recommended reading

Air Force looking to build cyber weapons

The Air Force issued a proposal on Monday asking the technology industry to help it develop the ability to hack into an enemy's computer systems and to conduct offensive cyber warfare, such as shutting down systems, according to internal and public documents.

Comment on this article in The Forum.In its proposal, the Air Force Research Laboratory-Rome Research Site in Rome, N.Y., said it wanted help from researchers and industry to develop technologies that would support what the lab called a dominant offensive cyber engagement.

An internal briefing from the lab's headquarters at Wright-Patterson Air Force Base in Ohio defines the engagement as the ability to "conduct full-spectrum offensive cyber/info military, leadership and infrastructure."

The request dovetails with a similar research effort kicked off last year by the Air Force Electronic Systems Group, which asked industry to develop the technologies and capabilities needed to attack an adversary's computer systems.

"Although it is rare to find such a public request by the Air Force, [other] governments around the world [already] have the resources, methods and systems to play in the cyberspace war zone," said Yuval Ben-Itzhak, chief technology officer for Finjan Software Inc. in San Jose, Calif., which develops and sells secure Web gateway software.

The lab emphasized in the request that it noted the lab wants to develop the capability to gain access to remote open and closed networks and to systems that provide full control of a network for the purposes of collecting data and conducting operations to manipulate the system.

The lab wants capabilities to burrow to the core of any computer, including techniques to allow it to gain user and root-level access to fixed and mobile computers. The lab is interested in methodologies that would allow it to access all types of operating systems, patch levels, applications and hardware, according to the request.

The Air Force also wants the ability to conduct these operations without being detected for a long time, so the United States could "maintain an active presence within the adversaries' information infrastructure completely undetected" to collect an enemy's sensitive and classified information.

The Air Force labels these electronic tactics "D5 effects," to affect computers through what it calls "deceive, deny, disrupt, degrade and destroy."

Air Force Col. Charles Williamson, in an article that appeared in the May issue of Armed Forces Journal, said the Air Force should take a "carpet bombing" approach to offensive operations in cyberspace. Williamson, staff judge advocate for the Air Force Intelligence, Surveillance and Reconnaissance Agency at Lackland Air Force Base in Texas, suggested that the service imitate hackers and develop its own force of botnets -- thousands of computers controlled by a signal source -- to attack adversaries.

The cyber warfare strategy could backfire, according to an analyst who served in a top Defense Department post. Philip Coyle, who served as assistant secretary of Defense and director of its operational test and evaluation office from 1994 to 2001, said he does not believe the Air Force has "thought through the 'arms control' implications of this work. Once the Air Force starts attacking . . . all hell could break loose. The Air Force is not equipped, and likely could never be equipped, to deal with retaliation from thousands or millions of hackers.

"Hopefully, this solicitation will produce some cooler heads who will help the Air Force think through these matters," said Coyle, now senior adviser with the Center for Defense Information, a security policy research organization in Washington. "But too often the tendency is to come up with new weapons -- including cyber weapons -- without adequate regard for the question . . . 'Where does it all end? How will our friends and allies, as well as our adversaries react to our efforts? Through our actions, are we making the threat worse?'"

The military will use caution with cyber weapons, as it has with nuclear weapons, Ben-Itzhak said. "Mostpeople trust their nation that it will not start a war or a nuclear attack for no serious reason," he said. "They can also trust that such offensive cyberspace methods will be used for good reasons, although, just by reading [about] them, they might sound scary."

Ben-Itzhak added that investment in offensive cyber operations -- under the theory that a good offense makes for the best defense -- won't solve the problems the Air Force faces in combating relentless cyberattacks against its networks. "Investments in offensive methods will not save investments in defensive methods," he said. "It is the basic of any war, including the cyber war."

Threatwatch Alert

Network intrusion / Software vulnerability

Hundreds of Thousands of Job Seekers' Information May Have Been Compromised by Hackers

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.