Mesa, Arizona – To enter the Arizona Cyber Warfare range (AZCWR), a person must have a signed waiver, the consent from the strict private security firm that guards the facilities, and the fortitude to withstand the salty language and messy environment created by the hackers inside.
“This is the only place in the world where the good guys can learn to hack from good guys who really know how to hack,” Brett Scott, one of the founders of the AZCWR, told Al Jazeera inside their hacking headquarters.
The organisation is housed inside a complex that began as a research facility for top-secret military technology in the 1980s. The group has three missions: to educate the public on the merits of hacking by offering free courses, to change the realm of cyber-security for both the public and private sectors to gather, and to handle the enemies of the United States.
Right now, the enemy at the top of that list is the Islamic State of Iraq and the Levant (ISIL, also known as ISIS), which controls a dwindling swath of land in Iraq and Syria.
AZCWR uses “bots”, or computer programs that take advantage of thousands of computers across the planet, to lodge complaints against ISIL Twitter pages.
“Our net effect is taking down 1,000 accounts a day,” Scott said. When asked how his cadre of hackers, none of whom speak Arabic, are able to find the accounts, Scott responded that the AZCWR is given tips from intelligence agencies across the globe.
“If a housewife in France who lived through an attack wants to do something but doesn’t know how she can download our bot. Then we’ll use her computer to kick [ISIL] out of our world – the internet.”
A matter of survival
The AZCWR has been open to the public for two years, though it has been in operation for longer. It currently teaches roughly 2,000 active users on its website and at the physical location in “ranges” whose difficulty levels go from “Beginner” to “Jedi” in reference to the sci-fi film series, Star Wars.
World War III is already here, and it's happening on the internet.
There is an assortment of tasks, from the aforementioned take-down of an ISIL account to attacking, with consent, the cyber security systems of businesses.
Also, when a foreign adversary is not “paying enough attention” to the AZCWR for the group to gather intel, the hackers will “poke the bear”, Scott said.
Scott has worked for various government agencies, and his experience with has left a bad impression. “The US has a very backwards idea towards hackers. Russia, China, and even … countries like Iran are offering them huge amounts of money, luxurious cars, and nice flats.”
In the US, Scott explained, hackers still face witch-hunts and harsh penalties when the government should offer employment. AZCWR is there to force decision-makers to re-evaluate their stance on technologically-capable but legally questionable computer users.
“World War III is already here, and it’s happening on the internet,” the hacker said.
The new domain of warfare
While the assertion that WWIII is happening on the internet sounds hyperbolic, there are those in the US government who agree with the sentiment.
Representative Mac Thornberry, the Chairman of the US House Armed Services Committee (HASC) which is responsible for oversight and funding of the Department of Defense (DoD) and the Armed Forces, has stated repeatedly that US cyber capabilities need more attention.
At a June meeting with the DoD and US Cyber Command’s Deputy Commander Lieutenant General James K McLaughlin on cyber attacks, Thornberry said that just as the military has “an air campaign [against ISIL], we want to have a cyber campaign”.
Al Jazeera spoke to an HASC aid on condition of anonymity on the subject. The aid said that while work could be done to enhance US cyber capabilities, the nation is “at the same level as anyone else … but we’re also as vulnerable to attack as anyone else”.
While The government wants a cyber campaign against ISIL and others who attack the state, they don’t want to encourage “cyber militias” to mount attacks against enemies. This opens them to “hack backs”, or retaliatory measures, the aid said.
Thornberry and the defence establishment are concerned by recent hack attacks on high-level politicians such as the revelation of emails from the Democratic National Committee and former Secretary of State Colin Powell.
These attacks have revealed embarrassing details from behind the scenes of the US political theatre that has undermined an already contentious election season, and Issues of cyber security, especially recruitment of hackers to work with the government, are still a “struggle”, but public-private partnerships are something about which “we’ve been very supportive”, the aid concluded.
While US agencies may be struggling with the hacking war abroad, digital rights group, Electronic Frontier Foundation (EFF), fears its citizens are losing the war at home.
Mark Rumold, a senior staff attorney at EFF who focuses on government secrecy and has successfully worked to make public tens of thousands of previously classified government documents, told Al Jazeera that recent court rulings on a controversial case are “troubling”.
The FBI’s investigation surrounding Playpen, a website on the “Dark Web” network, which can only be accessed through the Tor network, and displayed thousands of images of child pornography is one such case.
The Tor network runs a user’s internet protocol (IP) address, which is a unique signature given to a device, through thousands of relays to pre-empt surveillance and facilitate anonymity.
However, the FBI hacked and reconfigured the site to collect true IP addresses for use in cases against those who visited the site. Due to the wide range of visitors to the site, courts all over the US have been obliged to weigh in on the legality of the practice.
In June, a federal court in the FBI’s home district decided that the US Constitution’s Fourth Amendment, which guarantees the right of the people “to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures”, does not apply to home computers.
In a post on EFF’s website, Rumold wrote the decision “is the latest in, and perhaps the culmination of, a series of troubling decisions” surrounding the Playpen investigation.
“Every single thing they could have gotten wrong, they did,” Rumold told Al Jazeera in an interview. “It’s the equivalent of law enforcement coming into your house and taking things out without a warrant.”
While this one decision doesn’t mean the Fourth Amendment no longer applies in any such case, Rumold explains that judges often show deference to rulings made by other district judges.
In an increasingly surveilled society, this could have serious consequences. “There’s no question that technology has made our lives far more transparent than ever before, and that law enforcement is taking advantage,” Rumold continued.
While there are “plenty of laws” governing hacker activity, as well as law enforcement’s use of technology, the ever-changing digital landscape leaves a “grey space” in which troubling decisions can be made, the digital rights advocate concluded.
Back at the AZCWR, Scott said that the EFF is right “nearly 100 percent of the time”, and that his band of hackers “operate inside the law. It’s not our job to determine what the limits are. It’s our job to push them.”