DOD forms cyberattack task force
- By Dan Caterinicchia, Dan Caterinicchia
- Feb 09, 2003
The Defense Department plans to form a joint task force to direct computer network attacks, or cyberwarfare, as part of the department's primary arsenal.
In a cyberattack, DOD would hack into an enemy's computer networks to disrupt the systems that operate key weapons systems, electrical grids and telecommunications.
DOD has neither a formal strategy for launching cyberattacks nor a policy defining the parameters of their use. Pentagon officials, however, have long acknowledged their potential as a weapon — either for or against U.S. forces.
The task force will be part of the U.S. Strategic Command, which was recently given oversight of DOD's information operations and global command, control, communications, computers, intelligence, surveillance and reconnaissance.
Currently, Stratcom's Joint Task Force-Computer Network Operations oversees the defense of all DOD networks from attack, as well as the initiation of cyberattacks when instructed by the president or Defense secretary. Under the reorganization, Stratcom will split the task force into two groups — one focused on computer network defense and the other on computer network attack, according to DOD officials.
The commander of Stratcom's joint task force, Army Maj. Gen. J. David Bryan, said one of his priorities is to share his office's experience with cyber operations with Stratcom headquarters.
Bryan would not say if the United States has ever launched a cyberattack against an enemy, only that internal cyberattack exercises have been conducted.
But some outside defense experts are convinced that DOD has conducted such attacks.
Loren Thompson, a defense analyst at the Lexington Institute, an Arlington, Va., think tank, said that when considering the thousands of cyberattacks DOD fends off each day, "no one can seriously believe we're not using the same sorts of operations against our adversaries."
Retired Army Col. Robert Coxe, the service's former chief technology officer, said the prospect of a computer network attack carries with it a "built-in paranoia" that requires enemies to react to actions they think the United States is executing, even if it's not.
Coxe, who is deputy chief information officer for e-government at the Federal Emergency Management Agency, said DOD has always had cyberattack capabilities, but never publicly said anything about it, and he questioned why they are being mentioned as a possible weapon against Iraq.
Retired Air Force Col. Alan Campen, author of four books on cyberwarfare, said he believes the United States has not yet launched a cyberattack because DOD does not have a formal policy governing them.
"It's not like dropping a bomb," Campen said. "The legal side of DOD has been very restrictive so far. There's no question that the technical capability is there, and it's useful for DOD to let enemies know it's there."
Conversely, no full-scale cyberattack on the United States from a known enemy has been documented, Campen said. That complicates the issue because DOD would not want to attack a nation-state's computer operations based on the actions of a few skilled hackers, he said. It is not clear whether a cyberattack would be anything more than a nuisance to U.S. enemies unless done in conjunction with more traditional acts of war.
Another thorny political issue is ensuring that only known U.S. enemies would be adversely affected by a cyberattack and that unintended damage to systems or injuries to civilians would be minimal, a former senior DOD information technology official said.
DOD's computer network defense and attack operations and plans are well coordinated, even though most officials won't even admit that they exist because of the highly sensitive nature of the work, according to the official, who requested anonymity.
A DOD spokesman said that cyberattacks are "bound by largely the same rules that apply to any war strategy or tactic — very clear rules of engagement will prove necessary," but once those have been established, they "will not be up for discussion."
"It is unimportant whether we take out a computer center with a bomb...or a denial-of-service program," the spokesman said. "If it's critical to the enemy and we go to war, it will be in our sights."