U.S. is Striking Back in the Global Cyberwar

Haymarket, Va.—More than two dozen professional hackers have set up operations in exurban Virginia beside a mock military headquarters made of plywood. Huddled over laptops, they are preparing to launch a vicious barrage of cyberattacks. Once they break into their targets' computer networks, the nefarious possibilities are myriad: shutting off phone lines, overloading citywide emergency response systems, or simply slinking around to pilfer passwords.

Not far away, the defenders prepare for the onslaught they know is coming during the two-day "Cyberdawn" exercise, one of the country's premier electronic war games. It is run with the help of volunteers by the private firm White Wolf Security, which also arranges closed war games for some federal agencies. The chance to test their cyberskills has attracted groups from private companies as well as the U.S. military. Ten teams, including those from West Point and the Air Force Academy, have traveled across the country to take part in the game in the hopes of protecting a simulated digital network linking phone systems, Social Security numbers, and power grids on which 10,000 fictitious citizens rely.

The exercise pits teams from the U.S. military, the military's service academies, corporations, and even teenage computer savants against live hackers who look surprisingly innocuous. Most could easily be mistaken for middle-aged accountants, in neat khaki slacks and button-up shirts. Others are sporting Puma training jackets and baseball caps. The de facto leader of the group has donned a stylish black bowling shirt with a name patch that reads, simply, "Hacker." They have been instructed to use any means short of causing physical damage to exploit the vulnerabilities of their prey, placing them on the front line of what is an increasingly vital area of national security—the art and practice of offensive cyberwar.

Public debate about cyberspace revolves almost exclusively around questions of defense. Are retailers adequately protecting their customers' credit card information? How can home computers be immunized against nettlesome viruses? When will the Pentagon more effectively be able to stop hackers in Russia and China from stealing military secrets?

Offensive cyberwar itself can encompass espionage, intercepting communications, and disabling computers and other infrastructure. The United States has those capacities, but the scope of the arsenal receives far less ink than the status of the country's defense. The Obama administration issued a report on that aspect in May and announced the creation of a cybersecurity czar to organize defense. But the sections of the report that address the country's offense remain highly classified, according to officials familiar with its contents. That's frustrating to many people in the national security field. "The only way that deterrence works is if the other side knows that you have weapons and the willingness to use them," says Charles Dodd, an expert in cyberwar at the security firm Nicor Global, who advises the House Armed Services Committee on cyberthreats sponsored by foreign nations.

The technical details behind these operations are very hush-hush, as disclosing them inevitably exposes the sources and methods of intelligence collection or military exploitation. The Pentagon, for instance, is keen to protect what hackers call "zero-day exploits," an industry term for vulnerabilities that enemies do not yet know exist. "There's a never-ending race for them," says Tim Rosenberg, who founded White Wolf Security. "You find it; now how long can you use it before the rest of the world finds out about it and you've got to move on to the next vulnerability? It's a never-ending game of leapfrog."

Despite the secrecy, brief glimpses of several cyberwar incursions have surfaced recently. The New York Times reported this year, for example, that some of the best information the intelligence community has collected on the Iranian nuclear program came from a hack into that country's computer networks. Remotely hacking into al Qaeda laptops, meanwhile, is within the purview of the nation's spy agencies, says researcher and former intelligence officer Mathew Aide, who recently wrote The Secret Sentry, a book about the National Security Agency. He says that the NSA's Tailored Access Operation Group employs a cadre of Navy computer technicians who spend their days in rooms protected by James Bond-esque retinal scanners deep inside NSA headquarters at Fort Meade in Maryland. But their activities are more often focused on monitoring communications than on remotely erasing hard drives or crashing power grids.