Syria's Short Circuit

Why the Pentagon's cyberwar on Assad will be limited too.

The pending U.S. military strike on Syria seems the ideal opportunity to launch a sophisticated cyberattack. President Barack Obama's administration wants to shoot from a distance, keep American casualties near zero, and degrade the Assad regime's command-and-control systems to the point that the regime cannot launch any more chemical attacks against rebel forces and civilians. The United States could do that with a digital strike on Syria's telecommunications systems, its electrical grid, or other critical infrastructures the regime needs to stay alive.

But don't bet on it. The United States and its allies will almost certainly use some form of electronic warfare to jam Syria's military radar or confuse its air-traffic control systems. They'll continue to snoop on the communications of Syrian President Bashar al-Assad's regime. But tempted though the U.S. military may be to flex its cybermuscle, there are a number of reasons that a major cyberstrike would do more harm than good, experts say.

For starters, the big, obvious target is essentially off-limits. The Syrian regime relies heavily on Syria's public telecommunications system for its command and control. Government leaders and military commanders are communicating with each other and their supporters via cell phones and Facebook, says Rafal Rohozinski, the CEO of SecDev Group, which monitors communications activity in Syria.

The problem is, the rebels are using the same systems. There are half a million more Internet and cell-phone subscribers in Syria today than there were in 2011, says Rohozinski, whose group helps supply communications technology to anti-Assad forces. The Android phone comprises 40 percent of the market today compared with 10 percent two years ago. SecDev Group has also tracked a significant increase in the use of data encryption and secure communications technology by rebels.

There is no easy way to target only government users of the telecommunications system and keep the civilians online. Everyone is using it at the same time.

And keeping access open to the rebels is precisely what the Obama administration wants to do. The State Department and other government agencies have funded several technology companies and nonprofit organizations that design technology meant to circumvent government surveillance. They've made encryption technologies available for download to Syrian rebel groups. In 2012, the State Department also funded a conference that brought together rebels with the makers of that circumvention technology.

The rebels depend on ubiquitous, easy-to-use, and relatively cheap technology. Why would the United States cut them off from that technology by taking out the Syrian Internet or turning off the electricity? That would only make it harder for the rebels to organize and plan attacks. And presumably, that's what the United States wants them to do after the U.S. military weakens Syrian forces with missile attacks.

Syrians are also using cell phones and social media to organize clinics for treating the wounded and responding to government attacks. "They're the ones who would be most affected by an outage in the system," Rohozinski says. Civilians use the Internet every day to figure out when it's safe to leave their homes. "Is the taking down of the telecom system going to have a greater or lesser impact on the civilian side?" Rohozinski asks. That's a calculation U.S. national security officials have to make before any cyberattack.

The United States could craft a more targeted cyberweapon aimed at disrupting government-only systems, such as military networks or non-public communications channels. And those may prove to be soft targets. In an interview with the Washington Post, a hacktivist who supports the rebels' cause and goes by the name "Oliver Tucket" said the Syrian government's systems are poorly defended and easily manipulated. "They're not taking [security] seriously," Tucket told the Post, adding that the regime has "no idea what is going on in their network." Officials are using unencrypted email and even sent a message with the administrative password for a server domain that is associated with the government.

But electronic exploits are hard to come by, and the U.S. military may not want to use them in what will almost certainly be a narrow, low-stakes operation.

"There's a limited number of shots in that [cyber]-gun," says a former Obama administration official. "And once you tip your hand about what you can do, the Syrians can patch their systems or disconnect them," the former official says. The U.S. military and intelligence community spend considerable time and effort hunting for hidden holes in other countries' central systems. "You don't want to waste capabilities."

There's also a question of intelligence priorities. Any cyberattack would presumably be coordinated or led by U.S. Cyber Command. But that organization is effectively run by the National Security Agency, the government's eavesdropping arm. And right now, U.S. intelligence appears much more interested in keeping Syrian communications networks up and running, because they're providing useful information about chemical weapons attacks.

And then there's the risk of blowback. Any attack of Syria -- digital or otherwise -- is bound to draw retaliation from pro-regime hackers like the Syrian Electronic Army. The question is how big and how sophisticated will that retaliation be. The Syrian Electronic Army has been linked to operations against U.S. websites, including media sites such as the New York Times and the Huffington Post, and against Twitter. So far, the attacks have only disrupted and defaced the sites themselves.

But pro-regime hackers are not all cyberpunks limiting their shenanigans to vandalism. They've shown remarkable dexterity and a penchant for aggressive tactics.

Other pro-regime hacker groups have reportedly been using much more aggressive tactics, including disturbing malware and surveillance tools through Skype and YouTube. In 2012, after the Syrian government shut down Internet service in the country, some of the few IP addresses to remain up and running were designed to trick activists into installing surveillance software on their computers.

In the past week, security experts have been buzzing about whether Syrian hacker groups are upping their game and going after American targets. After the trading halt on the Nasdaq last week, some experts began speculating that it resulted from a malicious cyberattack by Syrian groups or their allies in Iran. There's no evidence of that. But it's a measure of increasing anxiety about the capabilities of those groups and their willingness to launch more aggressive, higher-profile strikes against U.S. interests. Hackers in Iran are believed already to have caused massive denial-of-service attacks against American banks in late 2012.

"Cyber is a unique domain, and we have vulnerabilities there," says Paul Rosenzweig, a former Homeland Security Department official who worked on cybersecurity policy in George W. Bush's administration. "We are about to poke in the eye a tiger who has some cyber-claws. How ferocious are they? We don't know for sure. But if I were contemplating an offensive cyberactivity, other than taking out their radar, I'd ask, 'Do I have the capabilities to disable any groups that might retaliate?'"

Of course, a website defacement or temporary shutdown may be a small price to pay for a strategic cyberstrike that gets the administration's job done. And presumably, Syrian hackers or their proxies will retaliate for cruise missile strikes, anyway.

"Cyberattacks in Syria will be used in ways that haven't been used in previous wars," predicts Micah Zenko, a national security expert and fellow at the Council on Foreign Relations. "And they might be used in ways that aren't immediately apparent."

The U.S. intelligence community has had a long time to study up on the Syrian government and the vulnerabilities in its systems. The intelligence community may have developed a more discrete kind of offensive tactic that has never been seen before.

"I suspect that it will be in ways that we don't quite know about," Zenko says. "To not utilize [cybercapabilities] would be really foolish." To go in with just kinetic efforts -- missiles and bombs -- "would be like fighting with one hand behind our back."



Did Obama Administration Leaks Already Spoil the Syria Attack?

Former top officers are baffled by Washington's telegraphing of its strike on Assad.

U.S. airstrikes into Syria will begin within days and involve Tomahawk cruise missiles fired by American warships in the eastern Mediterranean. They will last less than a week and target a limited number of Syrian military installations.  And they will be designed to send a stern message to Syrian President Bashar al-Assad, not force him from power.

That's the word coming from some in the Obama administration -- the White House swears it's not them. And while Obama's aides publicly insist that the President hasn't made a final decision about whether to attack Syria, anonymous officials within his administration are leaking a strikingly large amount of detailed information about the timing, duration and scope of the potential military intervention. The flood of details raises a pair of related questions. Is the administration deliberately trying to telegraph its plans for a strike? And if so, why?

"I have no earthly idea why they're talking so much," said retired Admiral William Fallon, the former head of the military's Central Command. "It's not leaking out; it's coming out through a hose. It's just a complete head-scratcher."

David Deptula, a retired Air Force lieutenant general who commanded the no-fly zone over Iraq in the late 1990s, said that military action was most effective when a U.S. foe like Assad didn't have a clear sense of the timing and severity of a potential strike and couldn't take protective measures in advance like dispersing his troops or weapons so they'd be harder to find and destroy. The administration's public and private comments, he said, meant that Assad would have an easier time figuring out when and how to prepare for a U.S. assault. 

"You don't want an adversary to know what's coming," Deptula said. "Now Assad does."

In recent days, White House spokesman Jay Carney has said that the military operations under consideration by President Obama "are not about regime change," while The New York Times and other newspapers reported that the White House was considering a limited series of strikes that would last one to two days and strike fewer than 50 targets. The paper said the U.S. would focus on hitting individual Syrian military units, headquarters compounds, air bases, and rocket sites, not chemical weapons facilities themselves. The information was attributed to unnamed administration officials. 

There were signs Wednesday that the Syrian strongman has already begun reacting to the talk coming out of Washington about the potential targets of a U.S. strike. Reuters reported that Assad's forces appeared to have evacuated most of their personnel from several key army, air force, and security headquarters buildings in central Damascus. Those are precisely the kinds of military compounds U.S. cruise missiles would reportedly be sent to destroy.   

The administration's willingness to share details about sensitive military operations has prompted internal consternation in the past. In the days after the raid that killed Osama bin Laden in Pakistan, then-Defense Secretary Robert Gates grew so angry about the amount of information leaking out about the assault that he reportedly approached then-National Security Advisor Tom Donilon to recommend "a new strategic communications approach." It was a simple one. "Shut the f--- up," Gates said.

Many of the administration's highest-profile leaks have concerned operations that had already been successfully carried out, like the bin Laden raid or the U.S. role in creating the Stuxnet computer virus that temporarily slowed Iran's nuclear program. The current situation is arguably riskier for the U.S. because the information being leaked concerns an operation that has yet to take place. 

A White House official -- also speaking, ironically, under the condition of anonymity -- denied that the administration had been responsible for publicizing specifics about potential U.S. targets and insisted that it opposed the release of the information.    

"The kinds of details you're talking about are not coming out with the approval of the White House," the official said. "I don't know who is talking about these things, but we want it to stop. Our intention is not to talk about the details of military operations the president has not decided upon."

The official also defended the administration's preemptive declaration that a U.S. strike wouldn't be designed to drive Assad from power. "Regime change is not U.S. policy in Syria," the official said. "We've made clear for many months that we think there is no military solution to the crisis in Syria and that a political solution is needed."

That message is hard to reconcile with the administration's tough talk about Assad. White House spokesman Jay Carney said Tuesday that Assad "has long since forsaken any legitimacy that he might have to lead" and stressed that Syria's future "must be one that is without Assad in power." President Obama himself has been calling for Assad to step aside for more than a year.   

Deptula said that he didn't know why the administration would call for Assad's ouster -- while simultaneously insisting that it wasn't going to try to use force to bring that ouster about.

"There are these trial balloons being floated about the strikes being limited and not about regime change," he said. "Well, wait a second. Didn't the president say Assad has got to go? How do you square that?"

The administration may have good reasons for trying to tread so narrow a line. Allies like Saudi Arabia have been privately pressing the administration to oust Assad for months, but the prospect of an American military intervention is so politically toxic throughout the region that Riyadh has pointedly refused to publicly endorse a U.S. strike. The Arab League has taken a similar position, and the administration could be trying to maintain support for a military intervention by making clear that it would be limited in both scope and duration. That message could also play well at home, where an overwhelming majority of the American public opposes U.S. involvement in Syria's civil war.

The approach also carries clear risks, however, most notably that Assad will interpret a small-scale American strike as a sign that he can continue to wage a brutal campaign against his own people without risking a Western attempt to force him from power.  

"I'm not a big fan of the belief that you can send a message and have that be enough," Deptula said. "The leadership of Syria is responsible for this brand of armed conflict, and the leadership needs to feel like they're paying a price.  If they don't, you won't see a change in behavior."

Chip Somodevilla/Getty Images