The threat posed by a foreign power's use of highly trained "information warriors" to conduct cyber attacks is difficult to estimate given the complexity the national information infrastructure. Since the possibility was first realized the risks have been steadily growing due to the continued vulnerability and interdependency of this infrastructure. This paper is an attempt to understand who these "information warriors" are, their abilities and attack methods, and the targets that will be most vulnerable to their attacks in the coming warfare of the information age.
In the modern commercial and military mediums of today information systems have become the backbone for our communications capability that has given us our new governmental and financial strength. This information infrastructure is used by governments, businesses, communities, and individuals to link the world's telecommunication and computer networks together into a vast constellation that is used for every conceivable information and communication application. From this dependence on these information systems it is obvious that this new information infrastructure will necessarily be a large target in any future conflict. The Department of Defense is not immune to these attacks due to its dependence on commercial services to provide a vast majority of its telecommunications capability.1
According to the General Accounting Office the Department of Defense experienced as many as 250,000 attacks back in 1995.2 Although some claim this number to be highly exaggerated the number is high and shows no sign of slowing. One Department of Defense site, the Naval Surface Warfare Center, is attacked about 40 times per week, according to Stephen Northcutt, the center's head of intrusion detection. Unfortunately a lot of these attacks go unnoticed and the attackers usually stay anonymous. DISA reported in 1994 that only 1 in a 1000 attacks were detected and reported!!!3 Who is to say that some of these attacks are not a foreign power training Information Warriors to conduct intelligence and searching for weaknesses? For all we know the battle could have already been lost through the use of back doors and deep cover viruses. The Defense Information Systems Agency (DISA) claims that the number of attacks doubles every year.4 The effectiveness of these attacks varies but according to the GAO attackers to date have been successful in denying service to critical missions including weapons and supercomputer research, logistics, finance, procurement, personnel, management, military health, and payroll as well as taken control of entire DOD systems. It seems clear that attacks are not extremely difficult to conduct given the number and successes to date. One can imagine that a large number of these were simply hackers trying to see what they could get into and most likely the damage caused in a lot of cases was not even intended. The damage that could be caused by a trained professional Information Warrior employed by a foreign power is frightening. They're intended targets in a full out Information War are hard to even determine given the vast number of targets that are vulnerable. At risk are the systems that control national security, air traffic, finance, power, and communications," said Sen. Fred Thompson (R-Tenn.), Chairman of the Committee on Governmental Affairs.
It may seem unnecessary to some to talk about warfare in general when talking about information warfare but the objectives of war, no matter the means, are always the same. After all what are the goals of any war? Generally it has been to force some sort of political change between nations. Although I am not an expert on warfare by any means it is plain to see how important information has been in there successful outcomes. There are many examples of how the proper use of information in conventional warfare has been pivotal to victory. The fast analyzing and acting upon the intelligence gained by the Ultra project in WWII, according to General Ronald R. Fogleman, gave the US the ability to defeat the German counterattack to the Normandy invasion by air before they ever came into contact with our ground forces.5 In that case the air force used information to defeat the enemy but in the future cyber forces could be even more dangerous because regardless of the weapons used information has always been the key to victory not tanks or air planes. What good are weapons if you don't know where to use them or who to use them against? Surely during the Gulf War Saddam Hussein experienced a much quicker defeat due to a lack of information on the United States. If he had been smarter he would have taken up the offer by the Dutch Hackers to disrupt and delay the mobilization of US forces to the Gulf. Their one million dollar price tag could have saved him 1,000 tanks. After all if he had realized the value of information he could have hacked into, bought or intercepted information on allied activities that could have placed his forces where we were weakest. Conversely if we had known where Saddam Hussein's tent was during the war we could have ended it a lot quicker with one tank or one airplane. In the future information war conventional forces may not be used at all. Who do you attack if you don't know where the damage has come from? Even if you suspect you know who conducted a cyber attack how reliable is that information? The vast natural of the global information infrastructure makes it extremely difficult to determine the origin of information and therefore its authenticity. The first objective of any information warrior from any nation will be to remain anonymous at any cost. As long as they can do that they can deceive, degrade, destroy, disrupt, manipulate and in general influence decision makers with a lack of data or incorrect data to control and prevent reactions against them.
Information warfare is made possible by a number of factors the largest of which has been the democratization of information on the Internet as it has expanded. A large part of the Internet, the World Wide Web, has seen incredible growth, according to Mathew Gray at MIT, has been and continues to be exponential, but is slowing in its rate of growth. For the second half of 1993, the Web had a doubling period of less than 3 months, and even today (1996) the doubling period is still under 6 months.6 According to the GAO report of 1995 the Department of Defense had over 2 million computers, 10,000 local networks, and 100 long-distance networks. This incredible amount of infrastructure should be maintained with a high level of security given the military's dependence of these information systems. This infrastructure is used in weapons design, identifying and tracking enemy targets, paying soldiers, mobilizing reservists, and managing supplies to name a few. Unfortunately these systems or not secure and come under an almost constant attack. These attacks according to the DISA are successful 65 percent of the time.7 The most alarming damage may yet remain unnoticed because attackers have only been reported once for every 150 test attacks that DISA has performed. Some of these attackers have often been found to have left back doors which can allow the attackers to return more easily in the future. This realization is why it is so hard to predict how much damage a team of Information Warriors could produce because they could have already given themselves access to now secure systems! So alarmingly a large battle of the information war could have already been lost. How will these Information Warriors conduct their attacks? To start out with they will us the numerous hacker tools that are already widely available. Alarmingly these tools have most likely been vastly improved by the Information Warriors already. These tools allow them to enter, copy data, and leave without inadvertent damage or detection. How are we to know what will stop them from entering and bringing systems down in the event of an outright conflict if they have already done it? The methods or "weapons" used to carryout this information warfare are classified by there effects which can be physical, Syntactical, or Semantic.8 The physical methods are the obvious bombs, missiles, and sabotage which will not be addressed. However the potential damage caused by new high-energy weapons, the so-called HERF guns, which are currently under development need to not be underestimated. The second type are the more familiar cyber weapons which consist of viruses of which there many types; Cruise, Stealth, Polymorphic, Protected Mode, Trojan, Deep Cover, Jeckel and Hyde, Logic Bombs, Worms to name a few. These Syntactical weapons attack the very structure of the information infrastructure by destroying data and operating systems. Many tools exist to create these weapons and are available all over the Internet on many different hacking sites which are estimated to be around 29,000. These tools have no doubt ably been improved upon by our professional Information Warriors who have known of there existence and have been testing them. The third objective or effect of these information warfare weapons is to render the information on the infrastructure unreliable and untrustworthy. These Semantic Effects are aimed at modifying information to deceive. Identity spoofing, broadcasting misinformation, fictional digital information (pictures and multimedia), and others that have not even conceived yet all attempt to modify thinking and decision making and thus reaction time to real events. These types of attacks will likely occur before war breaks out in order to maximize surprise and confusion. The time when we need our information systems the most is where we are most vulnerable.
An Information Warrior is defined as a person who specializes in attacking information systems as part of government sponsored military operations.9 Who are these Information Warriors? According to official estimates from the NSA and the Department of Energy show that more than 120 countries already have or are developing computer attack capabilities and according to the Center for Strategic & International Studies eight nations have already developed information warfare capabilities comparable to the United States. 10 Twenty-three nations have already targeted US systems for cyber attacks.11 These "computer attack capabilities" consist largely of training Information Warriors to conduct successful cyber attacks. This training is making these warriors capable of creating and sending malicious code within emails, using automated password guessing schemes, and implementation and of packet sniffing and retrieval of "sniffed" data. As well as the deadly denial of service attacks. These methods along with many others are constantly being improved and new ones are surely under development around the world to make them "war quality" weapons. Others methods involve sending warriors to plant chips in a production line that has malicious code embedded known as chipping. These warriors will have many uses and will be an extremely valuable asset once they are fully trained. They will be capable bringing run to all aspects of the information infrastructure from power grids, communications, emergency systems, transportation systems, and in the process the our economy as well. Given the low cost of conducting Information Warfare and the high cost of military equipment it will undoubtedly become a high priority for many more nations since it gives them more bang for the buck. These nations whether allies or enemies all have their own interests in mind and already some of our "allies" have conducted information attacks against the United States.
The use of computers to wage warfare will bring a myriad of nations the ability to challenge the US due to the low cost of waging a cyber war. Information warfare specialists at the Pentagon estimate that a properly prepared and well-coordinated attack by fewer than 30 computer virtuosos strategically located around the world, with a budget of less than $10 million, could bring the United States to its knees." Similarly Jim Settle recently retired director of the FBI's computer crime squad recently that "You bring me a select group of 10 hackers and within 90 days, I'll bring this country to its knees." One of the most powerful threats that the United States now faces is China. In a recent report titled Computer Warfare Contingencies the author states there is a developing "Dragon Window" were China will have a one in a lifetime opportunity to take advantage of our increasing vulnerability as their escalating Information Warfare abilities gain strength. A Chinese military newspaper also recently stated that they "are learning to launch an electronic attack on an enemy."12 Also just this February the Pentagon released some strategic writings by China's military and party leaders that show that China is making plans for war.13
The recent recommendations by experts for broad changes and large-scale reorganization include creating an information warfare czar or even a totally new military branch. These recommendations seem to clearly point to for the need of a central cyber office that is accountable for information security. If this were to happen it would definitely be a high mark in the establishment of the Information age.
1. Report of the On Information Warfare - Defense (IW-D), Defense Science Board Task Force, 1996 Available online at www.all.net.
2. Information Security, Computer Attacks at Department of Defense Pose Increasing Risks, General Accounting Office (GAO), GAO/AIMD-96-84, May 22, 1996.
3. Report On Information Warfare - Defense (IW-D), Defense Science Board Task Force, 1996 Available online at www.all.net.
4. Information Security, Computer Attacks at Department of Defense Pose Increasing Risks, General Accounting Office (GAO), GAO/AIMD-96-84, May 22, 1996.
5. Fogleman, General Ronald R, Chief of Staff, USAF, NMIA In Cyberia, Fundamental of Information Warfare – An Airman’s View, 1995 Available online at www.all.net.
6. Gray, Mathew, Summary of Web Growth, Available online at http: //www.mit.edu/people/mkgray/net/web-growth-summary.html
7. Defense Information Systems Agency, Cyber Attack Data, 1995
8. LT (N) R Garigue, INFORMATION WARFARE - Developing a Conceptual Framework, Office of the Assistant Deputy Minister (Defense Information Services) http://www.cse.dnd.ca/~f ormis/overview/iw
9. Fred Cohen and Associates, All.net Security Database, Threat profiles, http://all.net/CID/Threat/Th reat.html
10. Brock, Jack L. Jr., Director of Defense Information and Financial Management Systems, “Information Security: Computer Attacks at Department of Defense Pose Increasing Risks”, General Accounting Office Report, May 1996
11. Cybercrime …Cyberterrorism…Cyberwarfare…Averting an Electronic Waterloo, Global Organized Crime Project, Task Force Report, Center for Strategic and International Studies (CSIS), March 1998.
12. Cajigas, Anthony, The Secret Battlefield, Computer Warfare Contingencies II, Available online at www.inforwar.com.
13. Girtz, Bill, The Washington Times, Pentagon study finds China preparing for war with U.S. http://w ww.infowar.com/mil_c4i/00/mil_c4i_020800a_j.shtml