Carter looking to drop 'cyber bombs' on ISIS

In the fight to “degrade and ultimately destroy" ISIS, the Defense Department is adjusting its approach, moving into cyberspace to attack the group and disrupt its command and control.

Secretary of Defense Ashton Carter has moved beyond the physical realm into cyberspace to attack the entity and.

“We are using cyber tools, which is really a major new departure,” Defense Secretary Ashton Carter told NPR over the weekend. “I’m talking about attacking the ability of someone sitting in Raqqa to command and control ISIL forces outside of Raqqa or to talk to Mosul,” he said, using the administration’s preferred acronym for ISIS and referring to ISIS’s Syrian and Iraqi capitals. “Or even to talk to somebody in Paris or to the United States. So these are strikes that are conducted in the warzone using cyber essentially as a weapon of war just like we drop bombs. We’re dropping cyber bombs.”

Given the classifications and operational security surrounding cyber operations, details on anti-ISIS activity in this domain are scant, though Carter added some information in a Pentagon press conference with reporters on Monday, saying the cyber component is aimed at disrupting ISIS’s command and control to cause them to lose confidence in their networks, as well as overloading their networks to limit their operational functionality. But given that the cyber tools are new, Carter said details are being kept under wraps, especially considering they are applicable to other conflicts globally.

Chairman of the Joint Chiefs of Staff Gen. Joseph Dunford reiterated the point that DOD does not want to provide operational details in hopes of keeping the element of surprise. Dunford did say that, conceptually, DOD is trying to isolate ISIS in the same way it is trying to so in the physical space. 

Both Dunford and Carter said that the capabilities being used against ISIS, and others globally, are exactly why the U.S. Cyber Command was established in the first place. Dunford said the command is building an inventory of tools to be used in cyberspace going forward.  

Carter has said previously that the Defense Department will look to take the fight to ISIS in the cyber domain, even resorting to targeting members of ISIS’s hacking cadre with bombs. However, it is still believed that ISIS’ cyber capabilities remain low, limited to merely website defacements and denial-of-service attacks. 

One concern, whether from nation-states or groups such as ISIS should they gain cyber acumen, is the targeting of U.S. critical infrastructure. “Although it’s not a popular target for people trying to make a profit – that’s good and bad, because the flip side is that the adversaries who are interested in potentially targeting critical infrastructure could potentially be more sophisticated adversaries,” Isaac Porche, associate director of the Forces and Logistics Program at RAND, told a panel of lawmakers last week. “So critical infrastructure today might have to deal with a more sophisticated threat than, let’s say, a hardware store might have to.”

Military and U.S. intelligence officials in the past have been careful about what, in their minds, the term “attack” connotes in cyberspace, potentially allowing conclusions to be drawn regarding current U.S. activity against ISIS. “Terminology and lexicon is very important in this space,” Adm. Michael Rogers, the head of the National Security Agency and Cyber Command, told the House Intelligence Committee last year.“And many times I’ll hear people throw out ‘attack’ and ‘act of war’ and I go, ‘That’s not necessarily in every case how I would characterize the activity that I see’.” 

Director of National Intelligence James Clapper has said previously that the hack and theft of millions of records from the Office of Personnel Management did not constitute an attack, because it did not result in the destruction of systems, infrastructure or data. 

“We generally look at all cyber events and we define it as an attack. In many cases you can do reconnaissance, you can do espionage, you can do theft in this domain we call cyberspace,” Director of the Defense Intelligence Agency Lt. Gen. Vincent Stewart told lawmakers recently. “But the reaction always is, whether it’s an adversary doing reconnaissance, an adversary trying to conduct a [human intelligence] operations in this domain, we define it as an attack and I don’t think that’s terribly helpful.”