BACK in the summer of 1994, while Ken Minihan and his demon-dialers at Kelly Air Force Base were planning to shut down Haiti’s telephone network as a prelude to President Clinton’s impending invasion, a lieutenant colonel named Walter “Dusty” Rhoads was sitting in a command center in Norfolk, Virginia, waiting for the attack to begin.
Rhoads was immersed in Air Force black programs, having started out as a pilot of, first, an F-117 stealth fighter, then of various experimental aircraft in undisclosed locations. By the time of the Haiti campaign, he was chief of the Air Combat Command’s Information Warfare Branch at Nellis Air Force Base, Virginia, and, in that role, had converted Minihan’s phone-jamming idea into a detailed plan and coordinated it with other air operations.
For days, Rhoads and his staff were stuck in that office in Norfolk, going stir-crazy, pigging out on junk food, while coining code words for elaborate backup plans, in case one thing or another went wrong. The room was strewn with empty MoonPie boxes and Fresca cans, so he made those the code words: “Fresca” for Execute the war plan, “MoonPie” for Stand down.
After the Haitian putschists fled and the invasion was canceled, Rhoads realized that the setup had been a bit convoluted. He was working through Minihan’s Air Force Information Warfare Center, which was an intelligence shop, not an operations command; and, strictly speaking, intel and combat ops were separate endeavors, with Title 10 of the U.S. Code covering combat and Title 50 covering intelligence. Rhoads thought it would be a good idea to form an Air Force operations unit dedicated to information warfare.
Minihan pushed for the idea that fall, when he was reassigned to the Pentagon as the assistant chief of staff for intelligence. He sold the idea well. On August 15, 1995, top officials ordered the creation of the 609th Air Information Warfare Squadron, to be located at Shaw Air Force Base, in South Carolina.
The official announcement declared that the squadron would be “the first of its kind designed to counter the increasing threat to Air Force information systems.” But few at the time took any such threat seriously; the Marsh Report, Eligible Receiver, Solar Sunrise, and Moonlight Maze wouldn’t dot the landscape for another two years. The squadron’s other, main mission—though it was never mentioned in public statements—was to develop ways to threaten the information systems of America’s adversaries.
Rhoads would be the squadron’s commander, while its operations officer would be a major named Andrew Weaver. The previous spring, Weaver had written an Air Staff pamphlet called Cornerstones of Information Warfare, defining the term as “any action to deny, exploit, corrupt, or destroy the enemy’s information and its functions,” with the ultimate intent of “degrading his will or capability to fight.” Weaver added, by way of illustration, “Bombing a telephone switching facility is information warfare. So is destroying the switching facility’s software.”
On October 1, the 609th was up and running, with a staff of just three officers—Rhoads, Weaver, and a staff assistant—occupying a tiny room in the Shaw headquarters basement, just large enough for three desks, one phone line, and two computers.
Within a year, the staff grew to sixty-six officers. Two thirds of them worked on the defensive side of the mission, one third on offense. But in terms of time and energy, the ratio was reversed—one third was devoted to defense, two thirds to offense—and those working the offensive side were kept in separate quarters, behind doors with combination locks.
In February 1997, the squadron held its first full Blue Flag exercise. The plan was for the offensive crew to mount an information warfare attack on Shaw’s air wing, while the defensive crew tried to blunt the attack. One of the air wing’s officers scoffed at the premise: the wing’s communications were all encrypted, he said; nobody can get in there.
But the aggressors broke the passwords, sniffed out the network, found holes, burrowed through, and, once inside, took control. They issued false orders to lighten the air wing’s weapons loads, so that the planes would inflict less damage against the enemy. They altered the routes and schedules of tanker aircraft, which were supposed to refuel fighter jets in midflight, as a result of which the fighters ran out of gas before they could carry out their missions.
It was a tabletop game, not a live-action exercise; but if the game had been real, if a wartime adversary had done what the aggressors of the 609th did, the U.S. Air Force’s war plan would have been wrecked. Some pilots, looking at their orders, might have realized something was amiss, and made adjustments, but from that point on, neither they nor their commanders would have known whether they could trust any orders they received or any information they saw or heard; they would have lost confidence in their command-control.
Toward the end of the game, following a canned script, the defense staved off the attack on the wing’s information systems and prevailed in battle. But in fact, everyone knew that the game was a rout in the opposite direction. If the aggressors hadn’t been limited by the game’s set of rules, they could have shut down the wing’s entire operations. Just as Eligible Receiver would demonstrate a few months later, on a wider playing field, the U.S. military—in this case, a vital wing of the Air Force—was horribly vulnerable to an information warfare attack and unable to do anything about it.
Rhoads knew how to shut down the air wing in the Blue Flag exercise because, back when he was chief of the Air Combat Command’s Information Warfare Branch, he’d used some of these same techniques in simulations of attacks on enemy air wings.
A few months after the Blue Flag demonstration, a real war broke out, and the new commanders of information warfare made their combat debut, better-positioned and higher-ranked than they’d been in the war against Saddam Hussein at the start of the decade.
For the previous year, the United States and its NATO allies had been enforcing the Dayton Accords—the December 1995 treaty ending Serbian president Slobodan Milosevic’s brutal war in Bosnia-Herzegovina—through an organization called the Stabilization Force, or SFOR, which was also hunting down Serbian war criminals and striving to ensure that the country’s elections, scheduled for September 1977, were free and fair.
SFOR had a “white” side, consisting of regular armed forces, and a “black” side, consisting of special-ops units and spies. The black side needed some help; Milosevic wasn’t cracking down on war criminals, as he’d promised. So it turned to J-39, Soup Campbell’s ultrasecret unit in the Pentagon’s Joint Staff that—through links with the NSA, the 609th Information Warfare Squadron, the Air Force Information Warfare Center in San Antonio, and other intelligence agencies—developed the tools and techniques for what they saw as the new face of combat.
J-39 got its first taste of action on July 10, 1997, with Operation Tango, in which five-man teams of British special-ops forces, pretending to be Red Cross officials, captured four of the most-wanted Serbian war criminals. The operation had been preceded by covert surveillance ops—tapping phones, tagging cars with GPS transmitters, and, in a few key areas, installing cameras inside objects that looked like rocks (a contraption designed by Army intelligence technicians at Fort Belvoir, Virginia).
At its peak, more than thirty thousand NATO troops took part in SFOR, a high-profile deployment by any measure, prompting Serbian citizens to mount frequent demonstrations against the Westerners’ presence. American officials soon realized that the protests were orchestrated by certain local TV newscasters, who told viewers to go to a specific location, at a specific time, and throw rocks at Western soldiers.
Eric Shinseki, the U.S. Army general in charge of NATO forces in Bosnia, asked the Joint Staff—which, in turn, ordered J-39—to devise some way of turning off TV transmitters when these newscasts came on the air.
Some of the J-39 technicians were from Texas and knew of remote-control devices used at oil wells to turn the pumps off and on. They contracted Sandia Laboratories, a high-tech defense firm, to build a similar device for this operation. Meanwhile, analysts at Kelly Air Force Base calculated that just five television towers were transmitting broadcasts to eighty-five percent of Serbian homes. Some Serbs, who were secretly working for SFOR’s black section, installed Sandia’s boxes on those five transmitters. Where agents couldn’t install them covertly, they told a guard that the box was a new filter for higher-resolution video quality; the guard waved them through.
Once the boxes were set up, engineers at SFOR headquarters monitored the TV stations. Whenever a newscaster started urging viewers to go demonstrate, they turned off the transmitter carrying that channel’s signals.
American officials also drew on their connections to Hollywood, persuading a few TV producers to provide popular programs to the one friendly local station. During the hours when demonstrations were frequently held, the station would run episodes of Baywatch, the most popular show in the world; many Serbs, who might otherwise have hit the streets to make trouble, stayed in to watch young women cavorting in bikinis.
General Shinseki visited headquarters for a demonstration of this technology. He asked the engineer who was monitoring the stations to turn off one of the transmission sites. The engineer flicked a switch, and the stations carried by that tower went dead.
Shinseki was amazed. One of the engineers, watching the general’s reaction, rolled his eyes and whispered to a colleague, “C’mon, it’s an on-off switch!”
This wasn’t the most sophisticated stunt the team was capable of pulling.
A few months later, it was clear the Dayton Accords were breaking down. General Wesley Clark, the NATO commander, started planning air strikes against Milosevic’s key military targets. The J-39 unit laid the groundwork well ahead of time.
The first step of any bombing run would be to disrupt or disable the enemy air-defense system. Two specialists, on loan from a special intelligence unit in Arizona, discovered that Serbia’s air-defense system ran through the country’s civilian telecommunications system. (Echoes of the aborted 1994 invasion of Haiti, when demon-dialers at Kelly Air Force Base learned the same thing about that country and planned to turn off the radar by flooding the entire phone system with busy signals.)
With the permission of Secretary of Defense William Cohen (who needed to approve any offensive operation involving information warfare), the J-39 unit—which had its own share of former demon-dialers—hacked into the Serbian phone system to scope out everything that General Clark and his planning staff might need to know: how it operated, where it was vulnerable.
The hack was enabled by two bits of good timing. First, CIA director George Tenet had recently created a clandestine unit called the IOC, the Information Operations Center, the main purpose of which was to send in spies to plant a device—a wiretap, a floppy disk, in later years a thumb drive, or whatever else it might take—that would allow SIGINT teams at the NSA or some other agency to intercept communications. In this instance, IOC installed a device at the Serbian phone company’s central station.
The other bit of luck was that the Serbs had recently given their phone system a software upgrade. The Swiss company that sold them the software gave U.S. intelligence the security codes.
Once the J-39 tech crews had broken into the Serbian phone system, they could roam through the entire network—including the air-defense lines and telecommunications for the entire Serbian military.
A U.S. Army colonel, monitoring the operation back in the Pentagon, briefed John Hamre, the deputy secretary of defense, on what was going on. Hamre asked how much confidence he had that the plan would frustrate the Serbian commanders.
The colonel replied, “Based on my experience as a battalion commander, if you pick up a phone and can’t hear or talk to anyone, it’s very frustrating.”
“That’s good enough for me,” Hamre said.
General Clark began the NATO bombing campaign on March 24, 1999. Air Force commanders didn’t trust the clever radar-spoofing scheme and instead ordered pilots to fly at very high altitudes, at least fifteen thousand feet, beyond the range of Serbian anti-air missiles. But on the few occasions when allied planes did dip low, J-39’s operators hacked into the air defense system as planned, and fed it false information, making the radar screen monitors think the planes were coming from the west, when in fact they were coming from the northwest.
The deception had to be subtle; the radar had to be just a bit off, enough to make Serbian officers blame the miss on a mechanical flaw but not enough for them to suspect sabotage, in which case they might switch from automatic guidance to manual control. (The Serbs managed to shoot down two planes in the course of the war, an F-16 jet and an F-117 stealth fighter, when an officer made precisely that switch.) Otherwise, the air-defense crews kept aiming their weapons at swaths of the sky where no planes were flying.
Another goal of J-39’s campaign was to drive a wedge between Milosevic’s paramilitary forces (known as the MUP) and the regular Yugoslav military (the VJ). The NSA had obtained phone and fax numbers for officers in both organizations. J-39 officers sent messages to the VJ leaders, expressing admiration for their professionalism in defending the Yugoslav people and urging them to remain apolitical. At one point, General Clark bombed the MUP and VJ headquarters at roughly the same time. While the planes were in flight, J-39 sent a message to VJ leaders, warning them to get out of the building. After both structures were destroyed, the MUP survivors—some of them injured, all of them shaken up—heard that the VJ officers had fled their headquarters ahead of time, unscathed, and so they began to suspect that VJ was collaborating with NATO. The distrust tore the two apart, just as J-39 intended.
As J-39 operators dug deeper into the Serbian military’s command-control, they started intercepting communications between Milosevic and his cronies, many of them civilians. Again with the assistance of the NSA, the information warriors mapped this social network, learning as much as possible about the cronies themselves, including their financial holdings. As one way to pressure Milosevic and isolate him from his power base, they drew up a plan to freeze his cronies’ assets.
The Pentagon’s lawyers overruled the proposal—in fact, adamantly rejected any plan designed to affect Serbian civilians. But then, over the weekend of April 17, the Belgrade marathon took place, in which runners of the 26.2-mile race twice crossed a bridge that had been a prominent target in the bombing campaign. The Serbian authorities touted the event—on local and international airwaves—as a defiant protest of NATO’s air war, proof of the West’s craven weakness in the face of the Serbian people’s courage and their loyalty to Milosevic.
President Clinton watched a TV broadcast of the marathon in a foul mood. The previous Monday, a federal judge had found him in contempt of court for giving “intentionally false” testimony about his relations with White House intern Monica Lewinsky. And now this! Wes Clark had promised him that Milosevic would fold after a few days of bombing, yet four weeks had passed, and the bastard was thumbing his nose at the Western world.
Clinton sent word to step up the pressure. Suddenly the Pentagon lawyers withdrew their objections to go after Milosevic’s cronies. J-39 commenced the next phase of operations the following Monday.I
One of Milosevic’s major political donors owned a copper mine. J-39 sent him a letter, warning that the mine would be bombed if he didn’t stop supporting the Serbian president. The donor didn’t respond. Not long before, a CIA contractor had invented a device, made from long strands of carbon fiber, that short-circuited electrical wire on contact. An American combat plane flew over the copper mine, dropped the carbon fiber over the mine’s power line, and shut off its electricity. The repair was quick and easy, but so was the message. The donor received another letter, saying that the power outage was a warning: if he didn’t change his ways, bombs would fall. He instantly cut off contact with Milosevic.
J-39 also stepped up its campaign to shut down Milosevic’s propaganda machine. A European satellite company was carrying the broadcasts of some pro-Milosevic stations. A senior officer in U.S. European Command visited the company’s chairman and told him that 80 percent of his board members were from NATO nations. When the chairman told him how much the Serbian stations were paying him, the American officer offered to pay a half million dollars more if he shut them down. He complied.
Meanwhile, U.S. intelligence agencies had discovered that Milosevic’s children were vacationing in Greece. Spies took photos of them, lying on the beach. After one bombing run that turned off electrical power in Belgrade, American planes dropped leaflets with the photos beneath a headline blaring that Milosevic had sent his kids to sunbathe in Greece while his own people were sitting in the dark.
Finally, J-39 embarked on a campaign to annoy Milosevic and those around him. They rang his home phone over and over, day and night. When someone picked up, they said nothing. The British equivalent of NSA—the Government Communications Headquarters, or GCHQ—monitored the calls and circulated tape recordings of Madame Milosevic cursing and slamming down the phone. One GCHQ merrily told his American counterpart, “We like it when they talk dirty to us.”
The unit also called Milosevic’s generals on their home phones and played a recording of someone who identified himself as General Clark, jovially asking, in fluent Serbo-Croatian, how things were going and imploring them to stop fighting.
On June 4, Milosevic surrendered. It was widely observed that no one had ever before won a war through airpower alone. But this war wasn’t won that way, either. It was won through a combination of the pummeling air strikes and the isolating impact of information warfare.
Afterward, in a postwar PowerPoint briefing, Admiral James Ellis, Commander of Allied Forces, Southern Europe, hailed the information operation as “at once a great success . . . and perhaps the greatest failure of the war.” All the tools were in place, he went on, but “only a few were used.” The campaign employed “great people” with “great access to leadership,” but they hadn’t been integrated with the operational commands, so they had less impact “on planning and execution” than they might have had. The whole enterprise of information warfare, Ellis wrote, had “incredible potential” and “must become” a “point of main effort” in the asymmetric wars to come. However, the concept was “not yet understood by war fighters.” One reason for this lapse, he said, was that everything about information warfare was “classified beyond their access,” requiring special security clearances that only a few officers possessed. Had the tools and techniques been fully exploited, Ellis concluded, the war might have lasted half as long.
This was the most telling aspect of the information warfare campaign: it was planned and carried out by a secret unit of the Pentagon’s Joint Staff, with assistance from the even more secretive NSA, CIA, and GCHQ. As the twentieth century came to a close, America’s military commanders weren’t yet willing to let hackers do the business of soldiers and bombardiers. A few senior officers were amenable to experimenting, but the Defense Department lacked the personnel or protocols to integrate this new dimension of war into an actual battle plan. The top generals had signed doctrinal documents on “information warfare” (and, before that, “counter command-control war”), but they didn’t appear to take the idea very seriously.
A small group of spies and officers set out to change that.
I. J-39 also figured out how to hack into Milosevic’s own bank accounts; President Clinton was intrigued with the idea. But senior officials, especially in the Treasury Department, strongly advised against going down that road, warning of severe blowback. In subsequent years, intelligence agencies tracked down other hostile leaders’ finances, but the option of actually hacking their bank accounts was never actively pursued.