U.S. Military's Elite Hacker Crew

Eugen Leitl eugen at leitl.org
Mon Apr 18 09:23:37 PDT 2005 

U.S. Military's Elite Hacker Crew
By John Lasker

Story location: http://www.wired.com/news/privacy/0,1848,67223,00.html

02:00 AM Apr. 18, 2005 PT

The U.S. military has assembled the world's most formidable hacker posse: a
super-secret, multimillion-dollar weapons program that may be ready to launch
bloodless cyberwar against enemy networks -- from electric grids to telephone
nets.

The group's existence was revealed during a U.S. Senate Armed Services
Committee hearing last month. Military leaders from U.S. Strategic Command,
or Stratcom, disclosed the existence of a unit called the Joint Functional
Component Command for Network Warfare, or JFCCNW.

In simple terms and sans any military jargon, the unit could best be
described as the world's most formidable hacker posse. Ever.

The JFCCNW is charged with defending all Department of Defense networks. The
unit is also responsible for the highly classified, evolving mission of
Computer Network Attack, or as some military personnel refer to it, CNA.

But aside from that, little else is known. One expert on cyber warfare said
considering the unit is a "joint command," it is most likely made up of
personnel from the CIA, National Security Agency, FBI, the four military
branches, a smattering of civilians and even military representatives from
allied nations.

"They are a difficult nut to crack," said Dan Verton, a former U.S. Marine
intelligence officer who is now a journalist for Computer World. "They're
very reluctant to talk about operations." Verton is author of the book Black
Ice, which investigates the threats cyber terrorism and vandalism could have
on military and financial networks.

Verton said the Defense Department talks often about the millions it spends
on defending its networks, which were targeted last year nearly 75,000 times
with intrusion attempts. But the department has never admitted to launching a
cyber attack -- frying a network or sabotaging radar -- against an enemy, he
said.

Verton said the unit's capabilities are highly classified, but he believes
they can destroy networks and penetrate enemy computers to steal or
manipulate data. He said they may also be able to set loose a worm to take
down command-and-control systems so the enemy is unable to communicate and
direct ground forces, or fire surface-to-air missiles, for example.

Some of the U.S. military's most significant unified commands, such as
Stratcom, are undergoing a considerable reorganization. Stratcom, based at
the massive Offutt Air Force base in eastern Nebraska and responsible for
much of the nation's nuclear arsenal, has been ordered by the Defense
Department to take over the JFCCNW.

To better understand the secret program, several questions about the unit
were submitted to Stratcom.

Capt. Damien Pickart, a Stratcom spokesman, issued a short statement in
response: "The DOD is capable of mounting offensive CNA. For security and
classification reasons, we cannot discuss any specifics. However, given the
increasing dependence on computer networks, any offensive or defensive
computer capability is highly desirable."

Nevertheless, Verton says military personnel have told him numerous "black
programs" involving CNA capabilities are ongoing, while new polices and rules
of engagement are now on the books.

The ground was prepared in the summer of 2002, when President Bush signed
National Security Presidential Directive 16, which ordered the government to
prepare national-level guidance on U.S. policies for launching cyber attacks
against enemies.

"I've got to tell you we spend more time on the computer network attack
business than we do on computer network defense because so many people at
very high levels are interested," said former CNA commander, Air Force Maj.
Gen. John Bradley, during a speech at a 2002 Association of Old Crows
conference. The group is the leading think tank on information and electronic
warfare.

Last summer, the internet-posted execution of American civilian Nicholas Berg
sparked a debate about the offensive capabilities of the CNA program, said
retired U.S. Army Col. Lawrence Dietz.

The Berg execution, a gruesome example of Netpolitiking (.pdf), sparked a
back-room debate at the highest levels, involving the State Department, the
Department of Justice and the Defense Department, said Dietz.

The debate focused on whether the United States should shut down a website as
soon as it posts such brutality.

"There are some tremendous questions being raised about this," said Dietz.
"On whether they (JFCCNW) have the legal mandate or the authority to shut
these sites down with a defacement or a denial-of-service attack."

Dietz knows a thing or two about information warfare. He led NATO's "I-War"
against Serbia in the mid-1990s -- a conflict that many believe was the
occasion for the U.S. military to launch its first wave of cyber attacks
against an enemy. One story widely reported, but never confirmed, described
how a team of military ops was dropped into Serbia, and after cutting a wire
leading to a major radar hub, planted a device that emitted phantom targets
on Serb radar.

Rita Katz, an expert on Islamic terror sites and director of the Washington,
D.C.-based Search for International Terrorist Entities, believes a website
that posts an execution should be taken out immediately. No matter what the
implications are for free speech or other nation's laws, she said.

"There is no good, no value in those sites to exist anymore," said Katz.
However, Katz promotes the theory that some terror sites, especially those
whose servers are in the United States, should remain up and running for
intelligence purposes.

Dietz believes it could only be a matter of time before a U.S. soldier faces
a similar fate as Berg. Yet along with raising questions about free speech,
he realizes shutting down a website has its limitations.

After discovering that al-ansar.net's servers, which hosted video of Berg's
execution, were within its borders, the Malaysian government shut the site
down. But it took the Malaysian government more than a day to act. By then,
the Berg video was well on its way to becoming a global recruiting tool for
terror groups. And even if a website were to be knocked offline, eventually
such highly-charged political statements would find a way onto the internet,
Dietz said.

Verton said the Berg debate is actually an extension of a cyber warfare
debate started several years ago.

"The reality is, once you press that Enter button, you can't control it," he
said. "If the government were to release a virus to take down an enemies'
network, their radar, their electrical grid, you have no control what the
virus might do after that."

--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org         http://nanomachines.net

[demime 1.01d removed an attachment of type application/pgp-signature]

More information about the cypherpunks-legacy mailing list