Information warfare (IW or INFOWAR)
|“||involves actions taken to achieve information superiority by affecting adversary information, information-based processes, information systems, and computer-based networks while defending one's own information, information-based processes, information systems, and computer-based networks.||”|
|“||is information operations conducted during time of crisis or conflict to achieve or promote specific objectives over a specific adversary or adversaries.”||”|
|“||refers primarily to recent U.S. initiatives designed to protect computer network infrastructures against intentional disruptions. The term encompasses many forms of disruption aimed at communications networks (both wired and wireless) and the relevant countermeasures.||”|
|“||actions taken to achieve information superiority by affecting adversary information, information-based processes, and information systems, while defending one's own information, information-based processes, and information systems.||”|
If the basic cyber attack tools and skills are common across the spectrum, what may distinguish recreational hackers from Information Warriors is organization. Said another way, an IW attack against U.S. infrastructures may be little more than a series of hacker attacks, conducted against carefully chosen and thoroughly reconnoitered targets, synchronized in time, to accomplish specific purposes.
Attacks against government targets
Offensive IW uses computer intrusion techniques and other capabilities against an adversary’s information-based infrastructures. Little in the way of special equipment required to launch IW attacks on computer systems; the basic attack tools — computer, modem, telephone, and software — are essentially the same as those used by hackers and criminals. And compared to the military forces and weapons that in the past threatened our infrastructures, IW tools are cheap and readily available.
Information Warfare presents significantly new challenges for the intelligence community in identifying and assessing threats. This is partly because concepts of IW are only now taking shape abroad and because tools and techniques used for IW attack are inexpensive and ubiquitous. It is clear that a number of nation-states are closely following developments in IW and are themselves exploring IW capabilities. They recognize that modern industrialized states are increasingly dependent on the uninterrupted flow of information.
In addition, sub-national groups increasingly rely on advanced information technologies to support their illegal operations, and intelligence analysts must be on the look-out for indications of interest by these groups in using their technical knowledge to cause harm by attacking critical infrastructures.
Attacks against non-government targets
Outside of government, IW has been defined to include personal and corporate warfare (attacks on individuals or companies by other individuals or companies.” Some Europeans tend to share this perspective as well.
Critics charge that “warfare” is not focused on individuals or commercial organizations. They argue that attacks against individuals are civil or criminal litigation issues, while attacks against corporations by other companies are acts of industrial espionage, although they acknowledge that an attack by a government or terrorist group may in fact be Information Warfare.
For an adversary willing to take greater risks, cyber attacks could be combined with physical attacks, against facilities or against human targets, in an effort to paralyze or panic large segments of society, damage our capability to respond to incidents (by disabling the 911 system or emergency communications, for example), hamper our ability to deploy conventional military forces, and otherwise limit the freedom of action of our national leadership.
Terrorists frequently choose prominent targets that produce little physical impact beyond the target itself, but widespread psychological impact. For a physical attack on infrastructures, less spectacular targets could be chosen, such as switching stations, communications antennas, pipelines, transformers, pumping stations, and underground cables. Many facilities whose physical damage or destruction would have a disruptive effect on an infrastructure are purposely located in sparsely populated or even unpopulated areas. If they are physically attacked it may take some time to discover the nature of the damage, and in the absence of casualties it may be some time before the attacks are reported.
Even when they are reported, each incident is at first a local event, and if several such events occur over a period of weeks or months it may take considerable time before they are recognized as part of a pattern. Recognition that an attack is in progress could be delayed even if physical attacks were to occur simultaneously, if the targets were spread across several jurisdictions and no mass casualties were produced to generate “breaking news” at the national level.
In the absence of intrusion detection tools, uniform reporting of incidents as they occur, and some central capability to analyze incidents as they are reported, it is conceivable that an orchestrated attack against U.S. infrastructures could be under way for some time before it is recognized as such and the attacker’s motives and objectives can be deduced.
- Cyberwarfare (Report), at CRS-16, CRS-17.