The U.S. Is Lifting the Veil of Secrecy on its Cyber Tactics
Picture this: A supporter of the Islamic State gets a chat message. It’s from a top commander, and it instructs the man and his fervent cohort to meet outside the city of Tel Osqof, 20 miles north of Mosul, at 7 a.m. “May God be with you, my brothers,” the leader signs off.
But when the recipient gets to the rendezvous, he’s greeted by an ambush. Air strikes. Gunfire. Chaos. Collapse.
Here’s what happened: That message from a trusted conspirator? It turns out an adversary fabricated it. Foreign agents hacked the commander’s accounts, hijacked his persona, and mimicked his mannerisms to sell a rebel battalion on a phony order. When the supporter showed up at the meeting spot, military forces were already there.
This imagined scenario gives you a sense of the kind of digital deception the U.S. may be using to take down terrorist groups like ISIS (also known as ISIL). But until this spring it was hard to confirm that those tactics existed at all.
Earlier this year, Secretary of Defense Ashton Carter released the first details about the nation’s offensive cyberwar efforts. He revealed that the armed forces’ cyber branch had been tasked with “what’s really its first wartime assignment,” against ISIL. No official in his position had spoken so openly about the subject. And while there are still only vague details about what those operations might look like, experts have suggested that the trick described above, a kind of terrorist catfishing project, is one among many increasingly common cyber tactics the U.S. government is using to target ISIL agents.
So common, in fact, that Fred Kaplan, author of Dark Territory: The Secret History of Cyber War, estimates that such baiting and other NSA-assisted surveillance methods helped claim 4,000 insurgent lives during the Iraq War in 2007 alone. And the effects reach beyond combat zones. Network sabotage isn’t “just an act of reducing numbers on the battlefield,” Kaplan says, “but about messing with them psychologically.”
Specifics are sparse and closely guarded. “As a matter of policy and to preserve operational security, we do not detail our tactics, techniques, and procedures,” says Lt. Col. Valerie Henderson, a Defense Department spokesperson.
Some say that this historical secrecy has led to a lack of understanding, with political implications. “One of the reasons our policy ideas are so immature is because we keep so much of this secret from so many people,” Michael Hayden, former head of the NSA and CIA, tells Fortune. “Private industry doesn’t talk about it for liability reasons, and government won’t talk about it for security reasons.”
But that’s starting to change—partly because of political pressure to thwart terrorism and partly because of the nature of the enemy, an almost universally reviled terrorist group. Some officials are more open than others: “Right now it sucks to be ISIL,” Deputy Secretary of Defense Robert Work put it provocatively earlier this year. “We’re dropping cyber bombs. We have never done that before.”
These new admissions are a milestone, although evidence of cyber tactics has been around for a while (including a hacking campaign allegedly orchestrated by the U.S. and Israel to knock out Iran’s nuclear program). “The announcement that we were conducting a cyber offensive on ISIS is a really big deal,” says Peter Singer, a senior fellow at New America, a D.C. think tank. “It’s a key moment in what I describe as the normalization of cyber warfare.”
Indeed, today the U.S. Cyber Command, a six-year-old military branch with plans to expand its headcount to 6,000 this year, is beginning to show its might. Similarly, the Pentagon would no doubt like something to show for its $6.7 billion 2017 line-item request for cyber “capabilities”—including contracts that could end up with the likes of Lockheed Martin lmt , Raytheon rtn , Harris Corp. hrs , and Northrop Grumman noc , in addition to other, smaller players in an emerging computer combat industry.
However, despite all the digital-assault advances, no one (to our knowledge) has been killed solely by a cyber operation, Singer says.
War craft is still dominated by bombs and bullets, and urban populations have been spared from total power-grid failure (with the exception of an attack on a utility in Ukraine that may signal what’s to come). It’s behind the scenes that the hacker’s toolbox—network implants, data dragnets, intercepted communications, disrupted cell towers, compromised microwave relays, subverted satellites—increasingly provides the props that articulate the newest theater of war. The infrastructure of the Internet is combat-ready.
Welcome to the World War Web.
A version of this article appears in the June 15, 2016 issue of Fortune with the headline “The Computer Wars Have Already Begun.”