Politics & Government

Into the wild new yonder: U.S. prepares for cyber-wars

WASHINGTON — While U.S. forces in Iraq and Afghanistan engage the enemy with guns, tanks, airplanes and missiles, the American military is quietly fighting a much different kind of war on a new front — cyberspace.

Military officials say that a cyber-attack by foreign enemies or terrorist groups would result in "an electronic Pearl Harbor" that would shut down electricity, banking systems, cell phones and other tools of day-to-day life.

Hundreds, and possibly thousands, of more-limited cyber-assaults are already bombarding the firewalls of government computer systems daily, prompting U.S. officials and military leaders to declare that the United States is already at war on the cyber-front.

"America is under widespread attack in cyberspace," Gen. James E. Cartwright, then-commander of the U.S. Strategic Command, which oversees the military's computer grid, told Congress in March. "Our freedom to use cyberspace is threatened by the actions of criminals, terrorists and nations alike."

As a result, the U.S. military is aggressively incorporating cyber-technology into its war-fighting arsenal in the same sort of evolutionary pattern that saw air power emerge from the early biplanes of the past century. All branches of the military have cyber-operations, and the Air Force is moving to set up a full-fledged cyber-command that will have the same stature as its other commands.

U.S. officials acknowledge that the computer-dependent military and federal government are threatened by virtually every malevolent concept of the cyber-age, from worms and viruses that aim to cripple or shut down networks to illegal intrusions that attempt to steal classified information.

"We're vulnerable every day," said Greg Garcia, the assistant secretary for cyber-security and communications at the Department of Homeland Security, which is charged with overseeing cyber-protection for the federal government and the private sector. "Everybody is seeing some form of intrusion or attack."

The DHS received 37,000 reports of attempted breaches on government and private systems in fiscal 2007, which ended on Sept. 30, compared with 24,000 the previous year. Assaults on federal agencies increased 152 percent during that period, from 5,143 to 12,986.

A worst-case attack could shut down computer command-and-control systems that run banking, water and sewerage systems, traffic lights, oil and gas networks and nearly every other element of the public infrastructure. Those control systems, the Government Accountability Office said in September, face "increasing risks" and "are more vulnerable to cyber-attacks than in the past."

The roster of cyber-adversaries includes foreign militaries and intelligence services, hackers who could be working in league with foreign governments, and "hacktivists" — hackers with political agendas. Terrorists thus far are considered only a limited threat, but they could become more dangerous as technically proficient younger members join the ranks, said the GAO report, citing the CIA.

"Five or 10 years from now, senior defense officials believe, an enemy may not need soldiers, ships or aircraft to strike hard at the United States," says a report prepared for the U.S. Air Force Association. "The preferred tool may be information-based attacks carried out in cyberspace."

The United States, with its multi-layered systems and advanced firewalls, has avoided the type of extensive attack that caused widespread disruptions throughout government agencies and institutions in Estonia this spring. But it's not for lack of trying. Numerous assaults, most of them harmless, pound U.S. military and government computers once every several seconds, say experts.

"The Pentagon is probably one of the most attacked networks in the world," said Matt Richard, the director of the rapid response team for VeriSign iDefense, a California-based firm that specializes in cyber-security.

Scores of countries have sophisticated cyber-operations, and foreign hackers in league with unfriendly governments are often suspected in the attacks on U.S. systems, experts say. A limited attack on an unclassified system in the Pentagon this summer was traced to China, according to press accounts, but the Chinese government vehemently denied any involvement.

Some of the most adept hackers are based in Russia, Asia and Eastern Europe, said Richard. A freelance group known as NCPH is based in China and reputedly has at least loose ties to the government. A prolific group of hackers in St. Petersburg, Russia, which uses the name of a legitimate Russian business network, allegedly has ties to the Russian mob.

The responsibility for protecting the Pentagon's global information grid, composed of 12,000 networks and 5 million individual systems, rests with the Joint Task Force-Global Network Operations, an arm of the Strategic Command, or STRATCOM.

Task force personnel work behind two banks of computers in a government building in Arlington, Va., keeping a 24/7 vigil. Spokesman Timothy J. Madden said the threats cover "a large and diverse" range, and he acknowledged that the perpetrators include "nation-states," which he declined to identify.

Two years after the 2001 terrorist attacks, the Bush administration developed a "National Strategy to Secure Cyberspace," which put the then-new DHS in charge of cyber-protection. The strategy has included development of the "Einstein" early warning system to spot attacks on government computers and public-private exercises known as "Cyber Storm."

The blueprint for the military is the "2006 National Military Strategy for Cyberspace Operations," a classified document that includes both defensive and offensive measures, according to officials and analysts. Likely offensive tactics include disabling an enemy's command-and-control networks, destroying data or dispatching false information to weapons networks, often as part of a larger attack with air power and other traditional weaponry.

As an outgrowth of the strategy, Air Force leaders established a provisional cyber-command at Barksdale Air Force Base in Louisiana and plan to develop a permanent command at an as-yet undesignated site on Oct. 1, 2008.

Maj. Gen. William Lord, who heads the provisional command and is leading the search for a site, said the headquarters will consist of about 500 personnel charged with training and coordinating cyber-activities within the Air Force. Lord said he's been contacted by congressional delegations from at least seven states, including California and Texas, who hope to land the command and its attendant economic benefits.

As many as 40,000 Air Force personnel are assigned to cyber-tasks, and Air Force officials envision an emerging breed of warrior who fights with a computer and keyboard. But he's expected to be as formidable as the soldier with a gun; Dr. Lani Kass, special assistant to Gen. T. Michael Moseley, Air Force chief of staff, told a recent seminar that Air Force cyber-warriors would be "trained killers" and "not a bunch of geeks."