Return-Path: <sentto-279987-4904-1025097835-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 26 Jun 2002 06:26:08 -0700 (PDT) Received: (qmail 26090 invoked by uid 510); 26 Jun 2002 13:23:46 -0000 Received: from n20.grp.scd.yahoo.com (66.218.66.76) by all.net with SMTP; 26 Jun 2002 13:23:46 -0000 X-eGroups-Return: sentto-279987-4904-1025097835-fc=all.net@returns.groups.yahoo.com Received: from [66.218.67.200] by n20.grp.scd.yahoo.com with NNFMP; 26 Jun 2002 13:23:55 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_3_2); 26 Jun 2002 13:23:54 -0000 Received: (qmail 64485 invoked from network); 26 Jun 2002 13:23:54 -0000 Received: from unknown (66.218.66.216) by m8.grp.scd.yahoo.com with QMQP; 26 Jun 2002 13:23:54 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta1.grp.scd.yahoo.com with SMTP; 26 Jun 2002 13:23:53 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g5QDP4o15059 for iwar@onelist.com; Wed, 26 Jun 2002 06:25:04 -0700 Message-Id: <200206261325.g5QDP4o15059@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 26 Jun 2002 06:25:04 -0700 (PDT) Subject: [iwar] [fc:Russia's.'netwar'.capabilities] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8bit X-Spam-Status: No, hits=3.9 required=5.0 tests=US_DOLLARS_2,RISK_FREE,FREE_MONEY,LINES_OF_YELLING,DIFFERENT_REPLY_TO version=2.20 X-Spam-Level: *** JANE'S INTELLIGENCE REVIEW - JULY 01, 2002 Russia's 'netwar' capabilities Tim Thomas Russia has been developing its CNO structures and capabilities in order to prepare the country for offensive and defensive attacks. Over the past seven years, Russia's information technology theorists and policy-makers have developed a set of organisational structures, operating principles and concepts to assist with computer network operations (CNOs) or netwar. These adjustments have enabled Russia to develop CNOs that differ in some respects from those in the West, especially in the realm of terminology. Aleksander Starovoitov, a former director of the Federal Agency for Government Communications and Information (FAPSI), has noted that an information 'attack' could disable a country's entire electronic control systems, including those of the armed forces and government infrastructure. The use of such a weapon, given its catastrophic consequences, would resemble use of a weapon of mass destruction. Institutional structures Several commissions, agencies, commercial organisations, and ministries have been investigating or developing CNO. The State Technical Commission is responsible for information protection in the fields of defence, politics, the economy, and other areas, to include countering foreign technical intelligence collection. The commission is directly subordinate to President Vladimir Putin and has both certification and licensing responsibilities for information technology. FAPSI, which is similar in function to the USA's National Security Agency (NSA), is responsible for some CNO and has several regional computer information centres. Its chief function is to encode government communications, but it also registers state databases. The Federal Security Service (Federalnaya sluzhba bezopasnosti - FSB), similar in purpose to the US Federal Bureau of Investigation, also has a directorate for computer and information security that is headed by Boris Miroshnikov. Directorate R of the Ministry of Internal Affairs (Ministerstvo vnutrennykh del - MVD) is responsible for combating computer crime. The directorate was apparently closed down in June 2001; however, in July it was reincorporated into the Directorate for Operational (Special) Technical Measures of the MVD. Directorate R tries to find and document traces of criminal activity on the internet. After that, operatives attempt to find and detain the criminal. Specialists are trained in data protection, radio-electronics, and computer technology and criminal investigations. It is not known which specific section of the General Staff of the Armed Forces has responsibility for CNO, but the 8th Directorate is the most likely location. The armed forces do not have an unclassified version of a document comparable to the US military's Joint Doctrine for Information Operations, nor do the separate service branches offer unclassified publications on the subject. The rising importance of information operations in the Russian military is apparent from a variety of sources. For example, the military's professional journal Armeyskiy Sbornik (Army Journal) has published articles in the past five years on computer data security, information support to operations, communications support to command and control, and offered advice on installing local computer networks in units. Military Thought, another professional journal, initiated a special column in 2001 called "Armed Forces Informatization" that discussed several aspects of computer and automated control system operations. Appendix 19 of Russia's 2002 federal budget allocated millions of rubles for national defence in the areas of automated systems and means of control, communications, reconnaissance plus radio-electronic and information countermeasures. It is clear from other reports that CNO courses have been set up at several radio-electronics institutes. For example, in a TV report describing training at the Voronezh Military Radio-electronics Institute, one student, Aleksey Syanov, noted that Russian computer specialists are in high demand throughout the world. He suggested that several countries are trying to hire Russian software specialists because they "think in a special way and... are therefore able to solve non-standard problems using non-standard methods". The TV correspondent reported that an information warfare department had opened at the institute; that in 2001 the first army computer hackers would graduate from the department of automated control systems; and that data protection and new information technologies are also studied at the institute. This emphasis on information operations at Russia's military institutes is not unexpected. A recent government commission on military affairs listed information warfare as one of three priorities for defence, along with Russia's strategic nuclear forces and the development of precision-guided weapons. Information weapons CNO issues were discussed in the 2001 report, Information Challenges to National and International Security. Professor Dr Vladimir Dyachenko, a member of the General Staff, was listed as one of the authors, indicating he may have had input to the military references in the document along with several retired military officers. The document stressed how information and communications technologies (ICT) are transforming the entire traditional paradigm of war and conflict escalation, through the processing of vast amounts of data for new command and control methods. The means to conduct computer network attack and defence were listed as information weapons, a term not used in US policy documents. The report classified information weapons as offensive or defensive according to their purpose. Defensive information consists of multilevel computer security systems and various systems of active countermeasures to enemy information weapons. An offensive weapon destroys critical elements that support decision-making. The latter includes the points and bodies for command and control, the systems of automation of control, communications, and specialised systems for collection and processing of intelligence data and sensors. Russia is particularly concerned with information weapons that disable or change the algorithms driving control system software. These weapons include: · means of disabling all or specific portions of software of an information system, possibly at a given point in time or with the onset of a certain event in the system; · means of covertly changing (even partially) the algorithm of a piece of functioning software; · means of collecting data circulating in the enemy information system; · means of delivery and introduction of specific algorithms to a specific place in an information system; and · means to affect facility security systems. Another information weapon of concern to Russia is one that stops or disrupts the functioning of data exchange subsystems, or affects the signal propagation medium and functioning of algorithms. These include: ·means to affect data transfer protocols of communications and data transfer systems; ·means that affect the addressing and routing of algorithms; ·means that intercept and disrupt the passage of information in its technical transfer channels; and ·means that provoke system overload by false requests for establishing contact. A final information weapon of concern changes the data on command and control systems to create a virtual picture of the situation that differs from reality. This includes: ·means to modify information stored in enemy information system data bases; ·means to introduce false information and data to enemy information systems; and ·means of security system disinformation. The document's English version editors, Dr Andrei Krutskikh and Dr Dmitry Polikanov, proffered the following scenario for the employment of information weapons in a regional conflict. An information offensive is carried out several hours before the beginning of combat operations. Systems controlling telecommunications, power supply and transportation are disrupted. The operation of computer systems of state agencies and the armed forces are also suppressed. At the moment of overflight of aircraft with conventional and information weapons, air defence assets are additionally disabled by using computer viruses and by activating special 'plants'. Electronic and electrical equipment as well as computers are disabled using non-nuclear electromagnetic pulse generators. Agents and other methods, such as micro-organism cultures, are introduced that eat electronic components, penetrating computer networks and databases in advance before the beginning of combat operations. An information operation against an opponent's organisational-technical system can be developed either by changing its structure or by exerting an effect on its resources: computer, software, information, and communications resources or personnel. This in turn will affect the decision-making cycle. Krutskikh and Polikanov noted that the network struggle, also used in low intensity conflicts and by terrorists, is more about using information capabilities than about the struggle against enemy information structures; and implies the use of enemy information infrastructure for one's own purposes. Russia has identified three problems that emerge during the counternetwork struggle: ·the lowered efficiency of hierarchical state systems in combating network structures; ·the requirement for a counterterrorist unit based on network principles with broad decision-making powers; ·the need for an efficient use of network organisations and the internet. 'Electronic Russia' Russia is working hard to improve its computer capabilities. For example, the Moscow Times reported on 7 August 2001 that Russia had assembled the MVS-1000, a supercomputer capable of performing one trillion operations a second and simulating nuclear explosions at speeds greater than previously possible in Russia. Russian scientists said the computer would rank 30th on the list of the world's 500 most powerful computers - IBM's ASCI White supercomputer is capable of more than 12 teraflops (12 trillion operations per second). Russia has set aside US$20m for an MVS-5000, which would be five times as fast, and could be ready by 2003. The US hopes to have a 30-teraflop computer by that time, Tass reported. To assist this development the government is planning to institute a programme called 'Electronic Russia' between 2002-2010. The purpose of the programme is to create "an adequate institutional and legal environment for the development of an ICT industry and support for the effective interaction between the state and society through widespread use of ICT." This recognises that the spread of ICT requires developments in civil society that must be addressed, such as guarantees of citizens to free and rapid access to information through the internet. To date, the USA has accused Russia on more than one occasion of conducting CNO against both its commercial and government/military structures, with the Citicorp bank episode being the most famous. Russia has done likewise, and these incidents do not improve stability but increase suspicion and even paranoia. Clearly, it is important for both sides to establish a dialogue over these issues, and to develop a common terminology. Timothy L Thomas Foreign Military Studies Office. The views expressed in this report are those of the author and do not necessarily represent the official policy or position of the Department of the Army, Department of Defense, or the US government. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Free $5 Love Reading Risk Free! http://us.click.yahoo.com/3PCXaC/PfREAA/Ey.GAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:33 PDT