- The U.S. military has assembled the world's most formidable
hacker posse: a super-secret, multimillion-dollar weapons program that
may be ready to launch bloodless cyberwar against enemy networks -- from
electric grids to telephone nets.
- The group's existence was revealed during a U.S. Senate
Armed Services Committee hearing last month. Military leaders from U.S.
Strategic Command, or Stratcom, disclosed the existence of a unit called
the Joint Functional Component Command for Network Warfare, or JFCCNW.
- In simple terms and sans any military jargon, the unit
could best be described as the world's most formidable hacker posse. Ever.
- The JFCCNW is charged with defending all Department of
Defense networks. The unit is also responsible for the highly classified,
evolving mission of Computer Network Attack, or as some military personnel
refer to it, CNA.
- But aside from that, little else is known. One expert
on cyber warfare said considering the unit is a "joint command,"
it is most likely made up of personnel from the CIA, National Security
Agency, FBI, the four military branches, a smattering of civilians and
even military representatives from allied nations.
- "They are a difficult nut to crack," said Dan
Verton, a former U.S. Marine intelligence officer who is now a journalist
for Computer World. "They're very reluctant to talk about operations."
Verton is author of the book Black Ice, which investigates the threats
cyber terrorism and vandalism could have on military and financial networks.
- Verton said the Defense Department talks often about
the millions it spends on defending its networks, which were targeted last
year nearly 75,000 times with intrusion attempts. But the department has
never admitted to launching a cyber attack -- frying a network or sabotaging
radar -- against an enemy, he said.
- Verton said the unit's capabilities are highly classified,
but he believes they can destroy networks and penetrate enemy computers
to steal or manipulate data. He said they may also be able to set loose
a worm to take down command-and-control systems so the enemy is unable
to communicate and direct ground forces, or fire surface-to-air missiles,
- Some of the U.S. military's most significant unified
commands, such as Stratcom, are undergoing a considerable reorganization.
Stratcom, based at the massive Offutt Air Force base in eastern Nebraska
and responsible for much of the nation's nuclear arsenal, has been ordered
by the Defense Department to take over the JFCCNW.
- To better understand the secret program, several questions
about the unit were submitted to Stratcom.
- Capt. Damien Pickart, a Stratcom spokesman, issued a
short statement in response: "The DOD is capable of mounting offensive
CNA. For security and classification reasons, we cannot discuss any specifics.
However, given the increasing dependence on computer networks, any offensive
or defensive computer capability is highly desirable."
- Nevertheless, Verton says military personnel have told
him numerous "black programs" involving CNA capabilities are
ongoing, while new polices and rules of engagement are now on the books.
- The ground was prepared in the summer of 2002, when President
Bush signed National Security Presidential Directive 16, which ordered
the government to prepare national-level guidance on U.S. policies for
launching cyber attacks against enemies.
- "I've got to tell you we spend more time on the
computer network attack business than we do on computer network defense
because so many people at very high levels are interested," said former
CNA commander, Air Force Maj. Gen. John Bradley, during a speech at a 2002
Association of Old Crows conference. The group is the leading think tank
on information and electronic warfare.
- Last summer, the internet-posted execution of American
civilian Nicholas Berg sparked a debate about the offensive capabilities
of the CNA program, said retired U.S. Army Col. Lawrence Dietz.
- The Berg execution, a gruesome example of Netpolitiking,
sparked a back-room debate at the highest levels, involving the State Department,
the Department of Justice and the Defense Department, said Dietz.
- The debate focused on whether the United States should
shut down a website as soon as it posts such brutality.
- "There are some tremendous questions being raised
about this," said Dietz. "On whether they (JFCCNW) have the legal
mandate or the authority to shut these sites down with a defacement or
a denial-of-service attack."
- Dietz knows a thing or two about information warfare.
He led NATO's "I-War" against Serbia in the mid-1990s -- a conflict
that many believe was the occasion for the U.S. military to launch its
first wave of cyber attacks against an enemy. One story widely reported,
but never confirmed, described how a team of military ops was dropped into
Serbia, and after cutting a wire leading to a major radar hub, planted
a device that emitted phantom targets on Serb radar.
- Rita Katz, an expert on Islamic terror sites and director
of the Washington, D.C.-based Search for International Terrorist Entities,
believes a website that posts an execution should be taken out immediately.
No matter what the implications are for free speech or other nation's laws,
- "There is no good, no value in those sites to exist
anymore," said Katz. However, Katz promotes the theory that some terror
sites, especially those whose servers are in the United States, should
remain up and running for intelligence purposes.
- Dietz believes it could only be a matter of time before
a U.S. soldier faces a similar fate as Berg. Yet along with raising questions
about free speech, he realizes shutting down a website has its limitations.
- After discovering that al-ansar.net's servers, which
hosted video of Berg's execution, were within its borders, the Malaysian
government shut the site down. But it took the Malaysian government more
than a day to act. By then, the Berg video was well on its way to becoming
a global recruiting tool for terror groups. And even if a website were
to be knocked offline, eventually such highly-charged political statements
would find a way onto the internet, Dietz said.
- Verton said the Berg debate is actually an extension
of a cyber warfare debate started several years ago.
- "The reality is, once you press that Enter button,
you can't control it," he said. "If the government were to release
a virus to take down an enemies' network, their radar, their electrical
grid, you have no control what the virus might do after that."
- © Copyright 2005, Lycos, Inc. All Rights Reserved.