Since at least 1997, the National Security Agency (NSA) has been responsible for developing ways to attack hostile computer networks as part of the growing field of Information Warfare (IW), according to a recently declassified internal NSA publication posted recently by the non-governmental National Security Archive (“the Archive”) at The George Washington University. Declaring that “the future of warfare is warfare in cyberspace,” a former NSA official describes the new activity as “sure to be a catalyst for major change” at the super-secret agency.
The document is one of 98 items the Archive posted that provide wide-ranging background on the nature and scope of U.S. cyber activities.
Activities in cyberspace — both defensive and offensive — have become a subject of increasing media and government attention over the last decade, although usually the focus has been on foreign attacks against the United States, most notably the Chinese government’s reported exploitation of U.S. government, commercial and media computer networks. At the same time, the apparent U.S.-Israeli created Stuxnet worm, designed to damage Iranian centrifuges, has put the spotlight on the United States’ own clandestine cyber efforts.
The NSA’s new assignment as of 1997, known as Computer Network Attack (CNA), comprises “operations to disrupt, deny, degrade or destroy” information in target computers or networks, “or the computers and networks themselves,” according to the NSA document.
The recent posting by the Archive highlights various aspects of U.S. cyberspace activities and concerns going back to the late 1970s. The documents — obtained from government and private websites as well as Freedom of Information Act requests — originate from a wide variety of organizations. These include the White House and National Security Council, the National Security Agency, the Departments of Defense, Energy, and Homeland Security, the military services, the General Accounting/ Government Accountability Office, and the Congressional Research Service — as well as three private organizations (Project 2049, Mandiant Corporation, and Symantec).
Among the highlights of the documents are:
- The NSA’s earlier concerns about the vulnerability of sensitive computer systems to either viruses or compromise through foreign intelligence service recruitment of computer personnel (Document 1, Document 2, Document 3, Document 4, Document 9)
- The Secretary of Defense’s March 1997 authorization of the National Security Agency to conduct computer network attack operations (Document 11)
- Detailed discussions of Chinese computer network exploitation activities (Document 66,Document 79, Document 83)
- Analyses of the Stuxnet worm (Document 40, Document 42, Document 44, Document 88)
- Extensive treatments of intelligence collection concerning U.S. technologies through computer network exploitation (Document 18, Document 55, Document 63)