Re: [iwar] Information Warfare & terminology

From: Tony Bartoletti
From: azb@llnl.gov
To: iwar@egroups.com
Fri, 15 Dec 2000 17:31:33 -0800

Messages sorted by: [ date ][ subject ][ author ][ recipient ]
Next message: From: MAGLAN 1 To: "Re: [iwar] Cyber conflict over the Middle East - update 12.12.00 "
Previous message: From: Wanja Eric Naef \(IWS\) To: Iwar@Egroups. Com "[iwar] Information Warfare & terminology"

fc  Fri Dec 15 17:28:08 2000
Received: from 207.222.214.225
	by localhost with POP3 (fetchmail-5.1.0)
	for fc@localhost (single-drop); Fri, 15 Dec 2000 17:28:08 -0800 (PST)
Received: by multi33.netcomi.com for fc
 (with Netcom Interactive pop3d (v1.21.1 1998/05/07) Sat Dec 16 01:23:48 2000)
X-From_: azb@llnl.gov  Fri Dec 15 19:23:38 2000
Received: from mk.egroups.com (mk.egroups.com [208.50.144.76]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id TAA26952 for ; Fri, 15 Dec 2000 19:23:35 -0600
X-eGroups-Return: sentto-279987-820-976930049-fc=all.net@returns.onelist.com
Received: from [10.1.4.54] by mk.egroups.com with NNFMP; 16 Dec 2000 01:27:52 -0000
X-Sender: azb@llnl.gov
X-Apparently-To: iwar@egroups.com
Received: (EGP: mail-6_3_1_3); 16 Dec 2000 01:27:29 -0000
Received: (qmail 40498 invoked from network); 16 Dec 2000 01:27:28 -0000
Received: from unknown (10.1.10.27) by l8.egroups.com with QMQP; 16 Dec 2000 01:27:28 -0000
Received: from unknown (HELO poptop.llnl.gov) (128.115.41.70) by mta2 with SMTP; 16 Dec 2000 01:27:28 -0000
Received: from catalyst (catalyst.llnl.gov [128.115.222.68]) by poptop.llnl.gov (8.8.8/LLNL-3.0.2/pop.llnl.gov-5.1) with ESMTP id RAA21141 for ; Fri, 15 Dec 2000 17:27:27 -0800 (PST)
Message-Id: <4.2.2.20001215164829.00aaaef0@poptop.llnl.gov>
X-Sender: e048786@poptop.llnl.gov
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2 
To: iwar@egroups.com
In-Reply-To: 
From: Tony Bartoletti 
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Fri, 15 Dec 2000 17:31:33 -0800
Reply-To: iwar@egroups.com
Subject: Re: [iwar] Information Warfare & terminology
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

At 10:52 PM 12/15/00 +0000, Wanja Eric Naef wrote:
>Well, I looked at the recent emails in this group and asked myself what
>can we call the 'Middle East Cyber Conflict'.  Cybergraffiti War or
>more likely Information Operations as Fred points out.

[snip]

>In any discussion/conversation one should establish a terminology (e.g.
>civilian pilots, ...) to have a common ground when one communicates with
>someone else.

This would certainly be valuable, and if done well, serve to foster more 
accurate and responsible (more hype-free) reporting.

I think 50 years ago, the term "information warfare" was more closely 
aligned with psy-ops and perception management.  Dropping leaflets from a 
plane, exhorting an adversarial public to withdraw support, spread false 
(or true) information, etc.  If an enemy agent could, with pencil and 
paper, modify a train schedule or critical package shipping address, this 
would have been considered sabotage (although technically it is still an 
information operation, which might be most broadly defined as "interfering 
with the intended flow of information to one's advantage."  (Unfortunately, 
check forgery might also fall under this overly broad definition.)

We need separate terms to identify (1) the nature of the medium or "means" 
by which the attack or exploit is enabled, and (2) a separate set of terms 
that hope to characterize the intended strategic or tactical effect to be 
produced.

Example:  Dropping leaflets from a plane, and effecting a (non-DOS) email 
campaign, may both serve to "manage perceptions" (2), but are clearly 
enabled by different means (1).  Hence, the means to prevent the one will 
be different than that which would prevent the other.

Similarly, to knock out a communications satellite with (a) a missile, or 
(b) a laptop, the end effect might be identical (loss of satellite) but 
again the means are very different, and so must be the defensive measures.

Alternately:  A hacker, exploiting a set of servers, could trigger either a 
political email campaign (to manage perceptions), or to launch a focused 
DDOS attack and close down a commercial endeavor.  In this case, the 
"medium of exploit" is really the same (weak protocols, vulnerable 
networked systems), but the intended effect a distinctly different act.

I tend to prefer the term "cyber" to indicate that the "medium of exploit" 
is (electronic) protocol and software related, and "info" when I want to 
stress that "modified data" was a critical part of making the exploit 
work.  Subversion of internet routing tables is a "cyber-enabled info-op".

Unfortunately, the term "info-op" is often employed to mean 
propaganda/mis-information, etc.  That is, it is often used to characterize 
an "effect" rather than a "means".

___tony___

Tony Bartoletti 925-422-3881 
Information Operations, Warfare and Assurance Center
Lawrence Livermore National Laboratory
Livermore, CA 94551-9900

-------------------------- eGroups Sponsor -------------------------~-~>
eGroups eLerts
It's Easy. It's Fun. Best of All, it's Free!
http://click.egroups.com/1/9698/1/_/595019/_/976930049/
---------------------------------------------------------------------_->

------------------
http://all.net/

Next message: From: MAGLAN 1 To: "Re: [iwar] Cyber conflict over the Middle East - update 12.12.00 "
Previous message: From: Wanja Eric Naef \(IWS\) To: Iwar@Egroups. Com "[iwar] Information Warfare & terminology"