SUMMARY

Previous page
Table of content
Next page

  < Day Day Up > 


The problem of defending against an information warfare arsenal and tactics is real. U.S. citizens and the organizations that provide them with the vital services they need can find no sanctuary from these attacks. The low cost of mounting these attacks has enlarged the field of potential adversaries and complicated efforts to collect intelligence and array U.S. military defenses. The consequences of a well-planned and coordinated attack by a relatively sophisticated foe could be serious. Even the threat of such an attack or digital blackmail is a distinct possibility. How the public will respond to the threat of IW infrastructure attacks or to actual attacks is unclear, but is a major determinant of future policy and actions.

This situation is getting worse with the rapid proliferation of information technology and know-how. U.S. citizens are becoming increasingly dependent on automation in every aspect of their lives. As information technology becomes an essential part of the way organizations and individuals create products and provide services, the need for interconnectivity and interoperability increases. With this increased need for exchanges of information (and products), vulnerabilities increase. Finally, the increased reliance on commercial-off-the-shelf products or commercial services makes it more and more difficult for organizations and individuals to control their own security environment.

Given this situation, you need to focus on two goals. First, you need to find a way to protect yourself against catastrophic events. Second, you need to build a firm foundation upon which you can make steady progress by continually raising the cost of mounting an attack and mitigating the expected damage of the information warfare arsenal and tactics of the military. The conclusions are as follows.

Conclusions Drawn from the Information Warfare Arsenal and Tactics of the Military

  • Information warfare (IW) has become virtually synonymous with the revolution in information technologies and its potential to transform military strategies and capabilities.

  • There is a growing consensus that national prosperity, if not survival, depends on one’s ability to effectively leverage information technology. Without being able to defend vital information, information processes, and information systems, such a strategy is doomed to failure.

  • Information warfare is often thought of as being defined by a particular target set of decision makers, information, information processes, and information systems.

  • The “battlespace” associated with IW has been a constantly expanding one, moving far beyond traditional military situations.

  • In some quarters, IW has even been associated with the leveraging of information technologies to achieve greater effectiveness and efficiency. This has stretched the meaning of IW to the breaking point and has sowed more confusion than enlightenment. For this reason, this treatment of the subject uses the term “information strategies” to refer to the recognition and utilization of information and information technologies as an instrument of national power that can be independent of, or complementary to, military presence and operations.

  • The scope, or battlespace, of information warfare and strategy (IWS) can be defined by the players and three dimensions of the nature of their interactions, the level of their interactions, and the arena of their interactions.

  • Nation states or combinations of nation states are not the only players. Nonstate actors (including political, ethnic, and religious groups; organized crime; international and transnational organizations; and even individuals empowered by information technology) are able to engage in information attacks and to develop information strategies to achieve their desired ends.

  • The term “war” has been used so loosely in recent times (War on Poverty, War on Drugs, War on Crime) that it should be no surprise that IW has evolved over the past several years to become a “catch-all” term that encompasses many disparate activities, some of which have long been associated with competition, conflict, and warfare, and others that are of more recent origin. These include activities that range from propaganda campaigns (including Media War), to attacks (both physical and nonphysical) against commanders, their information sources, and the means of communicating with their forces.

  • Under this rather large umbrella that has become known as IW, one can find activities long associated with military concepts and operations, including deception, command and control warfare (C2W), and psychological operations (Psyops).

  • Technological advances have added new forms such as electronic warfare (EW) and “hacker warfare.”

  • The term “defensive information warfare” (IW-D) is used here to refer to all actions taken to defend against information attacks, that is, attacks on decision makers, the information and information-based processes they rely on, and their means of communicating their decisions.

  • Strictly speaking, nonmilitary groups, both foreign and domestic can launch these attacks during peace time at nonmilitary targets the term IW-D should be IWS-D. However, IW-D is currently in wide use.

  • This overview of IW-D does not attempt to deal with the problems of defending against all of the different kinds of information attacks, but rather focuses its attention on the subset of IW that involves attacks against information infrastructure, including what has become known as “hacker warfare” and in its more serious form, “digital warfare.”

An Agenda for Action in Preparing for the Information Warfare Arsenal and Tactics of the Military

The cornerstone of the military’s efforts to combat IW will be the efforts of all global military organizations to protect their own systems and information. Some military organizations have been worrying about this for a long time and have developed and implemented plans to keep on top of this increasingly serious set of threats. Other military organizations have more work to do. It might be helpful, even for those military organizations that feel they are well prepared, to review the following list of suggested actions steps to determine what they need to do to be better prepared for the future.

The United States Government needs to set an agenda for action that goes beyond the work already done in preparation for the information warfare arsenal

and tactics of the military. Action steps should include, but not be limited to, the following 10 areas:

  1. The first suggested action involves a review of the military organization’s mission in light of the emerging threat. A few military organizations may find that IW-D adds a mission or increases the importance of an existing mission.

  2. New relationships with external organizations may be required, or perhaps existing relationships may need to be modified. Thus, a review of these relationships is in order.

  3. Who is responsible for IW-D in the military organization? Perhaps the military organization has a Chief Information Officer (CIO) and it would be appropriate for the CIO to take on this responsibility. Perhaps the responsibility for IW-D is spread out among several individuals. In any event, a clear allocation of responsibilities is required.

  4. Not all information or all systems should be considered equal with respect to the protection they merit. It is important, given resource constraints, to identify which information and systems (and functions of these systems) are critical and which are not critical.

  5. How vulnerable are the information and systems? What is the specific nature of the vulnerabilities? Answers are needed to provide a basis for planning and developing defenses. It needs to be remembered that vulnerabilities are relative to the threat, the nature of which is constantly evolving. Thus, vulnerability analyzes are not a one-time task but must be part of a continuing effort.

  6. Isolated actions to improve security are helpful, but they are no substitute for the development of a comprehensive IW-D strategy for a military organization.

  7. Because it is not possible to avoid all the risks associated with IW, each military organization needs to develop a plan to manage these risks.

  8. In the course of developing and articulating a military organizational IW-D strategy and risk-management plan, many issues will be raised and discussed. These discussions will create a greater awareness of the problem within the military organization and improve the organization’s ability to meet the challenges associated with IW-D.

  9. Combating IW is a long-term proposition. There are many long poles in the tent. A military organization’s investment strategies need to be reviewed and investments in defenses and supporting technologies must be made.

  10. Some reallocation of resources may be made necessary by changes in the operating costs associated with introducing new procedures and safeguards.


  < Day Day Up > 


Previous page
Table of content
Next page
Computer Forensics. Computer Crime Scene Investigation
Computer Forensics: Computer Crime Scene Investigation (With CD-ROM) (Networking Series)
ISBN: 1584500182
EAN: 2147483647
Year: 2002
Pages: 263
Authors: John R. Vacca
BUY ON AMAZON
Systematic Software Testing (Artech House Computer Library)
C & Data Structures (Charles River Media Computer Engineering)
Programming Microsoft ASP.NET 3.5
An Introduction to Design Patterns in C++ with Qt 4
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
Extending and Embedding PHP
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy