Even though weapons and money are considered important factors for running a modern world, at the end of the day, it is all about controlling and exploiting information for political, military, economic, and commercial advantage. The objective of this chapter is to present a basic understanding of the concept of Information Warfare (IW) and the need for relevant strategies to aid its successful implementation. IW is an important topic in this electronic era and within enterprises, security strategies, tools, and processes are essential in order to maintain a competitive advantage against an adversary or group of adversaries. In this chapter, a Survival of the Fittest IW (SFIW) conceptual framework is presented based on the adaptive nature of IW, and a case study is used to discuss its validity.
Various groups provide definitions for Information warfare (IW) based on their own contexts. For example, IW within a military context is any action to deny, exploit, corrupt, or destroy the enemy’s information and its functions while exploiting internal information functions. Although it has been defined in several different ways, the term has appeared increasingly in books, articles, professional military journals, and official publications (DiNardo & Hughes, 1995). In the mid-nineties, the IW concept became popular within certain circles of the U.S. defense establishment as a result of the indisputable fact that information and information technologies (IT) are increasingly important to national security in general, and warfare specifically (Libicki, 1995). There are techniques to mastering IW, and those who do master these techniques will find themselves at an advantage over those who have not.
IW is based on the assumption that information technologies have developed to the point where they can now be employed as a weapon in their own right, and thus wars can be won or lost without shots being fired (Ryan, 1995). The driving forces behind IW include the increasing recognition of information as a strategic asset and the continuing evolution of technology. As stated in a comment by the Washington Post, Schwartau (1996) reports that information warriors could modify credit reports, bank accounts, driving records, and plane reservations. Such malicious acts could bring the stock exchange to a halt. Nothing is safe, and our vulnerabilities come through loud and clear. The possibilities are enough to induce paranoia. As a result, IW is increasingly important to the military, business, and intelligence community. However, eradicating information attacks is not a realistic expectation. A more pragmatic approach would be to protect information and other resources by thoroughly understanding IW and developing formal frameworks to ensure its successful implementation.
IW involves strategies and multilayered attacks. Most of the time, these strategies and attacks are complex. Recently, in view of an increase in terrorist activities, governments are beginning to expand computer network attack capabilities in a silent information war. The inherent vulnerability and accessibility of the Internet makes such a war very possible and easy to achieve. Advanced IW methodologies include creating huge networks of remote-controlled machines or “botnets” that attack corporate or government Web sites or send out false messages. News reports also confirm the significance of IW in the 21st century. For example, the Washington Post (Wolf, 2006) stated that the U.S. Airforce was setting up what would become a new four-star command to fight in cyberspace, and stated that the U.S. had already come under attack from China among others. Other recent headlines, like one from the New York Times (Markoff, 2007), confirm that botnets are secretly installing themselves on millions of personal computers and using the collective powers of the evolved network to commit Internet crimes.
The problem of cyberwarfare is not only for well-known or relatively large countries. Cyrus Farivar (2007) in a recent article described the small, wired country of Estonia, in which parking meters can be paid for via cell phone, Wi-Fi can be accessed at every gas station, and national elections can be voted for via personal computers, but is the first government to get targeted for large-scale cyberwarfare. Also, there are various levels and scopes associated with information warfare. Thus, in studying the details surrounding IW, it is important to acquire background information on the topic, and thus the following section provides a background for foundational IW-related elements. A Survival-of-the-Fittest IW framework is then presented, Followed by an analysis of the proposed framework, while the chapter concludes in with framework limitations and a summary.
Key Terms in this Chapter
Hacker: A person who breaks into a system with no authorization, or a person who intentionally oversteps his/her bounds on systems for which they do have legitimate access.
Information Warfare (IW): This is the exploitation of the enemy’s (adversary’s) information and information systems, while protecting one’s own information and information systems for political, economic, or other purposes.
Virus: A self-replicating program that is hidden in another piece of computer Code.
Cyberspace: The global network of interconnected computers and communication systems.
Cyberwar: A synonym for information warfare.
Survival of the Fittest Information Warfare (SFIW): This is a conceptual framework proposed in this chapter and based on the need for information warfare environments to continually adapt to achieve success.
Botnets: Huge network of remote-controlled machines or computers.
Worm: A self-replicating destructive program that stands alone and spreads itself through computer networks.
Control and Command Warfare (C2W): A subset of IW and a military strategy that implements IW on the battlefield. C2W aims at victory on the battlefield. It is the integrated use of operations security, PSYOP, electronic warfare, military deception, and physical destruction.
PSYOP: Planned operations to convey selected information and indicators to foreign audiences to influence their emotions, motives, objective reasoning, and ultimately the behavior of foreign governments, organizations, groups, and individuals.
Command, Control, Communications, Computer and Intelligence (C4I): An interoperable linking network that focuses on harnessing information storage and exchange.