on Ukraine’s power grid two months ago provides a disturbing model of what American electronic security, government and corporate, might face.
The Ukraine attack is believed to be the first example of a power blackout produced by a cyberattack. The Ukrainians blame Russia, although the U.S. government says its investigation of the incident remains ongoing. Off the record, the Russian government, or “patriotic hackers” sympathetic to its cause, are widely held to be the most likely suspects.
One of the troubling aspects of the Ukranian attack is that it probably could have been much worse; investigators think the hackers pulled their punch to “send a message.” As analyst Robert M. Lee of the SANS Institute put it, the attack was “large enough to get everyone’s attention, and small enough not to prompt a major response.”
The weapon they used was a virus that attacked industrial control systems — the sort of attack that could wreak large-scale havoc, especially in an environment as large and complex as United States infrastructure. The Times article notes that analysts are worried Ukraine recovered as quickly as it did because its systems are much older and clumsier than those in the U.S., relying more heavily upon human operators and manual switches.
The techniques employed were similar to those used in the Stuxnet virus attack on Iran’s nuclear program, and the hack of Sony Entertainment computers widely blamed on North Korea in 2014. After a lengthy period of quiet reconnaissance, the malware in Ukraine went hot with swift and devastating effect, disconnecting power breakers and destroying the computer systems that would have allowed service to be quickly restored.
If ISIS feels severely threatened in Iraq or Syria, especially if they determine U.S. cyber-commandos have damaged their systems, they might want to follow the Ukraine model in lashing out at American infrastructure. It is also possible to imagine scenarios in which other actors in the Middle Eastern mess could give it a try, perhaps including Russia or its “patriotic hackers,” if tensions between the U.S. and Russia become strained over Syria. A new frontier in warfare is opening, and that means both new opportunities and threats we have never faced before.