This War is Wired
Special to washingtonpost.com
Monday, April 12, 1999 Operation Allied Force literally began with the click of a mouse.
Navy weapons officers, huddled in darkened combat centers, used their computer consoles to send cruise missiles off to targets hundreds of miles away.
Say goodbye to the button.
But is it hello to cyberwar?
Bomb damage reports had barely reached Washington before speculation ran wild that information warfare weapons or tactics would somehow transform combat in Yugoslavia. Within 24 hours of the opening salvo, the online ZDNet news network reported that "military technologists are using 'infowar' tactics borrowed from hackers to disrupt the Serbian telecommunications infrastructure." Soon other press stories disclosed the use of a secret electromagnetic pulse weapon to neutralize Serbian electrical and computer networks.
It's so exciting to be in a new era.
Given the rate at which Yugoslav information warfare stories have proliferated, it almost makes one wonder whether such rumors aren't themselves a clever deception to drive the other side batty. Don't worry, knowledgeable insiders assure, the U.S. government isn't competent enough to pull off such a devilish ploy.
A General Protection Fault
When it comes to that part of the U.S. cyber-arsenal that is not just traditional electronic warfare, there is an inherent sensitivity regarding American offensive weapons. Some of the best potential exists ''off-line,'' that is, outside of traditional military organizations.
This includes the ability to temporarily shut down electrical and communications networks, to inject viruses and to manipulate data, sometimes without the user even being aware of the mutations.
Add to the secrecy the Pentagon's promiscuous designation of virtually any information-related warfare mode as IO, and no wonder press reports and speculation run wild. Leaflet dropping, radar jamming, deception efforts, signals intelligence: all are commandeered to benefit from being part of the latest craze. As one IO specialist explains, in the Pentagon these days ''the word information means money.''
It is in the monitoring area rather than in official hacking that the biggest changes are already afoot. Yugoslavia is heavily wired into European telecommunications networks and the net, and communications and computer monitoring is a major new source of intelligence information.
Such eavesdropping almost demands restraint in bombing certain networks. You bomb what you can't exploit and force the other side to use networks you can exploit, says one military source.
As for the image IO boosters would like to create that somehow silver electronic bullets work behind the scenes in Belgrade during Operation Allied Force there's just no there there.
In fact, two weeks into the bombing, one is hard pressed to see how the information lives of either the Yugoslav government or people have been affected by anything other than bombing. For all the talk of being more attuned to the new information realities, it took 10 days before television and radio transmitters made it onto the target list. Only last Thursday did NATO start addressing the strange truth that Serbian TV was still broadcasting.
The Flood Becomes a Trickle
The various acts of web vandalism that have taken place magnify the believability of inaccurate reports. A week into the bombing, a report out of Russia claimed that anti-NATO hackers had blocked access to the White House home page. Spokesman Joe Lockhart said that there was no evidence that any intrusion had actually occurred.
However, a few days later, hacktivists actually did strike NATO's Internet site.
Much more important though, NATO's e-mail system was spammed with 2,000 messages a day, clogging up the internal network. Given that e-mail is more and more of an essential tool for military organizations and governments, the spamming caused some nervous moments.
The NATO spamming came right on the heels of the Melissa virus, which started to multiply in U.S. Air Force computers on March 26, shutting down e-mail systems on at least two air force bases, Maxwell in Alabama and Shaw in South Carolina.
Says one professor at the Air University at Maxwell: "The Air Force's pretensions to 'information dominance' as a core competency something we do uniquely well turns out to be too far fetched to even qualify as ludicrous." It does make one wonder what could happen if the military were subjected to a serious info attack by an actual enemy.
Soon, when warfighters and military staffers log onto their networks in the morning, the Defense Department will have a system of "information conditions" or Infocons in place to measure the information threat to the United States. The Infocon system is modeled after the Defcon rankings, which have existed since the beginning of the nuclear era.
Richard Schaeffer, director of Pentagon information assurance, says that the Infocon system will likely go into effect before the end of the year.
And if it were in effect during Operation Allied Force, through all of this hacking and the Melissa virus, what Infocon would the Pentagon be at right now? Infocon Alpha, Schaeffer says, situation normal.
William M. Arkin, author of "The U.S. Military Online," is a leading expert on national security and the Internet. He lectures and writes on nuclear weapons, military matters and information warfare. An Army intelligence analyst from 1974 to 1978, Arkin currently consults for Washingtonpost.Newsweek Interactive, MSNBC and the Natural Resources Defense Council.
© Copyright 1999 The Washington Post Company