RENEE MONTAGNE, host:
This week, we're taking a close look at the danger we face from cyber-attacks - not just email scams or pesky viruses, but serious efforts by other governments or terrorist groups to take down America's computer networks.
STEVE INSKEEP, host:
Defense officials say Pentagon computers are targeted about 5,000 times per day. So far, the damage has been minimal, but security experts worry the attacks have set the stage for a full-scale cyberwar. Here's NPR's Tom Gjelten.
TOM GJELTEN: In August of 2008, there was a short war between Russia and the former Soviet Republic of Georgia. It lasted just nine days, but that bloody little conflict marked a turning point in the history of warfare. For the first time ever, the shooting was accompanied by a cyber-attack.
(Soundbite of news broadcast)
Unidentified Woman: The Web site of the Georgian parliament, defaced with pictures of Hitler and shut down by...
GJELTEN: As reported by television networks and Georgia's president, the attacks shut down government, media and banking Web sites.
Unidentified Man #1: Russia has launched overall cyber-attack.
GJELTEN: The disruption of Internet traffic came just as Russian troops were engaging Georgian forces in armed combat. U.S. intelligence officials concluded the cyber and ground attacks were coordinated. The disruption was minor, but a threshold had been crossed. In announcing a cybersecurity initiative nine months later, President Obama referred back to the events in Georgia, saying they offered, quote: a glimpse of the future face of war.
That's now a widely held notion. Richard Clarke is the author of "Cyber War: The Next Threat to National Security and What to Do About It."
Mr. RICHARD CLARK ((Former White House Cybersecurity Adviser): The next time there is a big war, it will include a cyber-attack. It simply will. If there's going to be a war in the future, it's going to involve cyber.
GJELTEN: For the United States, this is especially worrisome. No military is more dependent on data networking. Unmanned aircrafts send video feeds back to Earth 24/7, while soldiers on the ground are guided by GPS signals and computer links. Jim Lewis, of the Center for Strategic and International Studies, says high-tech systems put the U.S. Department of Defense ahead of everyone, but also encourage adversaries to look for ways to defeat them.
Mr. JIM LEWIS (Center for Strategic and International Studies): How do I disrupt the data? How do I disrupt the communications? How do I monkey with GPS? And so we have countries out there big and small who work every day to figure out how to break DOD's informational advantage.
GJELTEN: DOD officials at the Pentagon say many countries are now preparing for cyberwar. Jim Lewis points to China.
Mr. LEWIS: Twelve years ago, they said: We're going to develop this capability. And you know what? They did. They're not the best in the world. But they have spent a lot of time and energy thinking about how to attack the United States in cyberspace.
GJELTEN: Of course, the United States does the same with respect to its rivals. Pentagon cyberwarriors have detailed plans to take down power, telecommunication and transportation systems just about anywhere.
But what if the other side strikes first? Richard Clarke wonders.
Mr. CLARKE: We have extremely good cyber-offensive capabilities - and almost nothing in the way of cyberdefense.
GJELTEN: The country's lack of preparation for a cyber-attack was highlighted in a recent exercise here in Washington, co-sponsored by the Bipartisan Policy Center and CNN.
The participants, playing top government roles, went through a simulation of an aggressive cyber-attack.
Unidentified Man #2: As the nation's telecommunications network continues to suffer from widespread outages, the country's Internet system is now slowing down to a virtual crawl. Communication...
GJELTEN: The simulation begins with a disruption of smart phones, but rapidly spreads to other networks. Top U.S. security officials, gathered at the White House, can barely keep up with the developments.
Stephen Friedman, an economic adviser to President Bush, played the role of the U.S. Treasury secretary.
Mr. STEPHEN FRIEDMAN (Economic Adviser): OK, this has moved one step deeper into the entrails of the country. What is the what do we have to do now to contain this and stop this at this point? It's no longer just in smart phones. And then...
GJELTEN: The exercise showed the U.S. government is not prepared for an overwhelming cyber-attack. Some cyber experts later disputed the likelihood of the attack scenario but agreed it could not be ruled out. In his cyber-security speech last May, President Obama said U.S. computer networks are a strategic national asset, and he promised to deter and defend against cyber-attacks. Secretary of State Hillary Clinton followed up that pledge in a speech two months ago.
Secretary HILLARY CLINTON (U.S. State Department): States, terrorists, and those who would act as their proxies must know that the United States will protect our networks.
GJELTEN: But how? Government cybersecurity experts are working to come up with an effective defense, but the simplest answer is to deter another country from attacking in the first place.
Back when the threat was nuclear war, U.S. administrations made clear that any attack would prompt an all-out retaliation. As a result, nobody dared make the first move.
But deterring a cyber-attack is more challenging. It probably wouldn't be clear where it came from. In the mock attack, the scenario had officials first concluding it originated from a server in Irkutsk, Russia. But then John McLaughlin, a former deputy CIA director, here playing a CIA role, broke into to say his analysts had told him they could not confirm the attack actually came from Irkutsk.
Mr. JOHN MCLAUGHLIN (Former Deputy CIA Director): In fact, the prevailing theory is that these servers in Irkutsk may be only a hopping point for an attack that could be coming from somewhere else. We just don't know at this point.
GJELTEN: This is what cybersecurity experts call the attribution problem. Cyberwarriors can hijack computers in other countries, working remotely through them, hopping from server to server. Because it's so hard to attribute the attack to someone, a retaliation may not be possible.
And without the threat of retaliation, an attacker cannot be deterred. If the U.S. military has a plan to deal with cyberwar problems, it's news to Richard Clarke, who advised President Clinton and then President Bush on cybersecurity issues.
Mr. CLARKE: We're probably doing things on lots of networks around the world to get ready for cyberwar, and yet we do not have a military strategy that has been shared with the Congress or the public. And I suspect we don't really have a military strategy at all.
GJELTEN: This in a country whose economy operates largely in cyberspace, and whose military pioneered Net-centric warfare.
Jim Lewis cites the German military leaders 70 years ago, who took pride in their ability to encrypt radio communication through their Enigma machines. What they did not realize was that U.S. allies had cracked the Enigma code and were intercepting those secret German messages.
Mr. LEWIS: Unfortunately, today we've reversed the roles. We're the people sitting there fat, dumb and happy, thinking we're getting all this advantage from our network and not realizing that our opponents are sitting in it and reaping all the benefits.
GJELTEN: Thousands of network probes every day, as many as a hundred foreign intelligence agencies seeking to penetrate our computer defenses, governments preparing to engage the United States in cyberwar.
Mr. LEWIS: I see this as possibly one of the gravest intelligence battles that the U.S. has ever fought, and it's a battle we're currently losing.
GJELTEN: The future face of war. The big prize: control of the Internet itself. Whoever wins that battle, wins the future. That story tomorrow.
Tom Gjelten, NPR News.