Cyberattack Solicitations

In an unusual act of candor, both the Army and Air Force in the past two months have issued solicitations asking the computer industry to provide technologies the services can use to wage offensive cyberattacks against enemy computer systems.

The Army's Communication and Electronics Command last month released an announcement asking the IT industry to present technologies that it could use to infiltrate enemy computer networks and communications systems. The military refers to such cyberattacks as "offensive information operations," or OIO.

The Army acknowledged in the announcement that it already has waged cyberattacks on enemy networks and communications platforms, but provided no details. But it wants to "leverage innovative technologies" to improve its cyberattacks "and prevent enemy forces from detecting and countering efforts directed against them," according to the announcement. "Technologies designed to interrupt these modern networks must use subtle, less obvious methodology that disguises the technique used, protecting the ability whenever possible to permit future use."

The Air Force also is seeking offensive cyber warfare capabilities, according to an announcement and a request for information released in April. The Air Force's 950th Electronic Systems Group said it is seeking industry help to define technologies and capabilities "associated with computer network attack." The technologies would be used to "disrupt, deny, degrade or deceive an adversary's information system," according to the request for information.

The Air Force wants technology that will help it map data and voice networks, provide it with access to those networks, conduct denial-of-service attacks on current and future network operating systems and network devices and engage in data manipulation on enemy networks.

The Air Force Electronic Systems Center declined to classify potential targets of the offensive cyber operations, such as nations, terrorists, rogue groups or individuals. "Specific capabilities or procedures cannot be discussed for security reasons," said Monica Morales, a spokeswoman for the Electronic Systems Center, the parent command of the 950th Electronic Systems Group. ...

Steven Aftergood, director of the Project on Government Secrecy for the Federation of American Scientists, described the release of the Army and Air Force offensive cyberattack solicitations as significant, because the services have only released limited information on their cyberattack plans, operations or technologies. These solicitations are more detailed.