Friday, August 7, 2009

Cyberwarfare

Good article in the NY Times regarding a possible plan by the Bush administration to topple Iraqi banking in 2003. From the Times article:
In 2003, the Pentagon and American intelligence agencies made plans for a cyberattack to freeze billions of dollars in the bank accounts of Saddam Hussein and cripple his government’s financial system before the United States invaded Iraq. He would have no money for war supplies. No money to pay troops.

“We knew we could pull it off — we had the tools,” said one senior official who worked at the Pentagon when the highly classified plan was developed.

But the attack never got the green light. Bush administration officials worried that the effects would not be limited to Iraq but would instead create worldwide financial havoc, spreading across the Middle East to Europe and perhaps to the United States.
They don't ever describe in the story how exactly that would occur... given that much of the money is presumably stored in international banks, that would obviously cause some collateral impacts deemed to be "undesirable". But maybe they were Iraqi-only banks, or just disruptions to the bank connection, or modifications of amounts/compromising the accounts to drain them. Lots of options, not enough detail unfortunately. They did have some other interesting Cyber-warfare news to report though:

Although the digital attack on Iraq’s financial system was not carried out, the American military and its partners in the intelligence agencies did receive approval to cripple Iraq’s military and government communications systems in the early hours of the war in 2003. And that attack did produce collateral damage.

Besides blowing up cellphone towers and communications grids, the offensive included electronic jamming and digital attacks against Iraq’s telephone networks. American officials also contacted international communications companies that provided satellite phone and cellphone coverage to Iraq to alert them to possible jamming and to ask their assistance in turning off certain channels.

Officials now acknowledge that the communications offensive temporarily disrupted telephone service in countries around Iraq that shared its cellphone and satellite telephone systems. That limited damage was deemed acceptable by the Bush administration.

Another such event took place in the late 1990s, according to a former military researcher. The American military attacked a Serbian telecommunications network and accidentally affected the Intelsat satellite communications system, whose service was hampered for several days.

These missions, which remain highly classified, are being scrutinized today as the Obama administration and the Pentagon move into new arenas of cyberoperations. Few details have been reported previously; mention of the proposal for a digital offensive against Iraq’s financial and banking systems appeared with little notice on Newsmax.com, a news Web site, in 2003.
I am always a bit incredulous reading about classified stories in the press. Either they are making them out to be more then they are, or people should be facing jail time and getting in trouble... Certainly it wouldn't be the first time that a reporter made something sound more secretive then it really is, but if it really is I'd like to know why people with clearances are sharing it and nothing happens.

Anyway, all of this is coming to light while Obama is still ingesting the recently completed 60-day cyber-review and unable to find a cyber-security "czar" (multiple reports coming out that dozens of people have been interviewed with multiple offers being made, all declined so far).

Melissa Hathaway resigned on August 3rd, saying in the Washington Post that

"I wasn't willing to continue to wait any longer, because I'm not empowered right now to continue to drive the change," she said. "I've concluded that I can do more now from a different role," most likely in the private sector.

Hathaway noted that it has been two months since President Obama made a highly acclaimed speech on the importance of cybersecurity and pledged to "personally" select a cybersecurity coordinator. A colleague close to Hathaway said she had become dismayed by the delay in the appointment. The colleague, who spoke on condition of anonymity, added that Hathaway had "the sense that this was very political, that she has been too closely tied to the Bush administration."