Cybersecurity is often incorrectly assumed to be a purely technical field; however, there are numerous multidisciplinary aspects, such as, for example, human factors, legal, and governance issues. The broad scope, combined with other historical or bureaucratic factors, can provide challenges to researchers and students where appropriate methodologies do not necessarily conform to traditional disciplinary norms; prejudice against research approaches can occur as a result of ‘old school thought’. This paper aims to investigate the South African national and institutional perspectives for higher education and research, identify challenges, and propose solutions to facilitate multidisciplinary research into cybersecurity and Information Warfare (IW) in South Africa.
International law is relevant to information warfare and the revolution in military affairs. This paper analyzes traditional laws of war or international humanitarian law, and human rights law, in terms of applicability to information warfare. For the purpose of this analysis, the revolution in military affairs is subsumed within information warfare. There is a requirement in international law for signatories to the Geneva Conventions to assess new forms of warfare in terms of lawfulness. It seems that such analyses have been performed but results remain secret. This paper concludes it is likely that many aspects of information warfare and associated information operations involve unlawful actions. Information warfare is taking on a scope far wider than traditional battlefield operations of warfare, but this broad definition of warfare is consistent with the concept of warfare set out by Grotius, who is perhaps the key founder of international law. There is no good reason why many principles of international law do not apply to non-state actors. A further jurisprudential conclusion is that current developments in human rights law may be leading to the emergence of a new codified international personal law that is independent of custom or religion.
Game theory is one of the possible ways to study information warfare with mathematical models. This paper presents four example games which illustrate the different requirements for an effective playing strategy in information warfare. These games study, how a bold playing strategy can lead to domination, how a mixed playing strategy can reduce domination, how it can be useful to play a dominating strategy only part of the time, and how excessive domination can lead to rebels where all playing parties lose. This paper also describes meta-strategies whose goal is to modify the perceived costs and conditions of a game. This kind of perception management is closely related to the Observe-Orient-Decide-Act (OODA) loop.
The information age has produced some profound shifts in military power, and nowhere has this been more apparent than in the domain of air power. A digitized air force represents the most pronounced case study of the impact of information technology and networking on achievable combat effect. This paper will explore the defining relationships in information age air warfare, from the dual perspectives of function and resistance to an opponent’s use of information warfare strategies. The importance of Moore’s Law and sensor apertures in information gathering is discussed, the relationship between Boyd’s OODA loop, Metcalfe’s Law and Amdahl’s Law is explored for large military systems, and the relationships between the linear and lateral evolutionary potential of combat aircraft and their future utility is studied.
As adversaries develop Information Warfare capabilities, the threat of information system subversion presents a significant risk. System subversion will be defined and characterized as a warfare tool. Through recent security incidents, it is shown that means, motive, and opportunity exist for subversion, that this threat is real, and that it represents a significant vulnerability. Mitigation of the subversion threat touches the most fundamental aspect of the security problem: proving the absence of a malicious artifice. A constructive system engineering technique to mitigate the subversion threat is identified.
The Information Analysis and Research (IWAR) laboratory at the United States Military Academy (USMA) has proven to be an exceptional and necessary resource for educating our cadets and faculty studying information warfare. The laboratory has also been successful in motivating the need for continued education and training in this area on a much larger scope that touches the highest levels of our military and government. This paper justifies why information warfare laboratories are necessary, explains the laboratories design and organization, and describes the phenomenon that is occurring as a result of the IWAR laboratory.
The term information war (IW) helped describe one aspect of the unfolding revolution in military affairs in the 1990s. Today, technological developments are integrating the data processing capabilities of machines and the mind in ways not possible a decade ago. As a result, the old IW paradigm may no longer be applicable, making other potential paradigms and terms worthy of consideration. As the future unfolds, it will be interesting to see if Pentagon theorists use IW or a new term to express a threat to the security of the country, a category of warfare, a method of defense or influence, or leave the concept alone as a conceptual umbrella for a host of terms. Or, will the Pentagon simply update IW theory, perhaps developing Information Peace or Mind-Machine concepts that complement IW?
Information sharing has been viewed by governments as a way to tap into the knowledge of the non-governmental enterprises which own and operate large segments of critical infrastructures in order to develop concrete intelligence about security challenges. The effects of globalization and the inherent conflicts of interest create a potential for allowing the process to be used as a weapon of information warfare through abuse of the information sharing structure.
e-Democracy, which is the latest development in the in the relentless role out from the intellectual production line of Internet and Web applications, is going to increase the opportunity for Information Warfare (i-Warfare) a hundred fold. This new set of ideas and concepts is believed in some circles to be even more important to our society than e- Commerce and e-Business.
Information warfare is defined in terms of forces, targets, and effects. Each of these factors is examined to illustrate the practical and technical challenges facing the development of information warfare capabilities. Finally, the additional consideration of integrating information warfare with other disciplines is discussed. The author argues that expectations for information warfare should be limited, but that within those limitations, the concept has legitimacy and should be pursued by military forces.
The increasing potential to network-connect our appliances brings with it a growing susceptibility to Personalized Information Warfare attacks. Existing network enabled computers, mobile phones and personal data appliances have proven to be vulnerable to a wide range of threats. Manufactures are currently supplying the general public with Internet enabled refrigerators, air-conditioners, televisions, video recorders and washing machines that are connected to the home network, consequently moving the threat spectrum for attacks from cyberspace into the home. This paper explores the opportunities for highly targeted Personalized Information Warfare that the explosion of net enabled appliances and emergent broadband technologies currently presents.
Perception management is integral to the art of war. Skillful use of information warfare, psychological operations and propaganda is problematic, however. Based on Maurice Merleau-Ponty’s theory of perception and the practical examples presented in this article – the Finnish Winter War and the war on terrorism – it can be held that perception and its interpretation can never be certain. If perceptions are manufactured, they can become counter-productive. The way in which perceptions arise is characterized by dynamism. According to Mzerleau-Ponty, there is always a middle ground between us and the enemy, a field that distorts and limits our view of the enemy. Therefore, in this article we propose that we can direct propaganda only towards ourselves.
Hacker Warfare is the type of Information Warfare that involves the inflicting of damage to the digital infrastructure of the enemy by exploiting security vulnerabilities. In this paper we discuss for the first time the exploitation of event-driven systems in order to inflict this type of damage. As an attacker may use command line parameters and network data to exploit security vulnerabilities in local and network applications respectively, he can use events against event-driven applications.
This paper proposes that both Information Warfare attacks and non-intentional perception errors can be categorised as causes of misperception. The causes of misperception are then analysed in the terms of Boyd’s OODA loop model to determine when they cause errors to occur. The OODA loop model is then expanded to produce a theoretical model of the internal process of the Orientation step of the OODA loop. One of these errors is then explained in greater detail with the new model.
Over the years there have been many interpretations of what constitutes Information Terrorism. This paper reviews literature on Information Warfare and Terrorism to deduce what the threat of Information Terrorism is considered to be in the new security environment. This provides a deduced interpretation/definition of Information Terrorism, which is explained by outlining the threat itself, and its potential impact, capability and advantages. The positives that can be derived to counter it are then examined. The paper concludes with remarks that Information Terrorism is a major dynamic contributing to a new national security environment.
As information warfare capabilities have grown in recent years, the possibilities of war crimes with cyber-attacks have increased. The main ethical problems of cyber-weapons in regard to ruses, secrecy, and collateral damage are examined, and analogies drawn to biological weapons. It argues that most cyber-attacks are instances of perfidy, and spread so easily that they can approach biological weapons in their uncontrollability. Then mitigation techniques for cyber-weapons in the form of more precise targeting, reversibility, and self-attribution are considered. The paper concludes with a survey of some methods for prosecution and punishment of cyber-war crimes including forensics, interventions, cyber-blockades, and reparations, and proposes a new kind of pacifism called 'cyber-pacifism'.
Research into Intelligent Agent (IA) technology and how it can assist computer systems in the autonomous completion of common office and home computing tasks is extremely widespread. The use of IA’s is becoming more feasible as the functionality moves into line with what users require for their everyday computing needs. However, this does not mean that IA technology cannot be exploited or developed for use in a malicious manner, such as within an Information Warfare (IW) scenario, where systems may be attacked autonomously by agent system implementations. This paper will discuss the current state of malicious use of IA’ s as well as focusing on attack techniques, the difficulties brought about by such attacks as well as security methods, both proactive and reactive, that could be instated within compromised or sensitive systems.
Recent technological innovations in computing such as wireless computing have opened up new dimensions of threats to data security. These new technologies reveal users’ location and hence make the availability of information vulnerable. Further, by identifying individuals using wireless computing technologies, it is possible to access corporate data, leading to security breaches. This paper discusses the potential for security breaches in wireless computing with respect to location identification technologies.
This paper looks at an approach to teaching offensive and defensive skills in cyberwarfare. The teaching strategy presented has been developed in an active defense education environment. Action learning is an important facet of this cyberwarfare learning environment allowing students to experience application of the theory and reflect on the learning process whilst gaining proficiency in the tools and techniques.
Forensic computing (FC) is an emerging academic discipline that is difficult to define. This paper attempts to define taxonomy and to explore the interrelationships between specific academic and scientific disciplines involved. The paper also aims to highlight the significance of the forensic computing approach and how this approach can aid the development of defensive/offensive approaches in the era of information warfare (IW).
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.