U.S. accelerating cyberweapon research

The Pentagon is accelerating efforts to develop a new generation of cyberweapons capable of disrupting enemy military networks even when those networks are not connected to the Internet, according to current and former U.S. officials.

The possibility of a confrontation with Iran or Syria has highlighted for American military planners the value of cyberweapons that can be used against an enemy whose most important targets, such as air defense systems, do not rely on Internet-based networks. But adapting such cyberweapons can take months or even years of arduous technical work.

When U.S. military planners were looking for ways to disable Libya’s air defense system before NATO’s aerial attacks last year, they discussed using cybertechnology. But the idea was quickly dismissed because no effective option was available, said current and former U.S. officials.

They estimated that crafting a cyberweapon would have taken about a year, including the time needed to assess the target system for vulnerabilities.

“We weren’t ready to do that in Libya,” said a former U.S. official, who spoke on the condition of anonymity because of the sensitivity of the discussions. “We’re not ready to do that now, either.”

Last year, to speed up the development of cyberweapons, as well as defensive technology, then-Deputy Defense Secretary William J. Lynn III and Marine Corps Gen. James Cartwright, then vice chairman of the Joint Chiefs of Staff, placed $500 million over five years into the budget of the Defense Advanced Research Projects Agency, one of the Defense ­Department’s premier research organizations.

The agency also has launched new ­cyber-development initiatives, including a “fast-track” program.

“We need cyber options that can be executed at the speed, scale and pace” of other military weapons, Kaigham J. ­Gabriel, DARPA deputy director, said in testimony last month to Congress.

Pentagon officials, meanwhile, are developing a congressionally mandated strategy for the rapid acquisition of cyberweapons that can keep pace with threats and technology.

Officials are researching cyberweapons that can target “offline” military systems in part by harnessing emerging technology that uses radio signals to insert computer coding into networks remotely.

“To affect a system, you have to have access to it, and we have not perfected the capability of reaching out and accessing a system at will that is not connected to the Internet,” said Joel Harding, an independent consultant who is a former military officer and former director of the Information Operations Institute.

Even if an operator gains access, he said, “unless you already have custom-written code for a system, chances are we don’t have a weapon for that because each system has different software and updates.”

In some cases, as with command-and-control systems, military assets rely on Internet connections, making them theoretically easier to target.

Without that connectivity, an attacker would have to rely on other means — for instance, physically inserting into those systems portable devices such as thumb drives or computer components that have been altered.