Forwarded from: William Knowles <wkat_private> http://www.wired.com/news/conflict/0,2100,58901,00.html By Brian McWilliams May 22, 2003 While the United States deployed its troops to the Persian Gulf in March, some Iraqis prepared for war by surfing the Web. Internet traffic records kept by the operator of C4I.org reveal that Iraqis developed an avid interest in psychological tactics and military links just prior to the combat action against them. The private Web portal provides links to sites that detail how information is used in warfare. C4I.org logged hundreds of visits from Internet addresses assigned to Iraq's government-controlled Warkaa and Uruklink Internet services between November 2002 and March 2003. Experts said the site data confirms their belief that, despite technological obstacles, Iraq's government relied on the Internet for its intelligence operations. "Iraq is one of the least-wired countries, but all this is expected," said Dorothy Denning, a professor in the defense analysis department at the Naval Postgraduate School. "It's not surprising that they would be using it for intelligence gathering. Everyone else is doing it." C4I.org takes its name from the military acronym for "command and control, communications, computers and intelligence." The site hosts a variety of documents and links about the use of "information warfare," which the Pentagon defines (PDF) as "actions taken to influence, affect or defend information, information systems and decision-making." Information warfare also includes a range of activities, from physical or virtual attacks on enemy information systems to "psychological operations" aimed at influencing the emotions and behavior of adversaries. Excerpts from C4I.org's server log files indicate that Iraqi Web surfers had a particular interest in documents about psychological operations, including an unclassified manual (PDF) on the subject published by the U.S. Marine Corps in 2001. So-called "referrer" entries in the log files show that much of C4I.org's Iraq traffic originated from Yahoo and Google searches. Search terms that led Iraqis to the C4I site include "computer warfare," "NASA computer network," "Echelon" and "airborne computer." C4I.org's operator William Knowles said the traffic from Iraq caught his eye last December, when visits from an IP address assigned to Warkaa spiked. According to Knowles, the traffic surge may have been driven by numerous media reports at the time about the Pentagon's plans to include psychological warfare in its battle plan. "I think the Iraqis only had a very basic knowledge of the subject, and they were probably cramming for the final exam," said Knowles, a computer security consultant who runs C4I.org in his spare time. James Lewis, a senior fellow at the Center for Strategic & International Studies, said C4I.org's logs illustrate that the Internet is a double-edged sword for U.S. military strategists. "The Internet changes the nature of intelligence activity," said Lewis. "Because we're an open society, the Internet makes it easier for our enemies to collect intelligence. But it's also a lot easier for us to manipulate or put out information intended to frighten the enemy." To intimidate or confuse Saddam Hussein's military, U.S. military sources may have planted prewar stories about electromagnetic pulse bombs, GPS jammers and other high-tech gadgetry, Lewis said. Before they were knocked offline in late March, Iraq's Uruklink and Warkaa ISPs connected both government and civilian users to the Internet backbone over satellite links. Because Iraq's Internet traffic emanated from a handful of IP addresses, it's impossible to pinpoint who in the country was accessing C4I.org. Site visitors could have been citizens surfing out of curiosity, or Iraq's Mukhabarat intelligence officers or other members of the Baghdad regime on a mission. It's also possible that some of the visitors were journalists from the United States or other countries. The Al Rasheed and Palestine hotels in Baghdad, where many journalists stayed, reportedly had Internet connections through Uruklink. But referrer records show many of C4I.org's visitors from Iraq used AlMisbar.com, an English-to-Arabic translation service, to access the site, suggesting they were native Arabic speakers. U.S. officials publicly acknowledged a January mass e-mailing to persuade Iraqis to surrender and eschew the use of chemical weapons. However, no reports were confirmed of cyberattacks against Iraq by the U.S. government. Bombs, not government hackers, finally took Baghdad's Internet services offline in late March. Contrary to some predictions, the U.S. invasion of Iraq did not generate a wave of retaliatory hacking of U.S. targets. For example, a Malaysian virus writer and Al Qaeda sympathizer didn't deliver on his threat to release a "megavirus" once the United States invaded. According to Lewis, Iraq's Internet infrastructure was "antique" -- too undersized and unreliable to engage in information warfare. Even if Iraq's military officials had contracted with sympathizers in a high-tech nation to research or initiate cyberwar actions, he said, they probably concluded it wouldn't contribute much to their mission. "If you know U.S. planes are going to be dropping things on your head, what cybertool is going to stop that?" he asked. "There isn't one. Why waste your time thinking about it?" Knowles, however, said he believes that the United States' enemies may increasingly turn to cyberattacks to blunt the awesome power of the U.S. military. "Desperate people do desperate things," said Knowles. "If you're thinking like Saddam Hussein, you'll probably look at anything that helps you. Not as a singular event, but alongside a physical attack." In the weeks before the bombs rained down on their country, some Iraqis surfed the Web for much more mundane information. Google searches on some of the common IPs used by Iraqis showed records of their visits to stamp-collecting, dating and robotics sites. A couple of Iraqis posted messages in guest books at a site offering help for students studying authors such as Hemingway and Shakespeare. More ominous was a March visit from an Iraq address to a NASA site that houses information about global positioning systems. In February, someone using a computer in Iraq posted a greeting at a website dedicated to computer virus programming. The last record of Iraqi visitors to C4I.org came just days before the war began. On March 17, several hits were logged from Iraq to the site's page about cryptography, which contained a banner ad for a betting site. The ad invited viewers to place a wager on the question, "Will Saddam Hussein be the leader of Iraq on June 30?" *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri May 23 2003 - 00:58:40 PDT