[iwar] Information Warfare Explained ;-)
From: Tony Bartoletti
From: azb@llnl.gov
To: iwar@egroups.com
Mon, 21 Aug 2000 18:42:54 -0700
fc Mon Aug 21 18:35:18 2000
Received: from 207.222.214.225
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Mon, 21 Aug 2000 18:35:18 -0700 (PDT)
Received: by multi33.netcomi.com for fc
(with Netcom Interactive pop3d (v1.21.1 1998/05/07) Tue Aug 22 01:35:11 2000)
X-From_: sentto-279987-495-966908036-fc=all.net@returns.onelist.com Mon Aug 21 20:34:24 2000
Received: from cj.egroups.com (cj.egroups.com [208.50.144.68]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id UAA07581 for ; Mon, 21 Aug 2000 20:34:24 -0500
X-eGroups-Return: sentto-279987-495-966908036-fc=all.net@returns.onelist.com
Received: from [10.1.10.38] by cj.egroups.com with NNFMP; 22 Aug 2000 01:33:56 -0000
Received: (qmail 24683 invoked from network); 22 Aug 2000 01:33:55 -0000
Received: from unknown (10.1.10.27) by m4.onelist.org with QMQP; 22 Aug 2000 01:33:55 -0000
Received: from unknown (HELO poptop.llnl.gov) (128.115.41.70) by mta1 with SMTP; 22 Aug 2000 01:33:55 -0000
Received: from catalyst (catalyst.llnl.gov [128.115.222.68]) by poptop.llnl.gov (8.8.8/LLNL-3.0.2/pop.llnl.gov-5.1) with ESMTP id SAA15895 for ; Mon, 21 Aug 2000 18:33:53 -0700 (PDT)
Message-Id: <4.2.2.20000821175926.00ab1e10@poptop.llnl.gov>
X-Sender: e048786@poptop.llnl.gov
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2
To: iwar@egroups.com
In-Reply-To: <200008211241.FAA24817@all.net>
References: <8nqm35+8tlf@eGroups.com>
From: Tony Bartoletti
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Mon, 21 Aug 2000 18:42:54 -0700
Reply-To: iwar@egroups.com
Subject: [iwar] Information Warfare Explained ;-)
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Per the reply by Fred Cohen to the message sent by Mohammad Ozair Rasheed:
The discussion of "what makes warfare", especially information warfare,
intrigues me. Speaking generally, "intensity" and "value of resource
at risk" must come into play.
Regarding "information warfare" in particular, I must say that while such
terms have been applied historically to "disinformation campaigns", even
by the "dropping of leaflets" over enemy territory, I would like to see
the focus here (in this mailing list) be one that makes "global electronic
information infrastructure" its centerpiece. To what degree this global
resource is employed (whether for disinformation, denial of service, or
more direct forms of damage) is, in my view, the most interesting (new)
area to explore, for it represents the potential of leverage and shifting
balance of power to an extent not seen before in history.
While "commercial damage" (defacing or taking down a business website) is
not quite on par with my view of the term "warfare", it is clear that if
it involved fully interrupting the "business-to-business" (b2b) or the
"business-to-government" (b2g) operations of a major commercial service
(shipping, airlines, banking, not Rebok or Burger King) then it certainly
qualifies as a possible act of war, especially if undertaken by a group
with which tensions of a more physical nature are already in evidence.
Here, for what its worth, is my definition.
Information Warfare:
--------------------
Deliberate activity accomplished through manipulation or neutralization of
information or information systems, to destroy, disable, subvert, or
otherwise
destabilize critical defensive or economic resources, physical or otherwise.
The "or otherwise" part need explanation. I intend it to mean that the actual
"target" may still be "information", with the understanding that it, too, can
represent another step in eventual loss of "real physical" resources.
Someone once posed the question of whether and when "theft" of information
(accomplished via hacking) should represent an act of information warfare.
I think there needs to be two conditions met, for such theft to be considered
"Information Warfare":
1. The data "stolen" (that is, made available to unauthorized persons) must
represent strategic or tactical value sufficient to be a direct cause
of concern on a national defense level.
Examples might be theft of data specifying a critical military design,
location of hidden resources or reserves, the identities of covert agents
on assignment abroad, etc. Such theft can compromise lives.
(This is the part that makes it qualify as a component of "warfare".)
2. The theft must be accomplished through the hostile exploitation of a
weakness in information systems security controls.
(This is the part that makes it an "information-based" attack.)
In other words, if a trusted citizen inadvertently places national secrets
on a public web-page, and the "enemy" notices and copies it, it is not an
act of information warfare, no matter how important the information may be.
(You might be justified in charging the citizen with a crime, but the enemy
did nothing hostile or illegal in grabbing the data.)
In closing, I think an (other) important topic for discussion here is this:
To what degree can the wealth of (individually untrusted) information
resources available via the internet be employed by "smart correlation"
software, to help make "disinformation campaigns" stick out like the
proverbial sore thumb?
___tony___
P.S. I agree fully with Fred's assessment on the relationship between
restricted civil liberties and the tensions leading to strife. This is
especially so in "information controlled" societies, or those that
attempt such control. Of all liberties, the ability to freely obtain
"information" is paramount. In its absence begins the cycles of fear
and mistrust.
>Per the message sent by Mohammad Ozair Rasheed:
>
> > Fair answer and a fair question,
>
>Just the attitude I hoped you would take.
>...
>
> > However, were these attacks sustained, coordinated and directed
> > towards a specific target (either commercial or governmental) they
> > would assume the proportions of a warfare.
>
>You appear to think that warfare has to do primarily with intensity,
>continuity, and target sets. So if I choose to throw a hand grenade
>once a week at a random target it cannot be called warfare, but if I
>throw one every 15 seconds at the same company, it can be caled warfare?
>
>It's not a bad notion and it goes along - to some extent - with a common
>chart that uses 'intensity' to differentiate between warfare and other
>sorts of conflict. It also agrees with Schwartau's notion that
>information warfare can be individual, corporate, or military.
>
>I am interested in the development of weapons, the development of
>skills, and other precursers of capabilities related to high intensity
>conflict because of their potential for use in high intensity conflict.
>That is one of the reasons I post so many articles related to low-level
>incidents. I also post a lot of articles related to governments and
>their dealings with information technology because I believe that the
>interaction between governments and people are one of the root causes of
>developing conflicts. As freedoms are restricted, civil disobedience
>and other higher intensity things develop. As the governments of the
>world exploit the 'big brother' potentials of information technology and
>attempt to control more and more of the perceptions and behaviors of
>their citizens, the potential for high intensity conflict increases. I
>am even more anxious to post events where these things mix - for example
>the intersection between attack technology and governments - when a
>government web site is defaced or private citizen records are taken -
>this is closer to IW in my view. When governments go at each other or
>political issues are involved it becomes even more interesting to me
>because it is more clearly a conflict directed toward political ends.
>Something like 'politics is war through other means' - or is it the
>other way.
>
>...
> > There are several means of information warfare namely, TV, magazines
> > (even as harmless as National Geographics), radio, books and the WEB.
> > But the "Web" is perhaps the medium with most far reaching and
> > damaging consequences due to the low cost associated with it's use
> > and that it spans political and geographical boundaries with ease.
>
>I agree - perception management is clearly in the realm of IW in my
>view. I guess I prefer the term information operations (IO) for this
>form of exploitaiton. But I also think that there is a 'legitimate'
>level of 'propaganda'. In essence, to restrict perception management is
>to restrict freedom of expression - something I am most assuredly
>opposed to. And yet I think there are limits to what people should be
>allowed to push out. Screaming 'fire' in a crowded building - inciting
>others to riot - are over the line - but in the cyber domain. One of
>the reasons I favor attribution is that if we can tie the statement to
>the individual, we are able to respond to pure propaganda in a more
>meaningful manner - it also prevents abuses of the freedom of speech
>such as its use to slandar others.
>
> > Futhermore, as of today Internet serves merely a promotional/
> > distribution channel for most businesses, disruption of which, if is
> > a lifeline, can severly impact the profitability of any company. If
> > the companies were to evolve further and integrate "WEB" as part of
> > their organization processes then the impact of these events can
> > prove to be even more detrimental. This brings two important question
> > to mind. One. Are the businesses aware of the degree of impact while
> > considering integrating "WEB" in their processes and Two. What steps
> > can they take (or have taken) to keep their lifeline open at all
> > times.
>
>This, to me, is not of interest. I could not care less about how
>corporations fail to protect themselves - except of course for my
>coproate clients. I do, however, care how they protect or fail to
>protect me.
>...
>
> > Looking at the events on the commercial frontier we see incidents
> > which range from hacking websites to cybersquatting to virus
> > deployment. I would like to know if there is any impact on the
> > Organizational processes, personnel, procedures and job descriptions
> > due to occurrence of these events. May be at some point in time these
> > sporadic events may become so frequent that organizations may have to
> > define new job descriptions for people who are specialists in
> > combating this menace.
>
>Most US corporations of substantial size have people at the director
>level of higher whose sole responsibility is information protection.
>
> > There may be other forms of information warfare which can be termed
> > as nuiscance e.g. the ever going chain letter about microsoft
> > tracking the mail, a dying boy wanting his e-mail to travel to all
> > corners of the globe, ericsson giving a mobile phone to every
> > individal who forwards a mail to at least 10 people (with a copy to
> > someperson@ericsson.com), KFC using Genetically Bred Chickens instead
> > of real chickes in their food. Incidents like these pander to the
> > human sentiments and are a mere nuisance but incurr costs interms of
> > bandwidth and time and may become real.
>
>They sound like precursors of the techniques we may see in large-scale
>military information operations.
>
>FC
Tony Bartoletti 925-422-3881
Information Operations, Warfare and Assurance Center
Lawrence Livermore National Laboratory
Livermore, CA 94551-9900
---------------------------------------------------------------------
------------------
http://all.net/