[Infowarrior] - List of cyber-weapons developed by Pentagon to streamline computer warfare

[Richard Forno]

(c/o jh)

List of cyber-weapons developed by Pentagon to streamline computer warfare

By Ellen Nakashima, Tuesday, May 31, 8:31 PM

http://www.washingtonpost.com/national/list-of-cyber-weapons-developed-by-pentagon-to-streamline-computer-warfare/2011/05/31/AGSublFH_story.html

The Pentagon has developed a list of cyber-weapons and -tools,
including viruses that can sabotage an adversary’s critical networks,
to streamline how the United States engages in computer warfare.

The classified list of capabilities has been in use for several months
and has been approved by other agencies, including the CIA, said
military officials who spoke on the condition of anonymity to describe
a sensitive program. The list forms part of the Pentagon’s set of
approved weapons or “fires” that can be employed against an enemy.

“So whether it’s a tank, an M-16 or a computer virus, it’s going to
follow the same rules so that we can understand how to employ it, when
you can use it, when you can’t, what you can and can’t use,” a senior
military official said.

The integration of cyber-technologies into a formal structure of
approved capabilities is perhaps the most significant operational
development in military cyber-doctrine in years, the senior military
official said.

The framework clarifies, for instance, that the military needs
presidential authorization to penetrate a foreign computer network and
leave a cyber-virus that can be activated later. The military does not
need such approval, however, to penetrate foreign networks for a
variety of other activities. These include studying the
cyber-capabilities of adversaries or examining how power plants or
other networks operate. Military cyber-warriors can also, without
presidential authorization, leave beacons to mark spots for later
targeting by viruses, the official said.

One example of a cyber-weapon is the Stuxnet worm that disrupted
operations at an Iranian nuclear facility last year. U.S. officials
have not acknowledged creating the computer worm, but many experts say
they believe they had a role.

Under the new framework, the use of a weapon such as Stuxnet could
occur only if the president granted approval, even if it were used
during a state of hostilities, military officials said. The use of any
cyber-weapon would have to be proportional to the threat, not inflict
undue collateral damage and avoid civilian casualties.

The new framework comes as the Pentagon prepares to release a
cyber-strategy that focuses largely on defense, the official said. It
does not make a declaratory statement about what constitutes an act of
war or use of force in cyberspace. Instead, it seeks to clarify, among
other things, that the United States need not respond to a
cyber-attack in kind but may use traditional force instead as long as
it is proportional.

Nonetheless, another U.S. official acknowledged that “the United
States is actively developing and implementing” cyber-capabilities “to
deter or deny a potential adversary the ability to use its computer
systems” to attack the United States.

In general, under the framework, the use of any cyber-weapon outside
an area of hostility or when the United States is not at war is called
“direct action” and requires presidential approval, the senior
military official said. But in a war zone, where quick capabilities
are needed, sometimes presidential approval can be granted in advance
so that the commander has permission to select from a set of tools on
demand, the officials said.

The framework breaks use of weapons into three tiers: global, regional
and area of hostility. The threshold for action is highest in the
global arena, where the collateral effects are the least predictable.

It was drafted in part out of concerns that deciding when to fire in
cyberspace can be more complicated than it is on traditional
battlefields. Conditions constantly shift in cyberspace, and the
targets can include computer servers in different countries, including
friendly ones.

Last year, for instance, U.S. intelligence officials learned of plans
by an al-Qaeda affiliate to publish an online jihadist magazine in
English called Inspire, according to numerous current and senior U.S.
officials. And to some of those skilled in the emerging new world of
cyber-warfare, Inspire seemed a natural target.

The head of the newly formed U.S. Cyber Command, Gen. Keith Alexander,
argued that blocking the magazine was a legitimate counterterrorism
target and would help protect U.S. troops overseas. But the CIA pushed
back, arguing that it would expose sources and methods and disrupt an
important source of intelligence. The proposal also rekindled a
long-standing interagency struggle over whether disrupting a terrorist
Web site overseas was a traditional military activity or a covert
activity — and hence the prerogative of the CIA.

The CIA won out, and the proposal was rejected. But as the debate was
underway within the U.S. government, British government cyber-warriors
were moving forward with a plan.

When Inspire launched on June 30, the magazine’s cover may have
promised an “exclusive interview” with Sheik Abu Basir al-Wahishi, a
former aide to Osama bin Laden, and instructions on how to “Make a
Bomb in the Kitchen of Your Mom.” But pages 4 through 67 of the
otherwise slick magazine, including the bomb-making instructions, were
garbled as a result of the British cyber-attack.

It took almost two weeks for al-Qaeda in the Arabian Peninsula to post
a corrected version, said Evan Kohlmann, senior partner at Flashpoint
Global Partners, which tracks jihadi Web sites.

The episode reflected how offensive cyber-operations are marked by
persistent disagreement over who should take action and under what
conditions. The new list of approved cyber-weapons will not settle
those disputes but should make the debate easier to conduct, the
senior military official said.

Some lawmakers also are proposing statutory language that would affirm
that the defense secretary has the authority “to carry out a
clandestine operation in cyberspace” under certain conditions. The
operation must be in support of a military operation pursuant to
Congress’s 2001 authorization to the president to use all necessary
and appropriate force against those who committed the Sept. 11, 2001,
terrorist attacks.

House Armed Services Committee Vice Chairman Mac Thornberry (R-Tex.),
who drafted the language as part of the House-adopted 2012 defense
authorization bill, said he was motivated by hearing from commanders
in Iraq and Afghanistan frustrated by an inability to protect their
forces against attacks they thought were enabled by adversaries
spreading information online.

“I have had colonels come back to me and talk about how they thought
they could do a better job of protecting their troops if they could
deal with a particular Web site,” he said. “Yet because it was cyber,
it was all new unexplored territory that got into lots of lawyers from
lots of agencies being involved.”

Thornberry’s provision would establish that computer attacks to deny
terrorists the use of the Internet to communicate and plan attacks
from throughout the world are a “clandestine” and “traditional
military” activity, according to text accompanying the proposed
statute.

But the White House issued a policy statement last week that it had
concerns with the cyber-provision. It declined to elaborate.

Thornberry said some Pentagon lawyers thought the proposed statutory
language could go further. “But my view on cyber is we need to take it
a step at a time,” he said.