[iwar] Historical posting
From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com
Mon, Jan 1, 1999
fc Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Mon, Jan 1, 1999
From: Fred Cohen
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting
I thought I would post some historical information from the original
iw@a... mailing list and solicit views on how things have changed
over the last few years. To start out, here are the definitions of
information warfare we gathered way back in 1995:
===========================================================================
My conception of iw involves attacks on C3I systems as well as propaganda
attacks. The range includes EMP bombs and viruses as well as the
introduction of subversive propaganda or the introduction of new
communication technology.
This is hindered by the "control" leg
of the C3 stool, one sneered at by information anarchists, but essential
to military operations.
Information Warfare: those actions which inhibit the ability of an
adversary to repond/react/retaliate to the actions of another relating
to electronic warfare. Can have psycological or economic impac as well
as physical.
Denial is the easiest form of attack but the easiest to detect. Is
primarily tactical in nature.
Compromise is more difficult but easier to hide.
Corruption of data is the most difficult to accomplish but potentially
has the greatest strategic importance.
Corporate / Governement espionage. Today it can come in many
forms. False information, stolen information, spoofed information etc.
It can have a wider area of effect with the advent of computer systems.
Essentially, I am interested in anything that has any relation to
high-tech crime. Information warefare fits nicely into that area.
My definition of Information Warfare:
Obtaining confidential information by:
social engineering (skillful lying);
researching public information;
trash diving;
cracking systems;
trading KeWl WaReZ for information;
sniffing data off the wire;
electronic intercept.
Using this information for:
defence planning;
gaining competetive advantage;
gaining economic advantage;
gaining political advantage;
undermining trust in religious authority;
undermining trust in government authority.
IW is not a new concept. Same principles how to use information as a
weapon has been used throughout history. BUT tools and ways how to
conduct IW has evolved and we are now living times when IW has much
bigger potential for or should I say against society than before. Tools
to gather, analyse, react and dissipate information are so effective
that it makes me wonder where are we heading.
IW infrastructure is problematic. In conventional weapons you can try
to control the destructive potential by treatys agreeing abandon
factories and plants. IW infrastructure is the same facilities needed
for societys normal information purposes. So there is no way to control
the potential of IW easily.
Perhaps it is everything that is a threat to the civilian and military
society that use information as a weapon.
Right now, offensive IW is an
a way to manipulate/influence/affect/disrupt the C4 loop of an enemy or
potential enemy. That is doing things to (1) confuse him or give him an
incorrect picture of the battlefield (or potential battlefield), (2)
manipulate the enemy into making a decision (or not making one as the
case may be) that you would prefer he make (to suit your own
objectives), (3) cause the enemy to implement non-optimum tactics or
strategy, etc.
I'm intersted in IW as a tool for propaganda.
As far as I can see, it's
a catch-all label for a number of intelligence activities that are as
old as the hills, for industrial espionage, and for state-sponsored
terrorism. It has a zingy sound, though, and in the post-cold-war era
with budget cuts looming, a lot of cold warriors are re-aligning with
new job markets, including IW and its associated hype. From all the
"examples" I've heard of IW I've yet to see a cost effective application
of it from either an attacker or defender's perspective.
My take on IW? Not sure at the moment, but various denials of service
come immediately to mind as actions to just confuse or disable the
opponent; more subtle breaking/entering/copying/trojanizing/etc as more
difficult but possibly more effective...
Explain IW? to me, its quite simply an attack or defense based on a
foundation of information.
To me IW has two basic functions. One is to protect commmunications and
information collection, analysis, and dissemination from interception,
disruption, and modification. The other function is to do just that to the
other side's information resources, making their communications, collection,
analysis, and dissemination anything from unreliable to nonexistent. IW is
practiced in both tactical and strategic applications of governments'
ability to wage and sustain warfighting capabilities but could also be used
by governments and business entities to procur economic advantages over
opposing sides.
IW to me means use of computer code to compromise Info
Systems - eg. virii/ passwd cracking/ hacking etc.
Information and information systems
have become so critical to national well-being that defending against
attacks and figuring out how to attack others in times of conflict are
becoming mandatory strategies.
The way I see it, IW encompasses all the aspects of information
manipulation/disclosure/distortion to get tactical/strategical advantage
over your enemy/competition.
the denial of proper information resources to an opponent
while protecting your own information resources
I perceive it as a composite of the evolutionary
directions of traditional malicious hacking, leading to organized
attacks by people with definite financial or political objectives.
Class 1: Personal IW (personal privacy issues)
Class 2: Corporate IW (corporate information assets protection)
Class 3: Global IW (conflict in the econo-technical global network
dealing with nation-states and political or economic spheres
of influence)
"Information warfare is an electronic conflict in which
information is a strategic asset worthy of conquest or destruction.
Computers and other communications and information systems become
attractive first-strike targets"
The use of
possibly false/misleading data to manipulate the decision making
process of the an opponent.
C1=P1+P2: Competition + Information Age = Information-based Competition.
C2: Information-based Competition = Information-based Non-violent Warfare
C3: Information Warfare = C2 + Information-based Violent Warfare
but substituting for C1: = C1 + Information-based Violent Warfare
which is even bigger than C1.
Information = Data and systems to analyze data.
Warfare = Deliberate attempts to break stuff and kill people to further
a cause.
IW = Range of activities from hacking and phreaking to using EMP to
destroy economies in order to bring about a "political" change as
opposed to just nefarious activities done for personal benefit, usually
economic.
In DoD IW has been defined, most recently, as "Actions taken to ahcieve
information superiority by affecting adversary information, information
based processes, and information systems, while defending our own
information, information based processes, and information systems." Many
in the department view IW as "an integrating strategy" - a way to
improve mission effectiveness by bringing the various operational and
support elements closer together. The enabeling factor in this strategy
is of course information and information technolgy. IW is basically a
recognition that we as a military, and a society for that matter, have
become incredibly dependant upon information and information technology.
This dependancy is both a asset to be leveraged to our gain and a liability
which can be used against us.
Warfare using intellectual capital.
Whatever the definition for IW, my concern is that (1) automated
information systems are becoming (have become) an integral part of the
business (or warfare) process, are (2) massively interconnected - to
include the global Internet, and therefore (3) are attractive targets
for exploitation by adversaries.
The tight decision cycle for the warfighter means that there will be
no time to second guess the computer's output - providing frightening
possibilities for impact from maliciously modified output. Besides time
pressures, the warfighting process is simply becoming increasing
dependent on the existence of computing - for example, consider the
impact on reserve mobilization in a few years if the computing
infrastructure is subverted.
I define Information Warfare simply as control of information.
Information warfare is about destroying information, stealing
information, reducing information flows, reducing the reliability of
information content, and denying access to information
services/technology with the intention of gaining strategic, competitive
or personal superiority over one's adversary.
The collection of strategies, tactics and operations that impact or defend
against impacts on the collection and application of information in combat.
Successful information warfare:
- N Vietnam's climate of opinion measures (Fonda visits, etc.) during the 60s.
- Use of CNN video during gulf war
- Leafletting, etc. during gulf war
Unsuccessful information warfare:
- Sadam Hussein's interview with the children prior to Gulf war
- Airplane highjacking during the 60s
Is it normal intelligence activities, or possibly covert operations directed
against "enemy" information systems, or maybe technical information about
systems which have historically and presently beeen associated with warfare?
I think information warfare is the act of controlling and securing
information that can be used against others (companies, individuals,
countries, etc). In my opinion, it is probably similiar to the CIAs
official function: to gather and process information that could be used
to better secure our position in world affairs.
Concept of IW: Hmmm. At its lowest common denominator, IW is nothing
more than an old principle applied to modern technologies (computers,
telecommunications, etc.).
"Information War" means the day-to-day struggle to stay one step ahead of
the hackers and wannabes who attach the systems for which I am responsible.
one of the three pillars of future
warfare (the others being dominating maneuver and precision
strike)...not discrete enough...all aspects of gaining dominance on
current or anticipated opponents by obtaining an advantage in the quest
for information, both his and your own...or how about the ability to
make decisions and create actions at all levels of warfare (strategic,
operational, tactical) before the enemy by the use of offensive and
defensive measures in communication and information.
everything that has to
do with C4I, EW, PSYOPS, Space warfare, deception, security, and
anything else (like cyberwar) that they don't know where to catagorize.
Measures taken by our forces by turning to friendly advantage or
negating adversary efforts to deny information to, influence, degrade,
or destroy friendly systems.
Information warfare is the use of information and information systems
as both offensive and defensive tools (weapons) against adversaries.
Information Warfare is . . ." . . . actions taken to preserve the
integroty of ones own information systems from exploitation, corruption
or destruction, while at the same time exploiting, corrupting, or
destroying an adversary's information systems and in the process
achieving an information advantage in the application of force."
In regards to your query of my concept of infowar, breifly, is the
exploitation of any/all vulnerabilities of the internet in waging 'war'
on society, governments, industries, or corporations.
Use of information as a weapon to wage war, which can be physical,
economic, political, social, racial, religious etc.
Information := symbolic representations in the most general sense
Warfare := armed conflict
Information Warfare := Information x Warfare =
armed conflict involving, effecting, or relating to
symbolic representations AND symbolic representations
involving, effecting, or relating to armed conflict.
My concept of IW is the ever increasing need to provide security for
system and network information against such attacks as masquerade,
spoofing, sniffing, an man-in-the-middle attacks.
IW is simply a way to apply the evolving doctrine of warfare (primarily
maneuver and unconventional/low intensity theory) to an
information-based economy. Unfortunately, most of the security
establishment sees IW as a way to preserve their existing, obsolete,
ways of doing things.
Information Warfare has been with us ever since two people were at war.
However, with the info explosion due to technical (i.e. computer)
advances, a new "bit" driven dimension has been added, providing new
"targets" and "weapons".
I consider IW to be any effort that treats Information as a strategic
asset to be attacked or protected.
IW is using information to one's advantage while denying it to the
adversary, and protecting our own systems.
IW is a repackaging of several of the ancient principles of war, a lot of
new technology and a dash of hype and budgetary politics.
Warfare has been called "the extension of diplomacy by other means". It
is about affecting the balance of power by augmenting that of the home
team and or (preferably and) reducing that of the adversary.
Information warfare is about the use of information specifically to
accomplish this end.
All actions, strategic and tactical, designed to deny, exploit,
corrupt, destroy, protect and manipulate knowledge or perception.
On a broader scale INFORMATION DOMINANCE - refers to the advantageous
disparity obtained by creating, disseminating, accessing, and
manipulating information for ones own ends while controlling information
available to and perceived by competitors or adversaries.
We define information warfare as any offensive or defensive use of
information itself, or the human or machine means for collecting,
processing, producing or disseminating information (to include
constituent raw data or executable code), for the purposes of confusing
(e.g., disinformation), temporarily disabling (e.g., disruption) or
eliminating (e.g., destruction) the ability of individuals or
organizations to exploit information. We consider time-honored
techniques such as deception and feints to be information warfare equal
in importance to the more recent manifestations such as computer viruses
and network-based break-ins.
It can be anything and everything depending on how you define it. This
is perhaps the greatest challenge facing us right now. Only by agreeing
on a common view of IW can the various endeavors effectively be
coordinated.
Lines of communication started with footpaths. Then vehicles were
developed to move faster with bigger loads both on and off road. Then,
to the skies. Now, at the end of the 20th century we are stepping in to
the next dimension, if you will. The cyberworld has become one more LOC
to exploit or be exploited by.
Much of what is currently being discussed as "Information Warfare" is
just various forms of deception using a new medium. Or is it that new?
During the American Civil War, the new (less than 20 years old)
telegraph was spoofed, jammed and used for deception (a telegraphist who
could imitate other operators "fist" was a very valuable asset.) Same
thing happened when radio came along. The air war over Europe in WW II
involved a lot of what we would now call Information Warfare. Do we now
have to rewrite all the history books to get the nomenclature updated?
1- Any action to affect adversary information, information systems, or
information processess;
2 - Protecting oneself against those same actions;
3 - Optimizing use of info, info systems, and info processes.
The tactics and strategies of warfare as applied to the disciple of
information creation, storage, and transfer. As opposed to more classic
warfare objectives which usually included control of portions of real
estate (real or idealogical), information warfare can have as it's
objective the control of information itself - today's major asset.
===========================================================================
FC
--