Topic B: Technology of Information Warfare

Much of the recent focus on information warfare has been related to the stunning advances in information technology. Since technology appears to play such an integral part in information warfare, this topic seeks to explore the implications of this relationship.

----------- [Moderator] Is information warfare technology dependent or technology enabled?

[Campen] Both. Same coin, different sides. By above definition, IW is the child of technology and its greatest weakness and capability. If one side is overly enabled, it can become overly dependent and overly vulnerable.

[Cebrowski] Information warfare is more technology enabled since it focuses on the vulnerabilities and opportunities presented by the increasing dependence on information and information systems. However, other aspects of information warfare exist in part, outside the domain of technology_psychological operations and elements of intelligence for example.

[Cochrane] Technology simply enables new forms of information warfare to evolve but with similar target end points. You used to have to print lots of leaflets and fly your Sopwith Camel over the enemy lines and throw them out at the population and hope some of them were read. Now you can swamp your enemy's TV transmitters and reach every household with the message. However, a well-placed bomb or missile could put pay to both of these threats, a bomb on the printing press or a missile attack on the TV transmitter.

[Cohen] Both.

[Dunnigan] Neither.

[Giessler] Both_just as was air warfare and industrial warfare and maneuver warfare and economic warfare and media warfare and

[Gust] I think technology advances are driving this doctrinal issue. We are now asking what can we do with a technology rather than asking what we want in a technology to accomplish a task.

[Hazlett] Both, some information warfare weapons, such as viruses, trojan horses, etc., are products of technology and therefore technology dependent_and yet_their use is enabled by electronic technology. ISR (intelligence, surveillance and reconnaissance) systems are technologically dependent, but they also enable information attacks by divining and defining an adversary's information posture.

[King] Both. The technology enables systems to be built (very fast computers) but the use of them in information warfare is dependent on other technologies being in place (pervasive networks).

[Libicki] What's the difference?

[Loescher] Technology enabled, I think. There is a pattern in technological revolutions (e.g., oil, automobile, power industries) that begins with invention, moves through systemization and eventually changes the culture. That's what's happening to us now (probably stage 2). But if you choose to narrowly define the revolution in warfare brought about by the info age as "info warfare" then I have to say we're just doing it more efficiently now than in the past. The issue is not IW, which is evolutionary; but war in the info age, which will be revolutionary.

[Merritt] Both. Many of the capabilities that can be used or exploited today and in the future are and will be dependent on technology. Who would have believed as recently as two years ago that we would have WWW [World-Wide Web] capabilities that could and will revolutionize how we do business. By the same token, it is going to require new technology that currently does not exist to enable us to execute IW both offensive and defensive.

[Probst] I have trouble parsing this question. Clearly, we can't have a Revolution in Military Affairs without unprecedented technology advances. Also clearly, more and more computers are becoming safety critical, or relevant to national security, or whatever.

[Schwartau] Of course it is. That's what makes it possible. For information in war, technology is the enabler, and for Pure IW, technology is the weapon and the target. See above.

[Steele] In the ideal, information war and peace is technology independent, that is to say, a very fine information strategy and information policy, as well as very fine information operations, can be developed and pursued without any enabling technology at all. Right now the offense (the mutts) have the advantage against the defense (the status quo Western powers) because the leverage they can derive from attacking complex technical infrastructures with physical tools (or electrical tools) is enormous. Right now offensive war by anonymous individuals is enabled. Defense is hampered by the complexity of the systems, and the lack of equivalent political and doctrinal arrangements.

----------- [Moderator] What are the current key or enabling technologies of information warfare?

[Campen] 1. High bandwidth transmission. 2. Mass storage. 3. Data search technologies. 4. Simulations.

[Cochrane] Computers and telecommunications technology in all forms seen by "users" (TV, radio, fax, Internet), plus all of the infrastructures that go with them (fixed, mobile, satellite). Mobile computing and communications, including mobile and satellite systems, computing systems of all kinds, well known operating systems and glass, wire and radio networks. (Don't forget the soldier on a motorbike, he is still very useful).

[Cohen] Information technology_as a whole.

[Dunnigan] Hype.

[Giessler] All the wares. Within hardware we can't keep up with COTS [Commercial Off-The-Shelf]_but the chip and the satellite and the EMS [Electro-Mechanical Systems] and the fiberoptics are all intertwined_and we couldn't do anything without mundane things like electricity.

[Gust] Clearly, digital signal processors are the key enabling technologies in our info and info warfare business area. Their increasing capacity and reducing size makes them the choice for the brains in almost any system design.

[Hazlett] Offensive: jamming, global positioning systems, satellites, computers. Defensive: crypto, stealth, computers.

[King] Systems with very large computational and storage capabilities, worldwide high-speed networks, growth in mobile technologies.

[Levien] There is no doubt that the technological base of the Information Warfare revolution is the "Tyranny of the Chip!!" The fact that there has been an exponential growth in the speed and capacity of the semiconductor chip, along with a reciprocal exponential drop in the cost and the size of this same chip, has indeed opened the door to EVERYTHING else that drives information warfare. This is not to detract from the growth in the field of computer design and software skills, but these evaluations were only possible once the semiconductor nerds did their thing. All else derived from the seminal work of Shockley, Bretain and Bardeen at the Bell Telephone Laboratories back in the 50's with the discovery of the transistor.

[Libicki] Other than information systems in general?

[Loescher] The powerful ones haven't been invented yet_but Java is a start at a world of software robots.

[Probst] A partial list includes: - high-performance computing and communications - high-performance data assimilation and analysis for centralized intelligence fusion and correlation, and battlespace understanding - control-theory technologies for automated strategic decision making at the strategic, operational, and tactical levels of war - major advances in modelling and simulation - bandwidth negotiation in virtual networks - information-survivability technologies

[Schwartau] We can go on and on about bandwidth and MIPS [Million Instructions Per Second] and the evolving power of the networks and computers. But I am looking for more than standard old think for IW. I expect to see in the next 10 years: - Greater mind-man interface - True VR [Virtual Reality] - nano-technology weapons (those are fun!) - Breakthrough cryptanalysis: "There are no more secrets" - Targetable remote bio weapons (in distinction to mass destruction bio weapons) - Psychic warfare capabilities should reach the battlefield.

[Steele] Technical access plus hacker-like understanding.

[Todd] The microprocessor and the connectivity between those emerging technologies has defined the information age. The ability to process and distribute information results in great opportunities and challenges for warfare in the information age.[Loescher] The powerful ones haven't been invented yet_but Java is a start at a world of software robots.

----------- [Moderator] Are there differences between "offensive" and "defensive" information warfare technologies?

[Campen] Depends. An offensive technology is constructed to exploit a known vulnerability in a defensive technology. Example: A virus and a firewall both use software technology. A defense against an electromagnetic attack might be a fuse, a shield or physical separation.

[Cebrowski] Information itself is the basis. Information technology is the broker, tool and application, in different ways. As such, technology serves to shape and present information. The control over how, how fast and how accurately information technology works on and with information is the essence of both offensive and defensive information warfare.

[Cochrane] The underlying technologies will be the same in both situations_it is just a matter of how they are used and where you sit as to whether they are offensive or defensive. E.g., if you write a software agent that goes around all the systems it can and gathers information then from your point of view it is a defence agent that spots enemies. To the person owning the system it is an offensive piece of technology. Offensive strategies are likely to require highly trained teams with specialised knowledge. Defensive technologies will include information monitoring and filtering together with computer and network resilience and healing techniques. Some have said offence is easier than defence but that may not be the case. A direct attack might be easy to mount but could be easier to trace back to the originator.

[Cohen] Yes. To be a good defender, you have to understand all about offense and find cost effective ways to provide adequate protection against the wide range of offensive potentials. To be a good offender, you have to find a hole and exploit it to your ends. The technologies for doing this are quite different.

[Dunnigan] Not really.

[Giessler] Many if not most overlap. Generally they are two sides of the info technologies coin. And you must consider both sides as you contemplate the coin. And you must consider the coin with two sides and a center as a system_that is fully connected.

[Gust] The Army labs here at Monmouth always give a sample of new info technology, i.e., a new radio, to the IEW [Intelligence and Electronic Warfare] Directorate to see if it has certain vulnerabilities or can be defeated easily.

[Hazlett] Yes, some systems, such as crypto are inherently better suited for defense; while others such as active electronic or acoustic jamming are offensive.

[King] Yes. Internet security gateways are defensive weapons. There are some systems that attempt to detect threats and then try to go on the offensive and track them down. Defense is harder as it has to cope with a great variety of different offensive systems.

[Levien] The difference between "offensive" and "defensive" IW technologies are to my mind almost all legal ones. There is of course the differences in perception that has been recently highlighted between the Army and the Air Force as how to wage the new IW warfare. The really tough question is how to ask a military officer to "defend his country against all its' enemies whomsoeverforeign or domestic" when you cannot clearly tell him who his enemy really is, and then threaten him with courts martial if he makes the wrong choice in the small instant of time he has available before he must act given the great body of legal garbage that awaits (much of it contradictory) for the Monday morning quarterbacks to quote from after the fact.

[Libicki] What differences exist are relatively minor (techniques of infoint collection are probably offensive in nature while CCD [Charge Coupled Devices] technologies tend to be defensive), and hard to distinguish.

[Loescher] Yes, technologically. However, operationally, the dual necessity of offensive and defensive actions is vital. In Navy, C4I is becoming more and more splintered, lacking advocacy, while IW, which in Navy is cryptology reinventing itself, is prevailing. That's a mistake. For the U.S., information is primarily a force subtractor at this stage because our dependency on it holds us tactically, if not strategically, banking on it. If you ask yourself what a small country can do to defend against an overwhelming military force, the options are clear. We need C4I more than we need offensive IW_though both are important. Unfortunately, in Navy, they are dividing. I see my job as helping to restore that balance. However, the technology of IW is tangible, while the promise of C4I is still in viewgraphs. That's a hard_but vital_sell.

[Merritt] You bet. Defensive will be a lot harder, on all fronts. A lot of work remaining to be done. How do you do reconnaissance? What sensors do you need? How do you do IW Indications and Warning? How do you build countermeasures that don't become obsolete immediately?

[Probst] If we use these words they way I have defined them, then they are quite hard to separate. I would imagine that anyone skilled in one would be reasonably skilled in the other.

Sometimes it helps to solve a simpler problem first.

Computer-aided Postal Chess

White and Black both have chess computers that function as "brain multipliers". The chess computers have a chess rating, and can be set for different levels of play.

The leaders of the Revolution in Computer-Aided Postal Chess have ordered you to trade in your expert computer for a grandmaster computer.

Offense and defense change in subtle fashions: - if I upgrade my chess computer, that does not ipso facto downgrade your computer, but it does give me an advantage - if I break into your house and monkey with your chess computer so that it surreptitiously plays at less than full strength, that's a "Level-3 IW attack" :-) - if I change the locks at my house, so that you won't be able to reply in kind, that's "defensive information warfare" - if you cut off the supply of electricity to my house, you have attacked my infrastructure - and so on

[Schwartau] In order to defend, you have to know the offensive capabilities, so there is a great deal of similarity, although the techniques are different. I would have to write out a chart, but it would include thoughts like: Sniffing Crypto Sniffing Authentication Viruses Smart O/S Laser Interception Masking PsyOps Truth Police and so on. Good question with an infinity of possible answers.

[Steele] Offense is much much easier and can be physical as well as electronic. Defense is an order of magnitude more complex and expensive.

[Todd] Based on the comments to this question, there appeared to be a predominant notion that offensive and defensive technologies referred to hardware aspect only. While technologies are themselves "hardware," I think a point might have been lost. During the Korean War, the MIG-17 was superior in hardware (performance) to that of the earlier model F-86s. However, the American's retained a superior combat record of 10:1 over the adversaries. In this case, your superiority in training and combat tactics mitigated a technological inferiority. So it is in IW. Our risk analysis indicates that the better training and education of the user and systems administrators results in a far superior investment vs. results scenario that merely "engineering in" defensive solutions.

----------- [Moderator] What can be considered an "information warfare system?"

[Campen] The assemblage of people, processes, equipment and software needed to wage conflict in the electromagnetic spectrum and protect itself against attack.

[Cebrowski] There is no "pure" information warfare system from a technical or weapons system standpoint. Weapons systems can perform information warfare functions, but as a byproduct of technical design. However, an information warfare system can be defined in terms of a series of interrelated processes that include technology. For example, an information warfare process may consist of established standards and scope for information protection, coupled with adequate attack detection and restoral tools and techniques.

[Cochrane] An information warfare system is any collection of resources that can be utilised in order to further your aims in a conflict by disseminating or disrupting information. E.g., lorry packed with a fertiliser bomb can be a useful information warfare system when driven into the country's central bank. The most critical element of ALL information warfare systems is the human brain. It will always find a new way of adapting an innocent system into something that can be used for a more devious purpose.

[Cohen] All systems are IW systems in some sense. It's their USE and not their CONTENT that dictates their involvement in IW.

[Dunnigan] General U. S. Grant standing next to a telegraph operator

[Garigue] A group of knowledgeable individuals and a truly modern on line library.

[Giessler] Any set of elements related to one another with a goal of survival in the information age. Such a system has input, process, output and feedback. It is a complex-adaptive system that is teleological_goal oriented. So_a commander and his trusted agents (sometimes known as staff) who is trying to defeat, deter, influence the competitor is a I.W.S. So is a HARM [High-speed Anti-Radiation Missile] launched from any kind of vehicle. So is a kid with a virus attacking your info system with the objective of killing it. I.W. Systems are everywhere.

[Gust] An info warfare system is probably best defined by the financial programmatic weapons platform it rides on_JSTARS, Rivet Joint, Guardrail, etc. That would include comm links, ground stations and control nodes.

[Hazlett] Example of an information warfare system: an "active computer firewall/gateway" that detects attempted intrusions and attacks (and conducts counterattacks), yet still permits access by appropriately recognized systems. Example of an information warfare "system of systems:" An active ISR-RSTA [Intelligence, Surveillance, Reconnaissance-Reconnaissan ce Strike Targeting Architecture] combination that detects attacks on component systems and directs defenses and counterattacks.

[King] A collection of people and systems used to perform an offensive or defensive operation in an information war.

[Levien] Other than a speeding 30-06 bullet, or a hand grenade about all remaining military systems fall into the IW system category.

[Libicki] An A-10 with a GAU-30 [Note: this is a 30 mm cannon] will work just fine if there is a command center or puter system underneath.

[Loescher] Let me answer it this way_the best system for IW is the operator's mind. The rest is trapping.

[Merritt] I addressed some of this earlier. A lot of possibilities. Many of which already exist, but haven't been deployed in a coordinated manner that would have impact on perception management on the battlefield. It is much more than a network issue.

[Probst] Above all things, an integrated battlespace management system that uses data-intensive predictive modelling and simulation.

[Schwartau] Me. You. A hacker. The bad guys. The system comprises the technology + motivation. Technology by itself is neutral; not bad or good. Remember, for example, that the only difference between a programming error and malicious software is intent. Or, that at a microwave repeater if properly tuned and aimed creates a fine DOS [Denial of Service] device.

[Steele] Any form of strategic thought, policy, or organization, which may or may not include technology, that seeks to achieve a specific information objective.

[Todd] An information system consists of a system of sensors (either organic or electro-mechanical/electromagnetic), the linkage to human decisionmaker or assessment center, the linkage between that decisionmaker (electromagnetic, mechanical, etc.) to a combat system, and the sensory feedback. I very much agree along the lines of links, nodes and human elements comprise a IW system.