Information Operations
Newsletter
Compiled by: Mr. Jeff Harley
US Army Strategic Command
G39, Information Operations Branch
Table of Contents
ARSTRAT IO Page on Intelink-U
Table of Contents
Vol. 8, no. 07 (1-17 January 2008)
1. Analysis: U.S. Lost Fallujah's Info War
2. Enemies at the Firewall
3. The Dogs of Web War
4. War -- or Crime -- in Cyberspace (editorial)
5. Al Qaeda Taps Cell Phone Downloads
6. Bosnian Jihad Groups Mark Analyst For Attacks
7. An Information Operations Approach to Counter Suicide Bomber Recruiting
8. US Looks To Military to Take on Cyber Threats
9. Intel Brief: Chinese Cyberwarfare
10. Millions Able To Receive Hizbullah TV
11. Unlikely GI Wins Hearts in Iraq
12. Where War and Porn Collide
13. Abu Yahya’s Six Easy Steps for Defeating al-Qaeda
14. Decoding the Virtual Dragon
Page ii
Analysis: U.S. Lost Fallujah's Info War
By Shaun Waterman, UPI, 2 Jan 08
WASHINGTON, Jan. 2 (UPI) -- A secret intelligence assessment of the first battle of Fallujah shows the U.S. military believes it lost control over information about what was happening in the town, leading to political pressure that ended its April 2004 offensive with control being handed to Sunni insurgents.
"The outcome of a purely military contest in Fallujah was always a foregone conclusion -- coalition victory," reads the assessment, prepared by analysts at the U.S. Army's National Ground Intelligence Center.
"But Fallujah was not simply a military action, it was a political and informational battle. … The effects of media coverage, enemy information operations, and the fragility of the political environment conspired to force a halt to U.S. military operations," concludes the assessment.
It adds that the decision to order an immediate assault on Fallujah, in response to the televised killing of four contractors from the private military firm Blackwater, effectively prevented the Marine Expeditionary Force charged with retaking the town from carrying out "shaping operations," like clearing civilians from the area, which would have improved their chances of success.
"The very short time allowed for shaping operations before the fight resulted in a battlefield full of civilians," observes the assessment, prepared in March 2006 and classified secret.
A copy was posted on the Web last week by the organization Wikileaks, which aims to provide a secure way whistle-blowers can "reveal unethical behavior in their governments and corporations" and says it favors government transparency.
Although a spokesman for U.S. Army intelligence declined to comment on the document, United Press International independently confirmed its veracity.
The assessment says a daytime curfew and ban on all public gatherings imposed by Marines in the town was "difficult to enforce" and that insurgents exploited U.S. adherence to the laws of war and sometimes-restrictive rules of engagement. As a result, "non-combatants provided cover for insurgents, restrained (the) employment of combat power, and provided emotional fodder for Arab media to exploit."
The authors say that media were "crucial to building political pressure to halt military operations" from the Iraqi government and the Coalition Provisional Authority, which resulted in a "unilateral cease-fire" by U.S. forces on April 9, after just five days of combat operations.
During the negotiations that followed, top Bush administration officials demanded a solution that would not require the Marines to retake the town, according to the assessment.
"The American National Command Authority pressed for other options besides finishing the clearing of Fallujah," it states. "Given few options," coalition forces on April 30 formally turned over control of the town to the so-called Fallujah brigade -- essentially the same insurgents they had just been fighting.
Crucial to this failure, the authors believe, was the role of the Arabic satellite news channels al-Jazeera and al-Arabiyah.
An al-Jazeera crew was in Fallujah during the first week of April 2004, when the Marines began their assault on the town of 285,000 people.
"They filmed scenes of dead babies from the hospital, presumably killed by coalition airstrikes," complains the assessment. "Comparisons were made to the Palestinian intifada. Children were shown bespattered with blood; mothers were shown screaming and mourning day after day."
The two stations "focused almost exclusively" on the theme that the military was using excessive force, reports the assessment, saying their coverage was "increasingly … shrill in tone," and they both "appeared willing to take even the most baseless claims as fact."
Worse, al-Jazeera crews were the only source of pictures of the conflict, because the town was too dangerous for Western news organizations, which were "forced to pool video shot by Arab cameramen."
"The absence of Western media in Fallujah allowed the insurgents greater control of information coming out of Fallujah," concludes the assessment, because their charges "could not be countered by Western reporters because they did not have access to the battlefield."
As examples it cites the ultimately unsubstantiated allegation that cluster bombs were used by U.S. forces and the "false allegations of up to 600 dead and 1,000 wounded civilians" -- although 600 actually tallies with estimates by the Iraq Body Count, a Web site that tabulates reports of civilian casualties and has been cited by President Bush.
By contrast, the assessment states that, later in 2004, when U.S.-led forces successfully retook Fallujah, they brought with them 91 embedded reporters representing 60 media outlets, including Arabic ones.
"False allegations of non-combatant casualties were made by Arab media in both campaigns, but in the second case embedded Western reporters offered a rebuttal," the authors state.
The assessment added that the coincidence of the Shiite uprising in southern Iraq on April 2 and the publication of pictures of abuse by U.S. forces in Abu Ghraib later that month "further enflamed a politically precarious situation and could not have happened at a worse time."
"Insurgents sometimes get lucky," the authors conclude.
A "nascent and weak" Iraqi government had "offered no political cover for U.S. commanders to finish the operation in a reasonable time period," and "without domestic Iraqi political support, offensive operations were halted."
Table of Contents
Enemies at the Firewall
By Simon Elegant, Time Magazine, 6 Dec 07
Tan Dailin lets out an audible gasp when he is told that he was identified in the U.S. as someone who may have been responsible for recent security breaches at the Pentagon. "Will the FBI send special agents out to arrest me?" he asks. Much as they might want to talk with him, though, FBI agents don't have jurisdiction in Chengdu, the capital of China's Sichuan province, where Tan lives. And given that he has been lauded in China's official press for his triumphs in military-sponsored hacking competitions, Tan is unlikely to have problems with local law enforcement. But Tan and his seven companions, who make up the self-proclaimed Network Crack Program Hacker (NCPH) group, are taking no chances. A couple of weeks after they spoke to TIME, they shuttered the group's website, on which they used to proudly post specially designed hacking programs that could be downloaded for free. Visitors now find only a notice that the page is being redesigned.
Tan and his fellow hackers may be lying low for now. But the controversy over the activities of hundreds of Chinese like them will only continue to grow. Though the evidence remains mostly circumstantial, a picture is emerging of a coordinated effort by Chinese-military authorities to recruit hackers such as Tan and his group to winkle out information from computer systems outside China and launch cyberattacks in future conflicts.
China has long regarded cyberwarfare as a critical component of asymmetrical warfare in any future conflict with the U.S. From China's perspective, it makes sense to use any means possible to counter America's huge technological advantage. A current wave of hacking attacks seems to be aimed mainly at collecting information and probing defenses, but in a real cyberwar, a successful attack would target computer-dependent infrastructure, such as banking and power generation. "Can one nation deliver a crippling blow to another through cyberspace?" asks American Sami Saydjari, head of the private computer-security group Cyber Defense Agency and former president of Professionals for Cyber Defense. "The answer is a definite yes. The Chinese know we are much more dependent on technology, and the more you depend on it, the more vulnerable you are."
Hacking attacks from the Middle Kingdom aren't new. In 1999, after U.S. planes bombed Beijing's embassy in Belgrade, and again in 2001, when a Chinese fighter crashed after a collision with a U.S. surveillance plane, Chinese hackers conducted cyberbattles with their U.S. counterparts. For several years beginning in 2003, U.S. government servers were subjected to a coordinated series of hacker attacks, code-named Titan Rain, which officials said had originated in China.
The scale and sophistication of the activities apparently conducted by Tan and his group--and their alleged ties to the People's Liberation Army (PLA)--are an insight into China's effort to establish a corps of civilian cyberwarriors. A recent series of intrusions into the systems of Western governments and major corporations was blamed on China (though none of the intrusions have been specifically tied to Tan and his group). This month British media reported that the country's top antiespionage official had sent a letter to 300 major corporations warning that they faced attacks from "Chinese state organizations." In May computers in the office of German Chancellor Angela Merkel were compromised by programs that had originated in China. In June U.S. military officials said an attack from China had penetrated a computer system at the Pentagon--though nonclassified, it included a server used by the office of Defense Secretary Robert Gates. Beijing denies that it is behind hacker attacks. Jiang Yu, a spokesman for China's Foreign Ministry, described such reports as "wild accusations" and said they reflected a "cold war mentality."
Outside China, however, the worries continue. "Recent events have made Western governments very nervous that this is just the tip of the iceberg," says Saydjari. "[The Chinese] have launched the equivalent of a Sputnik in cyberspace, and the U.S. and other countries are scrambling to catch up."
Meet the Geek Brigade
Gathered around the table at a restaurant in Chengdu on a recent evening, Tan, a.k.a. Withered Rose, and seven other members of the NCPH workshop don't look as though they could bring the U.S. economy to a halt. All in their early 20s, rail thin and with the prison pallor acquired from long nights spent hunched over monitors, they look like what they are: a bunch of nerds. They refuse to give their real names, referring to one another by nicknames--Blacksmith, Firestarter, Fisherman, Floorsweeper, Chef, Plumber, Pharmacist. All vehemently deny having anything to do with attacks on U.S. government systems. "Messing with the U.S. Department of Defense is no small thing," says Floorsweeper. "We read about arrested terrorists, about Guantánamo. Who gets away with messing with the U.S. government?"
O.K., so what does the NCPH, which Tan founded in 2004 when he was a student at Sichuan University of Science and Engineering, actually do? The answer starts out vague, but eventually pride gets the better of the young men. They acknowledge that the group first got its reputation by hacking 40% of the hacker associations' websites in China. That was during their "young and hotheaded college days," as Fisherman puts it. The NCPH is also famous for the remote-network-control programs they wrote and offered for download. These programs, which allow hackers to take over other computers, are exactly the kind that were used to obtain documents, spreadsheets and other materials from U.S. government offices in the most recent attacks.
But according to two detailed studies by iDefense, a branch of VeriSign, an Internet-security company based in Mountain View, Calif., the NCPH created 35 programs that took advantage of vulnerabilities in Microsoft Office to implant so-called Trojans--programs that take partial control of an infected computer and can be used to send documents, spreadsheets and other files over the Internet. The two iDefense reports say that beginning in May 2006, the Chengdu group "launched a barrage of attacks against multiple U.S. government agencies ... The result of all of this activity is that the NCPH group siphoned thousands--if not millions--of unclassified U.S. government documents back to China." Citing evidence of Tan's close ties to the military and other Chinese hackers' organizations that have been suspected of acting on behalf of the military, the reports conclude that Tan and the NCPH were almost certainly acting on behalf of and funded by the Chinese armed forces. "Most likely," the reports suggest, "hundreds of these groups exist in China." Tan declined to comment on the studies.
In response to questions from TIME, a faxed letter from China's State Council Information Office said accusations that the PLA was involved in hacker attacks against overseas targets were "groundless, irresponsible and also have ulterior motives." The Chinese police, the letter said, had received no requests from overseas governments asking for investigations of Chinese attacks on their websites. But reports in Chinese newspapers suggest that the establishment of a cybermilitia is well under way. In recent years, for example, the military has engaged in nationwide recruiting campaigns to try to discover the nation's most talented hackers. The campaigns are conducted through competitions that feature large cash prizes, with the PLA advertising the challenges in local newspapers.
Tan is a successful graduate of this system. He earned $4,000 in prize money from hacker competitions, enough to make him worthy of a glowing profile in Sichuan University's campus newspaper. Tan told the paper that he was at his happiest "when he succeeds in gaining control of a server" and described a highly organized selection and training process that aspiring cybermilitiamen (no cyberwomen, apparently) undertake. The story details the links between the hackers and the military. "On July 25, 2005," it said, "Sichuan Military Command Communication Department located [Tan] through personal information published online and instructed him to participate in the network attack/defense training organized by the provincial military command, in preparation for the coming Chengdu Military Command Network Attack/Defense Competition in September." (The State Council Information Office didn't respond to questions about Tan, and China's Foreign Ministry denies knowing about him.)