Defense

To hack ISIS, Pentagon learns from 2007 surge in Iraq

Shutterstock image: unfunctional computer.

The U.S. military's ongoing cyber campaign against the Islamic State has its roots in the 2007 surge of U.S. troops in Iraq and concurrent fighting in Afghanistan, but the tradecraft has evolved considerably since then, Defense Secretary Ash Carter said.

"We learned some things from there and we can use some of the techniques that we used in Afghanistan and Iraq in those days, but this really is different," Carter said, referring to computer operations against ISIS that he ordered U.S. Cyber Command to intensify in January. He spoke June 10 at the Defense One Tech Summit in Washington.

The digital assault on ISIS networks "is like never before, which isn't to say we've never done it before," Carter said.  He added, "We've really made it a priority."

The goals of the cyberattacks on ISIS strongholds in Iraq and Syria have been to make the militants lose confidence in their networks, and for them to not know the sources of the disruptions, Carter and his top general have said.

"I do think you have to recognize that ISIL's tradecraft in using technology to advance evil objectives, both operationally and ideologically, is unprecedented," Carter said, using the Obama administration's preferred acronym for the terrorist group.

"It's frequently said, and I think it's basically right: If al-Qaeda was an internet-generation terrorist group, ISIL is a social-media-generation terrorist group," Carter said.

The 2007 surge of U.S. troops in Iraq was reportedly accompanied by a surge in malware on militant networks unleashed by the National Security Agency. U.S. soldiers also boosted their signals intelligence collection by using cell phone signals to geo-locate insurgents.

Nine years later, NSA civilian and military officials in Iraq are applying similar techniques to combat ISIS. The agency taps a program, also used during the surge, known as the Real-Time Regional Gateway to alert U.S. troops of potential roadside bombs.

The RTRG "lets us collate information from literally hundreds of sources, both within a country and from outside the country, in order to provide real-time situational awareness for those forces as they're going on convoys," NSA Deputy Director Richard Ledgett said at the Defense One conference.

The system correlates electronic communications, but also human intelligence derived from interrogating detainees, he said.

"This grew up during the Iraqi surge when the [improvised explosive device] threat against our forces was on a severe up-slope," Ledgett added. 

The NSA deputy director described ISIS as "really op-sec savvy," noting the group's ability to learn on the digital battlefield.

ISIS militants "look for the effects of actions directed against them and try to recreate how could that have happened, and they take measures to secure the…vulnerabilities that they think there are," Ledgett said.

Since 2001, NSA has deployed 5,000 people to Iraq and 8,000 to Afghanistan, Ledgett told Fox News recently.

About the Author

Sean Lyngaas is a former FCW staff writer.

Featured

  • Comment
    Diverse Workforce (Image: Shutterstock)

    Who cares if you wear a hoodie or a suit? It’s the mission that matters most

    Responding to Steve Kelman's recent blog post, Alan Thomas shares the inside story on 18F's evolution.

  • Cybersecurity
    enterprise security (Omelchenko/Shutterstock.com)

    Does Einstein need a post-SolarWinds makeover?

    A marquee program designed to protect the government against cybersecurity threats is facing new scrutiny in the wake of Solar Winds Orion breach, but analysts say the program was unlikely to have ever stopped the hacking campaign.

Stay Connected