Unclassi ed NAVAL WAR COLLEGE Newport R L Netwar It's Not Just For Hackers Anymore by Stefan Eisen Jr Lt Col USAF A paper submitted to the Faculty of the Naval War College in partial satisfaction of the requirements of the Department of Operations The contents of this paper re ect my own personal views and are not necessarily endorsed by the Naval War College or the Department of the Navy MEIMQN Signature gt am ELM Approved tar pwm ic reiemm 0 CWT-mum i 22 June 1995 Paper Directed By Captain D Watson Chairman Joint Military Operations Department Faculty Advisor Date Captain Eugene K Nielsen USN Faculty Joint Military Operation Department Adm Raymond A Spruance Chair of C41 19950822 042 UNCLASSIFIED Security Classification This Page REPORT DOCUMENTATION PAGE 1 Report Security Classification Unclassified 2 Security Classification Authority 3 Declassification Downgrading Schedule 4 Distribution Availability of Report DISTRIBUTION STATEMENT A APPROVED FOR PUBLIC DISTRIBUTION IS UNLIMITED 5 Name of Performing Organization JOINT MILITARY OPERATIONS DEPARTMENT 6 Office Symbol 7 Address NAVAL WAR COLLEGE 686 CUSHING ROAD NEWPORT R I 02841-1207 8 Title Include Security Classification NETWORK WARFARE NOT JUST FOR HACKERS ANYMORE UNCLASSIFIED 9 Personal Authors LT COL STEFAN EISEN JR USAF 10 Type of Report FINAL 111 Date of Report 16 MAY 1995 12 Page Count 24 13 5upplementary Notation A paper submitted to the Faculty of the NWC in partial satisfaction of the requirements of the JMO Department The contents of this paper reflect my own personal views and are not necessarily endorsed by the NWC or the Department of the Navy 14 Ten key words that relate to your paper Computer Network Warfare Information Warfare Command and Control Warfare 15 Abstract Network warfare Netwar is the latest tool in the Information Warfare toolbox Where C2W targets the enemy's military electronic spectrum and provides defense against enemy C2W efforts Netwar targets enemy computer networks that support both military and civilian functions such as communications logistics transportation and other computer controlled networks in order to provide the operational commander with an additional tool to either prevent or win conflicts Netwar also has defensive features helping the operational commander defend against the inevitable enemy attack on friendly computer network systems 16 Distributio Unclassified XX Same As DTIC Users Availability of Abstract 18 Abstract Security Classification UNCLASSIFIED 19 Name of Responsible Individual CHAIRMAN JOINT MILITARY OPERATIONS DEPARTMENT 20 Telepiane 841 6457 21 0ffice Symbol Security Classification of This Page Unclassified Accesion Fd'r an DTIC TAB 3 Unannounced 3 DTIC QUALITY INSPECTED 31 Justification By Distribution I Avauabn y Codes Ava D131 Special 5H ABSTRACT Information Warfare IW doctrine is experiencing tremendous growth partially as a result of its spectacular performance in Desert Storm Supporting IW in Desert Storm Command and Control Warfare CZW strategy helped lead the way to success However coalition achievements were due in part to Iraq's lack of understanding of C2W Future operational commanders must not only tackle the expanding role of C2W but should use IW's latest tool Network Warfare N etwar to their advantage Netwar compliments CZW because it augments the commander s offensive toolbox while expanding C2W's defensive strategy While offensive CZW primarily targets the enemy s military electronic spectrum offensive Netwar targets the enemy's military civilian computer controlled networks and information systems The power to affect these networks isn t a panacea leading to bloodless con ict but it can give the commander a signi cant force enhancer As the most recent arrival on the electronic battle eld Netwar not only provides the commander with several o ensive options om physical destruction to degrading system performance to favorably affecting output information it reinforces defensive C2W by emphasizing the breadth and depth of today's modern military dependence on computer networks while providing defensive strategy options which compliment and expand existing CZW defensive strategy Commanders must realize that using some of the Netwar options detailed in this paper require coordination and approval from senior command authorities perhaps as high as the NCA However planning for these effective options is a direct reSponsibility of the commander Thought il planning will reveal not only the value of Netwar but it will highlight equipment training strategy and policy shortfalls that must be met by either supporting CINCs or other agencies Failure to plan and execute effective offensive and defensive Netwar in both peace and wartime may give an opponent using Netwar the potential to signi cantly enhance their forces while taking away an effective force multiplier om the -iendly commander Network Warfare It's Not Just For Hackers Anymore Introduction General country and has no information is ignorant of his calling Napoleon Bonepart Knowledge and the desire to control it is not new to warfare Though hail Desert Storm as the rst information war in reality information exploitation is easily traced back to the Mongols They controlled the enemy by feeding them false information about the disposition of their forces For example in Khwarizm an area approximated by today's Iran the ruler Muhammad Ali Shah was so confused by the Mongol s control of troop information that he ed without a gh --allowing the Mongols to achieve victory by default 1 From Hannibal to Napoleon to Eisenhower history constantly highlights the commander who understands the power of information - But Desert Storm is not just another example of 7 information control effectively applied to warfare it is a watershed event because of the prominent role Information Warfare IW held among the other facets of warfare air land sea and space power Desert Storm senior commanders were surprised by their dependence on networked computer systems 3 This surprise was simply commanders carrying the war to a new high ground-gaining not only air land sea and space superiority but information superiority Indeed experts posit that TW had such a huge impact on Desert Storm it should be recognized as a fth facet of warfare 4 What made Desert Storm such a watershed for The answer lies in a silicon chip the size of a quarter This paper intentionally focuses only on Network Warfare Netwar a subset of IW Netwar is a logical next step in the expanding sc0pe of IW concepts This paper emphasizes the potential of this tool using 1W examples as a basis while exploring potential options this tool gives the commander Operational commanders must comprehend Netwar and use it as an offensive weapon while preparing defenses against enemy attacks Without effective Netwar the commander denies friendly troops a great force multiplier while unnecessarily exposing those same tr00ps to unneeded risks Background Desert Storm was where an ounce of have had more e ect that a ton of uranium Col Alan D Campen USA Ret The growth of IW and its supporting Command and Control Warfare C2W strategy is based on a simple concept the commander's need to increase the power of friendly assets while denying the enemy the same One answer to this need is manipulating information Before electronics information was physically recorded or memorized and then relayed to commanders This information slow and often dated nevertheless had the potential to give commanders a battle eld advantage Its value depended on whether the information was correct and used before the enemy could counteract With computers the concept of controlling the vast sea of information to one's advantage has become so critical the US devotes extensive resources to the study and development 1W concepts 5 A computer network and its power to enhance both weapon and non-weapon assets is a valuable new source of power for the commander This tool increases the quantity quality and variety of information to the commander and improves performance Computers also have another power beyond direct military support- computers now directly control large complex machine systems as well as military and civilian support systems Modern society and military forces have become extremely dependent on this capability The shift from the old military-industrial complex to the new military-civilian computer complex forces this increased reliance on automated information as well as blurring the line between military and civilian systems 6 Computers have the ability to effectively manage both the highly integrated enormous battle-Space involved in todaf campaigns as well as cheaply control the society's machinery and civilian infrastructure supporting these military ends 7 The Concepts of Netwar The whole thing boils down into control power in all its forms George A Purse DOD Directive 4600 4 levies commanders to attack enemy perceptions decision processes and control mechanisms in short all aspects of a society--political economic and military 8 In developing support for this directive the School of Information Warfare and Strategy at Ft McNair in Washington perhaps describes the scope of 1W best While is ultimately military in nature IW is also waged in political economic and social arenas and is applicable over the entire national security continuum from peace to war and from tooth to tail 9 As a new IW tool Netwar shows its maximum potential in this tail described above Netwar is conducting offensive and or defensive operations on military or civilian non weapons computer networks to gain a military advantage As with any new facet of warfare its de nition is incomplete and overlaps with other IW de nitions and concepts But just like the W W II propeller-driven aircra gained potential with the advent of the supercharger so IW gains new potential through Netwar In a nutshell Netwar is tomorrow s computer based information-related con ict between either nations organizations or societies The To ler's in their book War and Anti War envision the xture of American con icts They feel societies ght the same way they make money--and as America moves from an industrial to an information economy DOD will depend more on information dominance 10 Commanders need to understand this concept and capitalize on the potential of Netwar for computer networks make a critical impact on every facet of military and civilian operations Netwar isn't an end it is merely a means to an end The goal of Netwar whether offensive or defensive is to give the commander an advantage To do this Netwar's operational concept focuses on defending friendly computer network assets while exploiting the enemy's Since resources and time are limited Netwar planners must also provide the commander with priorities so he she can select and use Netwar to maximize its impact on a particular Course Of Action COA Additionally Netwar is not just a wartime operation It must be conducted in peacetime to prepare the battle eld for a possible engagement and much like peacetime intelligence activities help the commander prepare for or possibly avert con ict Not only is the West President Yeltsin and Defense Minister Kokoshin have repeatedly written and spoken about their concerns over potential enemy action on their information systems 11 China Israel Australia Germany and Canada have followed Russia's lead and are all very busy enhancing systems and building emerging Netwar strategies 12 In offensive Netwar the commander seeks dominance over the enemy's computer information and control systems using a myriad of tools The commander can attack either the physical computer network its supporting structure or a product of the network The attack mode can be overt or covert and consists of either a hard or soft kill It can directly impact the immediate battle or affect the enemy commander's conduct of iture engagements Defensive Netwar helps the commander get trusted information by protecting computer hardware and its infrastructure providing secure communication links and when required an capability Defensive Netwar also depends on reliable soft and rmware and an ability to detect correct and or recover from attacks Trusted information is the goal but when trust is violated defensive Netwar must notify the commander and provide him her with alternate means of gaining trusted information again Netwar is not bloodless warfare as envisioned by some futuris ts l3 With other tools it may help avert a con ict by putting the enemy at a real or perceived disadvantage or perhaps lessen casualties by providing swi er means to victory--but it is not a panacea Also Netwar can neither defeat all networks nor defend against all attacks However effective offensive Netwar can signi cantly decrease the enemy's con dence in their information or allow the friendly commander to manipulate the enemy while effective defensive Netwar can protect friendly assets and increase the reliability of friendly information Netwar at the Operational Level Gen Schwarzkopf generated only a tenth of the total message traf c Signal Magazine Netwar holds tremendous power for the commander as well as tremendous potential for disaster In Desert Storm the brilliant IW successes for the coalition overshadowed two critical elements that won t exist in iture con icts First time allowed the coalition to nd serious network de ciencies and x them Second and most critical Iraq did not use Netwar because it lacked e ective technology and strategy This lack of Iraqi action and its consequences are lessons that won't be lost on future adversaries Just as the coalition learned from Desert Storm new foes are also going to school to avoid the Iraqi disaster The commander must plan for possible Netwar action in every COA even in light of an apparently unsophisticated enemy Netwar especially o ensive Netwar is a skill that is easily hired by a potential adversary 14 It doesn't take tremendous capitol or complicated machinery Robert Morris a hacker brought down a 7 000 unit secure American system with an Apple He and a 1200 baud modem 15 Commanders must prepare for eifective defenses against Netwar during peacetime and practice those plans regardless of the foe's Netwar readiness But Netwar is not just hooking up a PC to a telephone and frying computers or wreaking havoc with a power-grid Netwar if not properly handled can have unintended and severe consequences 16 Planning must be centralized and coordinated at the operational level Decentralized planning could lead to disaster for the friendly forces The Realities about Computers and Networks On 15 January 1990 50% of long distance switching system died- due to 13 lines of hacker code It took 9 hours to pour through millions of lines of code before the problem was solved Law And Disorder on the Electronic Frontier Commanders must face reality--any computer-controlled system can be a ected The concept of an impenetrable system is a mirage For example in the 1980's a hacker de 'auded a major US bank of millions by simply cutting thin salami slices from millions of daily bank transactions 17 This activity was conducted on a 100% secure banking network If the computer is relatively secure there are alternatives Secondary sources- keyboard emissions CRT radiation or printer heads striking paper can be intercepted 18 Something as simple as tertiary re ective computer emissions bouncing off innocent hardware like doorknobs or the neutral wire of a wall outlet are susceptible to interception Another reason computer systems are vulnerable is because they are now very complex requiring constant maintenance To illustrate software developed for the Space Shuttle motor and hydraulic control systems the Space Shuttle is the world's most complicated mechanical device has 420 000 lines of code A simple modern DOD comm package needs 1 5 million lines of code 20 These huge programs just like anything built by humans have aws High Quality software may contain one error per 1 000 lines of code 21 According to E W a leading US software engineer testing for bugs only show the presence of bugs never their absencem NORAD and similar sized systems have computer codes with as many as 40 000 errors yet they are still considered reliable 23 To maintain these systems software is constantly upgraded This critical maintenance is where planners can easily a ect the system and get into a secure system There are also other means such as remote modem access through an unsecured server and hardware manipulation The bottom line is clean-systems are reachable the only variables are how much time and resources it takes The military's Tempest systems aren't immune either Pengo a West German computer hacker sold American military secrets to the US SR He repeatedly broke into Tempest computers at MIT Jet Propulsion Labs Union Carbide Mitre Redstone and the Pentagon etwar Potential On the Offense In the rst 30 hours of Desert Storm US troops got 1 3 million electronic messages It was overload Maj Gen Paul K Van Riper USMC assistant chief of staff for C41 Offensively Netwar must support the iendly commander's ability to affect the enemy's decision cycle often referred to as the Observe Orient Decide Act OODA Loop Commanders must develop what Ryan et al describe in their research as an Order of de ning systems networks and facilities as to their usefulness as targets giving them a level-of-e brt and allocating either organic resources or upchanneling requests for resources from other commanders federal agenciesfor even foreign governments 25 First the commander must determine the goal of o ensive Netwar Goals must be de ned before targets or levels-of-e ort are selected Netwar is not destroying the enemy's computer systems Effective Netwar gives the commander tools to achieve goals on his battle eld When contemplating Netwar commanders should ensure staffs integrate Netwar goals into overall theater objectives Offensive Netwar involves intercepting manipulating controlling disru tin corru tin or destro the enem '5 information capabilities and or 5 stems Once goals are determined the next step is selecting the target and appropriate level-of- e ort Target selection goes well beyond the physical computer system itself--target selection must consider what the computer system actually controls or supports Just because an enemy computer system is vulnerable does not de ne it as a worthy target In iture con icts the NCA may direct e orts against enemy credit systems banks or industrial production or perhaps control of transportation gas power water and sewage control systems then targeting the computers that operate those systems becomes an effective use of Netwar 27 Also indirect targets must be considered Aside from hardware rmware software input data attacks and output information manipulation the people who operate maintain these systems are viable indirect targets The foe s automated data processing personnel and support technicians may cooperate with iendly efforts to gain success in Netwar 28 Also commanders must consider potential targets outside their Area Of Responsibility AOR Computers especially processor chips and network systems are built by relatively few manufacturers worldwide If required commanders must up-channel their needs to senior leadership and they in tum should seek help from appropriate agencies Gaining cooperation from computer makers as they service and or supply the enemy can go a long way in achieving the commander's goals 29 To illustrate computer components are now capable of either degrading or completely failing automatically through a simple external command or after a preset array of conditions is met 30 Hand-in-hand with target selection is assigning a level-of-e ort Here vulnerability and the commander's ability to threaten that vulnerability must match Command - r s must allocate offensive resources only where they have the best chance of achieving needed goals 31 Levels- of e ort span om physical destruction to signals interception and modi cation to ignoring modifying invading or disrupting either the computer the network or its support systems The choice of physical action--destroying the computer network forces the enemy to either act in the blind as Iraq did or rely on less sophisticated and possible more exploitable back-up systems 32 But destruction goes beyond traditional bombing Destruction includes incapacitating internal components interface systems communications nodes and or affecting support systems such as power supplies and conditioning equipment Weapons include sound heat cold radar magnetic energy and light energy 33 Additionally RF weapons the pulsing of electromagnetic energy are particularly effective weapons because they destroy the computer but leave the structure unaffected At the high end of the RF range is the Electromagnetic Pulse EMP created by a nuclear blast However a poor man's EMP is simply a surge in the computer's power supply Both are effective 4 When considering physical destruction commanders must continually look beyond the immediate bene ts of such action and create a balance between combat needs and the long term responsibilities during war termination and post-con ict reconstitution Following a common sense principle of war Netwar must achieve its goals with the minimum of damage The systems a commander affects to his her advantage during the opening shots may be the very systems the commander needs in war termination and post-con ict reconstitution To cite an old iend of battle theory Clausewitz continually emphasized the need for commanders to not take the rst step until the last step has been contemplated 35 As an example complete destruction bombing of an enemy's communication banking and transportation system when simple degradation would have achieved the intended goal only makes war termination more dif cult Additionally it severely a ects the defeated foe s ability to reconstitute adding unnecessarily to post-con ict tensions Avoiding overkill in Netwar is more critical than avoiding unneeded physical destruction in CZW because unlike C2W which targets primarily military assets Netwar targets systems that are either shared civil military systems--or totally civilian resources Some of these target categories such as medical and pharmaceutical control systems or computer systems controlling food supplies transportation systems public utilities banking centers and or certain civilian production facilities are gray legal areas These target categories must be care illy screened by legal advisors 36 Additionally commanders must assess the legality as well as the cost-to-bene t ratio of attacking these systems as they impact not just the progress of the military campaign but the e ect on continued political support from the US public elected representatives and coalition members To dramatize this point destroying a bar code data base in the enemy's food production infrastructure may help the iendly by disrupting logistics supplies to enemy troops but if it also creates a CNN news-scoop showing starving children the long- term cost in public support may outweigh the immediate military bene t A highly preferred level-of e brt would simply degrade computer systems By affecting the computer's capabilities to perform consistently Netwar goals are achievable without physical destruction This level-of-e ort has several positive facets Commanders can overtly degrade the system not destroying it but destroying the enemy's trust in the system's reliability This has the compounding affect of tainting the enemy's trust in every one of its computer systems whether or not it was affected by US action Conversely the computer may be covertly intruded so the output is altered to the advantage of the U S commander but without the enemy commander s knowledge thereby retaining the enemy commander's trust in a system being manipulated by friendly forces Included here are voice and data networks Not only are these high-value but with over 4 000 telephone companies worldwide this is a target-rich environment 38 Another level of-e ort option is affecting the enemy's computer output through software and or input data manipulation producing plausible outputs for the enemy but controlled by iendly assets For example positioning modifying radio and television signals could disrupt the enemy's political power base or governmental control Envision a TV broadcast showing the enemy retreating or surrendering 39 More traditional invasive techniques include software attacks by any of the following means a Trojan Horse worm virus logic bomb and or an Easter Egg as in Tom Clancy's Debt of Honor as well as a trap door 40 These hacker legacies have a de nite value in Netwar 41 A low-priority target may either be monitored or ignored When monitoring a commander uses signals interception and modi cation to either gain information or deny the enemy its use For example rendering an enemy's ciphered transmission useless denies it to the iendly commander but it does the same to the enemy 42 Finally if a system is low priority it should be ignored Ignoring low-value systems preserves friendly offensive assets while saving those enemy systems for possible reassigmnent during war termination and reconstitution e orts Finally the idea of information overload has its place in offensive Netwar Overwhelming systems with fed or perpetual generating data seeks to either slow down legitimate computer operations incapacitate the network through gridlock or cause the human lter receiving the avalanche of output to become ineffective Overwhelming the enemy gives the commander an advantage he she can get around the enemy's OODA Loop faster than the enemy can itself Critical to offensive Netwar planning is an emphasis on coordination and effective timing This is where joint centralized and coordinated planning efforts are vital to success Redundant efforts are inef cient waste resources and create unneeded risks Also coordination precludes situations where one friendly plans to affect a system while another simultaneously requires the use of the same enemy system to achieve its mission goals In addition to internal coordination commanders must weigh the cost to bene t ratio of allowing coalition partners in on the planning efforts 43 How much information should be shared with coalition partners is a tough issue a current coalition partner may become tomorrow's foe A parallel dilemma is what to do with economic enemies who are political friends As an example during Desert Storm France made Spot imagery commercially available even to Iraq 44 Smart force planning averted an information disaster on the eve of ground operations Finally temporary alliances such as the Desert Storm coalition with Syria require commanders to consider how much information is shared and what bene t is gained 45 The Netwar plan must also emphasize timing To illustrate blinding the foe s communications after the enemy used it for its intended purpose is pointless On the other hand blinding a system too soon is just as pointless--it gives the enemy time to recover or seek alternate routes for information 46 Coordinated effective timing not only maximizes operational success but reduces the risk of Netwar fratn'cide Another facet to Netwar planning is the need for constant peacetime exercises to check validity Potential COA and enemies must be continually assessed Opponent's cable 10 systems relay towers telephone switching nodes and exchanges ber optic and coaxial cable runs must be continuously updated for location and use 47 Potential enemy computer software rmware and hardware changes must be monitored to determine status and potential vulnerabilities This continuous monitoring is critical due to the pace of change in computer technology Today's Netwar plan can become instantly obsolete as a potential foe upgrades its computer defenses or corrects physical security aws These operations should be covert Active peacetime operations give the commander the power to put systems and options in place prior to a con ict In fact peacetime Netwar gives the commander options that could prevent war Well placed logic bombs and latent viruses can threaten the foes civil and military computer operations if they start action against US interests 48 Finally just like a child who dismantles his dad's radio with no clue on reassembly reckless Netwar without a plan for post-con ict reconstitution is extremely counter-productive The goal is to reasonably restore the systems' performance while retaining the ability to conduct future Netwar action if needed To reconstitute every affected enemy computer after a large scale action would take more work than resources allow Therefore planners must prioritize which systems get restored and to what level To meet this goal ef ciently pre-con ict planning must include documentation of all friendly attack actions leaving an audit trail for the reconstruction engineers to follow Also the concept of achieving goals with minimum damage to the enemy's systems will signi cantly ease the reconstitution effort Basic service systems communications power gas water sewer and transportation should receive top priority they should either be restored or if physically destroyed in war replaced Secondary efforts should rebuild the economy banking systems production and inventory systems as well as internal security Replacement and restoration presents the US commander with a unique opportunity to con gure the reconstituted system s to his her advantage for a iture potential Netwar option--this valuable tool should not be overlooked ll Netwar on the Defense Hackers from Denmark Russia and Iraq tried to penetrate Desert Storm military computer systems William Matthews news corespondent An attack on US computer systems is assured during the next con ict with high probability of hits on both the secured systems and less defended support computer systems Effective defense requires an assessment of the iendly systems' vulnerabilities as well as the enemy's potential to threaten that vulnerability 50 If both conditions exist and the system is vital commanders must protect it 51 There is a tradeoff with security -commanders must accept inef ciencies with high security levels compartmentalized data and or computers are relatively tight but slower than comparable unsecured systems 52 They must also guard against computer security discipline sliding during the heat of battle as workers rush to gather critical information 53 Regardless of human frailty under re planning for defensive Netwar must proceed and include four levels prevention detection limitation and recovery 54 Finally defensive Netwar must be coordinated with C2W defensive efforts--the two are closely linked on defensive efforts and can easily share vital resources and options Prevention is rst It involves the physical layout and construction composition of the computer facilities including modulated power or Uninterruptable Power Supply UP its supporting computer security architecture as well as the internal policies implementing the preventative measures When planning defensive Netwar security must also extend to the entire system not just to the command section To illustrate Saudi Arabia had a limited secure network infrastructure The rst Defense Satellite Communications System dish in Saudi Arabia was bolted on the roof of the Saudi Defense Ministry building with cables running down the outside walls Although armed guards protected against unauthorized physical access to the building the cable radiated sensitive communication signals- an easily intercepted source 55 Operational security may require data Though has obvious bene ts there are costs and risks First uses sophisticated equipment 12 can only be performed at speci ed sites and consumes vital resources Also indirectly alerts the enemy that you have something worth hiding This makes assets priority targets for disruption interception or destruction Also personnel are at risk-urequiring a higher level of personnel security for these vital human resources Prevention may also use a trusted third-party to audit usage and hard-copy notarize each access Hard-copy audit trails also make recovery work easierumost unauthorized break ins have with them a clean-up device that erases any electronic audit trail 56 Surprising to some but many secure systems are invaded not because security is defective but because operators do not use it From dumpster diving for ID Password keys to leaving secure components unsecured to connecting unsecured components to secure devices to deliberately disabling security features to save time--security breaches are a people problem as much as a systems issue A Defense Information Systems Agency study claimed that effective human defensive actions could prevent detect 80% of illegal computer hits 57 Security items like dial back ID Password requirements data le password protection le access restriction and third party ID authentication veri cation are useless if not consistently applied or if purposely circumvented When allocating resources for physical security the commander would be wise to follow commercial sector security examples Major corporations spend up to 68% of their security budget on education not hardware 58 Recent USAF conferences on IW have emphasized the criticality of proper training and education This emphasis directly re ects the security concerns of the USAF 's chief trainer Gen Henry Viccellio Jr Commander Air Education and Training Command 59 This education must involve not only U S DOD personnel but U S government workers and contractors as well as coalition and allied personnel The following illustrates the lack of physical security training and education During Desert Storm in the Saudi AOR 3 000 personal computers were connected to the U S mainland via network with many connections made the security envelope creating an enormous exploitation risk 50 Coalition forces were lucky because these opportunities were lost by Iraq- opportunities the next foe 13 will not pass up 61 Although operational commanders are not directly involved in these training issues they must continually assess their force's Netwar readiness and relay training needs back to the supporting commanders To illustrate Gen Dwight Eisenhower was so hampered by a lack of skilled radio intercept and deciphering experts he physically created a specialty within the Army Signal Corps to address this WWII version of IW 62 Finally commanders must also weigh security risks against operational rewards when developing networks with hastily organized coalitions like the US did in Desert Storm 63 Next detection is critical for maintaining the commander s trust in the information If a system is tampered with iendly forces must know the output information is probably corrupt and must either work without that data or seek alternate information paths Systems with a baseline can perform automatic or directed comparison checks parity checks to detect fraudulent operations 64 Another prevention measure includes a system that continuously monitors or snoops for unauthorized hits 65 The sensitivity of these monitors is adjustable and customized to meet the threat These snooping programs are programmed to alert only after a predetermined set of trigger events or ags occur but these security applications only work if applied 66 Slack application of parity checks at the General Electric Missile Space Division in Valley Forge PA compromised sensitive DOD information The same can be said for NORAD operations during periods in the 1980's 67 Another detection issue is handling stimuli or induced information overload It can render a computer stupid or cause signi cantly degraded performance Thus the coalition OODA Loop is slowed forcing potentially bad decisions 68 Here the commander counters with sni ers that detect counter stimuli before it overwhehns 69 Another defensive strategy that increases the commander's trust is setting up parallel systems with different hard software and communications circuits as well as unlike operating systems Apple System 7 parallel with a DOS system 70 This signi cantly complicates an enemy's tampering e brts Ifdetection spots who is getting inside a computer system limitation rewalls seeks to restrict the amount of movement available once inside Commanders must stick to tough 14 compartmentalization of sensitive operations even if it causes operational inef ciencies Also isolating highly sensitive computer assets from networks either permanently or when not actively engaged in network operations increases the system s integrity Finally recovery provides the commander a way to reconstitute operations after the inevitable enemy attack Recovery is a mandatory part of defensive Netwar Commanders that ignore this vital fallback position will pay the penalty in lture con icts Recovery may entail off-site data and or computing back-up special recovery software designed to rebuild lost damaged or deleted les or emergency manual information back up systems that aren't dependent on computers for control or execution can appreciate the need for recovery a er considering that over 95% of DOD telecom voice and data is provided by public networks owned by common carriers When the National Information Infrastructure is completed it will use these same utilities 71 Recommendations and Conclusion The services put more electronic communications connectivity into the Gulf in 90 days than we put in Europe in 40 years Lt Gen James S Cassidy director of C3 for JCS There is a danger in using Desert Storm as the de ning moment for future IW Before the US grabs this one experience as the foundation for advanced IW operations the US must understand that Desert Storm was unique U S operational commanders must now plan to the entire information spectrum while our enemy does the same 72 Netwar helps the commander achieve domination of the entire spectrum Netwar takes IW deeper into the enemy's homeland and risks more and more of its assets Those who cling to Clausewitz's concept of the limited role of technology need to consider its context He wrote when major technical revolutions occurred once every 50 to 100 years We live in an age when there is potential for major change every 24 months 73 To ignore offensive and defensive Netwar gives the enemy an advantage that cannot be made up for in battle To cite George A Purse Let it not be supposed that there is some occult means by which neglect in peace could be atoned for in war 74 15 Netwar also requires a new organizational paradigm To t this new tool into an established way of operations could invite disaster Much like the French failure to adapt the machine gun in WWI Netwar requires a modi ed structure 75 Netwar requires centralized planning and topsight to ensure the assets are effectively used 76 During planning this level of supervision is needed because of the extreme sensitivity of Netwar For several of the target options NCA approval may be needed However the actual execution must be decentralized to the shooters at the keyboards and troop level so that the plan can maintain exibility during its hectic execution Unlike Vietnam where technocrats kept both command and execution at ridiculously high levels Netwar commanders must plan and coordinate then let go of the reins 77 Desert Storm offers a good comparison of the genesis of Netwar planning and execution Instead of a Stovepipe CZW the sister to Netwar used a at inter-dependent organization where problems were discovered in Saudi solutions developed and coordinated stateside between military experts and civilian contractors then corrective action taken by defense logisticians over 7 000 miles from the desert 78 Netwar is a growth industry Defense Information Systems Agency estimates over 900 000 illegal hits occurred in 1991 on federal computers--up from 395 000 in 1989 79 This threat needs its own expertise base much like Eisenhower's radio cadre However to predict the precise iture of Netwar and the demands it places on DOD is impossible to project trends is a bit easier American society will continue to embrace technology both its good and bad sides The military will naturally be drawn along on this trend and as the civilian military network delineation becomes more and more blurred America can anticipate increasing vulnerability to Nemar Failure of the operational commander to anticipate prepare for and execute Netwar will cost the commander the use of a valuable force enhancer 16 Notes Fiber optics were touted as spook-proof Even ber optic lines can now be tapped Law And Disorder on the Electronic Frontier lArquilla John and David Ronfeidt Cyberwar is Coming Comparative Strategy April-June 1993 p 149 2Furse George A Information in War Its quuisition and Transmission London William Clowes Sons Ltd 1985 p 29 3Macedonia Michael R Information Technology in Desert Storm Military Review October 1992 p 35 4Teiephone conversation with Gregge E Haege Major USAF Headquarters Air Education and Training Command Technical Training Directorate Randolph AFB 1 May 1995 5Ibid 6Mathews William New School to Focus on Information Warfare America On-Line Download from Army Times Publishing Company July 18 1994 7McAfee John and Colin Haynes Computer Viruses Worms Data Diddlers Killer Programs and Other Threats to Your System What They are How They Work and How To Defend Your PC Mac or Mainframe New York St Martin's Press 1989 p 190 8Hutcherson Norman B Command Control Warfare Maxwell AFB 1994 p 15 9Geissler Fred Introduction to Information-Based Warfare Washington DC School of Information Warfare March 1995 p 34 10Tofrler Alvin and Heidi War and Anti-War Survival at the Dawn of the 2lst Century New York Bantam Books 1993 p 3 1iFitzgerald Mary C Russian Views On Electronic Signals and Information Warfare American Intelligence Journal Spring Summer 1994 p 87 12Contract no DCA Planning Considerations for Defensive Information Warfare Information Assurance Task Order 90-SAIC-019 Alexandria VA 1993 p 17 13Ryan Julie and Gary ederici Oifensive Information Warfare--A Concept Exploration Alexandria VA 1994 p 4 James B Information Superiority Dashes Thorny Power Projection Issues ggpal November 1994 p 13 15Hafner Katie and John Marko ' Cyberpunk Outlaws and Hackers on the Computer Frontier New York Simon and Schuster 1991 p 302 16Center for Naval Analysis Checkmate 2010 Information Warfare A Policy and Technical Prospect Alexandria VA 1993 p 4 Dept of Commerce Computers Crimes Clues and Controls Washington DC 1987 p 11 18The Military Frontier Understanding Computers Alexandria VA Time-Life Publishers 1991 p 104 17 1S Metzar Terry Hostile Intercepts Aimed At Information Systems National Defense May-June 1993 p 25 20Ramstad Evan Risky Business The Neuport RI Daily News 8 April 1995 p C7 21Bellin David and Gary Chapman eds Computers in Battle Will Thev Work Boston Harcourt Brace Jovanivich 1987 p 223 22mm p 222 231bid p 225 2 Hafrier p 185 25Ryan Julie Gary Federici and Tom Thoriey Information Support to Military Operations in the Year 2000 and Beyond Security Implications Alexandria VA Center For Naval Analysis 1993 p 12 26Telephone conversation with Gregge E Haege 27Parker Donn B Crime by Computer New York Scribner 1976 p 258 23Ibid p 233 29Ibid p 260 30Telephone conversation with Richard W Gri ith Defense Computer Contractor Shreveport LA 5 May 1995 31mm 32Arquilla p 157 33US Dept of Commerce Computers Crimes Clues and Controls p 27 34Ryan Julie and Gary Federici p 6 35Clausewitz Carl von On War Translated and edited by Sir Michael Howard and Peter Paret Princeton Princeton University Press 1976 p 263 36Center for Naval Analysis 2010 Information Warfare A Policy and Technical Prospect p 4 37'Parker Donn B Crime by Computer p 268 3 8Sterling p 176 Center for Naval Analysis Checkmate 2010 Information Warfare A Policy and Technical Prospect p 4 40Clancy Torn Debt of Honor New York GB Putnam's Sons 1994 p 288 Ryan Julie and Gary Federici p 4 42Davies D W and W L Price Security for Computer Networks New York John Wiley and Sons Inc 1984 p 11 18 43Pudes Terry 1 Preparing Future Coalition Commanders Joint Forces Ouarterlv Winter 1993-1994 p 2 Ryan Julie Gary Federici and Tom Thorley p 12 45mm p 18 Emmett PC Software Warfare The Emerging Future RUSI Journal December 1992 p 58 47Contract no DCA 100-90-C-0058 p 22 48Lind William 5 Kieth M Nightengale Scott Schmitt Joseph W Sutton and G1 Wilson The Changing Face of War Into the Fourth Generation Military Review October 1989 p 7 49Busey James B Information Warfare Calculus Mandates Protective Actions Signil October 1994 p 15 50Telephone conversation with Richard W Grif th 51Contract no DCA 100-90-C-0058 p 23 52Telephone conversation with Richard W Gri ith 53The Military Frontier Understanding Computers p 103 Dept of Commerce Computers Crimes Clues and Controls p 3 55Grier Peter The Data Weapon Government Executive June 1992 p 21 56Contract no DCA 100-90-C-0058 p 49 57mm p 24 58Mandron Thomas W Network Securitv in the 90's New York John Wiley Sons Inc 1992 p 223 59Telephone conversation with Gregge E Haege 60Grier p 21 61Telephone conversation with Richard W Grif th 62Hutcherson p 21 63Ryan Julie Gary Federici and Tom Thorley p 3 64Emmett p 59 65Robinson Clarence A Software Security Protection for Work Stations Laptop Data gniil October 1994 p 20 6 5Telephone conversation with Richard W Grif th 6'ICaroll John M The Third Listener New York E P Dutton and Co Inc 1969 p 12 68Ryan Julie and Gary Federici p 9 19 69Telephone conversation with Richard W Grif th 7 Comract no DCA p 40 71Ibid p 42 Carmen Alan D First Information War The Storv of Communications Computers and Intelligence Svsterns in the Persian Gulf Fairfax VA AF CEA International Press 1992 p 20 73Emmett p 57 74Furse p 98 75Arquilla p 151 75Hutcherson p 7 77Mathews William Girding for Cyberwar America On-Line Download from Anny Times Publishing Company Washington DC 18 July 1994 p l 73AIquilla p 152 79Robinson p 19 20 10 11 12 13 14 15 16 BIBLIOGRAPHY Arquilla John and David Ronfeidt Cyberwar is Coming Comparative Strategy April June 1993 p 141-165 Bellin David and Chapman Gary eds Computers in Battle Will They Work Boston Harcourt Brace ovanivich 1987 Benedikt Michael ed vaerspace First Steps Cambridge MIT Press 1991 Busey James B Information Warfare Calculus Mandates Protective Action ignal October 1994 p 15 Information Security Dashes Thorny Power Projection Issues Signal November 1994 p 13 Let Loose the Dogens of Cyberspace Signal April 1995 p 13 Campen Alan D Information Warfare is Rife with Promise Peril Signal November 1993 p 19 20 First Information War The Storv of Communications Computers and Intelligence Systems in the Persian Gulf Fairfax VA AF CEA International Press 1992 Information is Rife With Promise Peril Signal November 1993 Carroll John M The Third Listener New York E P Button and Co Inc 1969 Center for Naval Analysis Checkmate 2010 Information Warfare A Policv and Technical Prospect Alexandria VA 1993 Clancy Tom Debt of Honor New York GP Putnam's Sons 1994 Clausewitz Carl von On War Translated and edited by Sir Michael Howard and Peter Paret Princeton Princeton University Press 1976 Computers Crimes Clues and Controls US Federal Government Doc Washington DC 1991 Davies D W and W L Price Security for Computer Networks New York John Wiley and Sons Inc 1984 Emmett Flt Lt PC Software Warfare The Emerging Future RUSI Journal December 1992 pp 56-60 21 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 Evolving The National Information Infrastructure Naval War College Symposium for Government and Industry NeWport RI 9 January 1995 FitzGerald Mary C Russian Views On Electronic Signals and Information Warfare American Intelligence Journal Spring Summer 1994 pp 81-87 Furse George Armand Information in War Its Acguisition and Transmission London William Clowes Sons Ltd 1985 Geissler Dr Fred Introduction to Information-Based Warfare Alexandria VA School of Information Warfare and Strategy Symposium 20-24 March 1995 Gordon Michael R Admiral With High-Tech Dreams Has Pentagon at War With Itself The New York Times 12 December 1994 p Grier Peter The Data Weapon Government Executive June 1992 pp 23-26 Ha ier Katie and Marko John Cyberpunk Outlaws and Hackers on the Computer Frontier New York Simon Schuster 1991 I-Iiginbotham James H et a1 Doing Deception Attacking the Enemv's Decision Processes Alexandria VA February 1990 Hudson Neff Future Shock Air Force Times October 25 1993 p 19 Hutcherson Lt Col Norman B Command Control Warfare Unpublished Research Paper Air University Maxwell AFB AL 1994 Koch Maj James R Operation Fortitude The Backbone of Deception Military Review March 1992 p 66-77 Landreth Bill and Reingold Howard Out of the Inner Circle A Hacker's Guide to Computer Security Belleview WA Microsoft Press 1985 LaQuey Tracy L and Ryer Jeanne C The Internet Companion A Beginner's Guide to Global Networking Reading MA Addison Wesley 1992 Leghter William E The Revolution in Military Affairs And Information Warfare Unpublished Research Paper US Naval War College Newport RI June 1995 Libicki Martin C The Mesh and the Net Speculations on Armed Con ict in a Time of Free Silicon Unpublished Research Paper National Defense University Washington DC 1994 Lind William 8 Keith M Nightengale Scott Schmitt Joseph W Sutton and G 1 Wilson The Changing Face of War Into the Fourth Generation Military Review October 1989 p 2-11 22 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 Luoma William M Netwar The Other Side of Information Warfare Unpublished Research Paper US Naval War College Newport June 1994 Macedonia Maj Michael R Information Technology in Desert Storm Milita_ry Review October 1992 p 34 41 Mandron Thomas W Network Securitv In The 90's New York John Wiley and Sons Inc 1992 Mathews William New School to Focus on Information Warfare America On Line Download 'om Army Times Publishing Company Washington 18 July 1994 Girding for Cyberwar America On-Line Download from Army Times Publishing Company Washington July 18 1994 McAfee John and Haynes Colin Computer Viruses Worms Data Diddlers Killer Programs and Other Threats to Your System What Thev are How They Work and How To Defend Your PC Mac or Mainframe New York St Martins Press 1989 Metzar Terry Hostile Intercepts Aimed At Information Systems National Defense May June 1993 p 24-26 Parker Donn B Crime bv Computer New York Scribner 1976 Fighting Computer Crime New York Scribner 1983 Planning Considerations for Defensive Information Warfare Task Order Contract DISA 16 December 1993 Pudas Terry J Preparing Future Coalition Commanders EQ Winter 1993-94 p 40-46 Ramstad Evan Risky Business Newport RI Daily News 8 April 1995 p C7 Robinson Clarence A Software Security Protects Workstations Laptop Data Signal October 1994 p 19-22 Ryan Julie Gary Federici and Tom Thorley Iriqimation Support to Military Operations in the Year 2000 and Beyond Securitv Implications Alexandria VA Center for Naval Analyses November 1993 and Gary Federici Offensive Information Warfare- A Concept Exploration Alexandria VA Center for Naval Analyses July 1994 Sokol Maj Joseph Jr Counter-Deception the Commander s Responsibility Unpublished Research Paper Naval War College Newport RI June 1993 23 49 50 51 52 53 54 55 56 Sterling Bruce The Hacker Crackdown Law and Disorder on the Electronic Frontier New York Bantam Books 1992 Stoll Clifford The Cuckoo's Egg Tracking a spy Throughthe Maze of Computer Espionage New York Doubleday 1989 Telephone conversation with Gregge E Haege Major USAF Headquarters Air Education and Training Command Randolph AFB TX 1 May 1995 Telephone conversation with Richard W Grif th Defense Computer Contractor Shreveport LA 5 May 1995 The Military Frontier Understanding Computers Alexandria VA Time-Life 1991 To ler Alvin and Heidi Powershi New York Bantam Books 1990 War and Anti War Survival at the Dawn of the 21 st Century New York Bantam Books 1993 Wylie Joseph C Militarv Strategy A General Theory of Power Control Rutgers The State University 1967 24