U.S.
Debated Cyberwarfare in Attack Plan on Libya
By
ERIC SCHMITT and THOM SHANKER , October 17, 2011
just before the American-led strikes against Libya in March
WASHINGTON
— Just before the American-led strikes against Libya in March, the Obama
administration intensely debated whether to open the mission with a new
kind of warfare: a cyberoffensive to disrupt and even disable the
Qaddafi government’s air-defense system, which threatened allied
warplanes.
…
to sever military communications links and prevent the early-warning radars
from gathering information and relaying it to missile batteries aiming at NATO
warplanes.
But
administration officials and even some military officers balked, fearing that (1) it might set a precedent
for other nations, in particular Russia or China, to carry out
such offensives of their own, and (2)
questioning whether the attack could be mounted on such short notice. (3) They were also unable to
resolve whether the president had the power to proceed with such an
attack without informing Congress.
(or, (4) revealing
American technological capabilities to potential enemies for what
seemed like a relatively minor security threat to the United States )
In
the end, American officials rejected cyberwarfare and used conventional
aircraft, cruise missiles and drones to strike the Libyan air-defense missiles
and radars used by Col. Muammar el-Qaddafi’s government.
This
previously undisclosed debate among a small circle of advisers demonstrates
that cyberoffensives are a growing form of warfare. The question the
United States faces is whether and when to cross the threshold into overt cyberattacks.
a Stuxnet
Last
year, a Stuxnet computer worm apparently wiped out a part of Iran’s nuclear
centrifuges and delayed its ability to produce nuclear fuel. Although no
entity has acknowledged being the source of the poisonous code, some evidence
suggests that the virus was an American-Israeli project. And the Pentagon and
military contractors regularly repel attacks on their computer networks — many
coming from China and Russia.
The killing of OBL
(the
reluctance) was repeated on a smaller scale several weeks later, when military
planners suggested a far narrower computer-network attack to prevent
Pakistani radars from spotting helicopters carrying Navy Seal commandos on
the raid that killed Osama bin Laden on May 2.
Again,
officials decided against it. Instead, specially modified, radar-evading Black
Hawk helicopters ferried the strike team, and a still-secret stealthy
surveillance drone was deployed.
The reluctance to break the glass on this new kind of warfare
The
Obama administration is revving up the nation’s digital capabilities, while
publicly emphasizing only its efforts to defend vital government, military and
public infrastructure networks.
“We don’t want to be the ones who break
the glass on this new kind of warfare,” said James Andrew Lewis,
a senior fellow at the Center for Strategic and International Studies, where he
specializes in technology and national security.
That reluctance peaked
during planning for the opening salvos of the Libya mission, and
“These cybercapabilities are still like the
Ferrari that you keep in the garage and only take out for the big race and not
just for a run around town, unless nothing else can get you there,” said one
Obama administration official briefed on the discussions.
What takes to launch a cyber attack
While
popular fiction and films depict cyberattacks as easy to mount — only a few
computer keystrokes needed — in reality it takes significant digital
snooping to identify potential entry points and susceptible nodes in
a linked network of communications systems, radars and missiles like that
operated by the Libyan government, and then to write and insert the proper
poisonous codes.
“It’s
the cyberequivalent of fumbling around in the dark until you find the doorknob,”
Mr. Lewis said. “It takes time to find the vulnerabilities. Where is the thing
that I can exploit to disrupt the network?”
War Powers Resolution
One
unresolved concern was whether ordering a cyberattack on Libya might create
domestic legal restrictions on war-making by the executive branch without Congressional
permission. One question was whether the War Powers Resolution — which
requires the executive to formally report to lawmakers when it has introduced
forces into “hostilities” and sets a 60-day limit on such deployments if
Congress does not authorize them to continue — would be required for
an attack purely in cyberspace.
The
War Powers Resolution, a Vietnam-era law enacted over President
Richard M. Nixon’s veto, does not define “hostilities.”
