NSA Iraqi Computer Attacks And U.S. Defense

A National Journal Magazine article called "<a href="http://www.nationaljournal.com/njmagazine/cs_20091114_3145.php">The Cyberwar Plan</a>" has been making waves the last few days in our circles -- it's about how cell phone and computer attacks were supposedly used against Iraqi insurgents by the National Security Agency (NSA). Its significance is far more than just what's on the surface, however.

Gadi Evron, CEO & Founder, Cymmetria, head of Israeli CERT, Chairman, Cyber Threat Intelligence Alliance

November 18, 2009

2 Min Read
Dark Reading logo in a gray background | Dark Reading

A National Journal Magazine article called "The Cyberwar Plan" has been making waves the last few days in our circles -- it's about how cell phone and computer attacks were supposedly used against Iraqi insurgents by the National Security Agency (NSA). Its significance is far more than just what's on the surface, however.The article describes several issues and that in my opinion confuses what matters: the supposed computerized attacks in Iraq, and the cyber offensive capabilities being admitted, their impact on the United States' cyber defense stance, international relations, and diplomacy.

By the description in the article, some of the techniques used in Iraq were blocked cell phone signals, users (terrorists) were located and possibly "dealt with," and disinformation was sent to them to disrupt enemy operations or lead them into ambushes.

"With this capability, the Americans could deceive their adversaries with false information, including messages to lead unwitting insurgents into the fire of waiting U.S. soldiers."

While these operations, if the claims are true, could certainly be achieved by computerized attacks, it seems like overkill. It makes much more sense that while computerized attacks were used, trusted older techniques took point -- SIGINT (Signals Intelligence) to locate and decipher communication sources and networks, EW (Electronic Warfare) to interfere with them, and Intelligence Warfare, or Information Operations, to seed disinformation.

In the U.S., information operations such as the latter are a part of information warfare doctrine, right along with computer attacks. Which means the terminology needs to be double-checked when looking at an American source. In this case, however, officials are clearly stating computer attacks were used.

The article also mentions a 1999 operation in Yugoslavia, which was a proof of concept and therefore not fully utilized:

"The U.S. conducted its first focused experiments with cyberattacks during the 1999 bombing of Yugoslavia, when it intervened to stop the slaughter of ethnic Albanians in Kosovo. An information operations cell was set up as part of the bombing campaign. The cell's mission was to penetrate the Serbian national air defense system, published accounts and knowledgeable officials said, and to make fake signals representing aircraft show up on Serbian screens. The false signals would have confused the Serbian response to the invasion and perhaps destroyed commanders' confidence in their own defenses." Regardless of what the precise technology used in Iraq was, the U.S. admitting to the use of such capabilities during actual fighting is fascinating, which brings me to why this article is so interesting. If the reports mentioned are true, it is plausible the U.S. now employs two additional information warfare strategies:

About the Author

Gadi Evron

CEO & Founder, Cymmetria, head of Israeli CERT, Chairman, Cyber Threat Intelligence Alliance

Gadi is CEO and founder of Cymmetria, a cyber deception startup and chairman of the Israeli CERT. Previously, he was vice president of cybersecurity strategy for Kaspersky Lab and led PwC's Cyber Security Center of Excellence, located in Israel. He is widely recognized for his work in Internet security and global incident response, and considered the first botnet expert. Gadi was CISO for the Israeli government Internet operation, founder of the Israeli Government CERT and a research fellow at Tel Aviv University, working on cyber warfare projects. Gadi authored two books on information security, organizes global professional working groups, chairs worldwide conferences, and is a frequent lecturer.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights