Obama helping allies to fight off cyberattacks

Obama helping allies to fight off cyberattacks

US policy underscores shift in focus to digital threat of Iran and North Korea

The Obama administration has begun helping Middle Eastern allies build up their defences against Iran’s growing arsenal of cyberweapons, and will be doing the same in Asia to contain computer-network attacks from North Korea, according to senior US officials.

The officials would not say which countries in the Persian Gulf have signed up for help in countering Iran’s computer abilities. But the list, some officials say, includes the nations that have been the most active in tracking Iranian arms shipments, intercepting them in ports and providing intelligence to the United States about Iranian actions. The three most active in that arena are Saudi Arabia, the United Arab Emirates and Bahrain.

In Asia, the countries most worried about being struck by North Korean computer attacks are South Korea and Japan. The Defence Department’s assertive new effort in the Persian Gulf and Asia is the latest example of how the Obama administration is increasingly tailoring its national security efforts for a new era of digital conflict, in this case assuring the defence of computer networks and, if necessary, striking back against assaults.

A directive signed by the president that surfaced on Friday - the third in a series of leaked documents published by the newspapers The Guardian and The Washington Post - underscored how the Obama administration is trying to prepare itself and its allies. The leaks also revealed how the Obama administration has put in place a large Internet surveillance operation to identify terrorism threats.

The presidential directive included the declaration that the United States reserved the right to take “anticipatory action” against “imminent threats,” a reference, it seemed, to the kind of crippling infrastructure attacks that Iran appears to be working on against US and allied targets.

The new help for strengthening computer-network defences for allies, which has not been publicly announced, closely parallels earlier efforts by the Obama administration in two volatile parts of the world. In recent years it has helped install advanced missile-defence systems and early-warning radars in Persian Gulf nations to counter Iran’s missile ability, and it has done something similar in Asia in response to North Korea’s nuclear weapons programme.

But deterring cyberattacks is a far more complex problem, and American officials concede that this effort, which will include providing computer hardware and software and training to allies, is an experiment. It has been propelled by two high-profile attacks in the past year. One was against Saudi Aramco, Saudi Arabia’s largest, state-run oil producer, and according to American officials it was carried out by Iran. That attack crippled 30,000 computers but did not succeed in halting oil production. The other, an attack on South Korea’s banking and media companies this spring, was later attributed to North Korea. It froze the ability of several banks to operate for days.

“The Iranian attack on the Saudis was a real wake-up call in the region,” said one senior administration official, who would not speak on the record about US efforts to counter Iran. “It made everyone realise that while the Iranians might think twice about launching a missile attack in the region, they see cyber as a potent way to lash out in response to sanctions.”

De facto alliance

The administration is capitalising on the fear created by those attacks to build on the de facto alliance against Iran that it has constructed in the region. The Pentagon is drawing up proposals for providing advanced hardware and software for computer-network defence that could be sold throughout the Persian Gulf, much as American aircraft and missiles are sold to Arab allies. Training programmes are being put together to teach computer security to military and law enforcement in the region, and to collaborate with private companies.

And, just as the Pentagon conducts naval exercises in the Persian Gulf to practice ways of keeping the Strait of Hormuz open, officials say that future joint war games would include simulated cyberattacks, similar to the one Iran conducted against Saudi Aramco.

The idea is to give US and allied forces practice carrying out their missions with their networks under duress, officials said. The new interagency effort in Washington comes at a time when Israeli and U.S. intelligence officials have been concerned by Iran’s swift advances in its computer weaponry, particularly its ability to disrupt existing infrastructure. As one former senior US military commander said recently, “They have startled everyone with the speed at which their capabilities have increased.”

A senior Defence Department official said the program to develop computer skills among allies would focus solely on defending against disruptive and destructive attacks on networks for the military and critical infrastructure. The United States will not share its growing arsenal of offensive cyberweapons, which, like nuclear arms, can be deployed only on presidential order.

Those have only been used in one major case: The US and Israeli attack on Iran’s nuclear enrichment system, part of a covert programme called Olympic Games that delayed, but ultimately failed to destroy, Iran’s nuclear ability.

Officials pledge that computer hardware and software eventually provided to allied nations will be evaluated to avoid providing the type of defensive systems that also can be used for domestic surveillance or to punish political opponents.

This new focus on adding computer-warfare skills to a global effort the Pentagon calls “building partner capacity” - and usually refers to more traditional training of conventional forces - is another indication of the high-level of concern in Washington about the growing danger of computer-network attacks from Iran or North Korea.

After the attacks on energy firms in the Persian Gulf, “We recognized that we really need to bolster our working relationships with key allies in the region,” said one senior Defence Department official. “We made a very conscious strategy decision to make that a priority, both in the gulf and also in Asia.”

Iran, in particular, is viewed as having greatly accelerated its computer efforts. The advancements appear to be the result of carefully focusing the work of a domestic computer sciences and hacking community.

The emerging Iranian programme is far more disciplined and mature than Tehran’s previous efforts, which had focused on social media to coax American military personnel based in the Middle East and Persian Gulf region to sign up for dating and travel services, or chat rooms. The goal was to obtain the online information from American military personnel to find back doors into military computer systems.

In the rankings of computer powers, Iran and North Korea are far lower in ability than the United States, Israel, Britain, Russia and China. China and Russia, however, have strong incentives to limit the destructiveness of their attacks; they are so tied into the global economy that anything truly disruptive to financial or energy markets would backfire. But North Korea and Iran, especially in times of rising tensions, would be less prone to show restraint, US officials say.