Air Force eyes taking lead role in online warfare research
Procurement documents released by the U.S. Air Force give a rare glimpse into Pentagon plans for developing an offensive cyber-war capacity that can infiltrate, steal data from and, if necessary, take down enemy information-technology networks.
The Broad Area Announcement, posted May 12 by the Air Force Research Laboratory’s Information Directorate in Rome, N.Y., outlines a two-year, $11 million effort to develop capabilities to “access to any remotely located open or closed computer information systems,” lurk on them “completely undetected,” “stealthily exfiltrate information” from them and ultimately “be able to affect computer information systems through Deceive, Deny, Disrupt, Degrade, Destroy (D5) effects.”
“Of interest,” the announcement says, “are any and all techniques to enable user and/or rootlevel access to both fixed [and] mobile computing platforms [. . . ] [and] methodologies to enable access to any and all operating systems, patch levels, applications and hardware.”
The announcement is the latest stage in the Air Force’s effort to develop a cyber-war capability and establish itself as the service that delivers U.S. military power in cyberspace.
Last year, the Air Force announced it was setting up a Cyberspace Command, alongside its Space and Air commands, and was developing military doctrine for the prosecution of cyber-war operations.
The United States is not alone in thinking along these lines, and NATO announced May 14 that seven European nations had signed up to participate in a cyberdefense Center of Excellence, in Tallinn, Estonia, which suffered a cyber-attack last year that many officials think was orchestrated by Russia.
The center will conduct research and training on cyber-warfare and include a staff of 30 people, half of them specialists from the sponsoring countries — Estonia, Germany, Italy, Latvia, Lithuania, Slovakia and Spain, according to a statement from NATO.
The developments highlight the murky legal territory on which the cyber-wars of the future will be fought: terrain on which at- tackers can cloak their identity and use as weapons the home computers of unsuspecting Web surfers that have been recruited to so-called “botnets” networks of PCs that unbeknownst to their owners have been compromised by hackers.
In a recent ar ticle for the Armed Forces Journal, Col. Charles Williamson, a staff judge advocate for U.S. Air Force Intelligence, Surveillance and Reconnaissance Agency, wrote that computer users whose equipment was recruited to botnets because they failed to patch their systems could not properly be considered bystanders.
“If the United States is defending itself against an attack that originates from a computer which was co-opted by an attacker, then there are real questions about whether the owner of that computer is truly innocent. At the least, the owner may be culpably negligent, and that does not, in fairness or law, prevent America from defending itself if the harm is sufficiently grave,” wrote Col. Williamson in the article, which officials were keen to stress does not represent U.S. policy.
More important, because of the difficulties in identifying attackers and immediately quantifying damage from a cyber-attack, it can be hard to determine when such attacks constitute an act of war as opposed to crime or even vandalism.
“No one’s come out and defined that yet,” Air Force Cyberspace Command spokeswoman Karen Pepitt told United Press International, adding that the Air Force saw its role as developing capabilities for cyber-war, but that the decision about when and how to use those capabilities would be one for the national leadership.