One printer, one virus, one disabled Iraqi air defence

You can't keep a good April Fool's down

  • alert
  • submit to reddit

Website security in corporate America

Did U.S. infowar commandos smuggle a deadly computer virus into Iraq inside a printer? Of course not. So why does it keep getting reported, George Smith asks.

A creepy enthusiasm for tales of weird weapons rises as war approaches. Denied substantive information by the Pentagon and grasping for eye-grabbing news, journalists and pundits speculate daily about what might be used in Iraq.

In this environment, where everyone charges full speed ahead for the hot scoop or astonishing apocrypha, even the oldest hoaxes can return for one more bow.

In a February piece for the Memphis Commercial Appeal, a retired air force man mused on the subject of information warfare and how it might be used to strike Iraq down. Dabbling in a little history, the author recounted how in Gulf War I the U.S. drew up plans to take down an Iraqi anti-aircraft system with "specially designed computer viruses [to] infect the system from within. Agents inserted the virus in a printer shipped to an Iraqi air defense site."

Special Forces men were also said to have infiltrated Iraq, where they dug up a fiber-optic cable and jammed a computer virus into it. "It remained dormant until the opening moments of the air war, when it went active..." wrote the columnist. Iraq's air defense system was vanquished.

Frankly, this is a great story. It's amusing to remember how it kicked up a storm in 1991 after its initial appearance as an April Fool's joke in Infoworld magazine.

The gag asserted the National Security Agency had developed the computer virus to disable Iraqi air defense computers by eating windows -- "gobbling them at the edges..." The virus, called AF/91, was smuggled into Iraq through Jordan, hidden in a chip in a printer -- the latter being a distinguishing feature of many subsequent appearances of the hoax.

Chat board gossip on it echoed for days, not only from people who thought the joke quite funny, but also those who missed the original citation and engaged in laborious discussion on the imagined technology of the virus.

Inevitably, a large media organization got wind of the story and pounced without bothering to track down the tale's provenance.

U.S. News & World Report published news of the Gulf War virus in its coverage of the war, a narrative that also found its way into "Triumph Without Victory," the magazine's subsequent book on Desert Storm.

The Gulf War virus, wrote U.S. News, attacked Saddam's defenses by "devouring windows" Iraqi defenders used to check on aspects of their air defense system. "Each time a technician opened a window ... the window would disappear and the information would vanish." The virus was "smuggled to Baghdad through Amman, Jordan" in chips inside a printer.

From there, the bogus story was reported by the Associated Press, CNN, ABC Nightline, and newspapers across the country.

'The Next World War'

When queried about the tale's uncanny resemblance to the Infoworld joke, Brian Duffy, the primary author of the U.S. News article (and now executive editor of the magazine) stubbornly defended his sources -- "senior officials" all. In a follow-up Associated Press article outlining the imbroglio, Duffy maintained he had "no doubt" that U.S. intelligence agents had carried out the Gulf War virus attack, but admitted similarities to the Infoworld joke were "obviously troubling." Duffy's sources, were, of course, anonymous.

Many have been enthralled by the Gulf War virus' siren call through the decade, almost all in efforts to hold up some proof of the magical power of information warfare.

In the March 1999 issue of Popular Mechanics magazine, in a piece on cyberwar, the publication wrote: "In the days following the Gulf War, stories circulated that [cyber] weapons had been unleashed on the Iraqi air defense system." The nefarious printers were again used containing "chips [with] programs designed to infect and disrupt..."

A Hudson Institute analyst peddling a paper on Russian thoughts on cyberwar fell for it and when confronted aggressively argued that it was true because, well, just because.

Other appearances include an allegedly seminal book on computer combat entitled "The Next World War." In this instance, the miraculous Gulf War virus failed to do its job because the U.S. Air Force accidentally bombed the building where Iraq stored the virus-laden printers. The author went on to found an infosecurity firm known for its publicity-happy hyperbolic proclamations on cyberwar.

Why was the hoax so successful?

The easy answer is to simply call everyone who falls for the joke a momentary idiot. But the Gulf War virus plays to a uniquely American trait: a child-like belief in gadgets and technology and the people who make them as answers to everything. Secret National Security Agency computer scientists made viruses that hobbled Saddam's anti-air defense without firing a shot! Or maybe it didn't work but it sure was a good plan!

In this respect, the joke is ageless. People are just as able to nebulously theorize about the tech of it and its implications in 2003 as they were in 1991. Will an updated version of the nonexistent AF/91 virus be used against unwired Iraq? Stay tuned... April 1st is less than a month away. © SecurityFocus Online

George Smith is Editor-at-Large for VMYTHS and founder of the Crypt Newsletter. He has written extensively on viruses, the genesis of techno-legends and the impact of both on society. His work has appeared in publications as diverse as the Wall Street Journal, the Village Voice and the National Academy of Science's Issues in Science & Technology, among others.

Tales from Iraqi CyberWar Trenches

Drp yr WMDs now plse! - debunking Iraqi text psyops
Panic Attack! Mobile terrorist alert service
The US M1A2 Abrams, and war as a video game
Do it with spanners - how the Iraq cyber attack will work

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Blood-crazed Microsoft axes Trustworthy Computing Group
Security be not a dirty word, me Satya. But crevice, bigod...
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
prev story


Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.