The Pentagon is more successful in using deception operations against closed societies but is careful to avoid “blowback” disinformation that reaches U.S. society, a Pentagon official said on on Sept. 14.
“Yes, we do deception,” said Jack Schaffner, an official within the office of the undersecretary of defense for intelligence.
Deception operations seek to influence the actions of foreign states or leaders and are more successful in closed societies like China, Iran, Syria and Egypt where information is tightly controlled by the state in an effort to control populations, he said.
No specifics of current deception operations were revealed, but public discussion of what Mr. Schaffner termed “the art of deception” is very unusual.
One past deception was the 1967 operation in Vietnam using F-4 jets disguised as F-105s to lure Vietnamese MiG-21s into combat.
In open societies like the United States and Europe, deception operations are more easily discovered by journalists and researchers using the free flow of information, especially on the Internet, Mr. Schaffner said during a cybersecurity conference.
Police states are more difficult places to set up deception programs but generally provide an easier environment for deception to succeed.
“They’ve caused the population to expect information to be presented in a certain way, certain formats, that certain words be used, certain types of presentations . . . and so it’s very easy to follow along with that,” he said.
If an operation can be set up, “then . . . the police state that is trying to protect itself is actually setting up many of its people to be deceived by you,” Mr. Schaffner said.
In cyberspace, Mr. Schaffner said, networks can be defended better using deception. He recalled meeting a group of 30 computer hackers who revealed about 20 types of online responses from targeted websites that would prompt them to “simply just turn around and go away” because the system would not respond.
He implied that by deceptively using such signs on networks, defenders can dissuade hackers from attacks.
Another deception specialist, Neil Rowe, a professor at the Naval Postgraduate School, told the conference that false-error messages can be programmed on computers to pop up in response to outside intruders as a way deception can enhance network defenses. Another way is to “wrap” software applications in security software so that targeted computers slow down when an outsider gets inside or improperly tries to access a network through it.
Asked about blowback, or the unintended replaying of deception to publics in the United States, Mr. Schaffner said concerns about the potential problem require care and precision to avoid harming free- information environments.
“Absolutely, everyone lies,” Mr. Schaffner said. “So getting people to try to deceive other people is not particularly hard.”
However, doing it in a way that does not harm non-targeted populations requires nuance and trained people, he said.
“If we’re going to perform a deception where data can go almost anywhere, we have to be very careful not to harm that environment that is a central treasure of ours,” Mr. Schaffner said, noting that blowback must be prevented at all costs.
President Obama on Sept. 12 issued a directive to the military’s command structure making several changes, one of which is shifting responsibility for military deception from the U.S. Strategic Command to the Pentagon’s Joint Staff.
Gen. Keith B. Alexander, U.S. Cyber Command chief, is concerned about spam emails sent by hackers disguised as trusted senders.