Obama’s Syrian cyberwar conundrum

Rebel fighters and civilians stand looking at a burning building following a reported barrel bomb attack by Syrian government forces on April 20, 2014 in the northern city of Aleppo. (AFP PHOTO / AMC / ZEIN AL-RIFAI)

WASHINGTON: To hear American experts on computer warfare tell it, the United States has cyber weapons that could cripple the Syrian government’s air defense, disrupt military communications, and knock out the power grid.

But President Barack Obama appears to have taken the option of cyber attacks off the table. The reason: the United States is vulnerable to counterstrikes.

Cyber attacks aimed at the navigational systems of Syrian aircraft could slow, or halt, the devastation wrought on populated areas by barrel bombs dropped from helicopters. Cutting communications between Damascus and military commanders in the field could give an edge to rebels fighting the Assad government – perhaps more so than the U.S. made anti-tank missiles that have been making their way over the past few weeks to rebel units deemed moderate.

Deliveries of the missiles followed a review of Washington’s options to resolve the Syrian crisis Obama ordered in mid-February, shortly after the collapse of peace talks in Geneva between Syrian government and opposition representatives. The first videos showing armor-piercing BGM-71 TOW missiles in action appeared early in April. There were conflicting accounts on how many of the weapons had been supplied in what a U.S. official described as a “pilot program.”

Whether arming rebel groups with anti-tank weapons could tip the balance in Syria’s civil war, now in its fourth year, is open to conjecture. Most of the casualties so far have been inflicted by assault rifles, machine guns, artillery, bombs, mortars and airstrikes. The most obvious way to stop government air attacks – giving anti-Assad forces shoulder-fired surface-to-air missiles – has been under discussion in Washington several times and rejected as often.

The argument against Man-Portable Air Defense Systems (MANPADS): they could fall into the hands of Islamic extremists, a sizeable force in the divided anti-Assad opposition, and be used to down civilian airliners. Besides, there are three U.S.-inspired agreements to ban the transfer of MANPADS to non-state actors.

There are no international conventions on cyberwar. At first glance, it would appear to be a low-cost, low-risk alternative for a president who turned into an enthusiastic proponent of remote-controlled war soon after taking office. Drone strikes to kill leaders of Al-Qaeda, the Taliban and assorted other “militants” rose sharply in his first four years as he embraced a new kind of war. It eliminated physical risks for the American pilots who operate missile-laden drones from bases in the U.S. 13,000 km away from their targets in Pakistan, Afghanistan, Yemen and elsewhere.

There would be equally little physical risk for the mouse-wielding computer warriors of Cyber Command if they went on the attack against Assad’s critical infrastructure from their base at Fort Meade, a sprawling complex, 25 miles north of Washington, which is also home to the secretive National Security Agency. Cyber Command, established in 2009, has a staff of 1,800 which is planned to grow to 6,000 in the next 32 months.

A shroud of secrecy covers the arsenal of cyberweapons the U.S. military already has, and the weapons it is developing. The only cyberweapon known to have caused physical destruction was the computer worm Stuxnet, a joint U.S.-Israeli project that caused centrifuges of an Iranian nuclear facility to spin out of control and blow up. Since Stuxnet was discovered in 2010, research into software-based tools that can cause physical harm has accelerated. Last year, the then-head of Cyber Command, General Keith Alexander, said the unit was setting up 13 “offensive teams.”

It is not clear which circumstances would prompt them into action. In the case of Syria, experts say, a cyber attack that would stop government bombing raids on densely populated areas could be portrayed as a humanitarian intervention. But there is concern that Iran or Russia could retaliate with cyber attacks on behalf of their Syrian ally. Bashar Assad’s government also has its own cyber command, the Syrian Electronic Army, whose hackers have launched disruptive attacks on American and European websites.

Shortly before handing over command of the NSA and Cyber Command to his successor, Vice Admiral Michael Rogers early in April, Alexander told a Senate hearing that hostile hackers could shut down power in the U.S. Northeast or damage the data of the New York Stock Exchange, causing trillions of dollars in losses. He added that “the risks that face our country are growing faster than our progress.”

Last summer, a former NSA chief, Mike McConnell, had a simple explanation for the government’s reluctance to launch cyber attacks. The United States, he told the Aspen Ideas Festival, depended on communications and the Internet more than any other country.

“We are more vulnerable than anybody else in the world. Most of the communications in the world flow through the United States and we are the biggest user and beneficiary. So there’s great hesitancy to use anything in a cyber context because it’s relatively easy to punch back in a pretty aggressive way.”

Assad, who is preparing to run in presidential polls in June, has little to fear from the superpower whose leader has called for his resignation.

A version of this article appeared in the print edition of The Daily Star on April 24, 2014, on page 8.




Your feedback is important to us!

We invite all our readers to share with us their views and comments about this article.

Disclaimer: Comments submitted by third parties on this site are the sole responsibility of the individual(s) whose content is submitted. The Daily Star accepts no responsibility for the content of comment(s), including, without limitation, any error, omission or inaccuracy therein. Please note that your email address will NOT appear on the site.

Alert: If you are facing problems with posting comments, please note that you must verify your email with Disqus prior to posting a comment. follow this link to make sure your account meets the requirements. (

comments powered by Disqus



Interested in knowing more about this story?

Click here