Devices to launch and control cyber, electronic and information attacks are being tested and refined by the U.S. military and industry in preparation for moving out of the laboratory and into the warfighter's backback.

It's a part of a technology race that is already well underway. The Russian attack on Georgia last year showed weaknesses in some combat areas, but not in cyberwarfare, say U.S. analysts.

"The Russians conducted a cyberattack that was well coordinated with what Russian troops were doing on the ground," says a longtime specialist in military information operations. "It was obvious that someone conducting the cyber[war] was talking to those controlling the ground forces. They knew where the [cyber]talent was [in Russia], how to use it, and how to coordinate it.

"That sophisticated planning at different levels of cyberwarfare surprised a lot of people in the Defense Dept.," he says. "It looked like a seamless, combined operation that coordinated the use of a range of cyberweapons from the sophisticated to the high school kids that thought it was cool to deface official web sites. The techniques they used everybody knows about. The issue was how effective they were as part of a combined operation."

The U.S. is looking for a tool to duplicate that kind of attack. Moreover, the Defense Advanced Research Projects Agency has awarded several contracts to information technology (IT) companies to design a cyberattack range. Candidate sites include Naval Air Warfare Center's China Lake, Calif., radar cross-section facility and the U.S. Air Force radar cross-section range at Holloman AFB, N.M.

Several future attack devices are being built in a U.S. cyberwarfare attack laboratory. The one shown to Aviation Week & Space Technology is a software framework for locating digital weaknesses. It combines cybersleuthing, technology analysis and tracking of information flow. It then offers suggestions to the operator on how best to mount an attack and, finally, reports on success of the effort.

Right now, electronic and cyberattacks are conducted and understood by a very few. To make the capability part of the warfighter's arsenal it has to be configured and packaged so that a non-expert could use it on the battlefield.

The heart of this attack device is its ability to tap into satellite communications, voice over Internet, proprietary Scada networks--virtually any wireless network. Scada (supervisory control and data acquisition) is of particular interest since it is used to automatically control processes at high-value targets for terrorists such as nuclear facilities, power grids, waterworks, chemical plants and pipelines. The cyberattack device would test these supposedly inviolate networks for vulnerabilities to wireless penetration.

"If you think about the explosion of capability in the commercial electronics sector, it's obvious that for not too much money, anybody can set up a fairly robust WiFi capability and just ride the backbone of the Internet," says a U.S.-based, network attack researcher. "We're tying together the protection and the reaction side with this device which will serve for planning, execution and penetration testing."

A by-product of the project is that it offers a start to weaponizing cyberattack for the non-cyberspecialist, military user.