One printer, one virus, one disabled Iraqi air defence

You can't keep a good April Fool's down

  • alert
  • submit to reddit

Security for virtualized datacentres

Did U.S. infowar commandos smuggle a deadly computer virus into Iraq inside a printer? Of course not. So why does it keep getting reported, George Smith asks.

A creepy enthusiasm for tales of weird weapons rises as war approaches. Denied substantive information by the Pentagon and grasping for eye-grabbing news, journalists and pundits speculate daily about what might be used in Iraq.

In this environment, where everyone charges full speed ahead for the hot scoop or astonishing apocrypha, even the oldest hoaxes can return for one more bow.

In a February piece for the Memphis Commercial Appeal, a retired air force man mused on the subject of information warfare and how it might be used to strike Iraq down. Dabbling in a little history, the author recounted how in Gulf War I the U.S. drew up plans to take down an Iraqi anti-aircraft system with "specially designed computer viruses [to] infect the system from within. Agents inserted the virus in a printer shipped to an Iraqi air defense site."

Special Forces men were also said to have infiltrated Iraq, where they dug up a fiber-optic cable and jammed a computer virus into it. "It remained dormant until the opening moments of the air war, when it went active..." wrote the columnist. Iraq's air defense system was vanquished.

Frankly, this is a great story. It's amusing to remember how it kicked up a storm in 1991 after its initial appearance as an April Fool's joke in Infoworld magazine.

The gag asserted the National Security Agency had developed the computer virus to disable Iraqi air defense computers by eating windows -- "gobbling them at the edges..." The virus, called AF/91, was smuggled into Iraq through Jordan, hidden in a chip in a printer -- the latter being a distinguishing feature of many subsequent appearances of the hoax.

Chat board gossip on it echoed for days, not only from people who thought the joke quite funny, but also those who missed the original citation and engaged in laborious discussion on the imagined technology of the virus.

Inevitably, a large media organization got wind of the story and pounced without bothering to track down the tale's provenance.

U.S. News & World Report published news of the Gulf War virus in its coverage of the war, a narrative that also found its way into "Triumph Without Victory," the magazine's subsequent book on Desert Storm.

The Gulf War virus, wrote U.S. News, attacked Saddam's defenses by "devouring windows" Iraqi defenders used to check on aspects of their air defense system. "Each time a technician opened a window ... the window would disappear and the information would vanish." The virus was "smuggled to Baghdad through Amman, Jordan" in chips inside a printer.

From there, the bogus story was reported by the Associated Press, CNN, ABC Nightline, and newspapers across the country.

'The Next World War'

When queried about the tale's uncanny resemblance to the Infoworld joke, Brian Duffy, the primary author of the U.S. News article (and now executive editor of the magazine) stubbornly defended his sources -- "senior officials" all. In a follow-up Associated Press article outlining the imbroglio, Duffy maintained he had "no doubt" that U.S. intelligence agents had carried out the Gulf War virus attack, but admitted similarities to the Infoworld joke were "obviously troubling." Duffy's sources, were, of course, anonymous.

Many have been enthralled by the Gulf War virus' siren call through the decade, almost all in efforts to hold up some proof of the magical power of information warfare.

In the March 1999 issue of Popular Mechanics magazine, in a piece on cyberwar, the publication wrote: "In the days following the Gulf War, stories circulated that [cyber] weapons had been unleashed on the Iraqi air defense system." The nefarious printers were again used containing "chips [with] programs designed to infect and disrupt..."

A Hudson Institute analyst peddling a paper on Russian thoughts on cyberwar fell for it and when confronted aggressively argued that it was true because, well, just because.

Other appearances include an allegedly seminal book on computer combat entitled "The Next World War." In this instance, the miraculous Gulf War virus failed to do its job because the U.S. Air Force accidentally bombed the building where Iraq stored the virus-laden printers. The author went on to found an infosecurity firm known for its publicity-happy hyperbolic proclamations on cyberwar.

Why was the hoax so successful?

The easy answer is to simply call everyone who falls for the joke a momentary idiot. But the Gulf War virus plays to a uniquely American trait: a child-like belief in gadgets and technology and the people who make them as answers to everything. Secret National Security Agency computer scientists made viruses that hobbled Saddam's anti-air defense without firing a shot! Or maybe it didn't work but it sure was a good plan!

In this respect, the joke is ageless. People are just as able to nebulously theorize about the tech of it and its implications in 2003 as they were in 1991. Will an updated version of the nonexistent AF/91 virus be used against unwired Iraq? Stay tuned... April 1st is less than a month away. © SecurityFocus Online

George Smith is Editor-at-Large for VMYTHS and founder of the Crypt Newsletter. He has written extensively on viruses, the genesis of techno-legends and the impact of both on society. His work has appeared in publications as diverse as the Wall Street Journal, the Village Voice and the National Academy of Science's Issues in Science & Technology, among others.

Tales from Iraqi CyberWar Trenches

Drp yr WMDs now plse! - debunking Iraqi text psyops
Panic Attack! Mobile terrorist alert service
The US M1A2 Abrams, and war as a video game
Do it with spanners - how the Iraq cyber attack will work

Beginner's guide to SSL certificates

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
NOT OK GOOGLE: Android images can conceal code
It's been fixed, but hordes won't have applied the upgrade
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
prev story


Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.