Friday, a report in the Washington Post described an incident in which one agency of the U.S. government attacked another one and, in the process, an allied country. This was not a case of friendly fire. Rather, virtually the entire security apparatus of the United States including the Departments of Defense, State and Justice, the CIA, and the NSA became involved in authorizing the operation. In play was the full array of issues regarding both the conduct of cyber warfare and also of counterinsurgency warfare: strategic, operational, legal, diplomatic and intelligence.
According to the Post, the CIA and the government of Saudi Arabia had created a phony jihadist website to uncover plots against the Middle East kingdom. The internet has been one of the terrorists’ most important tools for intelligence, collection, recruiting and attack planning. This operation was evidently successful in identifying potential extremist threats in Saudi Arabia. Unfortunately, according to defense department, the site was also being used by jihadists to pass information back and forth between elements in Saudi Arabia and Al Qaeda soldiers in Iraq. This situation is reminiscent of the old days in which police and intelligence services would infiltrate suspect groups. It was often said that organizations like the American Communist Party could not have survived were it not for all the dues-paying FBI agents posing as members.
The CIA argued that the site was providing important intelligence information; the military, led by the NSA, claimed that it was endangering the lives of U.S. forces in Iraq. Ultimately, it was decided to shut the site down. But rather than going to the Saudis and getting the plug pulled, the U.S. Government conducted a cyberstrike on the servers hosting the site. In doing so, it is reported that the NSA inadvertently disrupted more than 300 other servers in Saudi Arabia, Germany and Texas! This was in addition to losing an important intelligence source and angering Saudi intelligence.
Recent reports of attacks on U.S. public and private networks and computers indicate that we are in the midst of an undeclared cyber war, perhaps a number of them. Some cyber attacks are conducted by our current enemies such as Al Qaeda. Others appear to be the work of potential future adversaries such as Russia and China. Still others are conducted by so-called friendly countries, criminal organizations, private corporations and disgruntled individuals. The U.S. is moving rapidly to develop the organizations, tools and personnel to defend itself from cyber attacks. The problem is that we lack an understanding of the battlespace, a unifying strategic concept for cyber operations or even the national and international legal frameworks to conduct offensive cyber operations either in war or peace. The Saudi-CIA website fiasco is but a small example of what could happen in the event of major offensive cyber operations, including those conducted by U.S. agencies against foreign targets.
Find Archived Articles: