WASHINGTON – The Pentagon is considering increasing the pace and scope of cyberattacks against the Islamic State in Iraq and the Levant (ISIL), arguing that more aggressive efforts to disable the extremist group’s computers, servers and cellphones could help curtail its appeal and disrupt potential terrorist attacks.
Military hackers and coders at Cyber Command, based at Fort Meade, Md., have developed an array of malware that could be used to sabotage the militants’ propaganda and recruitment capabilities, said U.S. officials who spoke on the condition of anonymity because they were not authorized to speak publicly about internal discussions.
But closing off the extremists’ communications faces resistance from the FBI and intelligence officials. They warn that too sweeping an effort to constrict Internet, social media and cellphone access in Syria and Iraq would shut a critical window into the militants’ locations, leadership and intentions.
Moreover, a shutdown of communication nodes could affect humanitarian aid organizations, opposition groups, U.S.-backed rebels and others caught up in the Syrian civil war. A virus could spread to computers outside the country.
Defense Secretary Ashton Carter will meet with his cybercommanders this week at the Pentagon to examine options, including jamming and viruses, that could be used to target the Sunni Muslim group’s communications, according to the officials.
The White House directed senior Pentagon officials to prepare options for a stepped-up cyberoffensive after evidence indicated that the husband-and-wife shooters who killed 14 people in San Bernardino, Calif., on Dec. 2 had become self-radicalized on the Internet and had pledged fealty to ISIL on Facebook, the officials said.
Those in the White House “want to see options” for cyberattacks, said one official. “That doesn’t mean they are all in play. It just means they want to look at what ways we can pressure” ISIL.
For now, the White House is leaning toward more targeted cyberattacks when intelligence can pinpoint specific phones, computers or other digital devices used by the Web-savvy militants.
“If you do see something that is in service of an active operation, you may want to take some action to disrupt that operation,” Ben Rhodes, the deputy national security adviser, said in an interview.
But U.S. cybercapabilities apparently have limits. On Dec. 9, Rep. Michael McCaul, R-Texas, House Homeland Security Committee chairman, said ISIL hackers “have developed an encrypted app and can communicate anywhere in the world from an iPhone without any ability for us to pick up those communications.”
The issue has erupted in the 2016 presidential campaign. In response to a question at the Republican candidates’ debate Tuesday, front-runner Donald Trump sparked a heated exchange when he said he was “open to closing [the Internet in] areas where we are at war with somebody.”
U.S. officials long have criticized China, Cuba, North Korea and other authoritarian states for limiting or barring public access to the Internet and social media.
Cyber Command, responsible for U.S. offensive operations in cyberspace, has targeted some networks and social media accounts since President Obama authorized airstrikes and other operations against ISIL in August 2014, officials said.
But some Pentagon officials privately argue more can be done. They say computer viruses, so-called Trojan horse attachments, denial of service attacks and other digital assaults should be used to take down ISIL communications.
Experts warn that a blackout probably wouldn’t last — and could backfire. The militants could send messages and videos via flash drives, satellite phones or other devices or platforms. Encryption, already widely used by militants, would make tracking them more difficult.
“The more we go after them and take them down, the more we push them into secure areas online,” said Jeff Bardin, a computer security consultant and former Air Force linguist who reads Arabic and tracks radical Islamic groups online.
After Twitter began shutting ISIL accounts in 2014, for example, the group encouraged its operatives and followers to use such encrypted social apps as Telegram, or to use stronger privacy settings.
Trying to chase and close the volume of traffic on social media may be impossible.