08/19/2011
'Counterstrike' details U.S. intelligence agencies' cyberwar efforts in Iraq
The U.S. military has hacked and temporarily disabled Iraqi insurgent and terrorist-based websites, a little-known tactic that's part of a government "counterstrike" capability, according to a new book.
At least two sites were "knocked off the web" before Iraq's March 2010 national election after "the largest interagency meetings held since" the Sept. 11, 2001 terrorist attacks, write New York Times reporters Eric Schmitt and Thom Shanker in "Counterstrike: The Untold Story of America's Secret Campaign Against Al-Qaeda."
The sites, including one sponsored by a "shadowy organization" called the JRTN, "were posting specific operational information that was considered a clear and emerging threat to the security of the vote," they wrote.
At least one site, hosted by a U.S.-based Internet service provider, was shut down after a visit from U.S. lawyers "presenting snapshots of virulent, extremist and violent web pages carried on their server," they wrote. The U.S. provider was not identified.
The book, in chapters called "Terror 2.0" and "The New Network Warfare," sheds light on offensive U.S. cyber operations seldom discussed by U.S. officials. The book's cites tactics such as "overloading," without details.
Pentagon said otherwise
The book's disclosures contrast with the Pentagon's public description of its strategy for blunting cyberattacks, which focuses on improving defenses instead of deterring intrusions or threatening retaliation.
Deputy Defense Secretary William Lynn on July 14 released the Pentagon's "Strategy for Operating in Cyberspace," which outlines five "strategic initiatives." One is to partner with other U.S. agencies and private industry to craft a "whole-of-government" approach.
Left unsaid was that the approach includes a capability to review and approve selective U.S. attacks under a forum known as the "Strategic Operational Planning Interagency Group for Terrorist Use of the Internet," the authors write.
Proposals for attacks are reviewed by what Schmitt and Shanker call a "powerful board of governors assigned to oversee counterstrikes on the Internet," under a "three-way agreement" among the Pentagon, intelligence agencies and the Justice Department "for considering timely attacks on terrorist websites, with the president making the final decision on whether to proceed."
Then-President George W. Bush, in a secret authorization, in effect "declared Iraq an official battle space for America's cyberwarriors," as it became "a real-world laboratory for computer network warfare," they write.
To sow distrust and confusion among jihadists, the United States also uses a technique of "webspoofing" called "false band replacement," where U.S. intelligence officers infiltrate networks to post their own materials.
The agencies have forged an al-Qaida "web watermark" that in effect "makes messages posted on these sites official," Schmitt and Shanker wrote.
One official told them, "We have learned to mimic their watermarks."
The U.S. military also "had the ability to hack into their phones and we would text message guys" telling them "another guy is cheating you out of money," one "senior official" told the reporters.
Radio jam
Pentagon and State officials in Kabul devised an "over-broadcast" technique to jam insurgent pirate radio networks using a strong signal cover to block the adversaries' message and send "counterprogram" coalition messages on adjacent channels.
"The goal is fuzzing out the militants' radio broadcasts so everybody has to turn to another station -- and that station is yours," said a U.S. official. The commercial technology to track, locate and "overbroadcast a signal" costs about $10,000, the official said.
Perhaps the U.S. greatest technological advance in the war on terror is the eavesdropping National Security Agency's supercomputers that can "collect, analyze, sort and store data from a range of communications, in particular cell phone conversations, emails and websites, billions of times faster than humans can."
The NSA computers scan and store the call history of cell phones turned over by thousands of temporary and permanent detainees that pass through U.S. camps in Iraq and Afghanistan or voluntary applicants for government jobs, they write.
"Each of these cell phones can be copied or cloned in seconds" and scanned for any matches to terrorist group members. "It opens the door to a whole command and control network," he told the authors.
http://www.mercurynews.com/books/ci_18718411
