Officials in the Obama administration considered launching a cyber offensive against Libya’s computer networks last March as part of the NATO-led air strikes against the Qaddafi regime.
The cyberattack would have involved breaking through the firewalls protecting Libyan computer networks in order to disrupt military communications and thwart early-warning radar systems that would detect planes coming in for a strike.
The officials and military officers ultimately decided against the plan out of fear that it would set a precedent for other nations to use similar techniques, according to the New York Times. There were also unresolved questions about whether President Obama had the power to approve such an attack without first informing Congress, and whether there was sufficient time to conduct digital reconnaissance and write the attack code that would have been required to pull off such an attack.
Weeks later, there was talk of using similar techniques to thwart Pakistani radar when U.S. Navy Seals were preparing to launch a kill-mission against former al Qaeda leader Osama bin Laden, who had been hiding out in a compound in Pakistan that was surrounded – some say protected – by Pakistani military troops. In the Pakistan case, the administration nixed the idea again, opting instead to use specially modified helicopters designed to evade radar detection.
“These cybercapabilities are still like the Ferrari that you keep in the garage and only take out for the big race and not just for a run around town, unless nothing else can get you there,” an unidentified Obama administration official told the Times.
Had the computer-network attack against Libya gone ahead, administration officials told the Times they were confident the attack code could have been contained within Libya’s networks and not spread to other networks to cause collateral damage.
Such questions have become central to cyberwarfare discussions in the wake of the Stuxnet computer worm – a piece of malware that was launched in 2009 against computers in Iran to disrupt that country’s uranium enrichment program.
Stuxnet spread beyond the targeted systems, however, infecting more than 100,000 computers throughout Iran, India, Indonesia and elsewhere. Because the worm was skillfully crafted to affect only systems operating at one of Iran’s nuclear enrichment plants, it did not harm the other systems it infected.
Photo: A German radar station. Credit: Aperture7.1/Flickr