The barrage of cruise missiles raining down on Yugoslavia in the ongoing NATO offensive is only the most visible element of the campaign. Behind the scenes, military technologists are using 'infowar' tactics borrowed from hackers to disrupt the Serbian telecommunications infrastructure.
While infowar can describe everything from cracking into a military computer network to disabling an enemy nation's telephone system, in the case of the Serbian conflict, NATO's efforts are likely to be targeted more at radar transmissions than at Web-connected computers, according to military experts.
That's because Yugoslavia has little in the way of an Internet infrastructure, and its military isn't likely to be using the Web to communicate. "The question is, how dependent is your adversary on the Net, and my sense here is, not a lot," said Hal Gershanoff, publisher and editor of the Journal of Electronic Defence in the US. "This is groundwork that was laid months ago," he said. "The places they are going to bomb have to be mapped out."
One self-described hacker agreed.
"I don't think Serbia has enough of a computer network to target," said the author of the 1998 book "Maximum Security: A Hacker's Guide to Protecting your Internet Site or Network." The hacker, who published the book as "Anonymous," said NATO is certainly "jamming a lot of radio transmissions." A spokesperson for the Pentagon refused to comment on the NATO strategy, saying such tactics are top-secret during a continuing conflict.
Infowarfare tactics are critical to reconnaissance prior to a bombing attack, said Mark Fabro, worldwide director of assessment services at Secure Computing Corp. "You need to be able to extract certain elements of information to disrupt radio frequencies or telephone service," said Fabro, who has served as a remote server security consultant to the Pentagon.
The process of mapping out those locations is a combination of old-fashioned military reconnaissance and high-tech hacking. NATO forces need to find out where Serbian munitions are stored -- which could be as simple as getting tips from locals about military vehicle traffic -- but they also need to target "IT-dependent sites," said Frank Cilluffo, director of the information warfare task force at the Centre for Strategic & International Studies, a military think tank in Washington, D.C.
"We'll go after command and control sites, but strictly through munitions," said Cilluffo. He said he does not believe NATO would specifically target the Serbian IT infrastructure, such as it is, because such an action would open NATO nations up to cyber counter-attacks. "We have lots more to lose than they do if we go that route," he said. "Then we expose our own IT infrastructure."