Nearly a year and a half into the United States' military campaign against the Islamic State group, Defense Secretary Ash Carter has called on U.S. Cyber Command to intensify the online fight against the terrorist group, Defense Department spokesman Peter Cook said.
Carter and Gen. Joseph Dunford, chairman of the Joint Chiefs of Staff, visited Cyber Command on Jan. 27 to deliver the message and take stock of the military's ongoing cyber operation against Islamic State.
Left unsaid was how effective cyber operations have been and what else U.S. military hackers could be doing. Cook did not respond to multiple requests for comment.
A month ago, the Los Angeles Times reported that Carter was considering stepping up cyberattacks on Islamic State's digital infrastructure and said Cyber Command had "developed an array of malware" to attack the group.
Cyber Command is a supportive command that works in tandem with others. In the case of the campaign against Islamic State, Cyber Command can complement airstrikes coordinated by U.S. Central Command with a suite of digital tools to unmask terrorist operatives or disrupt their communications.
Spokeswoman Lt. Col. Kara Soules would not comment when asked how the command's offensive capabilities have matured since the start of the campaign against Islamic State.
"As a matter of operational security, U.S. Cyber Command does not discuss specific plans, options, capabilities or operations," she said, adding that the command "provides a broad range of cyber options to the nation's leaders and provides daily support to joint force commanders."
Adm. Michael Rogers, head of Cyber Command, said last week that the command is at a tipping point in maturing its offensive and defensive cyber capabilities. The command is developing more tangible capabilities "that you will see us start to apply in a broader and broader way," said Rogers, who is also National Security Agency director.
The Army component of Cyber Command is a case in point. When Lt. Gen. Edward Cardon took the helm of Army Cyber Command in September 2013, he only had two teams of cyber specialists that were at initial operating capability; today, he has 33 such teams with at least that capability. The maturation of those cyber forces "is going to add significantly to the capabilities of the Department of Defense," Cardon said in a Jan. 29 appearance at the Institute of World Politics in Washington.
"One of the things that Cybercom did was create the ability to have a more holistic view on warfare," Bob Stasio, a former Army signals intelligence platoon leader in Iraq and now a fellow at the Truman National Security Project, told FCW. The maturing command "has a full-spectrum range of capabilities."
Cyber aspirations spring eternal
As Cyber Command has honed its hacking skills, Islamic State's digital operatives have reportedly sought to do the same.
The organization’s bloody emergence on the world stage was accompanied by an adroit social media machine, which generated speculation about the group's capabilities in cyberspace. Not long after the U.S. began bombing Islamic State targets in August 2014, cybersecurity experts interviewed by FCW judged the organization's capabilities in cyberspace to be more aspirational than operational.
The intervening months have seen episodic demonstrations of Islamic State’s cyber activity, incidents that show an eagerness to disrupt but not much sophistication. For example, in January 2015, Islamic State sympathizers breached the Twitter and YouTube accounts of Central Command, displaying messages threatening violence against U.S. soldiers and posting military documents. But that was an act of vandalism rather than a sophisticated attack.
"There are beginning to be some indications that [Islamic State is] looking to expand their offensive cyber capabilities as well," said John Cohen, former acting undersecretary for intelligence and analysis at the Department of Homeland Security, citing published reports.
But going on the cyber offensive could leave the group vulnerable. Islamic State's computer operatives are "no different than any other would-be attacker [in that] they use compromised systems for command and control and to obscure their real locations," said Tony Cole, vice president and global government CTO at FireEye, a network security firm.
Like almost all other hackers, Islamic State operatives "leave tell-tale signs of their identity through the use of the same tools, processes, domains and actions -- sometimes with minor variations -- and many other indicators of compromise that will eventually identify them," Cole told FCW.
Cyber Command hasn't been the only agency trying to dismantle Islamic State in cyberspace. The Justice Department announced this week that an alleged Islamic State supporter who is accused of hacking the personal information of U.S. service members had made an initial court appearance in Virginia.
About the Author
Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.
Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.