«DEFENSE SCIENCE BOARD SUMMER STUDY TASK FORCE ON INFORMATION ARCHITECTURE FOR THE BATTLEFIELD DTlC OCTOBER 1994 S ELECTE APR I 0 1995' G i 95-01137 I ...»
Information Warfare-The Next Revolutionary Technoloy 4.1 The United States, perhaps more than any other nation, has exploited modern information technology. The result is a dependence upon the proper functioning of a U.S.
national information infrastructure. Virtually every facet of society is touched by information systems: television, radio, banking, communications and the entire panoply of electronics associated with industrial, manufacturing and service industries.
The Department of Defense has been a leader, in adapting information technologies.
DoD spends hundreds of millions of dollars to leverage this commercial technology.
These coincident activities have provided the DoD with very powerful capabilities while U.S. combat simultaneously making U.S. forces dependent on the same technologies.
forces have begun to use information per se as a powerful new weapon. Paradoxically, these same new strengths create significant vulnerabilities. The tens of thousands of computers connected to other computers has increased the damage that can be inflicted from the vantage point of a single computer or computer-controlled network. Figure 4-1 illustrates the overlap of military and civil infospheres and the concomitant spanning of these two domains by Information Warfare.
As shown in Figure 4-1, the military use of information in warfare overlaps civil sector use of such technology. DoD depends on the civil "information enterprise" in
-23peacetime as well as in time of war. Information Warfare spans all three regions depicted in the Figure 4-1 diagram: military-unique, civil-unique and common information systems, in peacetime and war.
4.2 Threat Vulnerabilities of the national information infrastructure (NII) are easily described;
however, the actual threat is more difficult to pin down. Nevertheless, there is mounting evidence that there is a threat that goes beyond hackers and criminal eiements (see Figure 4-2). This threat arises from terrorist groups or nation states, and is far more subtle and difficult to counter than the more unstructured but growing problem caused by hackers.
The threat causes concern over the spectre of military readiness problems caused by attacks on DoD computer systems, but it goes well beyond DoD. Every aspect of modern life is tied to a computer system at some point, and most of these systems are relatively unprotected.
This is especially so for those tied to the Nil.
Figure 4-2 As the U.S. military enters a new world order where regional conflicts and economic competition take center stage, more and more potential adversaries will see Information Warfare (1W) as an inexpensive (and even surgical) means of damaging an adversary's national interests. Many such efforts are natural extensions of attempts to gather intelligence by means of attacking computer networks. It is only a small step from
-24exploiting a system to corrupting or even disabling it. An unstructured attack could be used as screen or as a surrogate for more insidious efforts by a hidden adversary.
Although there are limited efforts underway to detect and counter the unstructured threat, there is no nationally coordinated capability to counter or even detect a structured threat. The matter is made more complicated by the fact that many systems that need protection are non-DoD. The Computer Security Act of 1987 limits DoD's ability to use its core expertise, much of which is resident at the National Security Agency (NSA), to help protect these systems. A national policy for IW is required that addresses this threat and offers an integrated response encompassing DoD and non-DoD elements.
4.3 Global Information Infrastructure Supports Military Operations The Global Information Infrastructure (GIl), which interacts with or supports military operations, is a vast, complex set of information systems supported in the large by commercial grids and infrastructure (Figure 4-3). In fact, communications to and from forward deployed U.S. forces likely traverses a commercial network. The protection of critical segments of the GII must be a concern as DoD becomes more dependent on information systems and hence more vulnerable to an adversary exploiting that vulnerability.
-25Interoperability between information systems, more real time transfer of vast streams of digital data, huge on-line databases and powerful client-server computer networks are trends in the Gil. This means that standards, protocols and commercial offthe-shelf technology take on more significance for the DoD. It also says that, in reality, the government does not control the development or proliferation of information technology.
The challenge for DoD is to take maximum advantage of the benefits of the GH while at the same time to understand the need to protect critical elements of this system of systems.
4.4 Security Commission Report - February 1994 Information systems security (INFOSEC), was one of the two areas specifically recommended for increased investment by the Joint Security Commission Report, issued in February 1994 (see Figure 4-4). The report noted that INFOSEC technology development has lagged far behind information in warfare system technology development.
Figure 4-4 Noting the current level of attacks on DoD information systems, the report
recommended immediate steps to:
"* Increase development of automated capabilities to detect network intrusions;
"* Develop system management tools to react to intrusions;
"* Accelerate development and deployment of network protection to enhance confidentiality, integrity and authentication of unclassified as well as classified networks; and "• Increase training and awareness.
-26The Joint Security Commission Report specifically proposed a security approach based on risk management rather than risk avoidance to drive down cost and increase deployment of INFOSEC. The report recommended increased investment, to a level of 5% to 10% of information systems infrastructure costs - including operations and maintenance.
Information Warfare 4.5
There are a number of issues in 1W. The term "information warfare" itself means different things to different people. Others terms, such as command and control warfare, are used in related contexts, but they are also interpreted in varying ways. These differences are great enough to seriously impair development of policy, strategy, tactics and program plans. The use of euphemisms in unclassified definitions compounds the problem. Further, serious management attention is needed to develop and promulgate a set of useful, understandable terminology.
Secondly, 1W moves the DoD into new roles. 1W operations involve civilian assets as well as military assets. Such operations are inherently joint. In fact, 1W can be conducted globally. Because of this, the coordination of such operations with organic assets of the Warfighter is difficult. Personnel supporting the CrNCss and TF commanders may not have trained with other force elements.
Many 1W a mliar do not involve physical damage jin.
as el effects ases.Suh peaton ae nhretl (though ac, Wcan, either directly n some anbecodute or indirectly). IWcapabilities do provide significant "lethality" and are force options for employment by operational commanders on both sides of a conflict. IW can be lethal to operational forces. These "soft" effects may, however, be hard to observe and assess, and it may be difficult to base certain actions on them. Intelligence collection and evaluation of IW capabilities and activities is new and difficult. Some IW attacks are difficult to detect.
What IW counterforce and deterrence mean, and the extent to which either or both can be incorporated as a part of an overall IW strategy, are also at issue.
As shown in Figure 4-5, information warfare has many elements, some new, some
old, which interrelate in complex ways. Some are:
"• Psychological operations and perception management, which have been used for millennia as forms of information and influence;
"* INFOSEC and Operational Security (OPSEC); and "* Technology blockades which can be used to restrict flow of information technology to adversaries.
A new type of information warfare exploits the ubiquity of software control for networks, telecommunications, data base management, and operating systems of all kinds.
It has both offensive and defensive aspects.
Information warfare can, in principle, be used in peacetime, peacetime preparation for war, and in war. It can involve military and civil information systems. 1W further blurs the distinction between peace and war.
Offensive Operations 4.6 In the information age, military commanders should be positioned to use information as another weapon similar in character to the other available systems. With the development of the various Information Warfare options, the CINC/Warfighter can achieve the same precision kill as he presently accomplishes with precision guided munitions. In the case of 1W "weapons," the target is the information system that controls an adversary's weapons and platforms. Even though the effect of IW is nonlethal, such "spoofing" of adversary information systems can render their weapons and platforms harmless to U.S. forces and can even provide lethal effects (e.g., loss of aircraft control).
Figure 4-6 depicts IW as a tool for the warfighter. Military commanders should be able to:
"* Manage perceptions of events or circumstances;
"* Deceive potential adversaries;
"• Influence information in content or delivery;
"* Protect its interests through INFOSEC or Communications Security (COMSEC); and "* Debilitate or destroy information of others DoD needs clearer definitions of what information warfare and command and control warfare are and what they are not. There are important distinctions to be made about DoD and non-DoD roles as well as which organizations ought to be responsible for which activities. The concept of information warfare in "peace" will require levels of coordination not previously demanded of such disparate players: DoD, the State Department, the Commerce Department, Federal Emergency Management Agency
-28FEMA), industry, etc. Damage assessment of the results of information warfare will be difficult - there may be very few observables. Finally, intelligence support of IW will demand difficult-to-obtain information, specifically information required to assess the viability of RV for counterforce and deterrence.
4.7 Conduct Net Assessment DoD information systems and the National Information Infrastructure are playing an increasingly important role in the effective conduct of military operations. U.S.
offensive information warfare capabilities offer great promise in providing a critical advantage across the information warfare spectrum in all kinds of operations. At the same time, growing information warfare capabilities are increasing the vulnerability of DoD and national systems and have the potential to degrade the effectiveness of military systems and operations.
A broad "net assessment" is needed to determine the impact of the full range of IW activities on military capabilities, installations, operations and support activities (see Figure 4-7). It should include an assessment of the interplay among U.S. and potential adversaries' offensive IW, defensive IW and IW intelligence operations, both current and projected. It should address a range of scenarios and threat models. This assessment will be one basis for policy, organizational, resource and strategy decisions. The following topics should be addressed in a net assessment
Figure 4-7 The results of the net assessment should provide inputs to and participation in the National Policy Review and should include an evaluation of strategies to address offensive, defensive and intelligence capabilities against both structured and unstructured threats.
4.8 Increase Defensive Information Warfare Emphasis DoD continues to field information systems that are vulnerable to outside attack.
Through necessity, DoD has tied its information systems to the private/commercial sector and routinely use INMARSAT, INTELSAT, EUROSAT, etc. Additionally, many DoD users are directly hooked to the INTERNET. The Joint Security Commission, among others, has recognized this shortfall and has recommended DoD concentrate on protecting
-30DoD systems. NSA has the charter to perform this task, in coordination with the Office of the Secretary of Defense (Command, Control and Communications) (OSD (C31)), DISA, and JCS/J6. The Services and Agencies need to increase their funding to support defensive IW measures (see Figure 4-8).
There are two parallel paths of observation on Defensive IW programs. On the one hand, there is a baseline of critical data that must be protected. DoD must identify essential networks and systems that contain this critical data to perform a vulnerability assessment of those systems. On the other hand, one must consider varied and unidentified potential adversaries and their threats to U.S. information systems. A risk assessment that compares and contrasts these two parallel efforts that results in a risk management decision becomes the basis for a defensive program strategy. After the strategy is developed, the result is the processes, procedures, and systems used as a basis for continued protection of critical data.
Current DoD policy (DoDD Directive TS 3600.1) directs that command and control of forces shall be planned and exercised in such a manner as to minimize the amount of information transfer required for effective direction and application of force to ensure our forces are able to operate successfully in degraded information and communication environments. Additionally, elements of the DoD information system critical to transmission and use of minimum-essential information for control and direction of forces are directed to be designed and employed in a manner that minimizes or prevents exploitation, denial, or degradation of services.