US appoints first cyber warfare general, Nowheristan

5.28.2010 US appoints first cyber warfare general

By Peter Beaumont
http://www.guardian.co.uk/world/2010/may/23/us-appoints-cyber-warfare-general

The US military has appointed its first senior general to direct cyber warfare – despite fears that the move marks another stage in the militarisation of cyberspace.

The newly promoted four-star general, Keith Alexander, takes charge of the Pentagon's ambitious and controversial new Cyber Command, designed to conduct virtual combat across the world's computer networks. He was appointed on Friday afternoon in a low-key ceremony at Fort Meade, in Maryland.

The creation of America's most senior cyber warrior comes just days after the US air force disclosed that some 30,000 of its troops had been re-assigned from technical support "to the frontlines of cyber warfare".

The creation of Cyber Command is in response to increasing anxiety over the vulnerability of the US's military and other networks to a cyber attack.

James Miller, the deputy under-secretary of defence for policy, has hinted that the US might consider a conventional military response to certain kinds of online attack.

Although Alexander pledged during his confirmation hearings before the Senate committee on armed services last month that Cyber Command would not contribute to the militarisation of cyberspace, the committee's chairman, Senator Carl Levin expressed concern that both Pentagon doctrine, and the legal framework for online operations, had failed to keep pace with rapid advances in cyber warfare.

In particular Levin voiced concern that US cyber operations to combat online threats to the US, routed through neutral third countries, "could have broad and damaging consequences" to wider American interests.

Plans for Cyber Command were originally conceived under President George W Bush. Since taking office Barack Obama has embraced the theme of cyber security, describing it last year as "one of the most serious economic and national security challenges [the US faces] as a nation".

During his confirmation hearing, Alexander said that the Pentagon's networks were being targeted by "hundreds of thousands of probes every day" adding that he had "been alarmed by the increase, especially in this year".

Cyber warfare has increased rapidly in scale and sophistication with China accused of being at the forefront of prominent recent attacks, including the targeting of Google and 20 other companies last year as well as "Titan Rain" in 2003 – a series of coordinated attacks on US networks. Russian and North Korean hackers have also been accused of large-scale attacks.

Moscow was accused of being behind a massive cyber assault on Estonia in 2007 – the second largest cyber warfare operation ever conducted.

While Alexander has tried to play down the offensive aspects of his command, the Pentagon has been more explicit, stating on Friday that Cyber Command will "direct the operations and defence of specified Department of Defense information networks [involving some 90,000 military personnel] and prepare to, when directed, conduct full-spectrum military cyberspace operations in order to enable actions in all domains, [to] ensure US allied freedom of action in cyberspace and deny the same to our adversaries."

The complex issues facing Cyber Command were thrown into relief earlier this year when the Washington Post revealed details of a so-called "dot-mil" operation by Fort Meade's cyber warfare unit, backed by Alexander, to shut down a "honeytrap website" set up by the Saudis and the CIA to target Islamist extremists planning attacks in Saudi Arabia.

The Pentagon became convinced that the forum was being used to co-ordinate the entry of jihadi fighters into Iraq.

Despite the strong objections of the CIA, the site was attacked by the Fort Meade cyber warfare unit. As a result, some 300 other servers in the Saudi kingdom, Germany and Texas also were inadvertently shut down.

Of equally concern to those who had opposed the operation, it was conducted without informing key members of the Saudi royal family, who were reported to be "furious" that a counter-terrorism tool had been shut down.

The issue of cyber warfare – and how to combat it – has become an increasingly fraught one.

The need to have electronic warfare capabilities, say those who support them, has been proven repeatedly by the apparent success of hostile attacks on government networks, including last year's massive denial of service assault on networks in both the US and Korea.

Last year, hackers also accessed large amounts of sensitive data concerning the Pentagon's Joint Strike Fighter programme.

The difficulties facing the new command were underlined in March by former CIA director Michael V Hayden, who said that the Saudi operation had demonstrated that cyber warfare techniques were evolving so rapidly that they were now outpacing the government's ability to develop coherent policies to guide its use.

"Cyber was moving so fast that we were always in danger of building up precedent before we built up policy," Hayden said.