NSA: Al Qaeda Might Hire Anonymous

The director of the National Security Agency has warned that the hacking group Anonymous could have the ability within the next year or two to bring about a limited power outage through a cyberattack.

Gen. Keith Alexander, the director, provided his assessment in meetings at the White House and in other private sessions, according to people familiar with the gatherings. While he hasn’t publicly expressed his concerns about the potential for Anonymous to disrupt power supplies, he has warned publicly about an emerging ability by cyberattackers to disable or even damage computer networks.

Gen. Alexander’s warning signals a growing federal concern over the capabilities of Anonymous, a loose affiliation of so-called hacktivist computer programmers who have launched a raft of high-profile cyberassaults against U.S. government and corporate targets such as Visa Inc., MasterCard Inc. and eBay Inc.’s PayPal service.

So far, the attacks have primarily served to embarrass companies and organizations, and cybersecurity experts differ on the extent of the threat posed by Anonymous.

The group has never listed a power blackout as a goal, but some federal officials believe Anonymous is headed in a more disruptive direction. An attack on a network would be consistent with recent public claims and threats by the group. Last week, for instance, Anonymous announced a plan to shut down the Internet on March 31, which it calls Operation Global Blackout.

Experts consider the likelihood of an Internet blackout to be low. The Internet should be able to absorb the attack the group outlined, said Richard Bejtlich, chief security officer at computer-security company Mandiant. The announcement, however, shows the network’s intent to wage more destructive attacks.

Similarly, any attack by Anonymous directed at the power grid is likely to inflict limited damage but would be certain to sow alarm, especially if Anonymous took credit publicly.

Grid officials said their systems face regular attacks, and they devote tremendous resources to repelling invaders, whether from Anonymous or some other source. “The industry is engaged and stepping up widely to respond to emerging cyber threats,” said one electric-industry official. “There is a recognition that there are groups out there like Anonymous, and we are concerned, as are other sectors.”

Another industry official noted that the electric grid has a number of backup systems that allow utilities to restore power quickly if it is taken out by a cyberattack or other event.

Intelligence officials believe that, for now, the cyber threat to the power grid is relatively limited. The countries that could most quickly develop and use cyber means to destroy part of the grid—such as China and Russia—have little incentive to do it. Those who might have more incentive, like Iran or North Korea, don’t have the capability.

U.S. intelligence officials already have found what they say is evidence of Chinese and Russian cyberspies snooping in computer systems that run the electric grid, possibly in preparation for a conflict with the U.S. The governments of China and Russia have denied any involvement.

A stateless group like Anonymous doesn’t yet have that capability, officials say. But if the group’s members around the world developed or acquired it, an attack on the power grid would become far more likely, according to cybersecurity experts.

“It’s a real threat,” said James Lewis, a cybersecurity specialist at the Center for Strategic and International Studies who is currently researching the group. “You want to occupy Wall Street? How about turn Wall Street off? Even for a day.”

Gen. Alexander’s discussions stemmed from a broader policy concern over how to deter adversaries in cyberspace, a former official said. Groups like Anonymous are particularly difficult to deter because they are, indeed, anonymous and don’t have clear interests that can be used to deter aggression in cyberspace in the way a country’s government would.

Other officials at the White House meeting, which was headed by John Brennan, deputy national security adviser, said it would take a little more time for Anonymous to obtain such a capability, closer to three to five years, the former official said. But all agreed it would likely be a threat in the next few years.

Possible scenarios discussed, the former official said, included one in which a foreign government developed the attack capability and outsourced it to a group like Anonymous, or if a U.S. adversary like al Qaeda hired hackers to mount a cyberattack.

That threat was described to lawmakers at a hearing last week. “A near-peer competitor [country] could give cyber malware capability to some fringe group,” said Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff. “Some hacker, next thing you know, could be into our electrical grid. We have to get after this.”

White House spokeswoman Caitlin Hayden said she couldn’t discuss details of internal deliberations, but she said the administration “has made cybersecurity a top priority, and we are working tirelessly to protect ourselves from the threats we face, whether they come from other nations, cyber criminals, or from stateless activist hacker groups.”

The NSA declined to comment.