Washington Post "Chilling . . . Extraordinary and urgent." Christian Science Monitor "Unsettling . . . Deeply informative." James Risen, author of Pay Any Price: Greed, Power, and Endless War “@War is a remarkable achievement. Harris uses dogged shoe-leather reporting to take us deep inside the government’s surveillance and cyber operations to give an unsparing look at what the NSA and other agencies are really doing with all our data. In the age of abstract Snowden documents, @War actually introduces us to the people running America’s electronic spying machine, and offers invaluable insights into how their ambition and turf battles impact our financial security, our privacy, and our freedom.” Thomas E. Ricks, author of Fiasco and The Generals “A great overview of our new cyberfronts. Unlike most books about cyberwar, this one is enjoyably readable. At times it feels like a modern spy novel, but it is a guide to tomorrow’s headlines.” Peter Bergen, author of Manhunt: The Ten-Year Search for Bin Laden from 9/11 to Abbottabad “@War is a tour de force of reporting on the past, present, and future of cyber-conflict. It will be required reading both in the Pentagon and among the army of Chinese cyber spies now assaulting American businesses. Hackers, policy makers, and others will find this book both intriguing and alarming; not to mention very well written.” Publishers Weekly "Cyber-espionage is the 'single most productive means of gathering information about our country’s adversaries,' writes Harris (The Watchers: The Rise of America’s Surveillance State), senior writer for Foreign Policy, in this unnerving exposé. After 9/11, the National Security Administration (NSA), the nation’s global information-gathering agency, submitted a wish list to the Bush administration. It was approved and the “'military-Internet complex was born.' According to Harris, electronic eavesdropping was fundamental to 2007’s Iraq surge and the NSA located Osama bin Laden through spyware planted in his operatives’ mobile phones. Readers will squirm as they learn how every communications enterprise (Google, AT&T, Verizon, Facebook) cooperates with the national security establishment. Harris delivers a convincing account of the terrible cyberdisasters that loom, and the intrusive nature of the fight to prevent them." Kirkus Reviews "Sprawling account of how the U.S. military joined forces with the National Security Agency to develop 'cyber warfare' capabilities, monitoring America's enemies and its citizens alike. Harris adeptly documents the online threats directed at American society, ranging from the Chinese military's well-funded hacking cells to large-scale information thefts committed by international crime syndicates, but he also demonstrates the NSA's insatiable collection of metadata and preparation of "backdoor" cyberweapons for future use, concluding that '[a]nonymity and collective security may be incompatible in cyberspace.'" —
About the Author
SHANE HARRIS is the author of The Watchers: The Rise of America's Surveillance State, which won the New York Public Library’s Helen Bernstein Book Award for Excellence in Journalism and was named one of the best books of 2010 by the Economist. Harris won the 2010 Gerald R. Ford Prize for Distinguished Reporting on National Defense. He is Senior Correspondent at the Daily Beast, covering national security, intelligence, and cyber security. He is also an ASU fellow at New America, where he researches the future of war. Previously, he was senior writer at the Washingtonian, and his work has appeared in the New York Times, Wall Street Journal, Slate, the Daily Beast, the Washington Post, and numerous other publications. He has provided analysis and commentary for CNN, NPR, the BBC, and many other media organizations and radio stations.
Excerpt. © Reprinted by permission. All rights reserved.
ONE
The First Cyber War
Bob Stasio never planned to become a cyber warrior. After he graduated high school, Stasio enrolled at the University at Buffalo and entered the ROTC program. He majored in mathematical physics, studying mind-bending theories of quantum mechanics and partial differential equations. The university, eager to graduate students steeped in the hard sciences, waived the major components of his core curriculum requirements, including English. Stasio never wrote a paper in his entire college career.
Stasio arrived at Fort Lewis, Washington, in 2004, when he was twenty-two years old. His new brigade intelligence officer took one look at the second lieutenant’s résumé, saw the background in math and physics, and told Stasio, “You’re going to the SIGINT platoon.”
SIGINT, or signals intelligence, is the capture and analysis of electronic communications. Like all branches of intelligence, it’s a blend of science and art, but it’s heavy on the science. The brigade intelligence officer had worked at the National Security Agency and recognized that Stasio’s physics training would come in handy, because so much of SIGINT involves the technical collection of radio signals, fiber-optic transmissions, and Internet packets.
Stasio’s military training in college focused on how to use a rifle and lead a squad. But he had spent six months learning the basics of intelligence gathering and analysis at the army’s intelligence school at Fort Huachuca, Arizona. When he came to Fort Lewis, Stasio was assigned to a Stryker brigade, a mechanized force designed to be light on its feet, capable of deploying into combat in just a few days. It was Stasio’s job to locate the enemy on the battlefield by tracking his communications signals. And he was also supposed to divine his adversary’s intentions by eavesdropping on the orders a commander gave to troops, or listening for the air strike that a platoon leader was calling in from behind the lines. Stasio would join the Fourth Brigade, Second Infantry Division, “the Raiders,” and deploy to Iraq. He’d be working with a team of linguists, who would be essential, since Stasio didn’t speak Arabic. But when it came time to meet them, Stasio started to worry: nearly all of the linguists spoke only English and Korean.
The army had designed its signals intelligence system for the Cold War. Thousands of troops still served on the Korean Peninsula. They were still trained in how to fight a land battle with North Korean forces, in which the physics of SIGINT—locating tanks and troops—would be central to the mission. But the Raiders were going off to fight a network of Iraqi insurgents, volunteer jihadists, and terrorists. These guys didn’t drive tanks. They didn’t organize themselves according to a military hierarchy. And of course, they didn’t speak Korean.
Stasio decided that his intelligence training would be mostly useless in Iraq, where the US occupation was coming unglued. Army casualties were mounting, the result of a well-orchestrated campaign of roadside bombings by insurgents. The soldiers who didn’t die in these attacks were coming home with limbs missing, or with severe brain injuries that would impair them physically and emotionally for the rest of their lives. SIGINT wasn’t preventing these attacks. Indeed, it was hardly being used at all. In October 2004 the military’s top signals intelligence officer estimated that as much as 90 percent of all information in Iraq was being supplied by a network of human spies and informants—and they weren’t helping the Americans reduce the bombing attacks and insurgent strikes.
Stasio read as much as he could about insurgencies, noting in particular how they organized themselves using a network model, with many independent nodes of people working in teams, separate from a central controller. This was the opposite design of a vertical, military bureaucracy, with orders filtering down from the top through several layers of officers. In principle, the intelligence discipline in which Stasio was trained should still work. He was expected to locate his enemy using electronic signals and figure out his next move. But the tools the army had supplied to do this were ill suited to the shadowy, urban battlefields of Iraq. The Raiders used a collection “platform” known as the Prophet system, a rugged truck affixed with a tall, roof-mounted radio antenna about the size of a streetlamp. The older officers in the brigade liked the Prophet because it told them what enemy forces were in their immediate area of operations. It was a tactical device, and they controlled it, driving it to wherever they wanted to collect intelligence.
But the Prophet was designed to collect radio waves, and on a wide-open and relatively flat area of battle. Stasio knew that the enemy fighters in Iraq were communicating using cell phones and e-mail and through videos they’d posted on the Internet. They were moving in small groups through the dense concrete maze of Baghdad and other crowded Iraqi cities. The Prophet wasn’t the most useful tool. Indeed, when Stasio finally got to Iraq, he saw that the military intelligence units that had come before him were using the Prophet not to collect signals but to transport food and other supplies around the base.
There was another reason the old-timers liked the Prophet—it was theirs. They could drive it wherever they wanted. They had control over the collection and analysis of intelligence. Stasio thought that his more senior officers generally distrusted intel that came from back in the States, frequently from Washington, DC, and the national intelligence agencies such as the CIA and the NSA, which, from the battlefield, looked like big, lumbering bureaucracies filled with software engineers and computer geeks who were too removed from the on-the-ground tactical needs of forces in Iraq.
But Stasio knew the national agencies, and in particular the NSA, had something he needed: data. Namely, servers full of electronic communications and signals collected by the agency’s listening posts around the world. Stasio thought that if he could tap into SIGINT from Iraq, he might be able to understand something about the size and shape of the insurgent networks by piecing together their communications records. This was painstaking work, and it would require hours sitting in front of a computer, probably in some air-conditioned trailer, not driving a Prophet through dusty streets. Stasio was a fan of the HBO series The Wire, and he was particularly fond of one character, Lester, who uncovers a network of drug dealers in Baltimore by tracking their cell phone calls. Stasio wanted to do the same thing in Iraq.
He pleaded with his brigade intelligence officer at Fort Lewis: instead of sending him out to the rifle range to practice infantry techniques and study the bulky Prophet, let him and a few of his fellow intelligence officers spend time in the state-of-the-art intelligence facility on the base, learning how to use software for diagramming networks and digesting Internet and cell phone traffic. These tools had been largely overlooked by tactical military intelligence units, Stasio argued. But they could be enormously helpful in Iraq.
The officer agreed.
Stasio and a fellow lieutenant devised their own training regimen, which hinged on a concept called “reachback.” The idea was that in the field, small military intelligence units would set up their own computers and local networks, but they would reach back to the massive databases at the NSA and other agencies that were collecting useful intel from across the entire spectrum of military and intelligence operations, including satellite images, tips from informants, summaries of interrogations of captured fighters, even political forecasts produced by CIA analysts. To Stasio, no single piece of data was insignificant. But a single piece on its own was of little use. The information had to be “fused” into a nuanced picture.
For someone who grew up using many different modes of communication—phone, e-mail, text messaging—on many different devices, this method of intelligence analysis was intuitive. Stasio and the members of his platoon trained for two and a half years before they finally headed out to Iraq. He took four of the Korean linguists in his platoon and sent them to a one-year crash course in Arabic. He didn’t need them to be fluent, but with some language proficiency they could work with local translators to write intelligence reports. The rest of the linguists he sent to learn intelligence analysis.
Stasio arrived in Iraq in April 2007—without the Prophet in tow—as part of a new “surge” of American troops. He might have wondered if they arrived too late. Stasio and his team found US forces under relentless assault from insurgents, roadside bombers, and mortar attacks. Iraq was collapsing amid an escalating civil war. Foreign fighters were pouring into the country from neighboring Syria and Iran, and a ruthless terrorist network, known as al-Qaeda in Iraq, ran a brutal campaign of attacks against US and coalition forces, the Iraqi government, and Iraqi Shiites—fellow Muslims and innocent civilians. The terror group aimed to break the back of the fledgling government with a theocratic dictatorship. Maybe, Stasio thought to himself, I should have spent more time learning to fire my rifle.
But he didn’t know—couldn’t have known—that his ideas about intelligence-supported warfare were about to be tested on a massive scale. US forces were going to attack their enemy in a way they’d never attempted. And Stasio would be on the frontlines.
