by Jack Strain
Twenty seconds later, another cruise missile lifted off and then another until all 154 missiles were airborne. One booster did not engage, and three main engine failures left one hundred and fifty missiles in the air. The USS Georgia remained at firing depth until the last missile was on its way, then submerged quickly until it found a cooler layer of ocean to hide its faint sonar return and quietly headed back to its patrol area and waited for the next opportunity to play a role in America’s newest war.
Meanwhile, one hundred and fifty miles away, the USS Georgia wasn’t the only U.S. warship firing into the night sky. Two Ticonderoga-class cruisers, the USS Shiloh and USS Antietam, were part of the USS Ronald Reagan Carrier Battle Group along with three Burke-class destroyers, and two attack submarines. Both cruisers launched two dozen Tomahawks from their MK 41 vertical launch systems, sending forty-eight more Tomahawks into the night skies.
All three Burke-class destroyers were holding their own Tomahawks in reserve for follow-on targets. In less than an hour, the Islamic Republic of Iran was about to get a lesson in modern warfare.
Chapter Seventeen
Sixty Minutes Before the President’s Speech
U.S. Cyber Command, Fort Meade, MD
Major General Bennet Spaulding, who stood five feet eight and bespectacled, put down the Flash traffic message from the National Military Command Center. Operation Cyber Strike was a go. He calmly took a breath, keyed the microphone in front of him and announced to his Cyber Combat teams spread throughout the underground facility, “We just received the green light. It’s time. Execute the Brainiac protocol in exactly three minutes and launch all elements of Operation Cyber Strike.”
The former MIT grad and career soldier was suddenly caught up in the moment and couldn’t help but say, “I just would like to add that what we do here tonight changes everything. We are now the tip of the spear. The world will now know who owns cyberspace. Let’s make history.”
The plan had been “wargamed” three times in the past thirty-six hours, each time more successful than the last. Tens of thousands of operator hours and billions of dollars in resources had grown the small U.S. Cyber Command established in 2009 into perhaps the deadliest instrument of warfare since the emergence of the nuclear age. The eight Cyber Combat mission teams tasked with winning the 5th Battlespace - also known as cyberspace - sat at their consoles and completed last-minute checklists and system updates. They may not look like warriors of the past, but collectively these were some of the most dangerous men and women on the planet.
For centuries, militarily strong nations won wars if they were dominant on land. Then, war at sea became increasingly vital to victory, and with the first flight at Kitty Hawk more than a hundred years ago, dominance in the air won wars on the ground. Then after the launch of Sputnik in 1957, resources necessary to win in space became essential. Now warfare was being transformed once again, this time by the emergence of an entirely new battlefield, one fought in the digital world of ones and zeroes: cyberspace.
Unlike most war plans that a general or admiral conceive and order, Operation Cyber Strike was not the work of a single man or woman. The key was the Brainiac program, a compilation of an untold number of programmers and systems specialists who were, in effect, creating an entirely new form of warfare. Now, less than an hour before the president was due to deliver his war message to Congress and the American people, hundreds of highly trained cyber warriors sat at their consoles and began initiating various “zero-day” exploits and accessing pre-planted remote access toolkits.
Signals were being transmitted to dozens of drones who had already penetrated enemy airspaces while MH-130s and RC-135 V/W Rivet Joint electronic warfare planes began initiating the opening stages against targets all over the globe.
U.S. cyber capabilities were closely guarded secrets, but the Snowden leaks were the first indication of just how powerful these new tools were becoming. The so-called “MonsterMind” project was perhaps the most ambitious defense-minded cyber plan to leak out. Some have compared the futuristic project to President Reagan’s “Star Wars” concept.
“MonsterMind” was intended to effectively track all web-based activity, identify threats, and effectively neutralize the offending piece of malware or worms before they could wreck damage. U.S. capabilities were not quite there yet, but the Brainiac program was born out of both the Air Force’s Suter program and DARPA’s Plan X Cyberwarfare program.
Plan X called for mapping every aspect of the internet, including the elusive “Dark Web,” to create multi-dimensional pathways to enable “speed-of-light” attacks when threatened. As it turns out, once the web had been mapped, the ability to construct elaborate pre-planned cyber attacks was also now possible.
It was the Air Force’s Suter program that first allowed remote operators to monitor enemy radar systems in real-time, then it quickly developed the capability to take actual control of targeted communication and air defense systems. The third stage advanced to the point that U.S. forces now possessed the capability to target individual mobile systems such as air defense launchers and even ballistic missile launchers.
In 2006, Israel’s Operation Orchard successfully neutralized Syria’s nuclear program and was said to have been supported by a Suter-like cyber program as Syria’s powerful air defense network apparently went down for the duration of the attack.
The Brainiac program was inspired by the longstanding comic book villain, an extraterrestrial android with 12th level intellect, who famously battled Superman among other DC heroes. Brainiac’s powers included the ability to infiltrate and take over computing systems, replicate versions of itself, and project its consciousness to control space and time.
The American Brainiac program went far beyond mere denial of service attacks. Brainiac had the capacity to penetrate and control entire computer networks - both civilian and defense - as well as individual weapon systems enabling American cyber warriors to initiate pre-planted kill switches to shut down radar sites, feed false signals, or effectively take over entire communication networks. Now, kills were not just measured by kinetic destruction, but mission kills could be tallied from ten thousand miles away. Warfare would never be the same again.
Operation Cyber Strike was highly complex with nearly a dozen separate supporting operations, and each had a dedicated team of Cyber Combat specialists tasked with both the conception and execution of their mission. Air Force Major Afsaneh Nafisi, a second-generation Iranian-American, was the mission commander for Operation Big Brother. Like other members of her team, Afsaneh had been working at a feverish pace for three days, but suddenly felt invigorated that after so much talk and planning, they were about to put their years of experience and hard work to the test.
Major Nafisi sat in her “commander’s chair” - as her collection of Star Trek nerds like to joke - and scanned the three large monitors in front of her workstation. Operation Big Brother’s ambitious mission protocols called for nothing less than the complete penetration of Iran’s Ministry of Defense communication network. Once inside, her team of Farsi speakers would be able to take command of landlines, cell towers, and internal operational communication within the Iranian armed forces comm net.
The plan envisaged a combination of “denial of service” attacks to shutting down landlines, forcing more open communication via cell towers which would be monitored and intercepted and more significantly Nafisi’s team would be able to slip into the comm network and transmit false orders.
Major Nafisi grew up in a household that often-told of horror stories of life in Iran after the mullahs took over. Her mother still cries when she talks about her favorite brother who died in the human wave attacks against entrenched Iraqi Republican Guard armies. Her father bears scars inflicted by the mullah’s own version of the dreaded Shah-era Savak secret police with both pride and anger. Her thoughts drifted to both her parents in the seconds leading up to the attack.
Nafisi checked the clock one last time and
said, “Initiate penetration protocols…now.” Fifteen different team members tasked with accessing pre-planted remote access toolkits began the CNA or Computer Network Attack. Fingers began dancing over keyboards at a speed that defied description to input the various complex program protocols.
The first major penetration occurred in the Ministry of Defense headquarters in downtown Tehran. The “zombie army” of botnets suddenly awakened as malware programs were activated in hundreds of individual computers throughout the complex. Embedded coding in the malicious software began systematically opening gateways within the robust firewall protection schemes that Iranian programmers had created, but unbeknownst to them, the American Brainiac protocols were able to isolate key pathways into the Defense Ministry’s mainframe without raising any alarms.
Ironically most of the access to these networks came via smartphones which were infected unbeknownst to their users due to embedded malware in popular apps used throughout Iranian society. Some clever programmer on the Brainiac team who had a hint of “comedian” in him imagined how fun it would be to create apps ranging from dating sites, porn, and especially religious-based daily prayer apps that would spread these exploits to every corner of Iranian society - from defense nets to power generating plants.
When the history of this operation is written, many pious Iranians will be embarrassed to know that both the most moral and immoral among them contributed to what was about to happen.
Within fifteen minutes, the Big Brother team had effectively taken over the first critical node in the Iranian defense net. Quickly, Major Nafisi’s team accessed multiple secure communication channels and was able to intercept all incoming/outgoing messages. Next, kill switches were initiated in dozens of secure comm nodes, limiting the volume of communication and allowing the American cyber warriors to effectively divert all comm traffic to those nodes under their direct control.
In about twenty minutes, software programs would be released that would give the Big Brother team the ability to begin issuing orders directly to independent Iranian commands.
For all intents and purposes, U.S. Cyber Command had just severed the head of the Iranian armed forces and not a drop of blood had been shed. That would come later.
Meanwhile, other Cyber Combat teams were beginning their own attack sequences. Operation Lights Out had just penetrated six of Iran’s major power generating stations, including the massive natural gas-powered Shaheed Salimi Neka Power Complex. More ominously, the pre-programmed attack sequence began activating kill switches at dozens of critical high-voltage sub-stations throughout the entire Iranian electric transmission system.
Rolling blackouts started slowly, Bandar Abbas on the Persian Gulf was the first major Iranian city to go black. Ten minutes later, Shiraz and Kerman to the north started experiencing a series of rolling blackouts. Like a dark rolling storm front, city after city became enveloped by darkness until entire provinces were struck down.
Thirty minutes later, Tehran began to experience rolling blackouts. More dangerous still was the coordinated series of power surges that caused transmission lines to experience sudden surges of massive voltages causing terminal boxes to explode in cities all over the country. As a result, fires started in dozens of cities, but for some reason, water lines were experiencing a massive loss of pressure preventing firefighters from being able to extinguish the flames. What the desperate teams of firefighters throughout Iran could not yet know was that Operation Empty Well had already been underway for forty minutes, shutting off or redirecting water flow, immobilizing pump stations and dams, causing limited water pressure and flow nationwide.
Lastly, more than a dozen members of Operation Pyro had formulated a complex plan to target and commandeer the massive network of Iran’s natural gas distribution system. Natural gas powered many of Iran’s power plants, redirecting and even shutting off gas flow at key pipelines was the first step, but the Pyro team ultimately intended upon seizing complete control of Iran’s natural gas infrastructure. Moving hundreds of thousands of cubic feet of natural gas throughout the entire Iranian pipeline system was a complex process. With about two dozen or so natural bottlenecks leading to and from key refineries, the Pyro team intended to target the most vulnerable interdiction points.
The large Esfahan refinery was fed natural gas through multiple pipelines, but the main line was designated IGAT-3. Software commands began redirecting feeder lines that fueled the flow through the 56-inch reinforced high-grade steel pipelines leading to the refinery. Although the Brainiac program enabled the Americans to effectively take over a remote network, the hardware regulating the gas flow had built-in safety measures to manage the gas flow and relative pressure buildups.
The Pyro team slowly increased pressure and re-routed feeder lines, hoping to ultimately cause the main IGAT-3 line to experience a system failure at some point. Two hours later the buildup of gas became too much, and massive fireball a thousand feet high erupted. Within minutes a raging fire began to engulf the Esfahan refinery. The fire would burn for the next three days.
◆◆◆
Reports were flooding in from multiple section chiefs. Iranian Revolutionary Guards Corps Brigadier General Behrouz Soroush, commander of the Iranian Armed Forces Cyber Headquarters, was tasked with defending the Islamic Republic from cyber-attack. He knew his country was experiencing a massive and coordinated cyber-attack, unlike anything he had ever seen.
Like many of Iran’s critical defense, intelligence, and nuclear programs that were often located in and around obvious civilian infrastructure, such as hospitals, mosques, universities, etc., Iran’s Cyber Headquarters was no exception. Ostensibly sited at the Ministry of Defense, the actual operations and core network capabilities were secured in a three-story underground bunker complex underneath Tehran University’s Medical Science building across from Laleh Park.
Brig General Soroush was under no illusions about how dangerous and critical his position was to the defense of his country. His predecessor was assassinated by the Mossad four years ago. He lived, for the most part, a staid, secure existence dedicated to the creation of the Iranian National Information Network - or NIN - to insulate his country from the Western world wide web. Significant progress had been made, but he knew there were far too many avenues for the Americans or the Jews to penetrate his security firewalls.
His own secure desktop computer was unable to access anything on the Defense Ministry’s websites or secured network, every attempt sent him to various travel websites for Shanghai Disney of all places or an assortment of particularly offensive Western pornography sites. His last attempt linked him to a webpage that had an image of a donkey being gratified by a rather overweight white woman.
Disgusting. Think . . . phones are down, but the Wi-Fi and cell networks seem to be operating. Bastards want us talking over open channels.
He was about to try making another call when the lights flickered on and off until they completely cut out two minutes later. The facility’s local generators kicked in, and the electricity was restored, but Soroush was suddenly gripped by a frightening thought. Allah help us, what if they are targeting our civilian infrastructure? They wouldn’t dare! Or would they?
Immediately coming to his feet, he rushed outside his office, and his powerful voice bellowed loudly into the large outer room where a hundred of his people were desperately trying to determine the extent of the penetration, “Someone find out if this is a local blackout or a more general attack. In twenty minutes, we are convening a threat assessment team of all section heads. Talk to your people and come with answers.”
Sweating profusely, the fifty-seven-year-old software engineer and career officer knew what he needed to do but distrusted the cell network at this point. Reluctantly, he walked back into his office, paced a moment, and then pulled out his cellphone and punched in a number and waited for the connection. His first two attempts were dropped, but his third try was successful.
A blunt voice spared fals
e greetings and said, “What took so long?”
Brig General Soroush didn’t so much as detest the man but resented how much he needed the impertinent voice on the other line and his so-called Iranian Cyber Army, the quasi-Government group, long thought to be the offensive arm of Iran’s growing cyber capabilities. “Don’t start with me you camel’s turd. I don’t want to spend any more time on this call than necessary. This is unsecured, and you know it.”
“Then let’s be quick. You wouldn’t be calling me if this wasn’t a full-scale attack. Looks like they are hitting everything: government sites, comms, now electric . . . probably more. Obviously, it’s the Americans. Their president is due to speak any time to their Congress. Their Jewish lackeys are probably helping but this is too big even for them. Should we immediately start counter-measures?”
Soroush paused. He knew that he couldn’t make that call himself, but he also couldn’t seem to connect with anyone in authority at the moment. Damn them. With a tone lacking in confidence, Soroush replied, “Not yet. We need more information.”
Disgusted, the younger man on the other line immediately replied, “Are you blind old man? What are you waiting for? This can be nothing other than a precursor to an attack. I say we hit them now, maybe disrupt whatever they are planning.”
“I forbid it. You will wait for orders like everyone else. The Americans are angry . . . blame us for Jerusalem and the death of the president’s daughter. Why inflame them further? But, get your people ready. Wait for my word and stay off your cell.”
Meanwhile high above Tehran, a lone stealthy RQ-170 Sentinel UAV drone glided through the cloudless night skies. Built by Lockheed Martin and operated by the Air Force’s 30th Reconnaissance Squadron, it was configured tonight primarily for signals intercepts to capture the expected high volume of cell transmissions once the landline system went down. It was transmitting a constant stream of secure data to NSA communication and signals specialists who were looking for very specific voices to match.
