http://www.wired.com/news/privacy/0,1848,67223,00.htmlThe U.S. military has assembled the world's most formidable hacker posse: a super-secret, multimillion-dollar weapons program that may be ready to launch bloodless cyberwar against enemy networks -- from electric grids to telephone nets.
The group's existence was revealed during a U.S. Senate Armed Services Committee hearing last month. Military leaders from U.S. Strategic Command, or Stratcom, disclosed the existence of a unit called the Joint Functional Component Command for Network Warfare, or JFCCNW.
The JFCCNW is charged with defending all Department of Defense networks. The unit is also responsible for the highly classified, evolving mission of Computer Network Attack, or as some military personnel refer to it, CNA.
But aside from that, little else is known. One expert on cyber warfare said considering the unit is a "joint command," it is most likely made up of personnel from the CIA, National Security Agency, FBI, the four military branches, a smattering of civilians and even military representatives from allied nations.
"They are a difficult nut to crack," said Dan Verton, a former U.S. Marine intelligence officer. "They're very reluctant to talk about operations." Verton is author of the book Black Ice, which investigates the threats cyber terrorism and vandalism could have on military and financial networks.
Verton said the Defense Department talks often about the millions it spends on defending its networks, which were targeted last year nearly 75,000 times with intrusion attempts. But the department has never admitted to launching a cyber attack -- frying a network or sabotaging radar -- against an enemy, he said.
Verton said the unit's capabilities are highly classified, but he believes they can destroy networks and penetrate enemy computers to steal or manipulate data. He said they may also be able to set loose a worm to take down command-and-control systems so the enemy is unable to communicate and direct ground forces, or fire surface-to-air missiles, for example.
Some of the U.S. military's most significant unified commands, such as Stratcom, are undergoing a considerable reorganization. Stratcom, based at the massive Offutt Air Force base in eastern Nebraska and responsible for much of the nation's nuclear arsenal, has been ordered by the Defense Department to take over the JFCCNW.
To better understand the secret program, several questions about the unit were submitted to Stratcom.
Capt. Damien Pickart, a Stratcom spokesman, issued a short statement in response: "The DOD is capable of mounting offensive CNA. For security and classification reasons, we cannot discuss any specifics. However, given the increasing dependence on computer networks, any offensive or defensive computer capability is highly desirable."
Nevertheless, Verton says military personnel have told him numerous "black programs" involving CNA capabilities are ongoing, while new polices and rules of engagement are now on the books.
The ground was prepared in the summer of 2002, when President Bush signed National Security Presidential Directive 16, which ordered the government to prepare national-level guidance on U.S. policies for launching cyber attacks against enemies.
"I've got to tell you we spend more time on the computer network attack business than we do on computer network defense because so many people at very high levels are interested," said former CNA commander, Air Force Maj. Gen. John Bradley, during a speech at a 2002 Association of Old Crows conference. The group is the leading think tank on information and electronic warfare.
Last summer, the internet-posted execution of American civilian Nicholas Berg sparked a debate about the offensive capabilities of the CNA program, said retired U.S. Army Col. Lawrence Dietz.
The Berg execution, a gruesome example of Netpolitiking (.pdf), sparked a back-room debate at the highest levels, involving the State Department, the Department of Justice and the Defense Department, said Dietz.
The debate focused on whether the United States should shut down a website as soon as it posts such brutality.
"There are some tremendous questions being raised about this," said Dietz. "On whether they (JFCCNW) have the legal mandate or the authority to shut these sites down with a defacement or a denial-of-service attack."
Dietz knows a thing or two about information warfare. He led NATO's "I-War" against Serbia in the mid-1990s -- a conflict that many believe was the occasion for the U.S. military to launch its first wave of cyber attacks against an enemy. One story widely reported, but never confirmed, described how a team of military ops was dropped into Serbia, and after cutting a wire leading to a major radar hub, planted a device that emitted phantom targets on Serb radar.
Rita Katz, an expert on Islamic terror sites and director of the Washington, D.C.-based Search for International Terrorist Entities, believes a website that posts an execution should be taken out immediately. No matter what the implications are for free speech or other nation's laws, she said.
"There is no good, no value in those sites to exist anymore," said Katz. However, Katz promotes the theory that some terror sites, especially those whose servers are in the United States, should remain up and running for intelligence purposes.
Dietz believes it could only be a matter of time before a U.S. soldier faces a similar fate as Berg. Yet along with raising questions about free speech, he realizes shutting down a website has its limitations.
After discovering that al-ansar.net's servers, which hosted video of Berg's execution, were within its borders, the Malaysian government shut the site down. But it took the Malaysian government more than a day to act. By then, the Berg video was well on its way to becoming a global recruiting tool for terror groups. And even if a website were to be knocked offline, eventually such highly-charged political statements would find a way onto the internet, Dietz said.
Verton said the Berg debate is actually an extension of a cyber warfare debate started several years ago.
"The reality is, once you press that Enter button, you can't control it," he said. "If the government were to release a virus to take down an enemies' network, their radar, their electrical grid, you have no control what the virus might do after that."
Author