============== Page 1/17 ============== A 4 th NCS A’s I I Defining the Europ ' ’ J c # #• } je I } i 1 i i i i i f } i f I ; /Hn / q1: P + + n= I N T E R .N(./T 1 0 N A L j i + -' --t-)J /’! hfoWARtAI' hformaU„ W„h„ C,„f„„„B„„„b’96 eon+ar6m66 A+–A–SIAt,'we W !' The National Computer Security Association, Open Source Solutions7 Inc. and Wednesday, May 22 F'!!?::: : niH HHl• niH n•Hl• 1=1 al=•••r HIB =nHL nB =IB MHl•ll•lIHHI =l•HHllr = nliB =n == =••lln=n=l•Hun= In••Hr• 0700 Registration Opens - Rogier Foyer 0830 Keynote Address - Rogier I F:.'}::I::i-;,';::;:::i:.: E..{:;:::I..-..:...-;;I:.-.::; :: 0900 Plenary Session iT:}i-!--I:; i;b: '-.:II--I:$:?.--:;'i::;-.';: 1115 Break }-'--i:::i::. ';;::.’:.1330 Lunch 1430 Breakout Sessions - Rogier I & II 1600 Afternoon Break E:;IIi:::i:-i::::I:::;;i::'.;:::.i':.':. I :nnlrt211c _ 1 InIvally 1830 il--F)j: -.Il::-:)::t..-:': : ':';-:i:- LH n Pre-Registration- Rogier Foyer Welcome Cocktails - Delvaux : Thursday, May 23 Interpact, Inc., thank the Co-Sponsors ofInfoWARCon Brussels '96 ===•rr•rl•b 1700 1800 F: iT:-;-j::-::-'::E.T'\::,';: I'.I:I.,..'- Ina INTERNET SCANNER_ 21 00 Self-paid Dinners iI„=':“'' May 24 0830 Fi E::' NORMAN Norman Data Defense Wstems Ft':' !';',I’.I ..j\::::'l'.ri''i.:;j:IF:'’ Hr ; ;)::r!: B :i Keynote Address - Rogier I 0900 Plenary Session 1115 Break 1330 Lunch 1430 Breakout Sessions - Rogier I & II 1600 Afternoon Break 1800 Closing Comments i' !} ;:: ;;r:-i-: ::f '.-.'- .' _i;i i? II-iII::?-:,:.:-;;-;':’.-: E:ii !) :- ::- © NCSA 1 996 National Computer Security Association ** Information Warfare Conferenee Brussels ’96 'lafoWARcon infoWAKon InfoRnatioa Warfare Conferenoe Brussels ’96 ProAMm & eon+eut+g : := h H • L •!b } ; i :q r/ Hh : :: :: : :n t/ L i H& : PrO&AM & Com+eu+g Friday, May 24 Thursday, May 23 T+ T+ B 0830-0900 0900-0930 0830 - 0900 hhiEjrnaH£?nAE£!:t?Ts!?sta::n:hie?:Fg?;f]6,'shit;en;na --' -' ' ' ?:'.libeyRIlte Information Warfare: Chaos on the Electronic SuperhIghway. , , , . .&& Winn Schwartau, Interpact, I Ef!::rsafBiT:!LzcTEE;;rJonAs New Age Weapon' ::++a beEf A n Inc. 0900 - 0930 Creating Smart Nations Through National Information Strategies:. Intelligence And Seeurity Issues Robert Steele 0930-1000 Interactive Plenary (Question & Answers) R/. 0930-1 000 U!:: : :::nEalT: I 9::1?nTsI:hAl ) :i vE% IOOO-1115 &#: ;}X;uK 1 •T F:; ::===nie H A :H: f- Fighting ?': :-" :,:-:::::':: mC [ -- , :.' ' . i; :: : 1145 - 1300 The Croatian View: Predrag Pale, Chairman of the InfoTech Coordinating Committee, Ministry of Science, Technology, & Informatics Dr. Ken Dark, Fellow, University of Cambridge, UK i,{;,''Fj , ' Dealing with Internet Intruders in Emergency Mode: . . . . . . . . . . j:qq Peter Streibelt, IBM Europe, Program Manager for Advance Networking and Internet Emergency Response I - Defending Against the Internet:, . . . , . , . . . . . . , . , .' . The Threat to European CMI ProsperIty Moderator: Mich Kabay, Ph.D.. Director of Education, NCSA 1300-1330 Seourity Management: Safety in Cyberspace J. Arthur Olafsen, Norman Data Defense Systems 1430 - 1600 I - Legislation & Personal PrIvacy: A Global Electronie Bill of Rights?. Moderator: Dr. Mich Kabay Simon Davies, Electronic Privacy International, UK '' Breakout Sessions Winn Schwartau, Interpact. Inc. Klaus-Peter Kossakowski, DFN-CERT, Univ. of Hamburg, Germany Patrick Taylor, tnternet Security Systems Peter Streibelt, IBM Europe 1 1 n 1PIIa1r 11:1d i g rn Colonel Charles Dunlap, USAF 1630 - 1800 II - Industrial Espionage: An Update. , . . . . . . , . . . . . . . . . . Moderator: Robert Steele Maurice Najman, Television Correspondent TV6, France S h i 1HL B + B + 9 + e + B & B 9 Be Moderator: Winn Schwartau Dr. Philippe Baumard, Univ. of Paris, France Sooietal Impact of Information Warfare , , , . , , , , , . . . , . . . Moderator: Winn Schwartau ' An IBM Perspective The Convergence of Military and Commercial Vulnerabilities . . . Moderator: General Jim McCarthy, USAF (retired) Panel: Larry Wright, VP, Booz, Allen & Hamilton Dr. Leroy Pearce, Sr. Tech. Adv, representing Maj Gen Leech, Asst. Dep Minister of Defence Information Services, Canada Col GS Ulrich N. Fierz, Swiss Army FI Iii::;;ite..:::::i'i}::i.;f: E. ;' L . ;:: :j: 'i- =:$ i::. ;: i:'. , Information Warfare or Information in Warfare?. . . . . . . , . , . , , ;' ,’ . : . Support for ConventIonal War Moderator Winn Schwartau Sweden: Captain Bo Wallander (Navy) UK: Captain Patrick Tyrrell, Asst. Dir., Information Warfare Policy, Ministry of Defence 1430-1600 Breakout Sessions 1000 - 1115 rIb= ' 1300-1330 General Pichot-Duclos and Robert Steele W ', East: Admiral Vladimir Semenovich Pirumov. Chaiman of Scientific Counsel of the Russian Security Counsel 1145-1 300 hp& q r ;n i;;}„,Eg:E,!!,Ii.?’"”"'“""""' ' ' ' ' ' ' W;iB West: General Jim McCarthy, USAF ' ' ' ' •' -'J:{?ifI!!!!te Yves Baeumlin, Kroll Associates 1630 . 1800 Defining War in the Information Age - The New National Security . Brief comments by Winn Schwartau and Robert Steele Hackers: National Resources or Cyber-Criminals?. . . . . . . . , . , , Co-Moderators: Dr. Mich Kabay & Robert Steele Panel: Rop Gonggrijp - Hactic and The Digital City, Netherlands Andy Mueller-Maguhn. CHAOS Computer Club Germany Philippe Langlois. INTRINSec, France Anthony C. Zboralski, 'Frantic' B'{:i:I::-::.;'};'-;:$:1;:::':';;'\( (; I n 1 D rr11 a t t O n \I\I a d a t e C D R f 8 r e n e e B r U 1iS £M'(,.)n dsl 96 hE dl )WrAilILIL )Il IN amaHon Wadan C6Mwen@ BasseIs ?96 ; @o4®M & eomiea+g @O4aAM & cokd6kt+g lliIHI Additional Readings Additional Readings 1„t„m,tie„ w,n„e„dl„n,maUonlnbgdV. . . . . . . . . . . . . . . . . ' ' ' ' ' ':;} ''. 297-302 Soft Wars: Stats, Lies and VIdeo-Rape p . . . . . . . . • • • . • • • • • • ' • ' • • • •i+> " 1-4 Captain PatrIck Tyrrell Chuck de Caro / upon Contro1 as a ProaeUve Defenslve lnformation Warfare Mechanism . . + + .gO' Winn Schwartau giIII -Psychologleal- lw: Self'DecepUon and Tenotism . . e - . . . . . . . . . . . • • • •W Christopher Simpson H;q: • ): :• ; b:i 5-18 H o w \h/ e L o s t t h e H i g h nTe c h W a r o f 2 O O 7 + n B B eq ;i It W Luzgin Case Study: Soeial EngIneers Wreak Havoe . . . . . . . . . . Ira Winkler Promise and Penls of lnformation-Based Warfare . . . . . . . . . . . . . . . . . . .1;+ 69-82 Alan Camper\, Col USAF (ret) 83-106 Campaigns and SubordInate Operations Saundra Wellfesh + + : if) phI 36 "Low Intensitr' to "No IntensitY' Conflict H.D. Arnold, J. Hukill, J. KennedY and A. Cameron Taking Down TeleeommunlcaUons. . . . . . . . . . . . . . . . . . . . . . . . . . . . . ,. . - 137-226 Major Gerald R. Hust StrdegteAnack ofNationaIElecalcal Systems. . . . + + . . . . . . . . . . . ' ' '••• Thomas E. Griffith, Jr., Major, USAF + e Be Bee H:i:+! Jt: :303 :310 ; :ApocaIypseNDwB© } , B + p + e 8 BellS & I h 311430 } . .} A?„,iII:=?,'::”'”"''''''-""""""" Wg:?I j : , ' l:}:i'i:ii:;::I}.' 45-68 e + + B see + Be B';;;,'},if::;;-'.:.:i-:-,:+i"’:;::: -’- Ta 1 g e t i n g F i n a n c i a 1 S y s t e m s a $ C e n t e r s o f G rav ny : + e + + 8 + + Bees I Robert Steele Neal Pollard Measures of EHediveness for Information Warfare inTheater. . e . . . . . . . . .) , - P e r s P e c t i v e o n I n t o r m a t i o n W a dan Robert Steele i :::\{rH ' ' ' ' ' • • • • • • • •@ Computer Terrorism and the Information Intnsttuctute. . . . . ' • • • • • • • '•• T h e M 11 i t a W h';;; Information Powershlft . . . , . . . . . . + + . . . . • . • . • . • • • • • • • • • • • • • fg ' Tamara + Be + + sees Charles J. Dunlap, Jr. - - 227-296 r' , National Computer Security Qssociation NI The leading rnembership organization providing educational materials, training, testing and consulting – to help users improve computer and information security, reliability and ethics. a Hgtjoeal ComPtHt MrlM'Flotl8tb6 Yoay Kel) to C)owlpute7 SecuyjtX) NCSA Membership NCSA supports members from a wide range of commercial and government organizations. Members receive free subscriptions to the monthly NCSA News, discounts on conferences and books and free telephone support for securitr related questions and anti'virus support. la NCSA Conferences New OnIIne NCSA hosts intemational security conferences for both experts and novices. As an N(,SA member you have the help you need to protect your information assets, 24 hours a day. InfoWarCon '96 • Arlington, VA ' September 5.6 ' infowar96@ncsa.com Web SecurIty & Firewall Con '96 West • San Jose, CA ' Sept.30 - Oct. 7• fwcon96west@ncsa.com CyberFtisk '96 • Arlington, VA • November 7.8 • cyberrisk96@ncsa.com Intl. Virus Prevention Conference '97 • ArIIngton, VA • January 16-17 • ivpc97@ncsa.com CompuServe NaSA offers comprehensive online access to current articles, product reviews, books, periodicals, virus research1 underground ha<,ker/phreaker news and more through its two CompuServe forums. NCSAFORUM and GO NCSAVIRUS you have access to these resources thrvugh NCSA's main menu on CompuServe' GO NCSA M + + + In the NCSA Information Security Forum, you have access to a repositorY of PC, Mac, LAN and Internet security tools. This forum will also provide you with the latest information about encryption, electronic data interchange1 disaster recovery, LAN security, Intemet firewalls & more. GO NCSAFORUM Most of the major anti-virus product developers are represented in our other forum, the N(/SA Virus Vendor Forum. Download anti-virus software for evaluation. Obtain the latest versions of the world's leading products1 upgrade/signature files & the latest news about viruses from the Internet's leading anti-virus digest, VIRUS-LI posted in this forum daiIY' GO NCSAVIRUS http://www.ncsa.com Visit our web site for more information – with hot links to news toPics, vendors & events, plus all the information you expect from NCSA, E-mail Take advantage of our automated E-mail system to get specific information on an NCSA service or event. For a I.omplete menu of available infobots, send a blank E'maN to info@ncsa.com. Phone: (717) 258-1816 • Fax: (717) 243-8642 NaSA • IO S Courthouse Ave • Carlisle, PA 17013 + + + + NCSA Consulting Security Assessments Virus Assessments Disaster Recovery Planning Security Awareness & Education Programs E-mail Security Physical Security Evaluations Policy Development NCSA’s team of intemationally recognized consultants work with clients to safeguard information assets through collaborative analysis and education. Protect your information – don't become one of the 50% who are penetrated by rckers M NCSA IS/ReconTM IS/Reconn" collects information from around the world to help you maintain security. IS/ReconTH is an Intemetconnected database that provides up-to'the-minute information about hackers and crackers, security incidents, virus developments, and other new threats. IS/ReconTM searches and delivers what yOU don’t have time tO find – but cannot afford to be without. la NCSA Internet Security & Firewall Testing NCSA performs firewall product assessments,evaluation of specific installations, remote Internet scans to find and close wlnerabilities, and penetrationtests. 171 NCSA Consortiums NCSA sponsors product consortiums to help foster better product quality and enhanced security. The Anti.Virus Product Consortium (AVPD) enhances its computer virus research capability with the testing and cenincaHcn of anti-virus software. The Firewall Product Development Consortium {FWPD) includes over twenty companies that have joined together to set standards for certification of firewall products. ============== Page 2/17 ============== <, hfoWARcon i„f,r„,ti,n W,Mr,%„f„„„B„„M,’96 Keynote Thursday, May 23 0830-0900 Keynote Address The Strategic Approach to Home Defense: Integrating Civil and Military Networks Speaker Major General Edwin Ebert, J-6 Assistant Chief of Staff , C41, USA • VP klfoWAK.,on informatIon Warfare Confamee Brussels ’96 T:::,:fEe;itS;t:nttJ6ei Comrrlanding onceFS-VbAFmY Sina1 CQFPS '' K8Yn Rte ============== Page 3/17 ============== Keynote 2 Infanna lion Warfare Conferen@ Brussels ’96 infoWARcon &rfoWARbon „,„„~„ Wan„„„„„„„„„„,,„ A Information Warfare: Chaos on the Electronic Superhighway Winn Schwartau President & CEO Interpact, Inc. USA Information Warfare Coaferen$e Brussels ’96 A I An Introduction to Information Warfare by Winn Schwartau At one point, if not already, you will become the victim of Information Warfare. If not you, then a member of your family or a close friend. Your company will become a designated target of Information Warfare. If not yesterday or today, then definitely tomorrow. You will be hit. Why? Because the United States is at war, a war that few of us have bothered to notice. The 20th century information skirmishes which are the prelude to global Information Warfare have begun. Information Warfare is coming, though for some, it has already arrived. As we descend farther into the Information Age as the first Third Wave society, we as citizens of both the United States and Cyberspace must come to terms with our electronic destiny: leading the world into the 21 st Century and the Information Age. We have some tough choices to make - the information revolution is not an easy transition and the evolving National Information Infrastructure illuminates the complexity of our challenges. But the opportunities are too great and the alternatives too grave for us to ignore. To take the steps we have to take, we have to understand where we are today, where we are going. and what issues we must directly confront if we wish to design our future and no{ be consumed by it. As the specter of global world-ending warfare recedes into the history books, (and hopefully stays there!) a collective sigh of complacency is replacing bomb-shelter hysteria. Despite 'the fact thaI nearly 175 million people were killed in the 20th century from the effects of war and politics, SUangelovian predictions thankfully never came to pass. However, as equally dangerous intemational economic competition supplants mega-tonnage intimidation, offensive pugnacity will be aimed at the informational and financial infrastructure upon which our Western economy depends. The Cold War is over and has been replaced by Economic Warfare - a competition between what is shaping up to be three major trading blocks: North America, Europe and the Asian Pacific Rim. Richard Nixon was fond of saying in the 1970s and 1980s that World War III had already begun and that it was an economic war; perhaps one that the United States was destined to lose. In retrospect, we might have been more attentive to his prescience. These three huge economic forces account for about one quarter of the population and 80% of the GNP of planet Earth. The stakes are enormous and everyone wants a piece. The foundation of modern society is based on the availability of and access to information that will drive a thriving economy upward on its course or propel a weak one into a position of power. In today’s electronically interconnected world, information moves at the speed of light, is intangible, and is of im- ( Information Warfare Conferen6e Brussels ’96 2 infoWARcon infoWARtonInformatIon Warfare Conferen6e Brussels ’96 A 3 mense value. Today’s information is the equivalent of yesterday’s factories1 yet it is considerably more vulnerable. conflict which defines computers and communications systems as primary targets forced to defend themselves against deadly, invisible bullets and bombs. Right ?ow, the United States leads the world into a Globally Networked Society, a true Infomation Age Imagine rival economies battling for a widening sphere of global influence over the electronic financial highways where no expense is spared to ensure victory. where information and economic value become nearly synonymous. With over 200,0009000computers inextricabIY tYing us all together through a complex spider web of land and satellite based conununications SYstems, a major portion of our domestic $7 trillion economy depends upon their consistent and reliable operation. Infonnation Warfare is an electronic conflict in which information is a strategic asset worthy of Then imagine a world made up of companies that settle disputes and compete by regularly blitzkHeging each other’s information infrastructure. A world where electronic and competitive espionage are the conquest or destruction. Both computers and information systems become attractive first strike target;. expected manner of conducting business. As I told a Congressional Committee on June 27, 1991, “Government and conunercial computer systems are so poorly protected today, that they can essentially be considered defenseless. An electronic PenI Harbor waiting to happen. As a result of inadequate security planning on the part of both the Government and the private sector, the privacy of most Americans has virtually disappeared.” (1 ) Or imagine a world inwhich personal revenge, retribution, getting even, is only a keystroke away. Computers a1 Risl a report published in October of 1990 by the National Research Counsel clearly echoed my sentiments. The authors concluded, “The modem thief can sted more with acomputer than with a gun. Tomorrow’s terrorist may be able to do more damage with a keyboard than with a bomb.” (2) in a recent stud b two thirds of Americans polled said that computer usage should be curtdled if theIr personal privacY was at ask- As a countrY, we are only now beginning to recognize and accept the fact that our personal and economic interests are indeed merging with our national security interests. InfOFmaaon WarfaFe is an integral component of the new economic and political world order. Economic battles are being fought todaY and will continue td be fought even more explosively, ultimately affecting everY American citizen and company as well as the national security of the United States. As terrorism now invades our shores, we can expect attacks upon not only airliners and water supplies, but upon the moneY supplies - a sure way to strike terror in nillions of people with a single keystroke. Since World War II the United States has based its defensive position on our adversaries’ capabilities. not their intentions. Voila! La Arms Race. However, we have not kept up with the 'Joneses’. The world is moving into CYberspace? but our national economic defensive and competitive posture is still nmly ocKe What kind of world is this? This is the world of Information Warfare. And we, as Americans and as a country, are not prepared for the future we have created. Information Warfare is about how Information Age Weaponry will replace bombs and bullets. The weapons of Information Warfare are no longer restricted to the Government or the CIA or KGB. Computer and communicationsweapons are available from catalogs, retail store fronts and trade shows. Many can be built from hobbyist parts at home. That is the nature of open source information: equal availability to all. And, of course, the military is developing its own arsenal of weapons to wage Information Warfare. Information Warfare is about money. It’s about the acquisition of wealth, and the denial of wealth to competitors. It breeds Information Warriors who battle across the Global Network in a game of CyberRisk Information Warfare is about power. He who controls the information controls the money. Information Warfare is about fear. He who controls the information can instill fear in those who want to keep their secrets a secret. Or the fear that the Bank of New York felt when it found itself $23 billion short of cash in only one day. land_ Information Warfare is about arrogance. The arrogance that comes from the belief that one is committing the perfect crime. CYberspace is a brave new world that only luminaries such as McCluhan and Arthur Clarke glimpsed in their mind’s eYe, but not even they could presage the uncertainties unleashed in the last two decades Imagine a world where information is the conunodity of exchange and cash is used only for pedestrian trade. A world where information, not English, German, Japanese or Russian, is the common language. A world when the power of knowledge and information usurp the strength of military might. A world totally dependent upon new high-tech tools to make inforrnation available instantaneously to anyone9 anywhere, at any time. A world where he who controls the information, controls the people. A world where elec_ tronic privacy is nonexistent. Now imagine a conflict between adversaries where information is the prize. the spoils of war. A conflict with a winner and a loser. A conflict which turns computers into highly effective offensive weapons. A Information Warfare is about politics. When the German government sponsors intelligence agency hacking against U.S. computers, the concept of all)' needs to be redefined. Or when Iran takes aim at U.S. economy by state-sponsored counterfeiting, we should have a glimmer that conflict is not what it once was. Information Warfare is about survival. France and Israel grew industries and their respective economies by stealing American secrets. Japan and Korea purloin American technology as it comes off the drawing boards with the help of their governments. Information Warfare is about defiance and the disenfranchised masses in both modern and third world societies, They range from inner city hackers who have nothing to lose - knowing the prospect of jail represents an improvement in their lives - to gangs, to organized crime; they and a host of fringe elements ( A ,„or„„„„,MreCoR„„Me8r„sels,96 infoWARcor1 I infoWARconInformation Warfare Conferen6e Brussels ’96 A 4 5 recognize the cost benefits of waging Information Warfare. Cyberspace, you are guilty until proven innocent. Information Warfare is about control of the information, and as a society we maintain less and less control as Cyberspace expands and electronic anarchy reigns. Given global conditions of the late 1980s and 1990s, Information Warfare is inevitable. Today’s planet offers ripe conditions for Information Warfare, The Church of Scientology has been battling their own Infowar. When ex-members left with proprietary Church secrets and posted them repeatedly on the Internet, a legal melee grew on one front with quite a distinct conflict was waged in Cyberspace. many of which could not have been foreseen even a few short years ago. I have been the target of Class 1 Infowar from hackers who did not approve of what I said. They did their Information Warfare currently costs the United States an estimated $ 1(D - $300 billion per year, and the financial impact on our economy increases every year. Almost 5% of our GNP slithers through the Global Network and out of our control, thereby hurting deficit reduction efforts, impacting our export base and the current trade imbalance. With billions less in commerce, lower taxable revenues and taxable assets deprive the Government of its fair share of profits. As a country, more than our image is tarnished by our constant place as victim in the Information Wars. Our credit is less credit-worthy; our ability to buy and trade suffers; our political and diplomatic impact is reduced because our economic strength is no longer the unquestioned leader. We’re not the only tough guy on the block anymore. But 5200+ billion is mainly about people. Some 3-8 million Americans who might be working because they, too, are the victims of Information Warfare. Information Warfare takes advantage of our reliance, indeed our addiction. to automation and modem computerized niceties. Information Warfare attacks our very way of life. The promise of a future Computer Chernobyl is not empty. it’s only a question of who and when. Waging Information Warfare is available to anyone with an agenda and an attitude, and can be waged at three distinct levels of intensity, each with its own goals, methods and targets. Class 1 Personal Information Warfare In Cyberspace, you are guilty until proven innocent. Today, the concept of electronic privacy in a contradiction in terms. The essence of who we are, our very being, is distributed across thousands of computers and data bases over which we have little or no control. From credit reports to health records, from DMV computers to court records to video rentals, from law enforcement computers to school transcripts to debit card purchases, from insurance profiles to travel histories to our personal bank finances. everything we do and have done is sitting somewhere in a digital repository. And people and businesses make judgments about us based on the contents of those thousands of computers. over which we have little knowledge, less control and no recourse. The sad fact is that these very records which define us as an individual remain unprotected, subject to malicious modification, unauthorized disclosure or out-and-out destruction. For $25 per name, Social Security Administration employees have sold our innermost secrets. Worse yet, as of today, there is nothing you can do to protect the Digital You. You are not given the option or the opportunity to keep you and your family protected from electronic invasions of privacy. Your life can be absolutely turned upside down if the Digital You ceased to exist. Electronic murder in Cyberspace: You’re just gone. Try proving you’re alive; computers don’t be. Or if the picture of the Digital DtI is electronically redrawn just the right way, a prince can become a pauper in microseconds. In dragnets to disrupt my life, taking advantages of the myriad holes in the systems around us on which we rely for both our comfort and our survival Class 2 Corporate Information Warfare Current policies in the United States actually invite Information Warriors to attack the corporate information wealth of this country. Corporate management has little feel for just how weak and defenseless their corporate assets have become. While the wealth of corporations is measured in the timeliness and value of their information, no company lists Information Assets on its balance sheet. Most companies have not come to grips with the single fact that information is the only asset that can be in two places at the same dIne. Yet, denied that information, or if that information the economic stability of that company is called into question. Putting a company out of business by attacking their information SYstems may soon become a common method of economic competition, political retribution. or social commentary. The weapons and techniques of Information Warfare are as common as spreadsheets and calculators. Corporate board rooms often take elaborate precautions to protect themselves against the statistical probability that a tornado will blow away their operations centers. The one in a million chance that a flood will rage through downtown Denver prompts companies to dig into nearby mountains to build underground vaults expected to survive a direct 50 mcgann hit. What companies have not prepared themselves for, however, is a well organized offensive assault against their information systems - not by Mother Nature, but by Man. We shall discover that it is difficult to indict corporate America alone on all of these counts. The last 15 years of spiraling growth in information processing has been and is a world-shaking revolution driven by heady technical successes and evangelical visions. Meanwhile, diligence in weighing the risks associand with placing our entire faith on a technical infrastructure was and is in short supply. And as we sha]I see, the federal government must shoulder much of the blame for our current posture. In fact. it is often not in the government’s best interest to assist us in protecting our computers and networks. Their contradictory Never-Say-Anything policies of denial have caused harm to efforts now underway to enhance personal privacy and commercial national economic security. Inadequate legal remedies permit countless information blitzkdegs to be launched with impunity. Inane antique policies continue unabated, and in some cases. overt attempts on the part of the federal government have further undermined the electronic privacy of every American citizen. Special interest A Information Warfare Conference Brussels ’96 infoWARcon infoWARconInformation Warfare Conferen£e Brussels ’96 A 7 6 groups and extremists of varying flavors are misguidedly influencing legislatures to pass increasingly restrictive and foolish laws in an attempt to build barriers in Cyberspace. History will view such futile efforts with a chuckle. Class 3 Global Information Warfare On the other hand, there is the more prevalent military view of information warfare. Since my work was first published on this subject, much of a previously classified subject has now become a post-Cold War funding vehicle for the Pentagon and hundreds of company’s who count on governrnent business for their revenues. In the simplest of terms. much of the military’s concept ofInfowar is meant to make conventional warfare more efficient, less lethal and less likely by improving the technology of bombs, tanks, and air- craft Indeed, the economy of the United States, the collective proprietary information wealth and intellectual I argue, however, that we have to be prepared to defend and fight for the integrity and survival of our national information dominance, independent of conventional warfare. I argue that the concept of civil defense needs to be revisited. In fact, we must redefine what we mean by acts of aggression and acts of war that do not involved conventional weaponry meant to inflict physical damage. The asset base has shifted and national security requires new and expanded definitions to include the intangible realities of pure information warfare. property of our citizens and businesses are a national security asset to be recognized and defended, for it represents the future of this country. Information Warfare is Predestined Collective Capital Hill and White House wisdom has not yet realized that information is a vital national asset. Still thinking in terms of military throw weight, oil reserves, Japanese cars, and illegal aliens, they appear to miss the fundamental concepts behind the New World Order, the National Information Infrastruc- lure and our place in the global econo-technical Global Network. Outside of a forward thinking few within the bowels of the Pentagon and related intelligence services, national security assets are viewed as those tangible items with a concrete, quantifiable, and replaceable value. Information, on the other hand, is intangible and does not have an immediately quantifiable monetary worth. Unless you lose it. Then it costs a great deal more than you ever thought. As we move into Cyberspace, we must avoid the temptation to ignore the possibilities that an unknown future may bring. We must take off the blinders and accept - not deny - that the New World Order is full of bad guys as well as good guys. We must prepare ourselves for contingencies that we might prefer not to consider, but out national well being will necessitate such planning. We have to accept that as the wealth of our nation shifts from smokestack to Cyber-cash, our once well defined borders are now ethereal concepts with hazy delineations at best. We will find that it is our job to prepare ourselves and future generations for a world filled with hope and possibilities we couldn’t have envisioned only a decade ago, but also fraught with dangers and obstacles never considered. Both will be as commonplace and normal for our descendants as running hot water is for us In our explorations, we will unfortunately find that a well financed, dedicated adversary has the capability - and I emphasize the word capability - to wage war against industrialized and information based nation states, political or economic spheres of influence like we never has before. We will find that international conflict may well be waged on the world’s information highways or on our own National Information Infrastructure unless we plan for it now. We find, in general, two distinct, and occasionally competing views of Information Warfare. One is the one which I have modeled and worked with for seven years now. A battlefield without bombs or bullets, where information and information systems are both the weapons and the targets. One where the civilian - not military - infrastructure (from the smallest one man company to the four fundamental infrastructure underpinnings) are the targets in a new kind of war. We must ask, then, why will Information Warfare be fought? is it a foregone conclusion? A necessary component of our future? The answers are timely and unique to the Information Age and the promise of a National Information Infrastructure. We will see that Information Wars are inevitable given our place in history for many reasons. : 1. The incredibly rapid proliferation of high-quality, high- performance electronic information systems created the Global Network - Cyberspace - thus redefining how we conduct business. Not only did bustness and government buy into technology, but tens of millions of us were, within less than a decade, suddenly empowered with tools and capabilities previously limited to a select few. The comparatively simple technology for Information Warfare is universally available. Technical Anarchy is the result. The Global Network is an historically unprecedented highway system that defies borders andnationalism. It places the keys to the kingdom. to our wealth and our digital essence,within equal reach of everyone with a computer. Capability in distinction to motivation or intent is a key theme which will be repeated many times throughout this book 2. While we as a planet recede from a bipolar militaristic stand off, we unexpectedly find ourselves joined by dozens of new nation states filled with unique nation-state histories, each competing for its own identity. The failure of communism does not mean that our system of Democratic Capitalism automatically wins and every newly created nation-state will adapt it as its own. There are other alternatives, and not all of them are compatible. Self-interest rides high in the early part of this decade, The rules of the game - the global economic and political influence games - aren’t the same for everyone. We, as Americans, play by an old rule book, where goodness, Mom and apple pie define our competitive ethos. Others are less likely to stick to the outmoded Puritan ethic by which we won the Industrial Revolution. Some groups will willingly beg, borrow or steal what they want in any way that they can, Others will resort to physical violence in the pursuit of their agendas, but we just don’t work that way. America and Americans are still often viewed as spoiled brats in a self-indulgent land where instant gratification counts for everything, and that image makes us inviting targets. ( A Infolvnation Warfare Conferen ee 8russels ’96 infoWARcon infoWJ iC(XI InformatIon Warfare Conferen ee Brussels ’96 8 9 really doing this country a service . . . by acting as an early warning radar system for Cyberspace? 3. Only 25% of the planet can be considered developed, or first world, leaving several billion inhabitants in the unenviable position of being the Have Nots. The Haves are the comparatively rich countries in Western Europe, Japan, some of the Pacific Rim, and, of course, North America. The Have Nots are everyone else. With the Global Network pouring avalanches of information across the borders of the Have Nots in the form of text, sound, and especially pictures, very quickly theHave Nots want to become Hayes, Through CNN and Dynasty and upscale sitcoms and global programming, the Have Nots see for themselves how we, the Other Half, lives, and they want their share of the pie. When there’s nothing to fear, nothing left to lose, and the only way is up, going after the King of the Hill - America - is an obvious tactic. 4. Greed is in no short supply, and few individuals, businesses, or countries are exempt. Businesses and governments constantly strive for advantage over each other, often relying on less than legal techniques to gain an edge. With the Global Network in place, and the proliferation of technology for every-man, greed has found its way into the fingers and keyboards of people who might other wise never commit a crime. Greed operates at all levels, and due to the vulnerability of most information systems, provides ample opportunity to exploit their weaknesses for stupendous profits. Waging Information Warfare effectively can be of tremendous financial value to the winner and be devastating to the loser. 5. The effects of Information Warfare are unique in the annals of conflict. Info-Wars can be fought by remote control, the ring- leaders invisibly comfortable behind a keyboard ten thousand miles away. No longer is it necessary to intrude physically upon the intended victim’s turf. The Global Network offers a million points of entry. Computer Terrorist mentality allows indiscriminate damage to affect millions of people from a single strike, sowing fear, uncertainty, suspicion, and doubt. Information Warfare provides a low-budget, high-tech vehicle for mass destruction. 6. Information Warfare is a low risk/high reward endeavor. The odds of getting caught are low, of being prosecuted lower still, and of being convicted almost nil. On the international front, countries cannot agree what to do with nuclear weapons much less an Information Warrior sitting behind a keyboard. 7. Essentially, we don’t trust computers. We perceive them as out of our control and as processing inform& tion far too fast for us to comprehend. Most of us don’t have a clue what goes on inside of them. Yet we need computers to sustain our society. Information Warriors leverage binary schizophrenia, digital acidiction and approximation anxiety - our inherent fear and distrust of computers - to their advantage. 8. Lastly, and perhaps most importantly, Information Warfare will be waged because fr call. History clearly shows that any new technology, regardless of its original intentions, soon finds its way into the arsenals of the warriors - in this case, computer technology has fallen into the hands of the Information Warriors. Information Warriors come in all shapes and colors. On the global front, the Japanese and their cameras represent the equivalent of the Army scout providing headquarters with valuable strategic information. Hackers and Phone Freaks have been waging mild Information Warfare against Corporate America and the phone companies for years, but the recent generation of young Cybernauts is more aggressive - patently echoing the ins of society as a whole. Are, though, as some argue, hackers The Soviets, of course, were Information Warriors par excellence. Now, tens of thousands of ex-Iron Curtain intelligence agents seek to ply their trade for the highest bidder; some going as far as offering their services in the classified sections of daily newspapers Power hungry dictators, radical fundamentalists and a score of international political sects are candidates to use Cyberspace to effect their policy. The narco-terrorists are well financed, well armed, have a bevy of technical advisors in their stable of resources and have already taken aim at the Drug Enforcement Agency with Information Weapons. Environmental groups have shown the willingness to be physically provocative, and Information Warfare offers them the ability to strike out at logging camps or anti.bird groups or the oil companies in a new, imaginative. and less dangerous fashion. Cyber-civil disobedience as a means to voice social or political discontent is not longer an empty vision I was accused of having. In France and Italy, so-called 'Internet Strikes’ have already occurred. Information brokers and data bankers sell your name, your upper- middle-class Zip code and the last time you bought underwear to anyone with a floppy disk: all without your permission. Banks and credit bureaus allow computers to make decisions that affect our lives and our livelihoods based upon informadon that contains as much as 30% erroneous data - all with virtual impunity. Anyone can be an Information Warrior. Publications such as 2600 - The Hacker Quarterly, Phrack and others provide the basic training for the hacker inductees. Cyberspace itself offers safe havens for Information Warriors to build their armies, develop their weapons, and deploy them. An unhappy worker can suddenly turn against his employer with little chance of prosecution. A government employee may moonlight as an Information Warrior, or a teenager may live in Cyberspace 20 hours a day, alighdng only for Jolt and pepperoni pizza, Potentially, a hundred million Information Warriors are out there, waiting, honing their skills, some less friendly than others. Information Warfare is about capabilities, the power of the individual and the power of an organized group. The capabilities of kids, the capabilities of technical mercenaries, and the capabilities of nationstates are threats we must accept and not deny. Their intentions are secondary. The point is. that if a group wanted to wreak havoc, today they have the means, the tools, and the weapons to do exactly as they please What will Information Warfare look like? How will we recognize it? How will it be waged? Who are the Information Warriors? Where are they? What are the weapons used in waging Information Warfare? What can they do? Where can you buy them? What is the Government and industry doing to prepare for upcoming Information Wars? My research has found disturbing answers to some very simple questions about our personal, corporate and national posture in the Global Network. ( A Information Warfare Conferenoe Brussels ’96 infoWARcorl infoWJ ;OII !afotmation Warfare Confetenee Brussels ’96 11 10 But there is hope, a way out of the technocratic quagmire in which we find ourselves immersed. The first step is the admission of the problem and a willingness to apply available solutions. Personal electronic privacy can be achieved, and national economic security b possible - if we think these issues are important enough to address. Cyberspace is a new place to live, and one way or another, we’re all moving in We might as well figure out how to get along, since both our individual successes and national strength depend upon it. And those solutions revolve around a National Information Policy and an Electronic Bill of Rights. Properly constructed, they could provide us with both a beacon and a road map into a future we define and choose, not one that consumes us. Winn Schwartau President & CEO Interpact, Inc., USA Winn Schwartzu9 author of Infor7m3tion Whl/are: Chaos on thc Electronic SuperhIghway and Tenninal Compromise, is one of the counUy’s leading experts on information security and electronic privacy. He has testified before congressional subcommittees, provides security consuIMtiil\to FOOTNOTEI. Submitted testimony, Subcomrnittee on Technology and Competitiveness, Committee on Science, Space and Technology, U.S. House of Representatives. June 27, 1991. FOC)TNOTE2. Computers At Risk: Safe Computing in the Information Age. (National Academy Press, 1991.) P. 7 (C) 1994, 1995, 1996 Winn Schwartau and Interpacb Inc. USA All rights reserved. (Excerpted from “Information Warfare: Chaos on the Electronic Superhighway,” Thunders Mouth Press, NY ISBN: 1-56025-080-1) This document may be reproduced and distributed for free, only in its entirety, as long as this copyright notice and disclaimer are included, and no fees are charged by the distributing party. industry. and government and is a prolific author with hundreds of articles and editorial piec es in such magazines as Computer $brIef, InfoWorld, PC Week, Network World and InfoSecurit] News , ============== Page 4/17 ============== T [ = a a alST = € t\1 al ?Dr bJ g A: cB. d: all eD E g: LD el if: = ==H =:IH nb a) OR BBC === S < =HHH• > a U-nR ni < a) al CD a) ==qll• 30 == WB 3 B O O a) '•=h a) He a C/) 0 =BHIBa C/) C) nO He CD gg al C/) C/) L< a) < C/) ag = 0 == O CD a 3 C PP '= == 3 0 ph CD 3 FrI 3 a) He CD tn 3 < V) CD g Q a) '=R 3 O a g?a C C=WeB CB b B' 0 -+t C) =r 3 S-2 3;;a € BI cS 3 a 3 a) 0 L a •=•Hl•H '-= 0 =+1 O 3 aa " tU al 3 CD al g ea ••nBQnl ph =r cr) =r a) CD CD g CD 3 G) aT FrI al al W : DO 0 cr 3 neD O S C cr) B nunn > an 8)L a :'1 P-b S a) 'He nIBh In nI CD < CD 1=q a) a a) g CD el nb •• rD iia i; aD I g: iD nI fei a) a \ g Q S Managing Battlespace Information: The Challenge of Information Collection, Distribution, and Targeting g BA, 3 [BI UBU g AT B = € a) a B) James P. McCarthy General, USAF, Retired Olin Professor of National Security US Air Force Academy, CO He CD a a a IFa HI tB a C) (B aD a nIe Ul al CD a 10 at N) a a g a) WarNet Systems Briefing Outline at In a g a} & e a C) a a A System of Surveillance and Reconnaissance +HIgh @ CD WarNet as a information Dissemination System 3 a el CD @ eD Defining an Concept of Operations for WarNet 3 44 BfI CD e Impacts of Information Systems Support to Combat 111 frI a) E- g g Battlespace Inn)sphere (WarNeD go =' a BBq g aa a i = a B) a nB C; Crisis and Combat Q a B a aa el tB Opc nitions ED an a ea In CD haHh•RI OR If; attl fi PfI a) :e A a a g aPHe• A System for Surveillance and a) a: 6 a Reconnaisance S al a anU (B C) la • JSTARS a qH•ln CD aBle tb a C) • UAV’s • Unattended Ground Sensors CB aD a el IUI CB •Hln••l el In a) • Dynamic Management of All Sensors gA 8 i) RADAR OPERATION gB a a 3al a In a hhhhhHI dllIHnh WHH € b) WIDE AREA SURVEILLANCE T!. M gnU cB C) a a SECTOR SEARCH UBeR eD able a a CD CD @ eD a al nIe ATrACK CONTROL tn CD 9) tX SAR at El I i c++ !!i VI G\ I•:+eI I SupportIng DA:rIa !be }vaff131lle! a a g aHIB a) nn W sIIL. }; -+; Tl?a >;it a' 3 E a) a a) a C) a a IPHIBb CD ;; B el (B DO a tfl el eD In••l• g) frI a) ••g: ;} A\ ; ; ; in q g a Unattended Ground Sensors a iHHHhll a 1+HIBa 81119 3 al HeP aa g B) al nB a C) a a rD 8HIU m A CB CD eD an a iO g) CD B tH at 00 0 Dynamic Management of All a Sensors Bi = g a) a g a a) Split control of national and theater assets causes many Impacts &B Recce/Surv need to be part of operations tempo CD •nU (6 C) a a 8 a CB aD • a Dynamically integrate national, theater and organic recce and surveillance assets including UAV’s and unattended g) el CD a Is a) sensors • g' g ii Warfighter’s control optimizes all combat operations S i,H.,) g g System of Systems Battlespace Awareness eA 3 3 t-I US Dominant Battlespace Awareness Battle Assessment In = 3 a € a) arD nq an a a He Ca B eB tD DO BBq a ea 10 CD a [vanced Precision Force Use In at C41 Mission Assignment \Q ed 0 S a g a) PHnOB WarNet as an ea Information Dissemination System la a g al a a) •=g CD 0 Warnghter’s Picture of the Battlespace e Operational Implementation Warfighting Architectures 8 ('-41Future Architecture 0 • Direct Broadcast Systems C) in a gun CD 3 a el CB eD a e) g) CD a••ll• Ut fri a) EO B g d Wart gghter§’ Picture of the Batti©$paee rb gA S a 3 63 MR nO BI B € a) iib a) In CD C) a a n=B• eD aHl eD B a eD WE 4-t agB e) (D a tri at BUD Vision Operational gm}9lermentation DoD a a Commercial smart workstations a Education Hi (; a;he Distributed Production an 3 as aq a a a a) a a) (6 ang C01111r1 cl-ci,II C) a a 1IHnab CD 8 a n tD Geospatial Databases a EO SAR Military a IFSAR u Foreicjlr Ops NRO CIO Traff V/cath or gB CB Recce/ Surv DIA II el tFl a) VI : Geospatial Databases Imagery tnlcl a [0 OLyn Force eD a la Commercial \,A/eat her g Q Geospatial Reference System (DoD) Distributed databases, referenced geospatiaIly, empower the user g S' CINe’s Warfighting Architecture - Enables Battlefield Dominance • System of systems g a I. "Interpersonal –Specifically 6 to meet each mission –Specifically to support forces involved "Messaging" gq t+ Communications” a a a aHHHHHI a al o+b>o =\ a a € a) n= • Confluence of three architectures - 3, ljnformaiion Access " a) inU OFJo CD C) a B –Warfighting an+1 eD aRe CD B C) – Information CD eD an a el 4. "Publishing" V) –Communications CD eHHHRll gI IS at Has Technology Enabled Us to Redistribute Our Mes gage Traffic Among the Four Classes in a Manner that Enables Us to Do “Much More for the Warfighter”? H LA) + bN The Future Tactical C2 Nets Direct Broadcast High Capacity I" i BHIOH 1:i g as a a at € el al a) nB tD C) D a CD 8 a a eD By aD a Ul el 10 e) IA a) Wadiqhtcrs • Small, mobile terminals • Tactical C2 networks • UHF/EHF • Protected circuits • Low data rates • Small, mobile terminals • Wideband broadcast • Medium to large terminals • Point-to-point wideband communications • Interactive video • Collaborative planning – Battle space picture • integrated Ops intel picture • Weather – Mapping – Logistics g B g DB§ Prowle§©§ {gle Warflght©6’ information GBro!©©§ =§ 3 a, HhHHhH B a 3 el Sq a Heal llnIH = € a) =L D) gHg CD Channel 1 Situational Awareness Channel 2 Commander’s Channel 3 Weather Intent Channel 4 C) Logistics Status n=n CD aa aug eD a n CD DO a In ObIe g) CD id In a) Channel 5 AWACS Air Picture Channel 6 JSTARS Ground Picture Channel 7 TiBSrrRAP Channel 8 Maritime Hb VI Ht G\ Direct Broadcast System a a i Pt a 0 a a Uses Commercial equipment and processes Fulfills anticipated infornration requirenrents 6 a g a) a a a a 3 Channel selection to meet specific aser’s needs nI Access limited by classification, echelon, or sphere of interest CD User’s train and exercise on a daily basis 3 a el DO a tA el CD 7) ff; a) Dramatically reduces quiry response requirement a 1) Defining a Concept of Operations for WarNet The Warfighter’s new iIdormation tasks Knowledge relationships Warrior’s assimilation Sensor to shooter requires WarNet The recce/surv management example bD = a g Al Bi = E b) a. a) a C) a a rD a 3 F) Our Concept has a missing Irnk CD aD a al Ul CD B IR at The Warnghter’s New Information Tasks = i-I 'ng a e e 0 a 0 Assessing how to meet wanior’s information needs 3 Pq a a Determining fusion points for information a a) € ni •-q CD C) Controlling access and dissemination limits Managing system vulnerability a 3 II’I 8 A C> Cb gO Prioritizing, editing, altering Formatling information displays for rapid assimilation a la Ul CD 7) tH a) e C'hanging the infonnation system as mission and forces change B Knowledge Relationships in 3 B g AT CorTelation, integration, aggregation, adds value to • inforrnation B' = e 6 Referencing to a framework is necessary to permit electronic assembly of data into higher levels of knowledge b) Bi Hq CD aC) a a ut CD 0 e e a C) Visualization of relationships aids human understanding CD Da He a 10 Infomnation technology permits easy manipulation of data and changing formats designed to aid assimilation IfI CD ra IfS at I-Iuman understanding of complex issues raised to higher levels from a higher foundation \D bO 0 Warrior’s Assimilation ' 'i a e a a Infonnation directly to the warrior can enhance or interfere with combat performance Infornration overload can cause confusion and distraction Concentration on combat functions with inforrnation flow g al a a g a) g a C) a a Ft;i He CB a CB tD aiding comprehension is required 0 0 e Specifically formatted information flow needs to be linrited to sphere of interest Even location of display becomes critical in certain phases of operations WarNet must have nexibility to meet those unique needs aD a el el (B 71 In a) g R C) Q i) Sensor to Shooter Requires WarNet gA = a e 8 a Precision Weapons Require Precision Target Location With most wan'ior's being precision shooters, target identincdtion, allocation, assignment and providing information for strike support is a verY complex issue g t\T a a S b) Bi BIg CD C) a B a Longer ranges of precision weapons increase complexity a H e C) Full integration of sensors, WarISet, and $hooters required CD Ba ling a Ul el CD a In al 10 bO b) The Recce/Surv Management Example Bosnia combat operations are a good example S a g a) a a SPlit control of national and theater assets causes many a 8HH9B g a) IP a Impacts C) B a rD 3 a n CD • Recce/Surv need to be p,ut of operations tempo e Dynamically integrate national, theater and organic recce and surveillance assets including UAV’s and unattended aD a el el CD sensors Fa frI a) Ea • War:fighter’s control optimizes all combat operations g g TH Our Concept Has A Missing Link iS S:3 = 3 3 Some organizational responsibility, automated system or some operational concept is required to organize, manage or direct this process que al a' a € a) '=1 a 0 M nB Parallel / Simultaneous operations will increase with time CD a a = 1-1ow to we get the right annotated target image and rD nIH CD a a execution direction to the right F-16 in flight? CD aD e 0 Operational capability coming before operational concepts System of systems too complex for single manager or a single process = le le CD a Ifi at Requires further study and understanding bO CA) t\) A Impacts Of WarNet a a g a% HI a g D) a 0) Information Empowers a C'oncepts of OperatIons C) a 3 Joint Mission Task Forces Rl He CD e a C) Military Doctrine CD aD a el Combat Support Systems • al CD 7) e Orgdnizational Structure in e C'oalition OperatIOns ( 'ommander’s Concerns g 0 @ a) a 8 HI Information Technologies Transform g O S iRl Information Empowers e e 0 a ga = a WarNet makes warTiors as knowledgeable as the system Permits dynamic tasking and inforrnation support simultaneously With more knowledgeable warriors, commanders are able g aB 3 B S a) =1 LB CD C) a a to convey their intent with assurance of comprehension Situation awareness and commander’s intent enable the rD eRIe CD 3 el CD WF In a el warrior to exploit new situations without specific direction g) CD a increasing operations tempo and success IA at t\) VI N) a Enables New Concepts of Operations 3 a g a a fl) e e 0 Enables simultaneous or parallel operations Dramatically reduces decision cycle times Pennits near real time tasking which improves tdrgeting of mobiles a nIl at one tD C) a a a aHRB CD A C) CD 8 Dynamic visualization of planned operations and mission aD rehearsal el CD a 0 Significantly enhances maneuver warfare e Permits new conccpts like Control Warfare Smaller and smaller force application with greater results e a VI tH a) g- g 8 i) g B Joint Mission Task Forces gO, = • t-I Improved common baseline of combat information nae 3 AT enhances joint operations • • rd 3 a Concentrated simultaneous combat operations involving a) a) a In multiple Services are more effective Smaller joint force integrated strike operations may be the consequence of significant improvement in command and control and information support CD a a a 3 nf eD B a eD aD E PI U) CD a If; a) bO \J b) 00 Military Doctrine A t-nqI g a) Joint doctrine both enhanced and required by WarNe,t Bi Rapid pace of combat operations, simultaneous strike a) a € at a) a C) a a IM 8 a C> Cb aa a e) tInt .simulations and exercises required now to enhance doctrinal development &e a In a) a g Bj g g B WarNet Improves Combat Support § i) e 3 Improved ops tempo requires new concepts of logistical support = llnS 3 fb'l a' = g b) Total Asset Visibility permits tracking of assets worldwide q be nB BHS Just in Time Delivery reduces stockpiles, transportation and total support force requirements Automated ordering of munitions, fuel and other consumable now possible CD a a B IM Bug CD = CB CD aD IHle a en el CD a Personnel processing and tracking are now state of the art • IFi at Information technology enhanced logistics concepts need significant study b) \D a CA) 0 WarNet Drives Organizational Change = a g a) Units will become more modular and require less supportIng structure • B' a S elk a Expanded command and control capability will permit flatter organizational structures for the same reasons business6s restructured C) Q a 3 a rD CB CD gO • e • Better information flow will reduce the need for rigidness that comes from SOP’s el al CD = 7) tX a) Units will be equipt for greater mobility and precision weapons delivery Future organizational structures are difficult to predict B' a g because of the great impact of information technology 8 ; Coalition Operations Require Common Information e • e 8 3 B g Interdependence of forces requires information sharing Ineffectiveness of coalition forces risks US forces as P+ a a e hi Military commanders will seek full disclosure during crisis and combat I'nl l©l qUI CD aa B • e a Commercial image availability will reduce value of US systems ale eD a a CD aD IIe a CO Unwillingness to share has significant political g) CB B consequences In a) tAI H LA) b) Commander Have Concerns About War),let = a g as 0 SYstem dependence requires graceful degradation9 not catastrophic failure – m a € a) ' a a) 0 aBe (6 Conadent protection from adversaries’ access to combat information will be difficult to achieve C) a 3 a B aC) e Political oversupel'vision may be a result of Washington's access to cornbdt in£3rnldtion CD Increased combat eff<„'ctiveness may provide justification for force cuts in advance of demonstrated coil.bat–- tH a) aD a el el CD a TI capability g WarNet Assessment gA WarNet provides an exponential increase in capability of existing and planned combat forces because of its synergistic effects 3 3 g aS He bl = e b) WarNet’s capability to support combat operations will tB 'WP CD a a pennit and require fundamental changes in unit size, conlposition and doctrine B rD nI ea = e e C) CD Operators and planners do not understand how to integrate WarNet into current concepts of operations WarNet elements can be fielded soon and in actual and exercise situations to awaken combat leaders to the eD He a tH tH CD a rf; a) potential operational impacts tAI CA) tAI A\ WarNet’s Impact on Combat Will Be Profound Commanders have sought real-time situational awareness a a In 3 a) a a since the begiruring of conflict aS inneR @ Ann d••h•r• g 3 a 0 Infonnat.ion infrastructure technology now permits rapid aggtegatlon, manipulation, and disseminatit)n of 1,u'g; amounts of data C) a 3 a He CD a C> CB aa a el e) e New concepts of operations are enabled and required to exploit this new capability. eD 0} td a) 0 a' Organizational change will permit more agile and powerfu1 combat capability 0 S e A different kind of conflict will flow from new concepts and organizations approaches. jj g rh el O + g 0 6 ID P+ DEI 0P-) qi{ \I > rg : : : i :1 \D \D C/ C) In I ITd E iH !!!!! >q n a Q Un = a 33 U o3 3 U B C) fIg C) a) ;. A C) > rbI r)F hR b C rId U fD +-) 7 U \1 C, {! ca 0 U 3 a > rj r) nJ () 'r\ = A fb rS 0 H+) a :Jp rl:I g i B Cg+y e> ba r aT P= C) a p /: :+ & J= =1 fr =! i a g a) lin F = B 'aB DJ eD une aIr 'S 10 0 ar a. > -1 anna th r) Re laH•H a Li -rt \9 () b) 0 gA g Ul a 3 r) =E iI •H• np CD C) a D CD nIe a \n /r;HI , ,b In; I eD 3 eP i CD eD a aRe B g; CD HHHHHU if) If: g a a) i B': # Dig !o bsi Out D IN \); V\ tAI a = a 3 a) a a Beeb •nU = a a) a a) eIRe CO C) aainn CD 8 3 C) CD IED B-q a el g) CD •Hl•Hlll• ea ed al g a a g $ aUg = B : iii iF CD 0 g {{ i gI nl > CD A n B' ii 1: VI 3 a ty El 3 a < B g d A a a) g 81 a' 3 a 3 a a) a al n-g CD C) a a OUR !! CD •-e CD nHl a 5 aHH HOb HI el a 3 8 a He) a g al nOR i;=g 'g e) 8 g = g111} i gr rB a g •HnHl•• g: -rI gb = gi !! !! g&g gA gB : B ai 0 < gi a = CD Da e en aBe al > '11 > 3E gg nB : 'a! ! 91 :p O - = G 3' gg?: q >( -a g a 3' gg q g 6 CP 0 C 3 ia a P IfI : a CD Lq- el da ie: a a a) B 3 # Fi LA) \I LA) 00 A A (B B He a B a 3 f) ilS) SQ RE q 3 {1 g a) ane a a S a) = a) S le a S a una el a S e a) -U al -a ==la a B BiT IB ••H• cS C) a a ; ii g (D bq Eg g q O Dr g 1g '? O a q 3 O p+ 0 +h nIle R) +\ {q aB CB a = -q gI a R= CD B' Q g! a i nUn Dr CB aD a' a el rD g) gP el q) jl: CD g# S g {} { 10 10 (i nb 10 ID (0 ID a 9 B gb a > al R' ’-\ g ij =q UnA q fri B aD VI 10 ID a 10 iI nb nb gO 10 A 0) qD go CO B a ER El :+ a) a .+.+ 3: ! 1 B al !i eD an g! 8 D a V) C) (B # 09 IB O hI gA O B n== a a g al O nBl gO =HeR O a B lab Blnb D B a q € al < n=a a la S O U) Ring CD C) a = •n•Bl CD g) B' i B 3 n CD a DO e el gnI el CD el •Hll•IHI PET a) B \tUb + + E: : $ 8 tAI \a A 0 = ••n•l a nile 3 al n+ a' A ID = a al E: A al A B T =q CD 3- C) a 3 a al r) SHaH CD SIn g (B 3 S f) a CD a a a B e- aD SHe a el i 8 b lb 8 gl el CD 60 {q fri a) A' ! !ELi! t_1 ] el 3'u gO aSqi n\ b g aq B (0 10 8 g E a •nH••H a a HUb •nR 3 al an a a g =. a) ne CD C) a 3 •l••l CD a 3 C) CD gO a•t a el al CD rd tH a) bb H =\ ============== Page 5/17 ============== I B 42 '„„„„„„’„„„„„„„,„„.';',' infoWARcon hfoWARnn hhrmd„WaMr„,„,r,„„„„,„*,„ G Information Warfare or Information in Warfare? Support for Conventional War Fighting Moderator: Winn Schwartau Sweden: Captain Bo Wallander (Navy) United Kingdom: Captain Patrick Tyrrell Assistant Director Information Warfare Policy, Ministry of Defense B! :: = •+ P H• : I ( krfoWARconInformation Warfare Conferenee Brussels ’96 1 INFORMATION WARFARE OR INFORMATION IN WARFARE Captain Patrick TYRRELL Royal Navy 1. In 198 1 , the then British Prime Minister, Margaret Thatcher, decided to designate the following year, 1982, as " information technology year " -. she was fascinated by the technology and by the implicadons for business and society in general. In her memoires she relates how she believed that, with the right framework of laws and an appropriately educated workforce, IT could widen choice, generate wealth and jobs and improve the quality of people’s lives. In the succeeding 14 years there has been no let up in the development of the technologies, the increasing minatudsation of equipment, the vast increase in data capacity and new and novel ways of utilising the technology. It was in that yearof 1982, the UK’s "information technology year" that Alvin and Heidi Toffler recall meeting a US Army General who wished to apply the Tofflers’ Third Wave to military doctrine. The military are not always renowned for their ability to adapt to new ideas (remember the difficulties experienced in the development of the submarine or the tank). 2. The military has adopted and adapted to the information revolution and, particularly in the US, there has been the consequential growth of infonnation warFare . Indeed, at the heart of the " revolution in military afairs" are the new technologies that Americans believed “would make cyberwar and information war the distinguishing feature of future conflict’'. It is important that we put some of the wilder claims for IW in some sort of context and resist the temptation to assume that digital warfare is the panacea for every contingency. otherwise we might find ourselves. rather like the French in 1940 hiding behind a single, massive fortification. the Maginot Line with a military doctrine not shared by their opponent! An excellent and amusing article on the dangers of this was written by Charles Dunlap Jr in "The Week/)’ Standard " dated January 29 1996 in which he reports from the year 2007 from the Supreme War Council of the Holy Leader on the crushing defeat inflicted upon the United States by the militant forces of Islam. The United States had relied upon their information dominance and had ign9red the traditional military concepts which were used to good effect by their opponent. Donald Ryan noted that “technologically advanced, information-sensitive military organizations are more vulnerable to information warfare, simply because they are information dependent”, 3. Information has always been the life blood of the military commander and no modern presentation worthy of the name is complete without some reference to Sun Zi or Clauswitz. Both appreciated the requirement for good information, both on their own forces and, in particular, on the forces of their opponents. Denying that information has also been a key objective of the successful strategist, whether by cutting cornmunication links, nurturing rumour and false intelligence or simply by acting sufficiently rapidly as to surprise the enemy. (As with all these well tried tactics we feel it necessary to rename them every so often and surprise now equates to operating within an opponent’s decision loop!) 4. Classical warfare was fought on a relatively small area of ground with large numbers of troops. massed in formation. It is estimated that the density of forces per square kilometre at the battle of Marathen. for example. was in excess of 20,m. By 1815. at the Battle of Waterloo, the estimated force density had fallen to 4.000. as a result of greater mobility and firepower; by the First and Second World Wars this had further reduced to 800 and 200 respectively. The density in the Gulf War was estimated at 0.2 men/sq km. This is a very rough guide to the effects of technology and Toffler’s infonnation revollrlion . giving I ( Inhrm8HoR Wadan Conferen6e BIusseIs ,96 hfOWARCOn C klfoWARc(xl Inn,„,A,n Wa,hI, C„f„„„ B,„„d,’96 2 increased mobility, more effective dissemination of operational and tactical information and better cornmunications to all parts of the modem battlefield. The major implication of the "disengaged battlcncld " is the requirement for information intensive capabilities to be more decisive as elements of military power and, consequently, the critical need to control the information domain. Under such circumstances, the denial, disruption and manipulation of information could be decisive. Military commanders must not be dependent upon information and information systems upon which they cannot necessarily rely on the integrity of the information. The Disengaged Battlefield and the ToflTIer Waves The disappearance of distance as a factor in command and control and the free availability of information in more than one place at a time, has important implications for military command, giving politicians (and sometimes the media) visibility of operational matters far removed geographically from the home base. 5. The information dependence of the defence establishment is not, however, confined to defence systems alone, and the increasing use of electronic data systems, including such initiatives as CALS and EDI, the increasing civilianisation of military logistics, human resource systems, telecommunication networks and civilian infrastructure offer tremendous advantages over bespoke military systems. For the first time in the history of human warfare, technology is being driven by commercial, rather than military, need but the pay-off in military terms is very considerable. 6. The term " infonnation revolution " has been used extensively in current literature since its conception by the Tofflers. It descibes the dramatic changes that have occurred in the manipulation of digital information. It is a continuing process and there are few of us who can reliably predict what the information technology of twenty or thirty years hence might provide. It would be wrong, however. to dwell on the technological advances inherent in the information revolution alone; the developing technology, albeit highly sophisticated, is merely a tool, or a set of tools, whereby information maY be collated, stored, sorted, refined. assembled and displayed as the user might require. At the end of the chain there will always be a military commander, whether at the company, banallion, theatre or strategic level who requires information upon which to base his decisions. The commander must weigh up the available information and propose a course of action. Winston Churchill once remarked that “more difficulty and toil are often incurred in overcoming opposition and adjusting divergent and conflicting views than by having the right to give decisions itself ’. Traditionally, a commander could assess the available informahon by source and can lent; his information requirements would be focussed on the problem before him and the integration of several, disparate information sources would have been by a linear, hopefully logical, thought process controlled by the commander and his staff. Indeed, much of the time, he might complain that he had insufficient data and had to make decisions on the limited information available. A modern commander may have too rnuch data from which to choose, data giving support to Churchill's “conflicting views", data, the provenance of which may be uncertain to say the least. In Somalia. the US commander received over 1,000 e-mail messagesa day. One of the major challenges for the modern battlefield commander is sift this deluge and sort out the necessaryinformation relevant to fighting the battle 7. So what do we mean by the term ''inforlnalion warfare "; it is a very sexy term, one beloved by the military - perhaps John Fowles had something when he said “Men love war because it allows them 3 to look serious. Because it is the one thing that stops women laughing at them.” What is that distinguishes “infornrarion warfare " from other forms of warfare? This is the point at which you find much academic and military debate. Some people define IW so broadly that we are in danger of being absurd; others look at it from a much more restricted perspective. You have probably gathered that the word that makes me most uncomfortable is that of "warfare ” which implies the concept of formal hostilities between two or more nation states. Indeed. a number of definitions refer to such terms as: "an adversary k information-based process ” or "enemy information rl5rerns ". Such definitions encornpass many of the traditional military concepts, including the destruction of an enemy’s command and conLrol function, use of deception and psychological operations and electronic warfare. They reflect operations undertaken against a clearly identified enemy within the theatre of operations; they are the “infonnation operations" to be undertaken during a period of recognised hostilities. What, it appears to me, they fail to address adequately, however, is the major potential impact of the information revolution, namely the possibility for a sustained attack on a nation’s commercial, economic and social information infrastructun, causing severe damage to society but without a concomitant military campaign. Indeed, one of the key aspects of such an approach is that the identity of the opponent may not be apparent at the time of the attack. The essence therefore of IW would appear to be the exploitation of key national electronic information system vulnerabilities, irrespective of whether or not the system under attack is a military one. I, therefore, propose the following definition: “The deliberate, unauthorised and systematic attack on critical national infonnation activi. ties to exploit the information contained within the system, deny service to the authorised user, mod yy or corrupt data. 8 In looking at the developrnent of the current thinking on information and information warfare, I find a matrix based upon one developed by Dr John Alger at NDU as very useful Warrior status Ist 2nd A warrior class Mercanades, Militia Professional army Conscripts Nation-State C highly intelligent o Global .es Dominant Economic Factor Nature of Conflict Bits andme Trade, Barter, oommodities Small sea]e Mass armies rangIng over vast areas of operations Destruction Power Weapons of Mass Weapons om rdap Information Concepts of Sun Zi and Clauswitz Yes Use of Information Technol: in War Very limited Large mainRaIne, anzIo errls bfF6-kM-A-Tm i6NE NbBig Based Warfare WARFARE Yes ( 1H H T : : 1 Information Warfare Conferen6e Brussels ’96 infoWARcon ( krfoWARconInformatIon Warfare Conferen6e Brussels ’96 C 5 4 9. Let us now examine the concept of '' information warfare " in slightly more detail and. in particulal attempt to understand the inter-relationship between defensive and offensive in.fonnation walfa rc . You are all familiar with the concept of a "conFict spectrum ” ranging from peace, through tension to major war. There will always be a need to be able to insert military forces into a conflict at any point on the spectrum, recognising that there may be a requirement to escalate or de-escalate the conflict at any time in response to the operational and political requirement. If we now attempt to superimpose upon this spectrum some of the attributes of broad information warfare, we can easily identify the requirement to safeguard our national (or alliance) key infonnation systems from potential attack. These will inelude, inter alia, military command and control systems, ]ogistic systems, civilian financial systems. transportation centres, and government infrastructure at both the national and local level. This defensive IW stance will allow a nation (or group of nations) to defend systems from electronic attack from whichever direction it may emanate, irrespective of whether the identity of the attacker is known. As we have seen, the implication of the term "warfare” is that this attacker should be either a nation state or a defined terrorist grouping. Offensive JW, however, is considered to be a sensitive topic and I, for one. cannot confirm or deny whether western nations would conduct such operations. It is, notwithstanding these sensitivities, a legitimate area of study; we cannot assume that because we might not indulge in such offensive activities that a potential aggressor will feel similarly constrained. i believe, however. that it is implicit in military operations that in any future hostilities we will continue to conduct operadons against an enemy’s systems - this was done with great effect in the Gulf War. The UK MOD, in conjunction with a number of our allies, has adopted the concept of command and control warFare (C2 IV) which encompasses some of the military functions outlined above. Conventional military wisdom, therefore, currently assumes that C2W is the major part of IW, particularly from the offensive perspective. It seems to me that there is a major flaw in this approach: the Second World War was characterised by the extensive destruction of social infrastructure, some way removed from the theatre of immediate military operations. The German bombing campaign in 1940/41 and the Allied bombing campaigns in 1944/45 were designed to destroy a society’s ability to function as a cohesive unit. What we must consider is how that might be achieved in the future under the auspices of IW. I believe that. consequently. we need to extend ofFensive information warfare to include attacks on a nation's information infrastructure as well as the more conventional attacks on the military command and control structures. I have called this element ''infrastruclure information warfare (/2WJ. If we now wish to superimpose the offensive IW element onto our spectrum we must acknowledge that no offensive operations would ever be conducted without the prior authority of the government, Consequently, therefore, there will be a point within the spectrum at which offensive operations will commence and they will be either C2W or 12W 10. 1 believe that the debate over information warfare now needs to be broadened from an essentially militarily centred one to a broader debate looking at the requirement for information integrity primarily within non'military systems and, in particular, within those ke)- information s\'stems that are essential to the effective maintenance of society. It is important that we look at the current eveidence of “attacks " into systems: most are as a result of disaffected or bored employees whose actions can have just as serious an affect on the integrity of systems as any from a hostile nation. The environment within which these attacks are being undertaken will continue to evolve and, if we look to the future. twenty or so years ahead, we can expect there to be universal connectivity with computer systems as an integral component in vinua]ly every aspect of life. There is unlikely to be any potential for using manual systerns in the event of system failure. The implications of synthetic environment technology are such that. in many respects, the Virtual World could condition the real world. IW in the real world wi]1. of itslf. be of increasing potency as societies become more integrated and electronically dependent. Indeed, the raison d'etre of the nation state may become increasingly questionable. Theneed for dYnamic and effec' live defences against inforrnarion attacks. from whatever source, will be paramount. We are onIY at the beginning of the saga. ( Information Wadare Conference Brussels ’96 dlfoWARcon klfoWAR,on !nformation Warfare Confetenoe Brussels ’96 6 7 Captain Patrick Tyrrell OBE MA LL.B Royal Navy United Kingdom Captain Pat Tyrrell (born 18.1.50) joined the Royal Navy in 1976 as an Instructor Officer. He subsequently qualified as a submariner and a sonar specialist with service in both Polaris and attack submarines as a watch leader. He served in the Defence Intelligence Staff from 1982 to 1985, working on the collection and collation of naval intelligence. His duties included deployment on a number of operational submarine patrols. Promoted to commander in 1987, he attended the Joint Service Defence College (JSDC) in 1988 before taking up an appointment on the staff of the Supreme Allied Commander Europe in Mons, Belgium. His tasks included the development of the mechanism for the successful implementation ofCFE within NATO, including the allocation ofCFE ceilings to individual Alliance nations (the “Hanlrorrisation Prvcess'-). He also developed the NATO equipment transfer programme. In 1991, he was appointed back into the Ministry of Defence to work on UK Defence Policy matters dealing, in particular, with issues relating to NATO andWEU. Promoted Captain in 1992, he was appointed as Assistant Director (CIS) Policy, responsible for all policy aspects of command, control. communication and information systems. He was involved in the development of the Joint Command Systems Initiative and looked at the problems of interoperability, especially with combined and joint forces and in the development of effective joint command and control systems. He has taken an active interest in the issue of infonnation wcufare and conducted a major study to develop the UK’s policy towards Information Warfare. He is currently attending The Royal College of Defence Studies (RCDS) for one year. Captain Tyrrell holds degrees in chemistry (Oxford) and law (London). He is married (Glynis) and has one daughter (Jessica). The family live in Falmouth. Cornwall. Captain P J TYRRELL OBE MA LL.B Royal Navy The Royal College of Defence Studies Seaford House 37 Belgrave Square LONDON SW IX 8NS Tel.: Fax: (44) 0171 915 4800 (44) 0171 915 4999 e mail: 101656.1153@compuserve.com Information Warfare Conferen£e Brussels ’96' nfoWARcon infoWAR in Inf,fm,ii,n w,d„, c„f,t,„„ B,u„d, ’96 16 C 17 Captain (N) Bo Wallander Navy Sweden Bo Wallander is currently assigned to the Swedish Joint Headquarters in Stockholm as the head of the C2W/EW section. He graduated from the Naval Academy in 1974 and has been assigned to many different kinds of surface ships as a surface warfare officer. He graduated from the Military Staff and War College in 1987 and from the US Naval Postgraduate School in 1989 Bo Wallander has since then been working with C2W and EW matters both in theory and practice and was promoted to Captain (N) in 1994. ( latorlnotion Warfare Canfeten6e Brussels ’96 8 ,nfoWARcon infoWARon Information Warfare Conferen6e Brussels ’96 C 9 Paper to be ptaaued gI the N(ISA ainference va in/wmakmWwfw€ tn BnLvels. 23 May 1996. HmFeajgnrfart MRMdog Warfare 8uplnn for marta Gout v•rli8b6aB apt (11)&lW8llaader Swedbb Armed Ferca Budq98rten latnHue6oa The primary gal hr nm:IIz:KI and control (Q) for the Swedish d•fntu forus is to make sure that during a combat missal the right nIcHe Bell the rid3t taBaatudoa within the dEbt time. It is altISoqueatly a paquigre for making + CORBa deiSiOn md a Subnqumt 8wyptbtE &cHen, TIis mIst be ;ns:nIle to pursue at 811 earifIin levels, i e. duhn8 luaUme and wdm6 ud at dl di£Fereat saFb in tR;twvvn. To arable u to fulfil that goal we need I well dw€1oFd utd cffScia& amInInd and naM WRen (C2S). i.e. u u#&:ribhlitm, dwuinw, pawrwl grId of wine diHenat tullIdeal ReiSti6s, sucb as irfwma ioe and ewrlnuai cation systrliu. Int&rtu6eahl upeH6nees Bem she laUd wars &lurly iadiuu that swann is built on nus to dI rdewIt infotnab08 ud at the nw bme daving your opHx2entttIll nae arfarnado& it mIght thu be kmpth8 % daw the wndunan that an &dvuDrHd hiB!>wb C2 SIrsm is a Hadidoa precedein thr all noda8 nadu. Ibis is not a]w8}a true, though, if w, for aLaarpie. iuulude gandHI wzrfzrv. Hvwwn. conventional no4:gtn warfare iI ben:ning tints and nme d€pead8nl oa B cuuUuuais influx of udoraudon ®nwyBd by beth nibUry andcMban kehn$1ow. brfuanHaa bts bI:eone 8 tvBet in its own bBb aIId is aav to be nwid€nd ua stnttgie mou% Anu to iriMnatioD will play an important lyje n most n8tions' na6eaalperspective and will be a via] rBsoUee for suplwttin8 political and n®omial daldns Ind du, of aa\rte, to #pptymdiH7 ponwu HqIuaiag fordi8smrt war 9aa8rin wu pcviuusly g suiuw manu UkiaE a $orr5idenble aluowrt of our 8$eesbl€ nut:ing time aId rnuJdirl b bale pDa of class#id dwuments. Life ws simple th% WB Ind a nUde&lee dEUt and the rquirwrruts for bn adequte C2 systEm were belIBhawn and hpkznoatal To&y the sirwdea is quite diFuent We have no definat threat. gIlly & vancIy of riSkS. The tRhnicd develop:neat ii inwnsiD8 &aneadourly, whIch dso gwrin aIarry unoetuirrtin. All this make ednlded popl8mirB very one:His and wreU8ble and belle note or lu pinae& it is more &x e4uadc>n than for anIra p]aaniR8.TIle asw gtudon ans fOI a more aexnlle and wu nd4iare plwrirlg based on prBJn8nMed 7rineipla arId suplxnrad by a C2 sysan, well ad8pbd ta thu ngw lequifWeaB. Dwelop18B s Harnad Bad c08tnl w£ten for the Swedish deban hrn Thc basic idea far die Sw€disb d€feacefor€o is that we ww must put all ow eacH into developing only one superior cxnJmand Ind sair&o) $y3r£ln nnec@ niBble for all aonOiot levels, Consequently, 'itosn pile- 6yrtnns u4th little er no beer.wmrnuNeadon must be lunn•xI. The SwedISh defnee bnludn Ml the arait8ry md the eivnin cornmunity, Which also =IIkes thIngs much note wmpHcned due to many actors wwlvul with dJferent <)eIn&nds and GXHHnas and mariv fu new lutwlow ( Information Warfare Conferenoe Brussels ’96 lnfoWARcon hfoWAKcon i.bIr.diD„ WaH„e,„„,„„„„ sseb,96 C 11 Our C2 System rims at oanarattdin8 8 marruwn wufate sulaHo and to win over a qantiutiwb lbnirud but B quliutively a well.knew dw&ing that arable %lwtwd aggtesnr. In Bnetime. we must develop us to ut immediat6ly with • high dgBr% of aukxx>my. Comm4nd arId numI nut nn6nu$usly +d8pt to OIISSrIg eimrmsanecs an the baae6eld. Tlri6 earl be attained by well.bziasd Indus, deleg'ued ootntnand and eonllol, and a nexiblc Ll system Tbe manwwrt warfbre case can in dmind Use many mIdI writ) v4ll nudinU6d in the following way in LilIIe md slaw 6reate iahnwtion 3vpqrjgtity itt order to lwaliac thga89nssg/s main forge . avoid tInt main &vu. atwk tIle agra=or wlrea you decide and where yar w &upeHer, enghtwud ate aaBIwnr III rnfum8hoa lb& Tai this wand Ml wrmnaIH and mattel md in inforTnadon warfare caputD'. The d6m8© pineiples fu mAn wumu 3d and mImI by bems mISt then be to: be 8ble BO elm you own CX>DA (C}bs6w8den, QHsnB6oa, Doeisi9n, Action) lol,IF More aa u}4nngt don, support wuI own wtics j.e. act Of Ram, in ofTemive ar defensive gad so thR& wcaging to you own MIns. make BDA (Beetle l>amhge As$nrBent) and nin£orwneat note gfTntive aDd co udimu4 resist tnfornaboa warfue 8tUCIS. Objnttn5 for a C2 s30teu Budding 8 C2 ryBBem &worditg to the above pdndpl&s impsw e ntwt8r of demands tIlt baTe to be cIndy &fin€ weed and eMIly pduib8ed, Fwlditu iI wrfomaudy always a inhibiting factor in this kInd of rum. However, the s}stern must be built in such a way Out it can dways meet air needs wherwer it is deployed md nln RaxxrIIng to our prinei-IIes of eommand and mmol. as stated atxyw. Some of the btsie sygea atiBatVes ue: all iafbrmadannut be anusble at all de6isian leYsII a the nme due, b$ncg mating 8 nm:non gtu:rtion pietwe, tIn wu sy£ttru nut tn opu8ble oa 8: 1 wrifliet level£, the $yR£m nIna in flufble (wtuapenble) end aa and rh g wgun must be upbl6 ul fIIrtin dwelowaR, p3wful d6gnd#tjgh psnblity to nah sinul8dgu The ovgrKll eaMtand ud count system eonpdsn mw subsystems(figure 1) allot&i to their spudjg n96rrma8 ud thcx uiliu boar uliqucly dwelopd systun fbngdgns as \MI C Inhrma6DB Warfan ConhrenGe Brussels ’96 12 infoWAll ( C infoWARconinformation Warfare Conferenee Brussels ’96 13 u government -oR the shelf nusable gystcm5 Iwwdat' (GOTSI md, nndIY, mac 8cnBnl system funci lens b&sed on 60mrnercial -ofF are gaP swtuns (COTS)._ i-wed gn i$ cungndy WIIIking very hard at buldin8 up & C2 wRen as de9etited aIx>\? and we arc wry s8t8s6ed atl what-we Kew aehreved sola; A Metal vi•W of the UMm uncelX is dqieed {n lion 1. W LI : P•+ q q 4:+ • +i ' Fig. 2 An btensang linus in Fur drfnidon k that we in6lade all kinds of si£n813, i.e. Use Fig. \ndgtw8ta awu36cs. I:bgrs Irs many 8dvmU£c3 in doing so, gnee aw t06bnolo8' in that 1 Iaforaatioo Warfare TIle munIc to Ft and nUb conBol Ova information hu been know as brformaUon W8rhre {fu-). In hUI }ntspaNe, tnforlnZtiOD vtrare is c£wbgoal urgency &nd towhn thc whole coM®ty. ben Base dIIOeB war. Iafgraldrim BurIats is hsi 6ally a st:ruBy that ineludes tIle deuBian prognscs and Org LInn b€hwjgtlr Mr tv as anI gUI oplwaent it is GondUend u a ”str8t£8b mek'' w}Jeb means 9inu]baeously atHEkin8 all bids of argus that suppin sudan both mainly and ;MEan) hehu£n8 pegHe (the gwwring Mics) theHselvU. Since TW Kilt be ®agdeled in a nIBW lnspali%. it is nenSSay IO Pi into the canalx Qf (,bmaran4 tad Cmaol Ware (C2W) sane thi£ abxotai qx b our d$fhUUonb is tbc military a91li\aden of lw. C2W is mostly OODduagd M 8 joint ofnntioDal hFvel ud the main gbj€6d'vs is to Bunny none en oppoaea's lain eoIn hi& troops w}tile Wing yew eun lud8nhlp Law IS by our dgntlitinn & a>aratmtod mintO e©lotudan of sw.fi811tiag toe iS such aS operation-sonny (CPSDC). WInteR pydolodal onaljga (PSYOPS), dwuIHc v;whjle, aber kinds of signals &ntl Badjy, pbni al ae3Lr06don in alan to •as€t, degrade or dcsuw ur gppowat's samm<d nd navel npabiliv wHI 6 sn\trial your eva lame upabiliV (68SIn 2). putieui3r &rn bas n8bl#1 us to su;port vufar• with new vital ;ntelligease. In or&t to HeRa ousdve$ 1ron bulb C2W and penn>)y build tip an 8biliw to unduet C2W we need as caoadve C2 Spte in aat of mum. new intelli€eace Berth the defirdd®s fa IW and C2W are xempnD' and are wnniingty as we Bet visa. subjwted io chang, What m3kn IS Mine that IW and C:lW will demi aate wdan dlaing the next onma? One nasal is that we are 8tttiag mote ud more deFra&at an co:nrnura-cabal 8nd infatmrtion SHtws both for nubhry qnntiaas Ind %IbiD the eivilim wmtnunity. Tuhnaloglul regress is the drtqa8 kxw ud uaW wHom tIe aow dew}apiag new probably more uncwvcn6owl Ire8Fw' like ®npun \'inn IIPM (High FuwH Miuuv4vi) tomb and so forth. Mxn) of these un;nas are of a non'IaIn] Ent Ibis aaas tInt it night be umFdng to un than abD at low eongia Iweb like, br hsu&% in UN gpu8ijo b9. Then wnptrs iIin posu£-e nnain +wi®es% swab at pobtans to senate ++end mi fc& tIle an rnoWarou3. pvb}ems with BDA dif$cult B naitrmin effect witl£nbrx&rs. Hgw8v+r, ibn wupm$ n 8 pAnda! allnt for us so VB must 8radally aaF# to thaI fact Bon IW attadks as tnucb as we can T bt One sad try ta lwtoaarC2sy8€m maNn systems, plrtfonrrs. -+tricIa ac. to get an radustandlng Ofr hgw susoeixi8le they are fer thu fUn&maIn: adion is to msn tests on luV and atnzdy aiRing twbtinnal aruek£ Anotber oowlwion is tlrat tIre ciqlin ooanurity'beeaInn bath mm sensitive for TW ztt•akI but aIn more robust it is B8ti£6 more 8cnsi6ve due to the use of more high ( Information Warfare Conference Brussels ’96 rnfoWARcon klfoWAhLon Information Warfare Conferenee Brussels ’96 14 15 technology ud mote robust dIn to thE Unrest rmp39ble task of cvtting aII mens of egmrnuni6nion ia a -high-te€h- eglnmuniu Against oat8in las dwelqxd numb=s. on the other hand fW has pobibly rto or little eRictivbr&a due to the faa tInt the tnhniul level in aon couRBjes is relative& low On the other han4 1 less devdoFd nunn, might have much to gain if it all build tO an oflarsive IW UPbilitY. This rmi8ht tn samdhm8 UT have to consider in the futurv. FInally, we ne well aware of tin fact th: IW 8nd C2W WIl] be a gwen thrut 888ind us in the future. We have to protcet ourselves rBria$t that threat but if we also deb'ol$p our own abiIIty to rerfaml IW and UW attacks we WI: usn a pagndal threat tfIIng a Feunpw lw Old c2u' ng hnedon3 tb3t an ef the gne4w irnpen4ncc at all locI s in our dwisRxl' sin a fornrnultiplyhIB ennI in wuaM nakin8 poNs& BoOl C2 systems, staHsupjnn and the bdMdud at difTn€nt levels and the coHuniilcadan EKtRnen tFtese l€vel6 wilf be8ffectad to some extent We have to FOWI nunelva eon thIS threat but dso bveS68ztz bow ue un build up aa fW/C2W npbility to aflnt an opIDnem All gpprnL spanally if he s all #artnor, IS probably even more de$waQgnr un a wHI.working C2 system SO we LIve pletnbIY tn.ucb tO gain if we build UP an eonpcnsatc euan oBasil'e eqa£ity. IW ui C2W will aea aa as a fonnmultipliB and 5UnnTt ou{ 60nventioaa!-fotgjs jn diKerat joint a}u aHow. In oder n do so we must nin5we thaI TW and C2W will be an iategBt8d aid natinl prt in all ki84s ofjoint opcndma! pluMB why ue pHorjtb builang up pratecboa- Mast IW/C2W aauks, and this i3 noT included in our nabouI defence plus for the natalB years. Coaclu shes How lw utd C2W ual agM w8r£z8 is 8 &asuit thing for vs to psaid, sinn uv de net have adequate expeliuse and knowledge. HoRn'u, sami exT+ti8nae frvm our own and. of course. qssms leamof nln countrie$ uith £rtsh a)mbIt pOSSiUe tO haw nme earrch:sj€yrb\ wen faIr in e WHence eu. makes it W6 must build up ou C2 sy'nea3 with the pbnuY Baal afpwzmneing ;hat tlc $8}i pnyn gcb 66 IIght jakaardoa Ia Ue riBbt ant a wiidl new gwIantning the information ;oqdina;b where GeT we needed Rvc us wvrh4 very bnd-all that usk now and we have gnU ex}nbtndoa of8uecndiaB Ware vAn BeLly mu6h tn 8 mann of making decisions and aainB luTon! an oijpDal? does. yUle BrutbUnB you own C2 wen (tning iuide our oppaeal's ob=w8hah oria3tadon. d=bien, agdoa (CX)DAI bIO). Wr have IUJised that IW and C2w aRCU tile ihltg d6€isian gun ud it aida be s©tka! badr for us 8nd an opFnant to attack a kw but vital hrggB ia erdw ta whine dni9ive rnas. This 19 sandbiag bX havE ! We fIT iuML&e & nay non auddy. For ounple, we have to a&ke an ural)gjs of duels ;c mehl be razed to igN but dso dais w wb+ to E&bt and niwun Out Onfe duel: can be buIlt on our condUits in aBel to jdevdl THs fmpIro thai the whole chain of e\'enh. bun liB WHrlDn caect irl etc wga up to the deeigonqniken a rIte high:st level. must be inaat arId -d£iIt'. H w deei hl bwld up an own oReuive !wOW 68pabibty it must be built up, not as a but u 3 miINe ly Sweddr hehe that is qtiluW &piast I p;;unFaw; opponegt'$ bbDases ud 'de6€ionie& This ans fe nth a strong and ;{Tecbve lntelli8enoe or@ntution aDd weli4pd6ed nseucb ud &wloW8nt poWS cow of art) other minH The need for eoazadrHJ nd wrIaol ou sw plafarns win VI:Y a la dqnHin8 on wlut drs w of piaUDrn and, nrnlly, the cwrcul UHnLiW for wwporiilatfotms, tIn obilrty to qnnee 8uonomousIy will in a Ratw keY kind of +pcntian ia being wfoan4 envireuM. fame in or&r u resist IW and C2W. opponent de6€kDeiesie arr ustial and tnJudd 04pbiUly. mOQOooo ============== Page 6/17 ============== C 18 b ' InhlwlaUon Warfare CoNenn@ BIusseIs ’96 ddbWARcoII infoWARt)n In„rmationWaMreCoMr„„Br„„„,„ D Dealing with Internet Intruders in Emergency Mode: An IBM Perspective Peter Streibelt Program Manager for Advance Networking & Internet Emergency Response IBM Europe ( D infoWARfln Information Warfare Conferen6e Brussels ’96 1 i Dealing with Internet Intruders in Emergency Mode An IBM Perspective I © rabHaturuBI BldbBnUBel+nB Peer 8&db•II, BObBe Agenda I Current State of Internet Security Current implementation of Security mechanism Advanced planning Case studies Conclusion Pde Stnlbett, 234540 © ln6, int•mHbnd DIane•unNnn eorWtlan , Informatioo Warfare Conferenoe Brussels ’96f nfoWAHcon 2 D infoWARr )n inl,rmauon w,„„, c„f,„„„ B,„„,b ’96 3 Types of Threats Current State Of Internet Security I J Threats Information Week / Ernst & Young SecurIty Survey Novomtnr 1995 1290 Respondents 50% lost valuable info in last 2 years 20 lost info worth more than $1 M 'Cloady the Internet remains a hackers paradise- CERT Hader Denial of Penetration Service Halmful Code reported break.in per year Carnegie Mollon' s CERT expects over 3,000 Internet break.ins in 1995 30,000 - 40,000 hackers on Internet Active Sendmail Passive Sniffer Frontal Part Fbcxling Pan SBBlb•tt. nOSeS Upstream Inaease in sophIsticationof attacks Degradation Malicious ICMP Redirects Mail Bombs Morris Worm (e) 1986, IrnmaIn\d Btanw• ihnNnnC•aWrztlon Pa+ Stnlb•tt, 2g45+6 © IH6,IIItHnakxrd Brrdn%8WbeHnn CorNntlon How Computer Security Risks Have Changed Over the Last Five Years Know Your Adversary I Hackers #$$ } b~ Not Changed Decreased 9.0% Edwation ..--+ "W8nabee$" "Ninjas" "Br8jgers" I 1' Haw M$tWs Increased ’WWWCG I' T-;! Fl, :\ ®dBtBa SOURCE: INFORMATIONWEWERNST& YOUNG SURVEY OF 1.293 IS AND SEcuRrrY EXECUTIVES Private Corporate NetWorks and Pear Stnlboltt, 29+)P06 © IP96,bz#nabn•l Btrdnn•UgetHnuaxWtlon Pete Stnlb•tt, 234546 © 1096, laemabnd BuNn8+8 WbcNnn CX)rWBan D Information Warfare Conferenoe Brussels ’96' 4 nfoWARcon Which Security Problems Resulted in Financial Loss in The Last Year? infoWAlt )n Information Warfare Conferenee Brussels ’96 U 5 Managing Exposure, Reducing Risks I Security TWhn919qie$ Password Control Packet Filtering Router Smart Risk Cards None Maxirnum Security SOLRCE: IhFOM4ATlalwEB(Hnwra YOUNG SLnVEYOF laB IS AND SEcuFrrY D(ECurrvES Pear arlrlbott, 2&OS+8 © ln6,be•maan•l Bwttnunenln ella don Pete Stnlbd\ 2g41546 © ln6,b8#Itak>rId BuUn•uU•el#rn• QorWllon Security Policy And The Internet Technology Effectiveness J Risk Analysis nEbD2law SCIWllng Route 1 Moderate d Fiduciary Responsibility Perceived QEUml Threats Modwale ' X. Poor Snurt Card MS:: I,.b IIII+( >, Grwt = Gcxx! Blue = Moderate Rd BPaor Internet Technologies PaR 8BBlb•tt, akO$06 Pan 8B8lbdt. ahab06 (C) 1906, b8nralend Budnu8 H8cNnu C1#WMtton Policy Formation Consulting Services 4IIE+ ImJ=:lil, \\ \\ Security Products & Services (9) 1006, Herralon•l BtHrn• HUelgnu CXltWiSon D ,„,„„„ WM„„,„„„,Br„„„,,6f ,nfoWARcon 6 ( hfoWARcal !NormadQnWaMl, c„h,„„B„„d, ,gG Managing Policy Initiatives I Manage Through Sub-division Forming a Crisis Management Team \qh, "'JIb I Technical Rules Policy Intent CIIent How we allow How we disallow What we want What we don1 want Legal issues : L n• r+• Manag9r System Operator Auditor q: PP: AvoId lnney getting stuck in Wttnleal jer$on \\_, ,// Better bevenBe of staff Investigator IIII+. r Incident Response Team Technical Advisor P•t©r SinIbelt, 234S86 (e) 1996, IMwm©ond Bwlnn• NbcNne# CorNndan Emergency Response ERS-Team Peer Strdb•tt, 234546 Policy Intent J ’To reduce risks to an acceptable level" Perform comprehensiverisk analysis Loss of corporate secrets Content tampering causing negative PR Down time and denial of service Legal implications Monitoring vs. filtering Privacy No security solution is absolutely secure How do you handle a penetration Prosecution and legal issues Pear SI © 1886, b&#nKlond BlaIne++BuRne CocWBon © ln6, In+rtralond Brann8 NlnNnn CorWtlan ============== Page 7/17 ============== D „„„„„„„,.„M„..G.8„_.,,,.r,nfoWARCOrl iflfoWAR ill hhr„laUD, WaM„c,„I,„„„B„„„1,’96 :q & n :P E 8 Breakout 1: Defending Against the Internet: The Threat to European Civil Properity Moderator: Mich Kabay Panel: Klaus-Peter Kossakowski DFN-CERT University of Hamburg,' Germany Peter Streibelt IBM Europe Patrick Taylor Internet Security Systems USA r • PP: I •g + • a I T: H : ; • h a• • : ;H aq • • I ( JnfoWARcon-'I„to-M,$bi' w,dare Conferenee Bru-HeIsT96' E 1 Incident Response in times of IW Some thoughts and recommendations Klaus-Peter Kossakows ki DFN-CERT / kpk©cert.dfn.de Content 1. IRT as an emerging concept 2. International cooperation 3. Integration into risk management 4. Impact of IW on IRT 5. IRT and IW 6. Recommendations ( ( -E -;''lnformaH6n Widati Cinfdfdriee Brdbselg ’96 2 infoWARcon What is an Incident? A complete definition is given by the IBM Dictionary • An adverse event that - is a failure to comply with regulations or directives - results in suspected or actual compromise of information or systems - results in misuse, loss, or damage of property, information or systems :infoWARconInforma Hoi Warbfi C6nferenGe Bruss-eIs ’96 More Services? Depending on requirements and resources! • Direct relation - information collection/distribution - vulnerability analysis - tutorials, workshops. . . . – proactIve measures • Additional services - securIty Improvement program • security policy - security tools © 1993'1996 DFN.CERT / Incident Response / Cone•pt / 1 © 1993-1996 DFN.CERT / heHeIIt Relponu /Cncept / s What is CERT or IRT? Some services are mandatory! • Dealing with incidents that occur within ItS constItuency Beyond the Scope? No compensation for local precaution! – Network police • Support for incident reporting • Technical assistance to handle incidents - No judgement about user behaviour • Dissemination of related information – No local support – Tiger teams f fI tail In f..BfITgsels,”gI 4 'hlfoWARCOn-InI,„„,h, w„ti„ C,hId„„,’, 8„„,is ’96- - E 5 What is the Constituency? The “customers" of an IRTI Our Recommendations? Suggestions for the future! • Use of IRTs as information source • Group of users, sites, networks or organisations served by the team • Establishment of site contacts + Determines the services • Openness by incidents and other • Determines the technological focus • Basis for access to services problems • Cooperation by multi-site incidents • Establish own IRT if appropriate © 1993-1996DFN.CERT / Incident Responre / Concept / 3 Technological Focus Basis for further directions • Issues: - determined by constituency - determined by charter – best effort • Not obvious in the beginning: - vulnerabilities - exploit programs - securIty scanner - proactive tools © 1993-1996 DFN-CERT / Incident Rerponse / Concept / 9 International View New teams and international cooperation! • Dec. 1988: first CERT – CERT Coordination Center • 1990: international forum - Forum of Incident Response & Security Teams – FIRST • 1994: IETF working group – GRIP – Guidelines and Recommendations ( ( B .’--'?£-lrffotmhtibh WafTar€1:6tlf€r-enfe'Bfugt61s ’96 infoWARcon 6 'hfoWAReatlMff„-,uif,-_wirfg#cdMHVo-e-BMt;Ug’96- Why do IRTs exist? Active Groups The Internet worm was only a trigger! Ongoing Work on Incident Response 9 November 1988: a Worm program e FIRST paralysed the Internet e Urgent security problems - Internet-Sniffer + Encryption - IP-Spoofing + Authentication e Lack of information/awareness http: //first .org/first / mailto:first-sec©fi rst .org , SIG Europe http ://www .cert.dfn.de/eng/csir/europe/ mailto:fsig-europe-req uest©cert.dfn .de e Incidents are international >P> O 1993_1996 DFN.CERT / Incident Response / Rersou4•l / 3 ©1993-1996 DFN•CERT/ Incident Response / Concept / 7 Outdated Paradigma New threats and directions must be addressed • Traditional security: + confidentiality + IntegrIty + availability e Topics not addressed: - system Intrusions - vulnerabilities - malicious code - crItters Active Groups Ongoing Work on Incident Response e IETF WG GRIP http ://www .cert .dfn.de/eng/resou rce/ietf/gri P/ ftp://ftp.cert.dfn .de/pub/ietf/gri P/ mailto:grip-wg-request ©u u . net ( -El ( ' :I„b„„,wh WanaFe Conterence Brussels ’96 infoWARcon :onfere 8 E9 Recommendations Contacting the DFN-CERT Point of Contact for German networks lniident handling as new task + dfncert©cert.dfn .de , Cooperation: - information + Telefax: - +49 - 40 - 54 715 - 241 exchange - addressing global/national threats e Coordination: + Telephone: – independence - +49 - 40 - 54 715 - 262 - neutrality –+ Mail Address: - DFN-CERT - University of Hamburg - Vogt-K6iln-StraBe 30, D-22527 Hamburg © 1993-1996 OFN.CERT / Incident Response / Rec emf'''-d'd''' / 2 (Z> 1993-1996DFN.CERT / Conucu / 1 Conclusion , Internal IRTs are needed , Internal IRTs can play an active role also , External IRTs will carry on in their support role , More exchange and research is needed , IRT infrastructure will emerge A, IRTs are in the times of Mr. Dunant I ! E„.- ' , ' ’ Information Warfate.Conferenee.Brussels '96 infoWARcon 10 11 More Info rmation IFiTs are different About Incident Response Keep it this way! ftp://ftp.cert.dfn .de/pub/csir/docs/ , First aid on the informational battlefield • forming.an,irt.ps.gz , No engagement in ofFensive actions Forming an Incident Response Team / Danny Smith, 1994. e IRTs should be protected • NIST-SP-800-3.ps - Geneva Convention as an example: self defense & defense of victims Establishing a Computer Security Incident Response Capability (CSIRC) / John P. Wack, 1991. © 1993-1996 DFN.CERT / Incident Rerpon8e / Rertource8 / More Information About Incident Response • rfc1244.gz Site Security Handbook / P. Holbrook ; J. Reynolds (Ed.), 1990. • first.opfra me.txt FIRST Operational Framework, 1992. e cert-nl.opfra me.txt CERT-NL Operational Framework, 1992 E Inf6irhbtlon Warfare’ Conference"Bruise If’96 + if you need an active player, . . . 1 (91993-1996 DFN.CERT / hfarm4don Wad#8 / Implic•liens fe HITs / 6 Recommendations Incident handling as new task , For todays organisations: - incident handling is necessary - it must be part of risk management e in regard to IW: - providing passive countermeasures - clear separation >>> ( ( ,: '., .,, Inf6nnaUon Wd-rfdJe'Conferdnce-Brussels’96 infoWARcon E 'infoWARconIRb„.„„„WaMreC,M,„„,i,„QI,,„ ' - Cure or Weapon 13 Cause for an ethical dilemma New Tasks for IRTs? + Split or Shift of Paradigma , Social engagement in case of incidents (user support) + Information Warfare countermeasures (fight back) + Offensive Warfare measures Limitation of traditional role • Up to now: proactIve measures early warning recovery support information clearinghouse (forward defense / real warfare) >>> © 199h1996 DFN.CERT / Information War{bre / Implicadonrfar IRTs / 4 © 1993-1996 DFN.CERT / Inf+mat ion W•r{•n / Impliadens far IRTs / 2 Ethical Dilemma What is the right way? New Tasks for IRTs? • Passive role in IW: Limitation of traditional role - no use of available information - "artificial" limitation • Active role in IW: • But not: - identify aggressor - catch cracker and criminoids - loss of trust within constituency - less cooperation with other IRTs - prosecute in case of violations + Should IRTs play a more active role? (e) 1993-1996 DFN-CERT / Infem8tion W•dare / Implications fe IRT8 / S ,E=-,Hr / rb • n I Trn Information Warfafb Conferenoe Brussels ’96 I lnfoWARcon 14 ,infoWJ ICOn1„h,m,ti„ w,d,ned„hr,hi,B„„,lg’96' - -T’---'-'--E 15 Warfare Response Done by organisation, probably by internal IRT Warfare vs. Hacking What is done afterwards? , Put organisations in crisis mode , Address technical problems as usual , Address overall problems on political - bragging with success level , Take active steps against offender + , Hacking: - abuse of systems – sharing of access - use information as a trophy >>> real internal management © 1993-1996 DFN•CERT/ Infem8tion Wadwe / Impact on IRTr / 6 IRT as Targets G>1993_1996 OFFI.CERT / hformation Wwfme / Impact on IRFr / 4 Warfare vs. Hacking Attack on support infrastructure What is done afterwards? • Sabotage: - disabling the coordination , Information Warfare: - espIonage • Manipulation: - misleading, social engineering - manipulation - sabotage - rarely public announcement • Espionage: - client information, cracker tools u. the indirect impact will hurt I ;T::: .Infbtmation Warfdre Cohf6rbn6e Brubs-iIs ’96 infoWARcon Incident Coordination E* infoWARconInformation Warfare-Coflfef6hie Brug£els ’96 17 IRT & Risk Management Organisations suffer from lack of Integration Done by an external IRT • Information handling: - techniques used - other sites involved • Up to now mostly independent IRTs • Organisations depend on external help • No internal expertise about - recovery procedures - available security tools - security guidelines + mostly no real internal management vulnerabilities, cracker tools, + Tiger teams are invited to test security measures + Integration within established risk management is necessary! ©199b1996 DFN.CERT / Infemadon WHwe / Impact on IRTr / 2 ©199b1996 DFN.CERT / Incident Response / Int•IndoII Incident Response Warfare vs. Hacking Done by organisation, probably by internal IRT Which factors are difFerent? • Additional benefits: - immediate follow-up - direct damage assessment - overall impact analysis - enforcement of measures - building the bigger picture There are no direct difFerences! + Techniques used: - vulnerabilities - cracker tools e Benefits gained: – access + real internal management in RiA M•n•Bernent - information / I ( ’'- Infoftnation Warfard Conference Brussels ’96 infoWARcon FIRST Forum of lncident Response & Security Teams infoWARcon Inn„,„H„ W„f„, C„f„„„ B,„'„d,J96 Klaus-Peter Kossakowski / DFN-CERT / kpk©cert.dfn.de , About 45 members at present - 1 in Australia, 10 in Europe Klaus-Peter Kossakowski received his degree from the University of Hamburg in the field of Information Science, concentrating on networks, communication and computer security. He was among the first members of the Virus Test Center, e Basic document Hamburg, in March 1988, personally working on the phenomena of malicious programs in networks. Since then he worked in the field of network security. Engaged with the DFN-CERT (the first German Computer Emergency Response Team for an open network) since its conception, he started his official work on January 1993, taking over the responsibility for administration and organisation. Operational Framework (http://first .org/first/op_frame.txt) , More information http://first.org/first/ His special interests in Incident Response Teams / Computer Emergency Re email to: first-sec@first.org © 1993-1996 DFN.CERT / InCident Responre / Intermtional/ 2 sponse Teams are international issues, cooperation and the establishment of an infrastructure for the future. As a cachair for the IETF WG Guidelines and Re commendations for Incident Processing – GRIP - he was involved in developrnent of several RFCs addressing this area. As FIRST (Forum of Incident Response and Security Teams) representative of the DFN-CERT he also actively supports the international cooperation. Actually he is writing his Ph. D. thesis about Computer Security Incident Handling and its integration into traditional risk management processes. He is a member of the Internet Societv and the German “(lesellschaft fuer Informatik e. V.” - GI. IETF WG GRIP Guidelines & Recommendations for Incident Processing , Active since December 1994 B. Fraser, L. Mamakos, P. Kossakowski • Information: grip-wg-request©uu.net http://www.cert.dfn .de/eng/ resource/ietf/grip , Two RFCs as guidelines for incident response teams & vendors ( E 20 Inhrmdi6n Warfare Cbnk©Md Bhssels ’96 Ml)WAReon i£lfoWARM I„f,f„,ti,n W,Raf, C„fa„„ B,„„d,’96 E 21 Patrick Tayjor Director, Product Marketing ISS Patrick Taylor is the Director of Product Marketing for Internet Security Systems, Inc. (ISS). In his role, he provides strategic product planning and development. In Patrick’s twelve year career in the information technology industry, he has managed all aspects of strategic and tactical product marketing development efforts. He has held a number of marketing and markedng management positions with companies such as ORACLE, Red Brick Systems, GO and Symantec. Patrick holds a mechanical engineering degree from Georgia Institute ofTechnology and a masters of business administration from Harvard Business School. ============== Page 8/17 ============== E 22 I„to„,„BoB w,Mn CQnferenGe Brussels ’96f aa)WARcoa kdOwn.Ja Inhrmation Wadare &nfetenee Bms seI$ ’96 F Breakout II: Paradigm Shift Moderator: Winn Schwartau Dr. Philippe Baumard University of Paris, France Colonel Charles J. Dunlap, Jr. USAF, USA ( infoWAR£,)aInformatIon Warfare Conferenoe Brussels ’96 From InfoWar to Knowledge Warfare: Preparing for the Paradigm Shift by Philippe Baumard, Ph.D. Professor of Strategic Management University of Paris-XII Successful firms, such as Intel, maintain an innovative environment, seek continuous performance improvement, favor customer orientation (e.g. through partnerships with customers and suppliers), enhance results orientation, and place speed of creation, defenseand development of value-chains at the core of their strategic focus. To maintain its leadership, Intel developed “war rooms”, and encouraged informal relationships that crisscrossedorganizational boundaries. Nevertheless, when Intel had to face InfoWar practices, it had to acknowledge that the company failed to prevent and to anticipate large-scale Info-destabilization. New businesseslive on the brink of disasters. Yet, “organizations have many stabilizers but quite often lack proper destabilizers" (1 ). We will argue in this paper that InfoWar Q informational arena-based warfare Q has been thought within the boundaries of old schernata that will no longer be accurate in the XXIst century. These schemata includes misconceptions of management,organizations, economics. welfare and of purpose of development. We will investigate, in the footsteps of Hedberg, Jonsson, Starbuck, Steele, Wilensky, and many others, design principles that worked. and no longer worked. Founding our comments on observations of real-world experiences, we end with recommendations as to prepare nations, organizations and people for the forthcoming paradigm shift: from InfoWar to Knowledge Warfare (K-Warfare). Why Policy Makers Got Trapped in the Information Paradigm World leaders, who mostly belong to a generation that is not born with a computer at home. has been strongly influenced by cybernetics. In a cybernetic world, economic and social life is seen as a system ; values are categorized : economic systems are modeled : social structures are typoIogized, and ideologies are invented to put all these systems together. In such a world. policy makers are not long to assume that information is power, and systematized information, the structure of power itself. History has been. so far, consistent with such implicit assumptions. Power was centralized, and, therefore, needed centralized intelligence. The world was organized into blocks, and therefore. needed companmented information. Economic and social systems were hierarchical. and therefore. hierarchical information made sense. From the starting point. this cybernetic view of the world was quite erroneous. As Varela and Maturana pointed out (2), neurons that participate in the building of “vision” only account for 20% from the eyes' retinas, whereas 80% of them come from other parts of the brain. In other words, 80% of our “vision” is internally constructed. Vision is mostly knowledge. not information. Furthermore, this knowledge is mostly !acit ; it escapes our individual or collective awareness(3). Eventually, people Q including policy-makers Q learn without being aware of what is being learned (4) ; code without being aware of coding (5) ; and most dramatically, learn without having intended or plannedto learn (6). Most learning is incidental. Emerging “Information Warfare' doctrines fail to acknowledge this fragility of learning. Mapping without knowing is a non-sense. Mapping. as an act of “vision”, is mostly derived from these 80% of neurons, in our brains and not in our retinas. that participate in the construction of images. and help us to transform noticed and unnoticed stimuli into sense-making. Such weapons as “private-sector communication satellite constellations that instantly link individuals, on-demand high-resolution imaging spacecraft and rapidly evolving gigabit/sec.-class networks” (7) are no less than phantasrnagorias, if we neglect to take care of these disturbing, Q yet remaining Q. autonomous neurons of our brains. A small firm of less than 12 employees, named “Indigo”, is an exemplar. Indigo producesand publishes five confidential newsletters, including the Intelligence Newsletter (8), a well-repute source of intelligence among po]icy makers in Europe. Myths and rumors circulate. seeing in Indigo’s high accuracy a ploy of obscure foreign intelligence. French readers suspect foreign intrusions. Foreign readers suspect French manipulation. In fact, Indigo is nothing else than an efficient ''knowledge-refinery" (9). that is to say a firm purposefully designed for the efficiency of its knowledge generation. In-site observation shows that “far from being pliable. knowledge generates its own path of transfc)rmation. while simultaneously transforming and being transformed by its organizational settings. An irnplication is that ( F :a Intonrfation Warfare Conference BIussels ’96 infoWARcon F infoWAMonInformatIon Warfare C08feren6e Brussels ’96 3 2 those who would manage knowledge should respect this propensity for autonomous development” ( 10). Cautious towards syslematized information gathering, Indigo’s staff is operating within a "community of practice'’ ( 1 1 ) Q i.e. an intensive and highly-conteqtualized socialization process Q, and favors HUMINT. The whole organization is focused on sense-making instead of information-collection. Intensity and depth of internal and external socializations are considered as the core organizational competitive advantage. The rate of defaults is close to zero. The overall performance. in terms of growth and ROI, is twice higher that similar organizations such as the The Economist Intelligence Unit. To understand such a performance. let us remind that information is not knowledge, and then let us investigate how to deal with hrowledge, instead of information. As general Francks pointed out, “Vietnarn was the first battlefield use of computers. The Univac I (X)5, which the 25th infantry division installed in ] 966 at Cu Chi. filled an entire van (1) Images of the enemy and terrain were captured with conventional cameras and television with light intensification devices, radar, and infrared devices. Sensors and high altitude reconnaissance scanned 100,000 square miles per hour providing commanders with a heretofore unknown view of the battlefield’ ( 12). MeanwhHe, Vietnamese population was digging underground tunnels. Similarly, French Foreign Legion was settling its command outposts on hills, as to dominate battlefields, and meanwhile, Metnarnese soldiers were digging the crops and burying themselves in the face and “vision” of the enemyI Proving, if necessary,that neurons from the retinas only account for 20% of vision. What was dramatically missing was not information, but knowledge in general, and an adequate form of ''knowing” in particular. “We are on the threshold of an era where order can be achieved largely through knowledgeI not necessarily through physical order” (13) the advancementof ''knowing'’, instead of the accumulation of ''knowledge”. Development ?f.na.tional :ntflllgenFIF =;pabilitie;'si'ould therefore target the improvement of interpretational and sense-Takjng :kills9 in:tel: of pursling th:utopia of the ubiquity of a knowledge seen as a commoditY. Such a self-decept.ion has .itSJrOotF :nJthe repF?dUcibility of information. Redundancy of information is a sefious waste of nsour?fs in. post pdHstrial d?:nocrlies b-i;-; is::;1:i,--ii'i;;;1 be: io less th;n 80 administnltive bodies distribute to small and large businesses th? Tame i==T:La: :q:ca; foR?i :fF:Ih:::raeudc: 1=:::1 :liII::::at:Fenni :o :h TnT:i!!:::fob:::#; ;lngjEt::IF;=iI:i =ifs :re:IE: : it would lead the Intelligence Cornmunity through the process of cultural change tDa manY Pf our b.u?iT:f:: Jh:aIve for u.s. spi,e bommand asserts, “Space is literally the fabric upon which we will weave our a?proaSh to knowl- Knowledge vs. Information, Knowing vs. Knowledge Understanding the differences between 'knowledge’ and 'knowing’ is essential to a successful entry in this new paradigm. “One contemporarycliche is that more and more turbulent settings are requiring organizations to use more and more knowledge. and that this in turn forces organizations to process more and more information” ( 14). A knowledge-base is all the learning of people and institutions more or less explicitly encapsulated in minds, brains, models, signals. culture, rules, guidelines. Greek philosophers used to categorize this human knowledge in three ensembles : the techne, the embodied technical know-how ; the episteme, the abstract generalization derived from knowing.how, and the phronesis, the wisdom of social practice, i.e. the ability to derive aggregatesfrom social learning. In modern management literature, the investigation of knowledge within and in-between organizations is rnerely derived from the same twenty-four centuries old conceptualization. The conventional view is that the relevant knowledge comes from explicit situational analysis, i.e. it is objective knowledge. As Detienne and Vernant pointed out ( 15). education in the Judeo-Christian world has been strongly influenced by the pursuit of Truth as the sole goa] of knowledge generation. Starting in 400 BC., knowledge is systematically understood as “objective knowledge”, leaving 'meaner’ forms of knowledge and knowing, Q such as conjectural knowledge Q, disregarded and low-grade. The governmental intelligence cycle itself is a pursuit of objective knowledge. Intelligence generation is driven by an objectivation force, that discards unreliable information and sources according to truth-setting rules. As Wilensky put it, the intelligence bodies are overcrowded with “facts-and-figures men”, who “introduce a 'rational-responsible’ bias” (1) “Facts-and-figures men are preoccupied with rational argument and criteria; their technical competence compels opposing parties to be more careful or honest in their use of information, to match each other expert for expert, fact for fact” ( 1 6). Thus, current doctrines of InfoWar are all implicitly based on a biased assumption that large.scale truth seeking is superior to depth and differentiation of knowing modes. Such doctrines are based on the belief that the process of organizations and nation’s 'getting into difficulties’ is essentially one of the degradation and increasing disutility of their knowledge-base ( 17). Yet. when doctrine generators are asked to define such a •'knowledge-base'’, they have to face their incapacity to describe and to qualify it. Knowledge-base, as a matter of fact, is a static concept. It assumesthat knowledge can be systematically put in the form of a representation, and neglects all various forms of tacit knowledge in general, and collective tacit knowledge, in particular. Thus, the same Judeo-Christian bias applies to the representation of knowledge. Knowledge is assumed to be merely a long-term representation ; is seen as a commodity ; is talked in terms of volume and stocks ; is described with a vocabulary bonowed to hardware management. In such a biased conception of knowledge, one usually distinguish short-term, or procedural, representations that can tn immediately acted on one side, and long-term, or structural, representations, whose access and development need several apprenticeships( 18). As a consequence, focus should be put on Milosevic are bad” (23 ) Misconceptions of management . b . 1 F Information Warfare Conferen6e Brussels ’96 infoWARcon 4 gies). traditional -market management” fails to grab critical issues. As R.D. Laing noted. the range of what we think and do is limited by what we fail to noticeI if nonmarket knowledge is not integrated in management duties and skills, it is bound to be neglected. Thus, “nonmarket strategies result from a management process that incorporates knowledge of the market and nonmarket environments, information about specific issues, and conceptual frameworks that guide strategy formulation and implementation" (26). Misconceptions of organizations Most organizations are unfit for the management and capitalization of intangible assets in general, and counterproductive in terms of knowledge generation. However true one ''must analyze the flow of information along the value chain as well as the movement of goods" (27), it might be quite insufficient to cope with the new conditions of competitiveness. The whole concept of value-chain, and the education given to managers on that matter, should be revised. Managers and scholars are used to thinking of organizations as stable contractual bodies, with physical locations (headquarters, plants, departments, etc.), while the new economics call for a focus on industries as sys_ terns, rather than buildings and walls. Bo Hedberg introduces the concept of “imaginary organizations” to picture these new economic conditions (28). An “imaginary organization” is a knowledge-infrastructure concerning markets, potential opportunities for production and creation of %lue€hains. Hedberg uses the example of Gant, an AmerIcan garment brand that was bought by Swedish investors, and developed worldwide. Gant has no propr{etmy plants. The whole organization consists of a team of managers that coordinate market needs and channels with a constellation of independent suppliers. The core competitive advantage of Gant lies in the corporation’s ability to coordinate market needs with independent systems’ inputs. Gant uses its knowledge infrastructure to define and find matches between independent production and design capabilities and market needs. This whole perspective of “knowledge infrastructures” is likely to be the dominant paradigm in the coming century. Hewlett Packard in France got rid of loces the infonnation directly to managers and maintenance engineers’ notebook screens through Electronic Data Interchange. LocalIY, Hewlett Packard suppressed many subsidiaries and branches. Managers and maintenance engineers work at home, being constantly on the move to meet customers’ needs and specifications on sites. The whole organization is transformed in a knowledge-generation node, with many peripheries where action is taking place. Could such a model be implemented on a national scale, and what would be social and welfare consequences? it is quite probable that such a “knowledge infrastructure'’ could be designed and irnplemented on a national scale. It would require administrations, large and small corporations and individuals to share a comrnunal information infrastructure where demands and supplies of tangibles and intangibles would find their matches. In such a perspective, competitive advantage of nations would eventually lie in national ability and speed to generate (and discontinue without social and economic costs) virtual value chains to operate them. Attempts such as the Department of Commerce’s Ad\,ocacy Center in the United States. and the Committee for Economic Security and Competitiveness (CCSE) attached to the Secretariat General de la Defense National (SGDN) in France, are evidently pursuing such a model. Both the Advocacy Center and the CCSE pursue an objective of coordination and alertness between administrative bodies and private organizations. However, while the Advocacy Center is located at an operational level with a direct link with the intelligence community. the French CCSE is placed under the authority of the Prime Minister. and its main focus is a supra-coordinationof administrative bodies (Ministries of Finances, Defense. Foreign Affairs, French Office of PlanningI) that already fulfill, more or less properly, a coordination role. Political ambitions, in France and in the United States. and intelligence communities’ internal conflicts, are however impeding the performance of both the French and American experiences. Misconceptions of economics & WELFARE Economics theories mainly failed, for they either never succeeded to addressthe benevolence issue in economic development, or rapidly lost its focus when attempting to grab it. Myths that surround the development of InfoWar or Infc)Economics, are mainly myths of malevolence: 'cyberwarriors’, 'viruses’, 'logic bombs’, etc. Whereas we leave the paradigm of economics of forces, physical order, heaviness and superiority of gender on genius, we tend to bring with us the bad habits of past and history. InfoWar experts and analysts react to the ernergence of the 'know'1edge paradigm’ with a defense attitude towards the unexpected. Whereasa global knowledge infrastructure could have been an opportunity to substitute a threat-equilibrium with 'integrative power’ (29). policy-makers tend to project ideologies and doctrines that proved to be wrong. instead of inventing the conceptual framework that will fit infoWJ icon Information Warfare Confelenoe Brussels ’96 the new economics. Two biases lie behind the design and mission of these governmental-level information coor(lination bodies. The first bias could be pictured as an “intelligentsialization” of the information infrastructure.Both governments have chosen a top-down implementation of their information infrastructure, thus applying obsolete governmental schemata to the managementof knowledge. While experts are calling for the developrnent of the largest “knowledge sharing culture" (30), national knowledge-infrastructure projects are being drawn with an elitist buyest. It might occur, around 2010, that such decisions were historical self-deceptions. Doing so, governments tend to confuse information logistics (a structural perspective) with knowledge sharing (an interactionist perspective). In other words, artificial efficiency is reached today because decision makers and policy makers who share information already hold the requisite knowledge to make this information actionable. Thus, it gives the illusion that the de\’elopment of an information structure is a necessaryand sufficient condition to attain a national knowledge infrastruc' ture. On the contrary, such a policy will prove to be counter-productive. It will eventually create an isolated body of upper-level knowledge, disconnected with the reality of social development and learning, and therefore, increasing the gap between people who act, learn and talk, and people being acted, learned and talked. Economic performance might be reached through an routinized logistics of generic knowledge amongst business leaders, industrialists and politicians, but social performance is already doubtful. Research findings suggest that permanent improvement and continuous learning cannot be achieved in situations ofdisarticulated socialization (31 ). Information infrastructures, as designed in American and French projects, favor information exchange, including possible use of infonnation highways, and neglect to design proper socialization devices that would enhance permanent and collective sensemaking. Furthermore, such knowledge infrastructures are already perceived by the population as jobs-destructive, in opposition with almost all fourteen points of Deming’s principles of continuous transformation (32). One of these principles says that fear should be driven out, so that everyone may work effectively. Surrounded by myths of malevolence, economic intelligence sharing-infrastructures, on the contrary, announces a quest for economics of coordination costs, worldwide economics of scale, and the birth of a knowledgeable elite, with privileged and discretionary access to uprising knowledge infrastructures. Hewlett Packard was an examplar on that point. Local managers disappeared, leaving their place to management technicians “being acted” by electronic data interchange. Many firms, more or less consciously, took this curve. Asea Brown Bovery ( ABB) reduced its corporate staff, after its fusion, from more than 40(X) to less than 300 “global managers”. Given the fact that middle managers already live and work in suburban areas, effect is an increasing gap between geographically-concentrated conceptual knowledge, and geographicallydispersed procedural know-how. Instead of encouraging a cooperative culture. knowledge infrastructures may implement a perennial rupture between an exclusive and very small knowledgeable suprastructure, and a very large, fragmented and desocialized, cognitively.taylorized substructure. In Deming’s theory, effectiveness is derived from continuous efforts “toward the simultaneous creation of cooperative and learning organization to facilitate the implementationof process-management practices, which, when implemented, support customer satisfaction and organizational survival through sustained employee fulfillment and continuous improvement of processes,products, and services” (33). Similar thinking can be found in intelligence history in general, and in the XVlth century Elizabethan doctrine of governmental intelligence in particular: “Elizabeth was intellectually the most enlightened monarch of her time. Francis Bacon writes that she was “undued with learning,” and “to the end of her life she sets hours for readingl (more than) scarcely any student of her time”. One way to please her was to talk ''In Praise of Knowledge”, as Essex did with his essay, most probably written by Bacon” (34) Queen Elizabeth I’s intelligence shadow adviser, Sir Francis Bacon, was the author of the Advancement of Learning in 1605, and also authored an essay entitled “Followers and Friends” in 1597. The other intelligence doctrine advisor, Sir William Cecil, authored on his part, of a forward-looking memorandum entitled Matters Necessary to be Done, TroublesI that all May Presently Ensue, Things Necessary to be Considered, With Speed, with Foreboding, With Foresight, Plots and Designs (35). Speed, consistency and sharing of knowledge'generation processeson a large-scale base were already put at the center of national development strategies. The difference between 16th century Great Britain and current industrial democracies, however, is a fundamental shift from obedience to commitment of the governed. To continue to design information infrastructures in the Elizabethan style, is overlooking that knowledge is nowadays widely distributed. ''Cooperation.in this context, is synonymous with collaboration among different individuals, groups, or organizations, where all entities are engaging in noncompetitive, mutually beneficial, win-win activities" (36). „„,„„„,„,M„M„„„„e8rtM„s,96 InfOWARCon infoWAXL,XIInformatIon Warfare Conference Brussels ’96 F 7 Why Shifting from l-War to K-War: A case-study As Wilensky once put it, “information has always been a source of power, but it is now increasingly a source of confusion. In every sphere of modern life, the chronic condition is surfeit of information, poorly integrated or lost somewhere in the system" (37). Roots of such failures can been found (a) in the persistent confusion between knowledge and information. (b) on the large-scale focus that has been given in education to cumulating of knowledge-bases vs. permanent improvement of the diversity and flexibility of modes of knowing. and (c) in the failure of scientists in integrating in new organizational forms and purposes, the advancements of social cognition and collective learning. Yet, “managers are becoming increasingly aware that informed adaptability is at a premium and to attain it they may need different modes of organization to find and solve different types of problems” (38). Nevertheless, and consistent with a perception of knowledge as a commodity, “organization” on one side, and “knowledge’ on the other side, are systematically approached distinctively. Organization theorists propose many alternatives and original organizational forms, but leave managers with the duty of generating adequate knowledge to operate them. Knowledge sociologists put much emphasis on the many forrns of socializations that participate in the build. ing of cognitive skills, but are reluctant to study how organizational design and knowledge generation interact. German definition of the world “Intelligenz” could shed some light on such an intricated issue. The WirtschaftsLexikon, a principal German dictionary, in defining intelligence, puts “an emphasis on mental processesgeared to adaptation, integration, and recognizing significant relationships. These processes are interesting: were we to consider them as characteristics of some organizational form, we would come very near to the 'intelligence system’ definition (D German thought also recognizes the importance of the perception of causal connection and of capacity for combination” (39). To achieve the integration of “knowing” and “organizing”, German authorities have historically put a strong focus on the continuity of education to intelligence in the society. After World War II, the Economic Police was nintegrated in national industrial infrastructures. Today, German students receive education from German Generals and Senior Military Officers in most business schools as to maintain a longitudinal awarenessof the role played by intelligence and military art in the understanding and design of business organizations. The Perrier case illustrates the irnponance of “the perception of causal connection and of capacity for combination”, so much favored by German intelligence (40). On July 3, 1989, Perrier and Pepsi Co are negotiating the creation of a joint-venture, in which Perrier would hold 65% of the shares. The negotiations are disrupted on July 16. In August 1989. Perrier sells its subsidiary, the Societe Parisienne de Boissons Gazeuses. which distributes PepsiCo in France to its main competitor. Coca Cola. This competitive move is perceived as a retaliation. In November 1989, PepsiCo denounces the poor performance of Perrier in the managementof its license. announcing the disruption of all contractual arrangements for December 1990. PepsiCo took Perrier to court on November 8, 1990 ; and announced. a day after, that it would be eventually interested in taking over the soft-drinks activities of Perrier, if stock price would be more attractive. Meanwhile, the Coca Cola stock reached the historical price of 72 S on November 18, 1989. On January 19, 1990, a laboratory of North Carolina in Charlottesville discovers traces of Benzene in samples of Perrier mineral water. Experts suspect the information to have been transmitted through a mole in Perrier production plant in Vergeze. “Causal connection” can be made between the test results. and the nearby location of a Coca Cola plant. The laboratory Manager does not remember having replaced its test equipment, but “combined” infonnation show strong evidence of all tests equipment being graciously replaced by a Coca Cola sponsoring of the laboratory. On February 2, ] 990, the Food and Drug Administration warns Perrier that mineral water being distributed in the United States contains Benzene. At that tirne, Perrier is a potential target for a take-over. Nestle would eventually be interested, and has made aggressive competitive moves on the European market. In particular. Nestle has managed to sing an exclusivity with Walt Disney Europe ; walking on Coca Cola traditional proprietary territory. On February 5, 1990, the Food and Drug Administration confirms the presenceof Benzene in Perrier mineral water. On February 10, Perrier is forced to acknowledge, but reacts very quickly by announcing that all bottles will be withdrawn from the market. On February 12, Perrier’s stock is loosing 14%. Suntory, the Japanese distributor of the brand announces the withdrawal of 10.0(X) bottle cases from the Japanese market. On February 14, German authorities forbids Perrier mineral water on their markets. The French Commission of Stock Operations (COB) announces an investigation on suspicious stock movements that occurred on February 9. Sales are stopped in the United States. Canada, Japan, Germany, Switzerland, Denmark and Hong Kong. The InfoWar could have found itS end in this last event, but Perrier held 25% of the American sparkling waters’ market, with an annual sales of US$ 5(D millions. Perrier reacted with great dexterity facing such an Info-Destabilization. Financial markets’ observers were promptly reassured on the integrity of the natural water source. The human error was fully explained with a worldwide dissemination of accurate counter-information. Sanitary authorities announces the results of scientific investigations: “The daily consumption of half-liter of Perrier during 30 years do not increase the risk of cancer”. The Perrier stock gains 6.3% on Paris stock exchange. The second phase of this large-scale InfoWar arises on February 20, 1990. A 36 years old Athenian woman asks Perrier 7,5 millions Francs for the damage caused by the explosion of a bottle that supposedly led to the loss of her eye. Evidence shows that the incident occurred on August 25, 1986, that is to say four years before. Several similar court cases appear in different places of the globe : a lawyer in Bridgeport defends Mrs Vahlsing ; eight similar cases of Class Action appear in Connecticut and Pennsylvania. Perrier discovers that Kroll, the investigative consultancy that took care of its information in the United States, has withdrawn keyinformation from its reports (41). In 1991, Nestle finally took over Perrier. Very similar cases of InfoWar, such as the Shell-Greenpeace Brentspar’s case, or the case of ''benzene threat” for Octel Co. Ltd in the United Kingdom (42), lead to the same conclusions : (a) an isolated organization cannot cope alone with large-scale InfbDestabilization without considerab]e loss ; (b) successful large-sgale InfoWars involve interorganizational agreements, and collective manipulations of worldwide information infrastructure (mass media, scientific institutions, customer groups, etc.), and most importantly, (c) ability to rapidly make sense (i.e. generating knowledge) is superior in counter-fighting InfoWars than systematic collection and compilation of open information, already coming from a corrupted or contaminated information infrastructure. Preparing for the K-Paradigm Sweden might be an examplar of a country that already engaged in the preparation for the paradigm shift towards Knowledge Warfare. In 1977, Dr. Ste\'an Dedijer started its business intelligence course at Lund University, educating and training many graduate students that would later become the men and women in charge of economic intelligence in such poups as Skandia, Volvo, or Ericsson. The latter company has organized a strategic group with the university of Karlstadt that investigates strategic issues of long-distance education and information highways. Participants of this group also participated in the 1992' Swedish Ministry of Defense seminars on the application of the C412 to strategic development. In a well-defined and well-applied strategy. another strategic group that put together economic, social, political and military leaders.such as Lars Hallen, the head of scientific attaches, Bjorn Wolrath, AB Skandia CEO, Goran Page1s-Fick, from Ericsson. Peter Nygards, State Secretary for Industry and Jan Foghelin, head of the Defense Research Center (Fosvarets Forskningstantalt) (43) started to build an “economic intelligence community'’ among business leaders in 1991. Originally narned “BISNES” (after Business Intelligence and Security NEtwork of SwedeN), on a proposed idea from Dr. Dedijer. the network adopted a more discreet strategY bY inviting for large debriefing sessions economic intelligence thinkers and leaders of the open world. General Pichot'Duclos, the head of Intelco, the French InfoWar and Economic Intelligence think-tank, was among the early guests of these sessions with businessmen,the academia, and the military. Sweden also holds the first rank in systematized intelligence activities in large companies in Europe ( M). Observations of Astra-Draco, E]ectrolux. Ericsson Radio, Gambro. Celsius Tech. Skandia, SCA Graphic, SAS, Telia and Volvo, as compiled by Hedin. show a good balance between strategic and operational objectives. a systematic supply-and.on demand intelligence for corporate management. a focus on information-sharing culture (e.g. systematic community meeting around the BISNES network), and a particular focus on knowledge acquisition processes(45). What can be learned from the Swedish exFriment? First of all, Sweden knowledge infrastructure do not seek publicity. Proceedings of the first open conference on Swedish nation-scale economic intelligence were not translated, and not available on any Web servers,although Sweden displays one of the highest rates of electronic information and telecommunications in the world. While Sweden is claiming to be behind with the knowlege warfare agenda, young Swedes can do their military service in economic intelligence activities. Second, the Swedish experiment is culture.driven. Informationsharing is for long a cultural practice among expatriate Swedes.Emphasis is put on a culture of knowledge sharing. rather than on the constitution of specialized administrative bodies. Third, the core of the Swedish knowledge infrastructure is not hardware-based, but it is a “community of practice and sense-making”. The BISNES informal network meets regularly. and sense-making is a communal and face-to-face process. Sweden. however, has favorable conditions that could be hardly met by other countries. It is higly culturally-homogenous. and its population is less F ( Information Warfare Conference Brussels ’96 lnfoWARcon information Warfare Coafeten ee Brussels ’96 ;X \ hH i•+• ; n= ::: F 9 8 than 10 millions. The level of reading is, with all Scandinavia countries. one of the highest in thi world. g of the whole education process of industrialized democracies. This is that simple, but policy makers will face strong resistance, especially from academics. Integration of strategic issues assessment should be put as early as possible in education. The current process is cumulative. The required process is interactionist. Instead of thinking of education in terms of sequentiality, policy makers should design education in terms of interconnectivity and interoperability. Many organizations would like today to increase the awareness of strategic issues among their engineers’ population, and vice-versa, to increase the awareness of technological issue among their commercial task-forces. To do so, they design new systems, centralized economic intelligence units that dispatches technical of market information to both communities. Some firms, like Intel, encourage hybrid teams of engineers and managers as to fertilize crisscrossed issues. This is a result of a Taylorized learning and knowing. Emphasis should put on judgment, cogntivie skills, cognitive flexibility, incongruity and ambiguity tolerance at the youngest age. As intelligence practioners very well know, intelligence in the hands ofdumbs has clearly no more impact than the same dumbs with no intelligence at all. In the knowledge warfare paradigm, strategic advantage does not lie in the concentration of facts-and-figures, but in the complementarity and singularity of the brains who interpret them. National widespread sense-making capability matters more electronic information highways. References 1. Bo Hedberg, Sten Jonsson, 1978, “Designing semi-confusing information systems for organizations in changing environments”, Accounting, Organizations and Society, Vol. 3, No. 1, pp. 47-64. 2. F.J. Varela, H.R. Maturana, 1994, L’arbre de la connaissance, Paris: Addison-Wesley. 3. H. Helmholtz, 1867. Treatise on Physiological Optics, Vol. III, translated from German by J.P.C. Southall (Ed.), 1962, New York: Dover. 4. E.L. Thorndike, R.T. Rock, 1934, “Learning without awareness of what is being learned or intent to learn it'’, Journal of experimental psychology, Vol. 19, pp. 1-19. 5. L. Hasher. R.T. Zacks, 1984, “Automatic processing of fundamental information’', American Psychologist, 48, pp. 15. Detienne M., Vernant J.P. (1978), Cunning Intelligence in Greek Culture and Society, translated by J. Lloyd, Atlantic Highlands, NJ: Humanities Press. 16. H. Wilensky, 1967. “Organizational Intelligence”, in The International Encyclopedia of the Social Sciences, David L. Sills (Ed.), Vol. II , New York: Macmillan & the Free Press, p. 321. 17. J ,C . Spender, Ph. Baumard, 1995, “An empirical investigation of change in the knowledge leading to competitive advantage”, Research Paper, presented at the Academy of Management Annual Meeting, in Vancouver, August 5, under the title “Turning troubled firms around: Case.evidence for a Penrosian view of strategic recovery”. 18. J.F. Richard, 1990, Les activites mentales, Paris: Armand Collin. 19. Ernest R. May, statement before the Senate Select Committe on Intelligence. 4 March 1992. 20. Frank Carlucci, testimony before the Senate Select Committe on Intelligence, 4 March 1992. 21 . J. Douglas Orton, and Jamie L. Callahan, 1996, ''Irnponant 'Folk Theories’ on Intelligence Reorganization”, The International Journal of Intelligence and Counterintelligence, Vo]tIme 8, No. 4. 22. W.B. Scott, 1995, “Information Warfare Demands New Approach”, Aviation Week & Space Technology, March 13, P. 86 23. Alex N. Dragnich, “Containing Serbia”, letters to the Editor, Foreign Affairs, November/December1994, Vol. 73, No. 6, p. 198. 24. The final report under the presidencyof Henri Mann, and co-authored by Ph. Baumard, Ph. Clerc and C. Harbulot, was published by La Documentation Fran aise in Februrary 1994, under the title Intelligence economique et strategie des entrepdses. The Mirage 200.5 case study was withdrawed from final publication, 25. H. Wilensky, op. cit., p. 323. 26. David P. Baron, Fall 1995, ''The Nonmarket Strategy System”, Sloan Management Review, p. 75. 27. T.A. Stewart, 1995. june 12, “The Information Wars: What you don’t know will hurt you”, Fortune, p. 119. 28. Bo Hedberg, Imaginary Organizations. forthcoming, New York: Oxford University Press, 1996. 29. For developments on integrative power. see Kenneth E. Boulding, Three Faces of Power, London: Sage Public& tions, 1990. 1372-1388 30. See Ph. Baumard. G Guerre Economique et Communaute dUlntelligence H. La Revue Politique et Parlementaire (Political and Parliementary Review), Paris. January 1992: Ph. Baumard, Strategie et survei]lance des environnements concurrentiels, Paris: Masson, 1991 and Ch. Harbulot. La machine de guerre econonrique, Paris: 6. J.G. Jenkins, 1993, “Instruction as a factor of incidental learning”. American Journal of Psychology, Vol. 45, pp. Economica, 1993 47 1 477 31. J.C. Spender. Ph. Baumard, op. cit. ; I. Nonaka. H. Takeuchi. 1995, The Knowledg Creating Cornpany. How Japanese Companies Create the Dynamics of Innovation, . New York: Oxford University Press. 32. W.E. Deming, 18986, Out of Crisis, Cambridge: MassachussetsInstitute of Technology, Center for Advance Engineering Study, pp. 23-24. 33. J.C. Anderson. M. Rungtusanatharn. R.G. Schroeder, “A theory of quality managernent underlying the Deming management method”, Academy of Management Review, 1994, vol. 19, No. 3, pp. 480. 34. S. Dedijer, 1989, “British Intelligence: The Rainbow Enigma”, The International Journal of Intelligence and 7. W.B. Scott, “Information Warfare demands a new approach”, Aviation Week & Space Technology, March 13, 1995, P. 85 8. http://indigo-net.com/Imr.html. Archives since 1993 are available in English on the Net. 9. J.S. Brown , R Duguid, 1991, “Organizational Learning and Communities of Practice” Toward a Unified View of Working, Learning and Innovation”, Organization Science,Vol. 2, No. 1, pp. 40.57. 10. W.H. Starbuck, in the preface of R Baumard, 1996, Organisations deconcertees. La gestion strategique de la connaissance. Paris, Masson. Forthcoming: London, Sage, 1997. 11. J.E. Lave, E. Wenger, 1991, Situated learning. Legitimate peripheral participation. Cambridge: Cambirdge University Press. 12. General F M. Franks, Jr., ''Winning the InformationWar: Evolution and Revolution'’, speech delivered at the Association of the U.S, Army Symposium, Orlando, Fl., February 8, 1 994, in Vital Speeches of the Day, Vol. 60. Issue 15, p. 455. 13. General F.M. Franks, op. cit., p. 456. It is noticeable that Harry Howe Ransom’s “Strategic Intelligence” article ( 1973, General Learning Press), when using the Viet Cong guerilla as an exemplar. and using an intelligence estimate NIE 143/53-61, “Prospects for North and South Vietnam”, dated 15 August 1961, does not mention the existence of the \6etnamese underground logistics, and suspects the “Bloc to bui]d up the eastern part of south Laos, improving the roads, mountain trails, and airfields, as a major supply channel" (p. 7). This is an exemplar of applying a cultural mode of knowing that projects ethnocentric schemata on a singular reality I 14. W.H. Starbuck, op. cit, Counterintelligence, Vol. I. No. 2, p. 82. 35. Quoted by S. Dedijer, op. cit, p. 83 36. J.C. Anderson. M. Rungtusanatham, R.G. Schroeder. op. cit., p. 483. 37. H. Wilensky, op. cit., p. 331 F q+; r h + n + H : Information Warfare Oedema@ 8w$sels ’96 alfoWABCon klfoWAR(hl Id,r„,ti,n w,Mr,c„f„,„Ge Br„sd, ’96 11 10 43. Source: The Intelligence Newsletter, march 7, 1 996, “First large public conference on economic intelligence in Sweden”, No. 283. zU. H. Hedin, 1993, “Business Intelligence Systems: systematised intelligence acitivities in ten multinational companies”, The Journal of the Association of Global Strategic Information, pp. 126- 136. 45. Lars Bengtsson, Jessica Ohlin, 1993, “Strategy Formation and Knowledge Acquisition Process”, in Larsson et al., Research in Strategic Change, Lund Studies in Economics and Management, 2] , Lund Uni\'erSity Press. 46. Charlie Mingus, 1 977, "Creativity", Mainliner, 21 (7), p. 25, quoted by W.H. Starbuck and P.C. Nystrom, 198 1, “Designing and understandingorganizations”, in the Handbook of Organizational Design, Vol. 1 , Oxford University Press, p. 9. FI Philippe Baumard, Ph.D. Professor of Strategic Management University of Paris.XII ProfessorPhilippe Baumard is the former Secretaryof the Comission of Economic Intelligence and Corporate Strategies, 1993- 1994, placed under the Authority of the French Prime Minister. He co-authored the Committee Report that led to the creation of the Committee of Economic Security and Competitiveness (CCSE), placed under the authority of the Prime Minister of France, and located at the SecretariatGeneral de la Defense Nationale (SGDN). Dr. Baumard authored 4 books on organizational and the strategic managementof knowledge, including PuzzledOrganizations, forthcoming by SAGE Publications (London, New York ) in 1997. He is intensively traveled, and participated in the first open economic intelligene conference held in the People Republic of China in october 1991 . He also gave speeches on the issue of national knowledge strategies in Saudi Arabia, Hungary, Japan, Hong Kong, and at the Open Sources Solutions symposium in Washington in 1993. He is a consultant and corporate staff trainer for numerous multinational, including Fortune 500s. He is former\asiting Scholar of New York University, the University of Technology, Sydney and Oxford University. F ( Information War{are Conferen6e Brussels ’96 dfoWARcon F krfoWAR,on Information Warfare C08ferenee Brussels ’86 13 12 COLONEL CHARLES J, DUNLAP1 JR.I USAF Staff Judge Advocate colonel Charles (Charlie) J. Dunlap, Jr. Command Offutt AIr Force Base, Nebraska. having [}if;8;;iy Is Statr Judge Advoc8te (SJA). !Jnlted States assumed those duties in J8nuatY 1995' award' for the -Best Case Study• of the dass. StrategIc ============== Page 9/17 ============== F-„ 14 „„„„„„„„,M„Confenn6e8w$sets,„ hfoWARcon hfoWAhn „„„„,„„,M„,„„,,„„„„„„,„ G Hackers: National Resources Ol Merely Cyber-Criminals? Co-Moderators Mich Kabay and Robert Steel€ Panel: Rop Gonggrijp Hactic and The Digital City Amsterdam, Netherlands Andy Mueller-Maughn CHAOS Computer Club, Germany Philippe Langlois INTRINSec, France ( I i{lfoWARcon iabtmMon Warfare CMhrenee Bru$$Us ’96 G ============== Page 10/17 ============== Keynote . 6 -*lnfaBnatioa Warfare t;onferenoe Brussels ’96 infoWARcon infoWAKonInformation Wadare Conferenee Brussels ’96 H Creating Smart Nations Through National Information Strategies: Intelligence and Security Issues Robert Steele ( krfoWAR.on!nformati08 Warfare Confeten6e Brussels ’96 H 1 Speech to Surveillance Expo '94, 11 August 1994, McL£an Hilton, Virginia NATIONAL AND CORPORATE SECURITY IN THE AGE OF INFORMATION MR. ROBERT D. STEELE. PRESIDENT Direct Telephone: (703) 242'1701 It is impossible to establish corporate electronic security measures in a vacuum. Sound corporate electronic security is unaffordable and unenforceable unless the Nation as a whole provides for the security of the digital environment, unless the Nation itself has a national information strategy with embedded communicationsand computing security policies and practices, This speech is about how you need to get your Chief Executive Officers (CEO) to understand the fTagility of the international communications & computing industry, and of our national and global information infTasFu£tures. If our CEOs don’t focus on this, and lobby aggressively for a national information saategy which includes elecaonic security standards, elecaonic security testing, eIecaonic security education, electronic security law, and elecaonic security tax incentives, then you individually are engaged in mission impossible-, and destined for catasuophic failure at some point in your future careers. This speech is also about how you need to quickly develop a legal strategy for being able to prove due diligence with respect to elecuonic security on your part, and lack of due diligence on the pan of your communications and computing suppliers of both prulucb and services. There is going to be a tidal wave of legal liability suits in the next five years, You need to rapidly establish internal testing, auditing, and documentation procedures that will protect you in court from stockholders claiming you have failed to protect proprietary information; and also help you to win damages hom suppliers whose deficient products allowed your systerns to become infested by electronic cockroaches, many of which will desaoy or degrade data and performance. 1 1 CDS Langton Arms Court , Oakton , Virginia 22124.1807 Voice: (703) 242-17CX) - Facsimile: (703) 242- 171 ] Internet: < oss@oss.net > ( \Information Warfare Gonferen6e 8ru sseI s ’96 2 rnfoWARcon infoWAK.onInformation Warfare Conferen6e Brussels ’96 3 At this time, our Nation has a communications& computing house built over a sinkhole. It is simply not safe to work and play in cyberspace, and it will take at least five and perhaps ten years of concerted effort to rectify generations of neglect. An entire generation of hardware and software engineers has emerged for whom the word -security- has no meaning, with the result that it is vinually impossible to purchase and administer complex systems which support proper security. At the same time, corporations have been slow to realize that they are buying infected or deficient communicationsand computing products, while also failing to recognize and document financial losses stemming ham electronic defects. It is my impression that most corporations do not have adequate testing and auditing procedures in place. It shou]d concern you that one organization–one which I consider very computer-literate–found over StD viruses in a single year inside of shrIra-wrapped prQdug is delivered directly from the factory. They lose twice. On the one hand, because the proprietary information is in the larger system, and the larger system is simply too large to TEMPEST and manage according to wellestablished safe C41 practices, the corporation does not properly protect its secrets. They are out there with the general information population, and can be gotten to. On the other hand, because the secrets are on the main system, the corporation lives in fear of being peneaated, and therefore prohibits or seriously constrains external connectivity, thereby handicapping employees who might otherwise have e£tablished effective elecaonic access to customers, suppliers, advertisers, and others, as well as data held by others outside the company. In the Information Age-when information is a substitute for time, space, labor, and capital-the survivability, security, integrity, and reliability of information becomes the most fundamental foundation for national security and national competitiveness. TIle Narional Information Infrastruauw (NII), and LocIJng the doors and avoiding external contact is not the answer. Organizations are finding that in an era of disaihuted information, the old solution for security--system isolation and physical security-is simply not feasible. In the age of information, security comes from knowing that what is worth protecting. is womb protecting well. Proprietary information should be in an isolated system with full TEMPEST protection, access conaols, and access audit uai is. At the same time, one must understand that in the age of distributed information, security can also be found in speed, a speed of collection. processing. and dissemination that cannot be achieved in a closed TEMPEST environment. Connectivity to content is at the heart of corporate competitiveness today. and misguided security policies and practices which artempt to protect employees by cutting off access to the external world are in fact the death knell of the corporation. L£t me elaborate on that for a moment. for I have found that corTnradons are making the same mistake the U.S. intelligence community is making. Any given organization deals in two kinds of information: 20% of it is internal, precious, and considered proprietary or classified. This information merits exceptional security. 80% of the information, by conuast, is not only routine, but actually has a barter value. This includes basic market survey information, customer data, and so on. Where organizations go wrong is in mixing both kinds of information on the same system the larger Global Information InfTastrucruu (GII) of which it is the core , alun provide the knowledge workers of America with a safe working environment. in keeping with international labor standards, the +yoder whose labor depends on the NII must be assured that the product of their labor is protected. We have a house built over a sinkhole! While I will address service and product reliability, I must first express my grave concern over the total vulnerability of our society-of every aspect of our commerce, banking, and aade as well as the other sectors addressed today-to interruption of services and the destruction of data. It is my view that the civil infrastructure for our national communications and computing is of such enormous importance to our survival and prosperity as a Nation, that a Presidential initiative should be immediately undertaken to shift one billion dollars a year from the Department of Defense to the NII, in order to provide for a minimal level of -rear area security- . Wor lang with hackers from Europe, New York, and the West Coast, I have over time formulated a simple list of the top ten targets in the United States of America--urgets easy to desFoy, targets whose desuuction would bring this country to its knees in three to seven days. Among those targets 1 include satellite dishes associated with the Global Positioning System, which incidentally also provides computer time 2 3 H ( InfoBnaHan Warfare Gonferenoe Brussels ’96 4 dlfoWARcon iafoWAR_onInformation Warfare Confetea6e Brussels ’96 H 5 synchronization as well as the precision guidance for advanced munitions; satellite dishes associated with our major intelligence and defense activities; the telephone switch in Virginia which serves the National Capital Area; computer. directed telephone and power grid uansfer points, and the computers associated with our major banking and financial institutions. The ease with-which these vital services can be interrupted cannot be understated. A single day’s failure in banling costs billions of dollars in lost interest, penalties, and recovery. Taking a really mundane example, let me note with arrxiery that all of our most important cable crossings, which coincidentally are also the easiest to damage accidentally, have large signs at their point of exit and entry to the water--signs which say, in effect, -cut here-. It is of concern to me that we have an entire generation of communications and computing engineers who have gone from studies to striving to standards, all without ever having to consider security requirements. It has been a free ride with no accountability. Unfortunately. while the Internet and other elements of cyberspace have been evolving in dramatic fashion, they have also been creating an elecaonic environment of such complexity that we are now vulnerable to catasuophic failures. What Charles Perrow calls the -normal accidents- of highly technical systems are upon us. Government has failed to provide the leadership and the funding necessary to nurture a robust gamut of security standards in the private sector. There is a grohfng constituency of respected authorities and leaders of public thinking who are gravely concerned aboul lhc dangers that are proli fe ruling in cyberspace. It includes not only my fTiends Alvin and Heidi Toftler, Paul Saassmann. and Winn Schwartau, whose most recent books have served to sensitize not only our own public, but also foreign governmenLS and corporations as to the opportunities and risks inherent in doing business in cyberspace. Both our own public, and our political and economic partners around the world, are looking for leadership, and they are all focused on security rather than connectivity, as the litlnus test of a credible NII/GII. 1 will also tell you, in my capacity as a student of war and peace in the age of information, that I believe the greatest threat to our infTasUUcture is not hom other nations, but rather from financially-motivatedindividuals. Individuals taking short positions on specific information-intensive companies, who can then cripple those companies by degrading or desaoying their data; and individuals able to exploit a specific company’s vulnerabilities and then hold its electronic environment hostage to ransom, come to mind. It should 4 concern all of us is that the ability to wreak subtle and not-so.subde havoc is no longer restricted to those brilliant individuals called hackers--the spread of shareware has placed enormous power in the hands of fools. Consider the implications of this power in the hands of someone who knows how to buy short on the stock.market, and is able to select a corporation whose information infra£uucture is a critical aspect of its profitability. Degrade performance, desaoy data, and reap the dividends, all the sweeter for being able to bet against the market with the confidence of one who knows when the electronic attacks are going to have their effect. I have chosen to focus on the issue of interruption of services, and the need for a billion dollar a year realignment of funds from Defense to the NII, because I believe that the underlying survivability of the system is a precondition for its security, integrity, and reliability. It would be a significant error on the pan of the Administration, and of Congress, to allocate millions or billions of dollars to the development of information warfare capabilities against others, as we are now planning. while ignoring the urgent unfunded needs for security within our own elecaonic environment. We live in the proverbial -glass house-! You cannot survive interruption of services which stem hom a basic government failure to provide a safe working environment in cyberspace. This is why your CEOs must be mobilized and must lobby for a national information saategy act which provides funding for basic security measures throughout the electronic network that is now the life-blood of our productivity. Between 40 and 60% of the Gross Domestic Product is considered to be information services work, depending on who is counting what. This means that 40 to 60% of our productivity is at risk--is vulnerable to a total shut.down of the elecaonic transportation links which do not have a fraction of the security common to the physical transportation links that supported our national power during the industrIal age. Apart hom the fundamental issue of electronic survivability, we have the issues of reliability, integrity, and content security which are being addressed by- the NII Security Committee, where I was one of nine people testifying on commerce and banking concerns this past 15 July 1994. The fact is that we ue, as Dr. Vint Cert, President of the Internet Society has put it, -behind the eight baH- on national information security standards, testing, law, and practice, and it is your corporations that are going to pay the price when we have a series ofelecuonic Chernobles across the country. 5 ( Infonnation Warfare Conferen6e 8ru ssets ’96 6 infoWARcon infoWAR,,on.Information Warfare Conferenee Brussels ’96 !! 7 We have entered an era when corporations are going to live or die based on their ability to rapidly exchange elecaonic knowledge and information with one another. However, neither our legal system nor our economic model have kept pace with elecaonic democracy and elecaonic productivity. Worse yet, it is simply not safe to work and play in cyberspace. elecaonic AIDS is being spread in cyberspace by elecuonic cockroaches, and we have no established program for maintaining sanitation and security in our elecaonic working environments. The U.S. financial sector should be the first customer for in.depth threat briefings and hands-on demonstrations of both remote data theft and active data desuuction technologies. In consultation with Bill Caeli in Ausualia. Winn Schwartau in Florida. and a couple of others I choose not to name, I have come to the conclusion that we must all work hard to get our respective Governors, Senators, and Representatives to insist on the immediate realignment of $ 1 billion a year from the Department of Defense budget to the National Information Infrastructure budget. I recently testified to this effect before the newly formed NII Security Committee, and was asked how I would propose the • 250 million a year to c£tablish elecaonic privacy guidelines and models, and to implement them across critical government systems such as the Internal Revenue Service, Social Security Administration, and Veterans Adminisaation. These funds would also be used to provide incentives-priorto imposing sanctions-on private sector databases. As Winn Schwartau has noted, privacy begets security. I $n: note as a corollary that security nurtures productivity. Thomas Jefferson would be the first to state, quite firmly, that our laws in this area are archaic and need immediate and comprehensive definition. The Adminisnation has abdicated its responsibility for maintaining civil rights in cyberspace; this is something I expect will come up in No\’ernber 1994 and again in November 1996 billion a year he spent. Following is my response: – ICXJ million a year to establish and operate a joint governmentprivate sector consortium, completely independent of the Adminisuation, to establish security and privacy standards. The Internet Society model for standards development is much superior to the naditional process, and could serve as the foundation for this consortium. I would endorse the idea of having The Internet Society, in association with the IEEE, administer the consortium. I would like to see the DoD Office of Net Assessments assume a greater role in evaluating our vulnerability. and to create a special oftlce in the Federal Bureau of Investigation which is dedicated to e]ecuonic counterintelligence in direct support of the private sector. The first thing they should all look at is the proposed backbone for the NII, which I understand is incapable of coping with ulaa high speech cr)ptographic data saeams. • 150 million a year to establish independent testing and certification laboratories to verify the efficacy of information security products. I am grave]y concerned by the number of viruses contained in shrInk-wrapped products (both hardware and software) reaching the consumer, and I speculate that the legal profession is about to reap a bonanza from product liability lawsuits. These funds should also be used to nurture beta sites in the private sector, as a rneans of ensuring–as the Internet model ensures-that standards are in fact effective and practical in a real-world context. – 150 million a year for an aggressive, high profile, education and awareness program aimed at both the government and the private sectors as to the risks and wlnerabilities of the NII, and methods of protection. It is not humorous to note that the comparison between ’'safe C41- and -safe sex' 6 – 350 rnillion a year to rapidly overhaul or rebuilt security components in those government and public service systems (including telephone and power su'itching stations, and financial industry computers) which have open access and are exaemely vulnerable to desuuction of data or interruption of sen’ices I find it ahsolutely frightening to contemplate the ease with which this Nation. and its major defense. governance, and private sector enterprises. can be brought to its knees by a few individuals armed with either talent or secondhand shareu'are. 1 also find it uouhling to learn of our plans for major investments in developing information warfare capabilities against others. at a time when we live in a proverbial -glass house". Our "rear area securiry' is non-existent, and yet our national security leadership is proceeding as if nothing were amiss–just another Sunday in Hawaii.... . lacking a coherent strategy for the enhancement AND PROTECTION of the central resource of our economy--KNOWLEDGE'-the United States of America risks losing bah its polirical and its economic leadership in the arcades la come. Our failure to adopt a national information suategy and provide for -safe C4 I-, is analogous, to use a Cold War example–to not having had a £uategic nuclear deterrent and a conventional army. There is an mms race going on in cyberspace, and we are not competing effectively. Our non.profit educational corporation is the original and leading advocate for a national information suategy. It is our view that both our 7 H ( Infor7natiod Warfare Conferen6e Brussels ’96 ,nfoWARcon krfoWAR_ Ja Information Warfare Conferen6e Brussels ’96 9 8 national security and our national competitiveness me at risk because the NII, a most worthy undertaking focused on connectivity, has failed to aniculate obiectives and find funding for three other critical elements of the national information saategy, one of which concerns us todaY: communications ang computing security. We are the authors of draft legislationl -The' National Information Saategy Act of 1994-, and we are firmly committed to helping the President and Vice President enlarge the NU/GII so that communications & compudng security is a deeply em6edded and ever-present aspect of our national security and our national competitiveness. You are de platoon commanders in this electronic war, and right now you have no higher -headquaners1 no aninery1 no air cover, and a three day supply of rations and ammo. MR. ROBERT D. STEELE (VIVAS) Mr. Steele is the founding Chairman and CEO of OPEN SOURCE SOLUTIONS Group and its two affiliates, OPEN SOURCE SOLUTIONS. Inc. and OPEN SOURCES, SYSTEMS, & SERVICES, Ltd. Mr. Steele is an internationallyrecognized advocate for information strategies which harness the full range of private sector capabilities, and is also a noted commentator on information warfare. -Have a nice day... In the course of an eighteen year career in national and defense intelligence, Mr. Steele has served three overseas tours as a clandestine service case officer, supported covert operations, participated in strategic signal intelligence acquisition operations, helped program overhead imagery satellite resources, served as a military intelligence officer, and been the senior civilian responsible for establishing a new national intelligence production facility, the Marine Corps Intelligence Center. NOTE: For a copy of draft legislation1 and talking points for the Vice President, call (703) 242-17CX) or fax (703) 242-1711. A coPY of both are Mr. Steele has since 1988 been a strong advocate for the improved exploitation of open sources, and is the originator of the phrase, -do not send a spy where a schoolboy can go". In recognition of his campaign to restructure national intelligence, better integrate private sector capabilities, and increase government and corporate utilization of open source intelligence (OSINT), he has been twice-named (in 1992 and 1994) as one of the -Microli mes 1(X): Industry leaders and unsung heros who...helped create the future-. He and his organization are also featured in Alvin and Heidi Toffler’s latest book, War and Anti-War. Survival aI the Dawn of the 2151 Cenrury , in the chapter on -The Future of the Spy - . available in cyberspace, at < ass.net > , accessible via gopher9 waist Of ftP His organizations sponsor the annual international symposium on -Global Security & Global Competitiveness: Open Source Solutions-; assist international clients in establishing open source inte]ligence capabilities and exploiting the full range of public sources, systems, and services available for private intelligence and decision-support; publish an international newsletter, OSS NOTICES', and maintain in cyberspace. Mr. Steele holds graduate degrees in international relations and public administration, completed the Harvard Executive Program (Intelligence Policy), and is a distinguished graduate of the Naval War Col]ege. He resigned from the civil service in 1993 after an eighteen year career in national and defense intelligence, but remains Adjunct Faculty for Intelligence at the Marine Corps University and lectures at other colleges and universities. 8 11005 Langton Arms Court, Oakton, Virginia 22124-1807 Voice: (703) 242-1700 - Facsimile: (703) 242-1711 Internet: ============== Page 11/17 ============== H 10 . InfoRnatioa Warfare Conferen ee 818 sseI s ’96 rnfoWARcon hfoWARA)n„f„„,H„WaMr„,„„,„„„,„„,,„ I The Convergence of Military and Commercial Vulnerabilities Moderator: General Jim McCarthy, USAF (retired) Panel: Larry Wright Vice President, Booz, Allen & Hamilton Dr. Leroy Pearce Sr. Technical Director, representing Maj Gen Leech, Asst. Dep. Minister of Defence Information Services, Canada Col GS Ulrich N. Fierz Swiss Army kloWAKton inforrnation Warfare Conferenee Brussels ’86 la ::re:: ==:dE Convergence of Mil & Civ VulnerabIlities Dr. J. LeRoy Pearce Defence Information ServIces Organization Mu .A HI ::== :He Outline o EW,lore the similarities of CivII and Military Knowledge Management Systems o 95% + of MIIItary communIcatIons is carried on leased commercial cIrcuIts , the base informatIon technologies used are the same Going DIgjtal 89g Information Storage CommunIcations InformatIon ProcessIng I 1 I Inhrmdion Warfare Conference Brussels ’96 2 dSoWARcwI iafoWAhon InformatIon Warfare Conferenoe Brussels ’96 CorPorate Asset Management the Power of HI :==: :HIit I +1 Hsu end Defense DJ :== f T===h Dclc8ce 8att•a•lc user's vIrtual network theft of loformatlon What are the denIal or depd%tIon of servIce InhrTn8do,Wadare c,„fenn6, Brussels’96 I+J :::== :::=1, lnfoWARcon infoWARcon information Warfare €onfae06e Brussels ’96 1+J ===: n ncore always multilevelsecurIty 1%1% Public Key EncryPtion lcce8s coottol dIy$1cal attacks HI £F£l:: a 8utbe8tlcatlon Conclusion • cIvII systems are currentjy more vulnerable but the need for protectIon is recognized aDd tHing Pursued ee e • miIItary use of commercialjy based systems and technojogy is growing ... • there is a convergence of Intormatloo Infrastructure fDlIJ hI D::== Mt=l vulnerabilities eee I ( Infonttation Wadan $onfeten6e 8111ssets ’96 6 alfoWARcoa infoWAR,.,xl Information Warfare Confeten6e Brussels ’96 I 7 Dr. Leroy Pearce Sr. Technical Advisor representing Maj Gen Leech Assistant Deputy Minister of Defence Information Services, Canada Dr. Pearce received his B.Eng and M.Eng degrees in Electrical Engineering from Carleton University. He was awarded the Ph.D. degree by Queen's University. Kingston. Ontario. for his res%roh into the optimumreception of digital. frequency+nodulatcd signals. Upon leaving Queen's University. he spent a year at Bell-Northern Research Limited working on the problems of bidirectional visual communications and in particular the local distribution of the associated wide bandwidth signals. In 1972. he joined the CommunicationResearch Centre to commence research in the area of militaIy satellite communications. After the completion of original theoretical and experimental research into the intermodulation performance of nonlinear solid state UHF power anplifiers. he was instrumental in the early nseanh activities that led to the establishment of the DND satellite-aided search and rescue system. Tlris system has resulted from a cooperative intcmational development project and has been creditedwith the location of many aircraft crash sites and the saving of the associated hundreds of lives. Continued research by Dr. Pearce resultedin the development of several prototype satellite communication earth terminals. many military communication system studIes and an advanced extremely-high.frequency (EHF). highly suwi%ble military satellite communications research and development project that is currently valued at S50M. This R&D activity is the basis of several, longer range, DND operational communications projects, In 1 987. Dr. Pearce was qpointed to the position of Director of the Electronics Division at the Defence Research Establishrncnt Ottawa. His research areas of responsibility included military satellite communications. space-based radar surveillancesystems, electronic navigation aids. strappointedChief of the Defence Research Establishment. Ottawa (C/DREO). After serving as a special advisor to the Associate Assistant Deputy Minister (Materiel) on future R&D direction in 1993. Dr. Pearce is now working as the Senior Technology Advisor to the Assistant Deputy Minister of the Defence Information ServicesOrganization (DISC)). He is currently very deeply involved in the infonnation technology. cognitive science. re€ngincering and business aspects of the information managernent that is underway. Dr. Pearce served for several years as the Canadian National Leader on the ncP STP# (Space Communications) technical panel. In 1987. he was appointed the Canadian National Leader of Subgroup S (Communications Technology and Cz Information Systems). He is currently the Executive Chairman of the Communications. Command. Control and Information Systems Subgroup. In 1990. Dr. Pearce was appointed as the Canadian member on the Scientific Committee of National Representativesat the Shape Technical Centre, and in 1992. he was nominated Chairman of this Committee. Dr. Pearce is a member of the APEO, IEEE and AFCEA ============== Page 12/17 ============== I „„„M„„’„„„„'„„„„„„„’„ infoWARcon infOWARCOIIInhrmaHonWaMreCgn„„„„„,„*,„ J Societal Impact of Information Warfare Moderator: Winn Schwartau Panel: The Croatian View: Predrag Pale Chairman of the InfoTech Coordinating Committee Ministry of Science, Technology and Informatics Dr. Ken Dark Fellow University of Cambridge, UK ( infoWAhon information Warfare Conferen6e Brussels ’96 Civilian Vulnerabilities and Sensibilities K,R.Dark The ability to strike at non-military targets has been one of the principal features of 20th century war. In WW2 and after, these have often been the subject of two key types of attack: large-scale bombardment (whether with conventional or nuclear munitions) and low-intensity operations. Both forms of attack were, and are, widely perceived by civilian populations throughout the West, as causes for concern. This concern justified military attempts to secure the threatened populations form such risks. Information Warfare (IW) has greatly increased the ability of an enemy to strike at important civilian targets in the West, for two key reasons . First, the equipment and training needed to launch a large-scale attack are relatively cheap and easily available compared to, say NBC weaponry or heavy bombers. This will render IW available to a wide range of potentially competing or other hostile groups, including some (such as business organisations) not normally seen as international security threats. Second, Western defences (here I include both physical protection and psychological deterrence) against such strikes are far less formidable than those established to defend the West against large-scale conventional or nuclear attack. At present we are only weakly defended in this area. Two further factors must be taken into account which complicate this issue. First, IW attacks may be far harder to foresee (at least in detail), and may change form more rapidly in the course of combat, than previous threats. Second, they may be launched from greater distance and under greater 'cover’. than is usually the case with low-intensity operations. Yet.the destructive potential of IW attacks is potentially comparable to large scale bombardment than to a terrorist bombing campaign. For instance, if the defences of the New York,Tokyo and London stock exchanges were breached simultaneously, severe economic damage could be wrought. This is without taking into account the possibility of hostile information-control and 'psyops'. maximising the effects of enemy action and limiting morale-boosting counterrneasures IW capabilities in are likely to increase dramatically over the coming decades among states and terrorist groups alike. Smaller scale IW could easily become prevalent in areas in which other forms of warfare are not found. such as international business. So civilian and military threats and issues may become far less separable than at present. There is also very wide range of specific civilian vulnerabilities to IW attack {I give various examples in the paper} many of which could be hit in a single organised strike. Such an attack might be launched from highly dispersed locations, all easily concealed in civilian society. Current J Information Warfare Confenn6e Brussels ,96 infoWARc011 k#oWAKon information Warfare ConferelIee Brussels ’96 J 3 2 evidence suggests that even the most sensitive civilian targets have greatIY insufficient defences against an IW attack, and the high-dependence of the Western economy on Information Technology and long-distance communications hardly helps matters. Obviously, these points apply-at a smaller scale -in the case of isolated attacks on civilian targets. A final point must be considered: the acceptability of IW defences (and attacks by the West) to Western civilian populations. This has been much too inadequately examined when discussing IW overall. CurTent sensibilities about the 'surveillant society’ and about personal information security, should alert us to the limitations which liberal democracy is likely to impose on such operations. The character of IW may mean that we cannot assume that the same level of risk will be perceived by the public as results from other threats. Even in an attack, it may be difficult to convince many citizens that their security is under threat, rather than 'big business interests’ for example. The problems of mass-communication in an IW situation would hardly facilitate the enactment of effective countermeasures. However, public worries over personal information security and economic growth might help convince a sufficient majority of civilians that IW threats are serious problems for the West, to enable democratic support for the required actions. This alerts us to the greater importance which must be placed on evaluating the role of civilian vulnerabilities and sensibilities in IWt and of recognising the problems posed by any form of government-sanctioned information control in a Western democracy. For civilian organisations. such as businesses, it highlights the risks posed by IW and the urgency of effective defensive measures. If these, and similar, problems can be overcome, IW promises to be the most important new tool in securing peace. freedom, economic growth and democracy in the post-Cold War period. Fragile Networks: the danger of escalating infowar in a globalised economy The sudden and dramatic collapse of Baring's bank (and the role played by a lone 'rogue trader' in bringing this about) illustrates–on a relatively small scale-- the extreme vulnerability of the contemporary financial system to unexpected and even apparently irrational, acts. Actions inducing the sudden disruption of trading or financial systems, can have unpredictable consequences in world increasing conneted through global markets and transnational corporations. These acts may be those of a criminal, or derive merely from 'human error', or they might be the result of the prosecution of a policy of deliberate sabotage or subversion as part of direct military action. Whatever their origin, their potential destructiveness to the smooth operation of international markets and economic systems cannot be doubted. One of the principal weakness producing this area of systemic vulnerability is the extreme reliance of Information Technology in today's global economy. This is an everyday part of twentieth century life , which is unlikely to simply 'go away' as we enter a new millennium. Vulnerabilities in commercial computing systems, and in other civilian Information Technology, permitting unauthorised access and manipulation of data and potentially software, are widespread. These have been widely discussed in connection with 'cybercrime'. Current 'defences', as sophisticated as these can be, are frequently aimed at preventing criminals securing access to and derive profit by expLoiting such vulnerabilities. They are not designed to hinder an attacker whose intention is straightforward destruction and disruption, and willing to kill and use force to achieve their objectives. Possibilities for disruption and destruction of this sort can be identified on a wide range of levels in both financial and other business systems in a less anecdotal manner, as many here will be fully aware. It is not my intention to discuss these vulnerabilities in detail here, merely to note their e}dstence and prevalence. Nor is it my intention to highlight who exactly. might want to enact such campaigns against either specific financial centres or the international economic system overall. But be in no doubt there are many potential opponents with such intent. These include both individuals and groups, including. perhaps, states hostile to the interests which we here today might hope to protect. This paper will, instead, consider the implications of such vulnerabilities for the contemporary international economic system overall. This is an issue which could be discussed in many terms, but today I shall focus especially on the dangers facing the international economic system in a world of Information Warfare on the part of states. non-state bodies and even potentially (on a small scale) small groups of activists bent on destruction and economic mayhem. Information Warfare, or Infowar as I shall refer to it in this paper, is not only comprised of methods deriving from Information Technology, although these are central to most contemporary Infowar strategic concepts, but of those of Psychological Operations, low-intensity warfare and other more widely known methods of attack and defence. B ( InfOITnatiOn Warfare Conferen6e Brussels ’96 rnfoWARcorr This is an especially apt time to discuss this aspect of what has. in my opinion, become the most significant post-Cold War change in methods of maintaining international security. Infowar offers great opportunities for Europeans, both from the point of view of state governments and from that of other groups in society. But there are new dangers produced by it. As-Europeans we are painfully aware of how and how easily terrorist groups can emerge even in secure and modem liberal democracies, such as the UK and Germany. We know how difficult a problem is that posed by the tracking and neutralisation these groups within the framework of our legal systems. Here, its is essential to observe that terrorist activities are nat maely in danger of being facilitated by the rise of economic systems based on information technoiogy (which I shall hereafter can IT) but also that Infowar provides a worrying new weapon which such groups might employ. It may represent the- threat of a massive increase in the scale of disruption open to anti-state and anti-democratic groups in Western Europe and North America alike. This brings us back to financial and other economic systems. Today's international financial systems are so closely dependent, as many here are well-placed to know, on information technology that this must be at the core of any evaluation of their future security and operative parameters. They also depend, as the Baring's Bank case demonstrates, an specialist human resources employed in conjunction with these technologies. There seems no serious chance of Expert Systems replacing this human element in the near future. At present. this combination of IT+humanity pervades both financial and non-financial economic systems. These have become increasingly interlocked with issues of international security, both because of the long-standing relationship between economic and state security and the relationship between commercial and military uses of new technologies and IT products. The vulnerability already mentioned, therefore, ranges across many aspects of contemporary Western society, from command and control in war to the causal bse of the civil Internet in peacetime. Information, whether military secrets or personal letters cannot, when based on such means, be assumed to be secure without cautious evaluation of systemic and human weaknesses and problems. This combination df humanity and technology affords the terrorist or attacker a wide range of possibilities, if disruption rather than illegal acquisition is their aim. These opportunities derive from the systemic weaknesses already mentioned, whether low levels of security against physical or software-based attack or the uncertainties surrounding staff and training procedures in protecting the system against unauthorised access and manipulation. Systems can be entered by unauthorised means and staff bribed or otherwise subverted by enemies intent upon disruption an disorder. It is a grave mistake to be complacent in this area. The situation is made far more wotrying, because it is intrinsic in current practice. Such weaknesses seem difficult, if not impossible, to rectify in systems dependent upon these pillars of IT+humanity–whether civilian or military. So there is a clear area of systemic weakness with no obvious fast solution at present. This realisation and the ability for any potential attacker to operate from widely dispersed locations, integrated into the civilian population and using 'off the peg' equipment and--to an krfoWARon„„„„„„,„„„„,„h„„„„,„,,„ extent– software– provides us with an obvious source of concern. This has already been wall documented by the work of American analysts such Winn Schwartau and Robert Steele. Their work, and that undertaken in relation to US government security issues, has highlighted the importance placed ont he risk of Infowar by a major NAtO a–ny. It has also explored, albeit in an understandably provisional and pioneering manner, the possibilities and dangers inherent in this form of warfare. Much of this is readily available by examining Open Sources. the importance of which has been highlighted by the work of Mr. Steele himself, and constant updates can be obtained via the Internet from the discussion lists and other on-line sources relating to Infowar, cryptography computer security and international securitv issues. This highlight; the importance of the great amount of cognate work which has been undertaken by specialists in related areas, such as encryption. Work by Computer Security specialists, cryptographers and others has also investigated ways of protecting both IT systems and software against unauthorised manipulation or acquisition. Such studies, then, provide a firm grounding for an appreciation that !nfowar is not only possible but likely, and in all probability likely in the near future. They enable us to see ways in which attack and defences might be organised and prosecuted and how we might reduce both enemy capabilities and intensify our own defences through these methods. Infowar is not a theoretical, science-fiction, sort of concept, therefore, but a serious option for a future attacker. By future, in this context, I mean within this century. Already, most of the necessary abilities and technologies to wage a large scale campaign based on such methods are already around. They could, at least on paper, be used to fight a large scale Infowar. Such a war would potentially be comprised of fast, multi-targeted strikes against world-wide IT-based systems with masking and morphing capabilities distorting our abilities to recognise that an attack was even underway. That is, the next Pearl Harbour could be in Washington, New York, LA and Chicago simultaneously. To put it another way, London, Berlin, Paris and Brussels could be simultaneously attacked by these means The degree to which such a war would be based solely on computerised means is unknown. Combining IT-centred strikes with conventional attacks by elite forces against command and control facilities, and economic targets, would obviously be an option open to a state-actor involved in such a conflict. The potential for such strikes using elite forces can be easily appreciated. Likewise, large-scale electronic warfare, combined with unauthorised tv. and radio broadcasts. or the manipulation of authorised broadcasts, could combine with these approaches to form a formidable large-scale assault incorporating economic and psychological warfare on an unprecedented scale. L£ss easy to conceal than simple IT-based Infowar, these methods might, however. facilitate large-scale social and economic disruption during a conflict. It hardly need be said that such a conflict, depending upon those involved, need not necessarily be a declared and formal war. We must recall, however, that Infowar without such obviously military components is not necessarily the preserve of states or lafonrlaHon Warfare Conferenoe 8ru sseI s '96 infoWARcon klfoWAKcon Information WaI{are eogfetenee Bfa s&b #96... J 7 terrorists. A hostile firm could use these methods against its competitors or that disillusioned current, or ex-employees could–attack their elnployers using these methods. CMI protesters, such as ecological or student protest groups, could employ such methods with ease, albeit on a limited scale. Imagine the 1968 >aris riots being conducted as informal but massive Infowar campaigns against sate-interests! it would be e3dremely unwise to suppose that there are insufficient hacking and software writing skills, and insufficient hardware, in the public domain to undertake such an attack. If this is the case, then we have a very serious secuHty problem here. This is a problem affecting both governments and economic actors, and it is a systernic rather than individual problem. We may be going to see the active rise of Infowar during the 1990s and the first decades of the next millennium. The actors in this may well include states, but may also encompass a very wide range of non-state bodies and groups, some of which are likely to be very hostile both to the current liberal d-emocratic basis of government and the Western free-market economy itself. So. we can expect rather than simply fear. that terrorists and others will soon be nraking much wider use of these approaches and that the problem of systems security resulting from this is likely to be a serious one, not simply kids hacking into computers or cybercrime. The social implications of these can only be guessed at, but the relationship of these changes to the widely attested redefinition of national sovereignty and transnational social and other movements is both fascinating and problematical. The military risk must not be underestimated either. We may be looking a dramatic changes in military capabilities both within and outside of the West. Large scale forces, both conventional and nuclear, may well be rapidly declining in utility in the face of these and other changes. If the next major war (or at least a war of the early 21st century) is an Infowar, then such forces may be of little or no use in building either the state or regional securitv. This brings us back to my first point, what are the implications for the IT dependent financial and economic systems which I have described, given the vulnerabilities which I have sketched and the difficulties presented when trying to alleviate or eliminate these. The answer to these questions depends very largely upon how we envisage the pro eIn Recently most strategists interested in Infowar have imagined that, Ilthough large-scale military Infowar might cause major economic disruption, the use of such approaches outside a military context would be unlikely to have serious economic consequences. This rests on a misperception of contemporary economic systems. We live, as many have discussed, in a period in which many aspects of Western society are globalised. These connections are most obvious in economic contacts and interlinkages. These include the operations of transnational corporations and the interests held by single country arms in far distant areas of the world, and of course they include the world financial and other markets based on technologicaily advanced communications systems. What all these links have in common is that they cannot operate ulthout the efficient functioning of global or at least long-distance comrnunications, and in many cases they are also highly dependent on IT. InlandaUon Warfare Confetenee Brussels 196 \, lnfoWARcon are likely to apply to international economic systems as much as to hypothetical mathematical models. So, a rogue trader 'flaps his wings' in Singapore and there is a storm in the long-established banking syst-em in England! To return to the question of Infowar and the global economy and bring some of his together. If we acknowledge that this is a global network of complex interconnections, in which key components are reliant upon each other, then the danger of Infowar, even on a small scale, cannot be underestimated. The implications of even a small-scale attack might be global in their consequences. This might take the form of an atta6k say against the Tokyo stock exchange, whi6h would impact around the financial centres of the world with unforeseen and probably crisis-ridden consequences. If the perpetrator of this attack was unknown or if this was incorrectly attributed , say, to the US government, the political implications--especially if other circumstances had increased political and economic tensions between trading partners--might be catastrophic in the more conventional sense of this term. The danger is of course increased when one includes the possibility of a terrorist, bent on disrupting the global economy, launching-multipleattacks combined with deliberate deceptions aimed at misattHbuting their origin. This could encompass both IT-based approaches and psychological operations. Or imagine, still worse, the possibility of military Infowar. The conflict between two or more states fought out on this basis. In such a situation economic warfare might seek to cripple each state. and to use Infowar to limit its economic potential, but have the consequence of making a major and clearly attributable impact on the international economic system as its interconnected networks splintered in the face of such action. The potential for such disaster can be likened to that of nuclear conflict, in that economic and social collapse could easily ensue from a protracted and unlimited Infowar against an increasingly globalised and interconnected economic system. Obviously world annihilation of humanity is not threatened but the survival of the free market and the western way of life may be, democracy itself could easily fall victim to unrestrained infowar where truth and fiction merge on our tv screens, in our ability to communicate over long distances and in our ability to value either the money in our pocket or the declarations of our governments. The risk of an interrelationship between military and economic aspects of Infowar, seen in this context, makes even more frightening reading. If unattHbutable or ambiguously attributable attacks take place against whom will governments, or even firms. strike back? Deterrence is hardly a credible concept here, despite some recent claims to the contrary. It has already been only very slight value against terrorists elsewhere. If small-scale attacks take place, there is the danger of rapid escalation, a concept which all strategic analysts know only too well from another risk of global catastrophe. In a large scale. military style, conflict employing these methods even more destruction will be wrought as escalation takes hold. Tit-for-tat exchange and pre-emptive strikes against enemy systems, assuming these can be identified, can hardly fail to have this effect. The prospect of 'infowarHors'. military and civilian, isolated from command and control systems in the ensuing mayhem of krfoWAR,onInformation WarMre Confeten6e Brussels ’86 confused and manipulated communications, following an all-out infowar's =::Y,,sB£hi:££{u11iT:gwc,T£=p=r::1:%=if:liII:.e seiT::jea iS ;tilgS'ing targets at will. '--+i{s ':;ightlnare scenario' of global and uncontrolled information. walfaj_i-i a;-';-;ireme picture. It isT however9 important to recall that the unintended consequences of small scale Infowar might prompt. reprisals ;f';;;;;-a-s\ig-icale-;ndinclusiveness. Escalation represents no less ?_ it'1;;a };e-r';- ihan in thi i-old War1 even if the nature of the catastrophe :hei: hI: ]::FI:g:::f=Tj:;iT:i)iFIi:Fri::iial?o: $$:F:o& the international economy, and for those working withjn it? I J:1 1 r The international economic system in my view9 thqn, c_omprises. ? network. Yet this system is not merely a network but a 'fragile petwork' ready to fragment and transform in unpredictable waYS Fnde IIte_ br=gure of Euch warfare md its consequences. We mu?t recall t\at aespite its great benefits each new technologr bra}gs risks LyhetheLL , mi-1#ary. ecBnorme, moral, social, or whateve;. In this Fese !he gu:yth of ih;-int'erbet and ot information technologies in general has brought great benefits but also new dangers. If we are to successfuIIY elploit these benefits the dulger involved must be avoided or alleviated. The conclusions, therefore, appear both stark and obvious' There is an urgent need for eveIyone in the West to saf:guard oursF Ives TV our J soc..ietTes against this ri'sk. The development of strategies for avoidIng,T and if we have To, for winning, an information war must be constlujted- We must ensure much highEr levels of Information and Computer SecuritY. and we must take much greater steps to safeguard both . iet;communications uld ihe privacy of privat-e citizens, to make not onIY our liberal economies but also our liberal democracies safe against new threats of the type discussed in this conference. If we fail Ii achieve this we will run serious danger of jeopardising the WesteI11 world as we enter the next millennium, and we could potentIally shift the balance of military 'power' (assuming tPat such a [bing reaiy exists at all) into the hands of those elements in Fur.9wTI and oth; -SOcigtiei ixrhich we might be least pleased to see exercise it. At ::e: i=LbSFheiR:c:lsai?gIl;:!{:lshTitIF: :PS: gEn:idaH;;:§rTi_I;tFiTiv ;nd- 6l:a\lcial uncertainty are likely to result from a situation in which such conflicts, or maybe even any miUtaFY conflicts. predSuninate' .This is not pacifism or exaggeration, domesdaysm or alarmism, RUt. simply reali'ty. We all live i;;''glass houses' at the end of the hqenaetl .9:ntury,_ ihe-;Lppoltstor whict; are both vulnerable and unsteady, and it is not a wise tfrfre to start a stone throwing contest. J 10 ( Infonoatioa Wadare Conferen6e Brussels ’96 arfoWARcon infoWAKon InformatIon Warfare Confeten6e Brussels ’96 J 11 Dr. Ken Dark Fellow University of Cambridge, UK Dr. Ken Dark is a specialist on post-Cold War changes in the form of international security. He currently holds bot-h a fellowshIP at tha University of CambrIdge and a lectureship at the University of Reading. Perhaps best known for his work of the mid-1980s on the forthcoming end of the Cold War. he is an International Relations scholar whose principal other research interest is the analysis of intemaUonal change. on which he is an intemaUonally recognised authoHty. He organised and chaired the first British Information Warfare conference and is chair of the post-Soviet Research Group. a UK-based research programme on post-Cold War international politics and security. He has published and lectured widely, including three books appearing in 1996: The New World and the New World Order (with A.L.HarTls), Long-Term Change and International RelatIons and New StudIes in Post-Cold War Secudty. Among his forthcoming books InformatIon Warfare and InternatIonal Security and InformatIon Technology and International Security are especially relevant. He is a member of the Centre for the Study of Global Change. the Royal Institute of International Affairs and of the International Institute of Strategic Studies. / J 12 InfonrtaHon Warfare Gonferen8e Brussels ’96 infoWARcon klfoWAicon Information Warfare Confer iide Brussels ’96 J 13 Predrag Pale Chariman of the InfoTech Cordinating Committee Ministry of Science, Technology and Informatics Predrag Pale received his BSc and MSc from the Faculty of Electrical Engineering, Univershy of Zagreb in 1982 and 1989 respectively. His research interest include computer networking, UNIX and computer applications in general. His experience in computer applications covers various fields of human activities, such as civil engineering, medicine, media. public administrationand financing. Currently he is a teacher at Zagreb University, the Chairman of the Board of Croatian Academic and Research Network (CARNet) and a Deputy Minister of Science 4nd Technology. Predrag Pale can be reached by mail at: Ministry of Science and Technology Strossmayerov Irg 441 OOO Zagreb Republic of Croatia by phone at: +385 1 459 zH 3 1 by fax at: +385 1 459 4469 by E-mail: Predrag.Pa]e@CARNet.hr for CARNet topics Predrag.Pale@FER.hr for university topics Predrag.Pale@science.hr for government topics ============== Page 13/17 ============== *J 14 •ni )bed;: n=: „„,„„„„,M,aRMeD$eBm*eIs,,6 infoWARcon kAWARoa „„m,1a,on„aMR„„efewe,NSse,s,„ K Breakout 1: Legislation & Personal Privacy: A Global Electronic Bill of Rights? Moderator: Dr. Mich Kabay Simon Davies Electronic Privacy International, UK Winn Schwartau President & CEa, Interpact, Inc. ( iflfoWARCJfl 1,hr„l,u,nWaMr,c,M„„„ B„„d, T96 K 1 ============== Page 14/17 ============== MolmaHon WaMn Mnhrence BIusseIs ’96 lnfoWARcoII infk)WARcCII Inhmlation WHam CoMennGe BRIssd s ’96 Keynote Friday, May 24 0830-0900 Keynote Address Efforts to MaximizeInformation As A New Age Weapon Speaker.' General Pichot-Duclos France ( i„f,WARconInformation Warfare Confetenoe Keynote Blu sseIs ’96 1 KLWOTE SPEECH OF GJUM£HOT-DucLos - FRANCE EAPON EFFORTS TO rNTRODucrION NEW AGE OF NFORMATION AND INFO WAR • lgb:HIUH£m:(.)F INDUSTRY _ NEW AGE OF INFORMATION (BOARD 1) , POWER _ INFORMATION - WAR F}g?}WEH£SHGLEDUR[NG (BOARD II) LIBICKJ'S CIASSIFICATION , ESTABLISHED FORMS OF n\To-WAR , QUESTIONABLE FORMS OF [NTO'WAR e POTENTIAL FORMS OF INFO-WAR , CONJECTURAL FORMS OF INFO-WAR (BOARD m) TECFDqOLOGY WORLD WAR IL Keynote Infonnation Warfare Conferen$e Brussels ’96 2 infoWARl,on infoWMon IIdonnaBon Warfare Coafeten6e Brussels ’96 Keynote 3 NOW LET US TRY TO REVIEW WHAT EFFORTS MAY BE DONE TO MAXIMIZE TFnE USA BEGIN TO BUILD A WORLD WEDE INFORMATION INFRASTRUCTURE INFORMATION AIN©NG TO THEIR FINAL LEADERSFnp (BOARD IV) III - EFFORTS TO MAXIMIZE INFORMATION AS NEW AGE WEAPON ANOTHER POSSIBLE CLASSIFICATION AMERICAN MODEL MAY HARDLY BE MITED BY ANY COUNTRY ALONE : IT IS A QUESTION OF POWER AND MONEY. ON THE OTHER HAND EUROPE, FOR INFORMATION HAS TURNED INTO THE RAW MATERIAL OF ANY HUMAN ACTIVITY (BIS) INSTANCE, OWNS ALL WHAT IS NECESSARY TO CHALLENGE THIS MODEL ; EUROPE HAS ADEQUATE STATURE , MONEY AND OVER ALL KNOW-HOW BRAIN DRAIN IS BEING OPERATED FROM EUROPE TO ABROAD SUBSEQUENTLY, INFORMATION IS A CHALLENGE (SOFT ASPECTS) TURNING INTO A WAR (HARD ASPECTS) ALL TEE FnELDS OF HUMAN ACTIVITIY ARE MORE OR LESS CONCERNED TOMAmaZE INFORMATION . THREE TFnNGS ARE NECCESSARY: STRATEGY, ADEQUATE STRUCTURES AND [NSTRUMENTS. TEas WAR MAY BE CLASSEFEED AS FOLLOWS STRATEGY HAS TO BE GLOBAL, INTEGRAL AND TO INCLUDE FIELDS OF MEITARY (BOARD V) OPEARTIONS. ECONOMIC CO}v@ETITION AND CULTURAL INFLUENCE. TO EN£AGINE SUCH A STRATEGY, ESTABLiSFn4ENr, MANAGERS, baLITARY STAFFS AND POLITICIANS HAVE TO COOPERATE WITH A LONG TERM VFEW. THEY MUST UNDERSTAND THAT INFORMATION AGE IS A II - INFO-WAR TO CONTROL