U.S. Looks to Create 'New Generation' of Cyberweapons

The United States is looking to create new cyberweapons designed to disrupt enemy networks even when they are not connected to the Internet, the Washington Post reports.

The newspaper reported Monday that the U.S. had looked into using such technology to disrupt Libya’s air defense system last year, but that it wasn’t ready for prime time.

Officials are researching cyberweapons that can target “offline” military systems in part by harnessing emerging technology that uses radio signals to insert computer coding into networks remotely.

“To affect a system, you have to have access to it, and we have not perfected the capability of reaching out and accessing a system at will that is not connected to the Internet,” said Joel Harding, an independent consultant who is a former military officer and former director of the Information Operations Institute.

U.S. Nukes Face Millions of Cyber Attacks Daily

The agency in charge of protecting America’s nuclear facilities is constantly fending off attacks from a “full spectrum” of hackers, according to U.S. News and World Report. The magazine reports that the National Nuclear Security Administration (NNSA) experiences up to 10 million cyber security events each day.

Experts said those numbers can be viewed as inflated, because the majority of “attacks” are simply automated programs that scan the Internet for vulnerabilities. But as many as 1,000 of the attacks each day are actually successful in breaching some level of the agency’s computing infrastructure, U.S. News and World Report reported. The NNSA wants to bolster its budget from $126 million in 2012 to about $155 million in 2013.

Army Ramping Up Cyber Unit

The U.S. Army’s first cyber brigade has been involved in securing some computer networks, even though it is not expected to be fully operational until 2015.

Signal Magazine reports that the 780th Military Intelligence Brigade was activated on Dec. 1 and is based at Fort Meade under the direction of Col. John Sweet.

It is currently recruiting staff, which will undergo 22 weeks of advanced training. Signal Magazine reports that when the brigade is fully up and running, it will have the ability to fight cyber threats quickly and will be given considerable autonomy.

Brigade personnel are given the discretion of writing code as new threats arise rather than having to rely on available tools or submit new software to a cumbersome approval process.

“Because of the evolution of the threat—how fast technology changes—we need to have that capability to keep up with the threat and to continually update the tools that we’re using to defend our network. It would make it difficult to conduct our mission if we didn’t have the ability to react to what the adversaries are doing,” [Col. John Sweet] states.

Another Look at the Stuxnet Virus

In 2010, the intricate “Stuxnet” virus spread across the Internet and was widely seen as one of the most advanced cyber threats ever created.

According to reports, the virus targeted centrifuges at Iranian nuclear facilities. A March 4 report on CBS called it proof “for the first time, that a cyber attack could cause significant physical damage to a facility.”

There’s a mystery around who created Stuxnet. Some say it was Israel. Some claim it was the United States. But U.S. officials recently said it is an example of an elegantly written virus that was crafted for a very specific purpose and designers took great care to avoid collateral damage.

From AOL Defense:

The Stuxnet computer worm that damaged Iranian nuclear facilities—widely suspected to be an Israeli or even U.S. covert action—was a model of a responsibly conducted cyber-attack, said the top lawyer for the U.S. military's Cyber Command, Air Force Col. Gary Brown.

…the way Stuxnet was designed, "it looked like lawyers had been involved, because it was set to do no damage until it saw a very precise set of circumstances that doesn't exist anywhere except in Iran," said Brown, who has written on the legal ramifications of Stuxnet. "Also," he added, "it was set to expire," erasing itself from every infected machine this coming June 24. Both those attributes suggest a conscientious effort to limit the online equivalent of "collateral damage"...