Australian Defence Science News, Autumn 1998
New dimensions in the information war
by Dr Vic Sobolewski, Head of Information Warfare Studies
Modern warfare is increasingly underpinned by the need for precise and timely information delivered to the commander. Information reduces uncertainty. As a result Information Warfare (IW) is conducted to enhance military advantage, for example, by reducing our own uncertainty and increasing the uncertainty of the enemy.
To maintain a military advantage it is necessary to protect our information networks from every conceivable attack. Threats to information networks need to be quantified and characterised to implement appropriate and effective in-depth IW protection.
Protection measures incur costs, hence investment strategies need to be justified and this in turn requires the formulation and use of quantitative measures appropriate to IW. These measures must be based on the real value of information and knowledge, and the cost when information is destroyed or modified or revealed to an adversary.
For instance, how much was the information on the precise location of a U-Boat during the Battle of the Atlantic worth to the Royal Air Force? To the German U-Boat Command? To a radio ham in South America? Or the additional information that it has two torpedoes instead of its full complement of 22? Or from the U-Boat perspective when making its situation reports what strategy to adopt: Covertness? Deception? A mix? Clearly different users of the same information value it, and act on it very differently.
Quantifying and characterising the attempted intrusions and attacks against information networks requires the development and operation of Computer Emergency Response Team (CERT) capabilities, as has been done in the US. The Australian Defence Organisation is also moving in that direction. CERTs assess the IW-Protect maturity of networks, their users and administrators by conducting systematic intrusion testing; and operating on-line IW intrusion monitoring, detection, and rudimentary reaction capabilities. Current R&D trends are to provide a true real-time 'deter-detect-protect-react-recover' IW-Protect capability.
Another priority IW-Protect activity is the characterisation of Defence and critical national information system (IS) networks to assess their vulnerability to physical, electronic, and logical attack.
This requires the development of concepts and schemes for mapping and representing the IW environment, appropriate symbology and appropriate forms of visualisation of events in cyberspace to enable IW-Protect (and IW-Attack) operations to be planned and analysed in a manner analogous to the conduct of more conventional military operations in the traditional air, land and maritime environments.
Good IW is covert
Physical, electronic or logical attacks through their impact are detectable; and post-attack forensics and analysis enable development of countermeasures. Even though IW targets all elements of IS networks, the decisions, responses and warfare are undertaken by humans. It follows that the highest-level target for IW is the adversary's mind.
Telling lies is the oldest and most elementary form of IW. Military deception, a structured set of actions to deceive all-source information collection to provide a 'bodyguard of lies' to protect the real intent, is still a pack of lies when stripped to its essentials. Psychological Operations (PsyOps) target mass audiences to influence beliefs. All of these IW actions target the human mind.
Consequently, one important R&D direction is 'cognitive mapping', which is the characterising and mapping of the cognitive and reasoning processes of an adversary's mind. A simple analogy of this is the mapping of a target computer operating system. The objective is to match IW actions and manipulate information to target minds to maximise IW impact, possibly even enabling the prediction of the adversary's actions when targeted.
For more information please contact Dr Vic Sobolewski, DSTO Salisbury, on (08) 8259 6006.