U.S. Beefs Up Cyber OffenseReport: Massive Spending on Cyberwarfare Abilities
Though the federal government's efforts to harden its defenses against cyber attacks is gaining wide notice, especially by the 60-day review of federal cybersecurity policies by White House advisor Melissa Hathaway, little is said of American efforts to strike first against cyber foes.
But the U.S. government has gone on the cyber offensive to lure members of Al Qaeda into a trap by hacking into one of the group's computers and to bore into Iran computers in an attempt to undermine its nuclear project, according to a report Tuesday in The New York Times. The paper based its findings on interviews over the past several months with a range of military and intelligence officials, as well as outside experts, who described a massive increase in the sophistication of American cyberwarfare capabilities.
There has been no broad authorizations for American forces to engage in cyberwar, The Times reports, adding that when President Bush issued a set of classified presidential orders in January 2008 to organize and improve America's online defenses, the administration could not agree on how to write the authorization, and passed on any final decision to the next administration.
The paper cites a principal architect of that order as saying the issue had been passed on to the next president, in part because of the complexities of cyberwar operations that, by necessity, would most likely be conducted on domestic and foreign Internet sites.
The most exotic innovations of a cyber offense under consideration would enable a Pentagon programmer to surreptitiously enter a computer server in Russia or China, for example, and destroy a botnet a potentially destructive program that commandeers infected machines into a vast network that can be clandestinely controlled before it could be unleashed in the United States, the paper says.
"Or," the report says, "American intelligence agencies could activate malicious code that is secretly embedded on computer chips when they are manufactured, enabling the United States to take command of an enemy's computers by remote control over the Internet. That, of course, is exactly the kind of attack officials fear could be launched on American targets, often through Chinese-made chips or computer servers."