- Shopping Bag ( 0 items )
Ships from: Farmerville, LA
Usually ships in 1-2 business days
Ships from: Derby, CT
Usually ships in 1-2 business days
Ships from: Highland Park, IL
Usually ships in 1-2 business days
This revealing book explores the impact of information warfare and the disruption and damage it can cause to governments, corporations, and commercial Web sites. Is it possible for a small number of people to cause millions of dollars worth of economic destruction from a computer? Through the use of scenarios and profiles of the cyber-terrorist subculture, you'll learn practical defense strategies for protecting your company or eCommerce site from cyber attacks.
The book also examines the steps that governments around the world need to take in order to combat the advanced skill levels of some of the most dangerous cyber-criminals today. Whether you're responsible for making technology decisions that affect your company's future, or interested in computer security in general, you won't find a more accurate and up-to-date book covering the emerging field of information warfare.
A simple and straightforward analogy is the vulnerability of civil aviation and how the need for airport and in-flight security has evolved over the last 40 years. Military airbases have always been under fairly tight security because of the need to protect national defense assets and personnel. As civil air transportation became the target of hijackings and bombings in the 1960s and 1970s, it became apparent that there was a need for security at public airports. As a result, the use of metal detectors, security forces, explosive-sniffing dogs, and x-ray equipment for baggage contents has become almost universal. In addition, there are the key questions by airline staff at check-in regarding the control of passenger baggage and the chance that a stranger has asked an innocent passenger to transport a package for him or her. Although not 100 percent foolproof, these simple security precautions make it more difficult for terrorists to abscond with a civilian aircraft or to smuggle weapons or explosives. Other examples of shifts in security attitudes are apparent at courthouses, public schools, and other civilian facilities. The Internet, however, has no such protections. The open access of the Internet is what makes Internet-connected organizations more vulnerable to terrorist attacks and economic espionage.
To begin to address the vulnerabilities that are inherent in the age of the Internet and electronic commerce, a new framework of analysis of information warfare, electronic terrorism, and economic espionage is absolutely necessary. The old school of information warfare that focuses on the protection or the destruction of military and industrial infrastructure is no longer adequate as a basis for planning national defense strategies against cyber attacks. This chapter presents elements of the framework that are necessary to include the protectionor for that matter, the destruction-of civilian activities in cyberspace, as information warfare strategies and tactics evolve.
To help establish a good understanding of the principles, dynamics, and economics of information warfare, this chapter examines, updates, and expands on several aspects of information warfare, including:
Offensive containment information warfare An organized deliberate military effort to cripple or disable military information capabilities, halt industrial and manufacturing information activities, and disrupt information technology-based civilian and government economic activity to leverage a strong negotiating posture for an aggressor over a target nation, region, or population.
Sustained terrorist information warfare The ongoing deliberate efforts of an organized political group against the military, industrial, and civilian and government economic information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.
Random terrorist information warfare The sporadic efforts of an organized political group or individuals against the military, industrial, and civilian and government information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.
Defensive preventive information warfare An organized deliberate military protective effort to prevent an aggressor from destroying military information technology capabilities, industrial and manufacturing information technology infrastructure, and civilian and government information technology-based economic activities of a nation, region, or population.
Defensive ruinous information warfare An organized deliberate military effort to totally destroy the military information technology capabilities, industrial and manufacturing information infrastructure, and information technology-based civilian and government economic activities of an aggressor nation, region, population, or military/terrorist force.
Defensive responsive containment information warfare An organized deliberate military effort to cripple or disable military information technology capabilities, halt industrial and manufacturing information technology activities, and disrupt information technology-based civilian and government economic activity to leverage a strong negotiating posture over an aggressor nation, region, population, or military/terrorist force.
Sustained rogue information warfare The ongoing deliberate efforts of an organized nonpolitical, criminal, or mercenary group against the military, industrial, civilian, and government economic information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.
Random rogue information warfare The sporadic efforts of an organized nonpolitical, criminal, or mercenary group or individuals against the military, industrial, civilian, and government information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.
Amateur rogue information warfare The sporadic efforts of untrained and nonaligned individuals or small groups against the military, industrial, civilian, and government information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.
Offensive containment information warfare strategies are similar to offensive ruinous information warfare in resource requirements. It is not likely that real containment could be achieved without a highly skilled force. It is possible to achieve a harassing effect and be menacing using terrorist tactics-which could be also referred to as guerrilla or resistance tactics-and cause disruption. Depending on the circumstances, containment of an isolated region could be possible-even the least-equipped warriors of the past knew to cut the telegraph lines so the cavalry could not be wired to send help. Sophisticated offensive containment information warfare strategies, however, still require substantial investment and years of development and training of forces. As with offensive ruinous information warfare strategies, very few nations can afford to implement offensive containment information warfare strategies.
Sustained terrorist information warfare is not an expensive process and can be implemented and maintained over long periods of time with an investment of a few million dollars. Certainly good skill sets are needed, but the process of terrorism is far more focused on disruption and harassment than complete destruction or containment. In a complete destruction or containment scenario, it is necessary not to do things to information architectures that will impede or injure one's allies. Since terrorists usually have few allies and generally have the worst of manners in the first place, they can use sloppy techniques that can disrupt and to some extent probably destroy some aspects of information technology-based economies. There are, or at least have been, several terrorist groups that can afford to carry out this type of information warfare strategy.
Random terrorist information warfare is even less expensive than sustained terrorist information warfare. Sporadic terrorism does not require the ongoing recruitment, maintenance, and training of information warriors and thus can be implemented on a really slim budget. In general, random terrorist acts have little lasting impact except on those people who are immediately injured or killed. These random terrorist acts can have great public relations value for political causes, and if such acts are directed toward information technology, the press coverage will be widespread and dramatic. Again, there are, or at least have been, several terrorist groups that can afford to carry out this type of information warfare strategy.
Defensive preventive information warfare has the same basic set of requirements that offensive ruinous information warfare has in terms of personnel, organization structure, and costs. Defensive preventive information warfare is necessary to defend against virtually all forms of offensive information warfare strategies. All information technology-dependent countries must develop defensive strategies, either independently or in a coalition. These strategies take years to develop and cost billions of dollars to implement and sustain.
Defensive ruinous information warfare is a counteroffensive strategy that requires the full set of skills, organization structure, and cost structure associated with offensive ruinous information warfare and offensive containment information warfare strategies. It costs billions of dollars to implement and probably requires a coalition to implement and maintain.
Defensive responsive containment information warfare and offensive containment information warfare strategies are similar except in the circumstances in which they are deployed. The cost is high, and it takes considerable time to develop strategies and tactics and train forces. There are few countries that can independently implement this strategy.
Sustained rogue information warfare has a similar overhead requirement to that of sustained terrorist information warfare. It is not an expensive process and can be carried out over long periods of time with an investment of a few million dollars. Good skill sets are required, but staff may be relatively easy to recruit given the fact that legitimate information technology jobs are not the best-paying positions. The process of embezzlement, fraud, and blackmail pays well for those who get away with it, and those...
|Ch. 1||Information Warfare: A New Framework for Analysis||1|
|Ch. 2||Measuring the Economic Impact of Information Warfare||41|
|Ch. 3||The Electronic Doomsday Scenario: How Ten People Could Cause $1 Trillion in Economic Disruption||65|
|Ch. 4||Preparing to Fight Against Major Threats||97|
|Ch. 5||Information Warfare Strategies and Tactics from a Military Perspective||123|
|Ch. 6||Information Warfare Strategies and Tactics from a Corporate Perspective||151|
|Ch. 7||Strategies and Tactics from a Terrorist and Criminal Perspective||173|
|Ch. 8||The Arms Dealers and Industrial Mobilization in Information Warfare||197|
|Ch. 9||Civilian Casualties in Information Warfare||229|
|Ch. 10||The New Terrorist Profile: The Curious Nerd Is Moving to the Dark Side||237|
|Ch. 11||Law Enforcement: Being Behind the Technology Curve and How to Change That||267|
|Ch. 12||Final Words for Policy Makers, Military Planners, and Corporate Executives||283|
I have gone beyond the traditional military view and presents a multidisciplinary analysis of information warfare that encompasses economics, politics, social behavior, and international relations and how these forces will influence the initiation and response to information warfare attacks. This book presents a new approach to analyzing information warfare strategies and provides an in-depth look at the potential impact of ten different types of information warfare.
This book also examines tactics that will be employed during information warfare attacks and how private companies and government agencies can prepare to respond to attacks. In addition, the emergence of the information warrior is examined and how these warriors may impact national security and international political relationships. Finally, this book presents an analysis of how governments can better prepare for the potential of information warfare and evaluates the skill sets and personalities that will be required to police cyberspace in the future.
Before the Internet, information warfare was a war that would be fought among giants. The widespread use of the Internet and readily available access to the global communications systems and an arsenal of software tools has brought information warfare down to levels that all types of warfare eventually fall back to-once again, almost anyone can launch an information warfare attack.
The warfare tactics are very similar across the ten information warfare strategies. What differentiates the strategies are the purpose of the fight and the philosophies and motivations of the fighters. In ruinous information warfare strategies, for example, a sophisticated military operation can be launched to totally destroy the information technology and communications infrastructure of a nation or a region. In sustained terrorist information warfare strategies, a well-funded but small group of terrorists can attack a country, a city, an industrial sector, or a company and halt its operations or severely stifle economic activity. In many ways, the Internet has made some information warfare strategies cheap and relatively easy to implement, thus making the strategies usable to almost anyone in the world.
In this analysis, information warfare is comprised of ten different deliberate strategies to totally destroy or partially disable the military war fighting capability, industrial and manufacturing information infrastructure, or information technology-based civilian and government economic activities of a target nation, region, or population. Military organizations, terrorist groups, or rogue criminals can use these strategies to attack military systems, government operations, industrial infrastructures and communications systems, as well as civilian economic services such as electronic commerce. The ten strategies are examined in Chapter 1.
The focus of military preparation has long been on devising plans to protect the national infrastructure from attacks from afar and take down the infrastructures of the enemy. This has certainly been a prudent and worthwhile pursuit. But what good would it do for one massive army of information warriors to attack one of their economic-interdependent allies? None! Especially when considering the dynamics of the global economy. Any nation that is capable of waging such an all-out information warfare attack is so tightly woven into the global economy that the attacker would suffer equal if not greater economic damage in the event of successful information warfare attacks on a super economic power.
Terrorists and rogue criminals, on the other hand, have less to protect and often little to hold onto and could perhaps even benefit from a successful attack. The military mind in the United States is still geared for big wars and is equipped to fight big armies. The focus of the military is on protecting the infrastructure while the budding digital economy is being built on ground outside the fort and is easy prey for attackers. Indeed, the infrastructure should be protected, but it is time to start thinking beyond the infrastructure protection strategy. An analysis of the economics of information warfare is included in Chapter 1 within the new framework for analysis, which offers a fresh look at the dynamics and nature of information warfare.
The terrorist, of course, loves headlines and drama, and strives to make people fearful while simultaneously embarrassing one or more governments in the process. The rogue loves money and would rather steal than fight. He is motivated by wealth, not fame, and certainly not by the religious salvation promised to so many terrorists who have died in the name of their country and their god. The terrorist and the rogue will cause tremendous damage to national economies while completely avoiding the military. They will strike at what is easy, and electronic commerce companies, banks, and stock brokerages remain very easy targets compared to the expansive military communications systems, and the relatively well-guarded electric utility grid and telecommunications infrastructure. The economic impact of information warfare is further explored in Chapter 2.
Chapter 3 presents a scenario outlined for massive attacks, not by the military, but by would-be terrorists, that illustrates how ten people could cause severe economic damage. The scenario is called PH2, for Pearl Harbor Two. It is good drama that could readily happen-in fact, almost all of the tricks, hacks, and bugs that the PH2 team use in their attack are already proven tactics and techniques. It is just a matter of how they are put together in combination, sequence, and frequency that makes the difference between mischief and war.
An overview of defensive strategies for private companies that may well become the direct target of information warfare is provided in Chapter 6 through an examination of information warfare strategies and tactics from a corporate perspective. The emergence of the computerliterate terrorist and criminal is examined in Chapter 7, and the reasons why terrorists and rogues have an advantage in information warfare are analyzed. The importance and process of industrial mobilization in information warfare is covered in Chapter 8 as the mobilization requirements for technology companies in information warfare are analyzed.
In most wars, there are civilian casualties, and information warfare attacks will leave many civilians economically wounded and perhaps even destroyed. Chapter 9 examines the impact that information warfare can have on the innocent-and maybe the not-so-innocentbystanders on the information superhighway. It is important that cybercitizens understand what can happen to them. Perhaps even more important is that military planners come to grips with the fact that the next war could have economic consequences for everyone, especially those who have assets that are computer-based or accounted for in an information system somewhere in the vast caverns of data maintained by the financial complex of the western world.
Posted July 2, 2001
This book is great. It digs into all sides of information warfare and tackles the potential economic impact of cyber wars. It also shows the vulnerability of the dotcoms in the new age of cyber attacks.Was this review helpful? Yes NoThank you for your feedback. Report this reviewThank you, this review has been flagged.