In today's electronic age, the threat of cyber attacks is great. For any organization with information-based assets, the deadliest weapons can come in the form of a keyboard, mouse, or personal computer. With hacking attacks and computer-based crimes increasing both in frequency and degree of seriousness, it's clear that information warfare is real and companies must protect themselves in order to survive. But how do you avoid getting caught in the crossfire of these attacks and how do you prepare when the electronic future is uncertain? The answers can be found inside Information Warfare, from recognized security expert and information technology consultant Michael Erbschloe.
This revealing book explores the impact of information warfare and the disruption and damage it can cause to governments, corporations, and commercial Web sites. Is it possible for a small number of people to cause millions of dollars worth of economic destruction from a computer? Through the use of scenarios and profiles of the cyber-terrorist subculture, you'll learn practical defense strategies for protecting your company or eCommerce site from cyber attacks.
The book also examines the steps that governments around the world need to take in order to combat the advanced skill levels of some of the most dangerous cyber-criminals today. Whether you're responsible for making technology decisions that affect your company's future, or interested in computer security in general, you won't find a more accurate and up-to-date book covering the emerging field of information warfare.
About the Author
Erbschloe has taught and developed curriculum at several universities. He is currently the vice president of research for Computer Economics in Carlsbad, Calif. He is also on the advisory board of the COMDEX conference and Global Information Infrastructure awards program. He has authored more than 2,500 articles and dozens of reports that have guided technology decisions in the largest organizations in the world.
Read an Excerpt
Information Warfare: A New Framework for AnalysisInformation warfare strategies and tactics have been of utmost concern to defense planners in industrialized nations since the middle of the 1980s. The growth in popularity of the Internet and the widespread use of the World Wide Web and related technologies have dramatically increased this concern. The U.S. Department of Defense and its counterparts in NATO and other military alliances have been training both offensive and defensive information technology warriors since the late 1980s. This concern and the training that has evolved have been primarily focused on the protection or the destruction of the strategic information infrastructure and military technologies. There is no doubt that the protection of these technology assets should be of concern, as should the ability of the military to attack and disable or destroy the information infrastructure of enemy states as an offensive strategy or counteroffensive measure. This perspective, although sound within itself, is far too narrow for planning defensive or offensive information warfare in the age of electronic commerce. Considerable effort has gone into protecting the infrastructure and securing military capabilities, but the commercial information and electronic commerce technologies on which so many corporations have become dependent remains highly vulnerable.
A simple and straightforward analogy is the vulnerability of civil aviation and how the need for airport and in-flight security has evolved over the last 40 years. Military airbases have always been under fairly tight security because of the need to protect national defense assets and personnel. As civil air transportation became the target of hijackings and bombings in the 1960s and 1970s, it became apparent that there was a need for security at public airports. As a result, the use of metal detectors, security forces, explosive-sniffing dogs, and x-ray equipment for baggage contents has become almost universal. In addition, there are the key questions by airline staff at check-in regarding the control of passenger baggage and the chance that a stranger has asked an innocent passenger to transport a package for him or her. Although not 100 percent foolproof, these simple security precautions make it more difficult for terrorists to abscond with a civilian aircraft or to smuggle weapons or explosives. Other examples of shifts in security attitudes are apparent at courthouses, public schools, and other civilian facilities. The Internet, however, has no such protections. The open access of the Internet is what makes Internet-connected organizations more vulnerable to terrorist attacks and economic espionage.
To begin to address the vulnerabilities that are inherent in the age of the Internet and electronic commerce, a new framework of analysis of information warfare, electronic terrorism, and economic espionage is absolutely necessary. The old school of information warfare that focuses on the protection or the destruction of military and industrial infrastructure is no longer adequate as a basis for planning national defense strategies against cyber attacks. This chapter presents elements of the framework that are necessary to include the protectionor for that matter, the destruction-of civilian activities in cyberspace, as information warfare strategies and tactics evolve.
To help establish a good understanding of the principles, dynamics, and economics of information warfare, this chapter examines, updates, and expands on several aspects of information warfare, including:
- The ten categories of information warfare strategies and activities
- The probability of various information warfare strategies being implemented
- The establishment of a national information warfare defense structure
- The military side of information warfare
- The origin and mentality of technology terrorists
- How private companies will need to defend themselves during an information warfare attack
- The dynamics and viability of international treaties
Types of Information Warfare Strategies and ActivitiesTo prepare for information warfare, it is necessary to define what information warfare is and-as with any type of warfare-identify and classify what types of information warfare can be practiced. Information warfare strategies, like physical warfare strategies, are designed to hinder or disable military forces, disable industrial infrastructures and manufacturing capabilities, or disrupt civilian and government economic activities in order to put an aggressor or a target country at a disadvantage. The purposes of establishing an advantage can run along a continuum from improving the negotiating position of the aggressor to the absolute destruction of a nation. Information warfare activities fall into ten major categories:
- Offensive ruinous information warfare An organized deliberate military effort to totally destroy the military information capabilities, industrial and manufacturing information infrastructure, and information technology-based civilian and government economic activities of a target nation, region, or population.
Offensive containment information warfare An organized deliberate military effort to cripple or disable military information capabilities, halt industrial and manufacturing information activities, and disrupt information technology-based civilian and government economic activity to leverage a strong negotiating posture for an aggressor over a target nation, region, or population.
Sustained terrorist information warfare The ongoing deliberate efforts of an organized political group against the military, industrial, and civilian and government economic information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.
Random terrorist information warfare The sporadic efforts of an organized political group or individuals against the military, industrial, and civilian and government information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.
Defensive preventive information warfare An organized deliberate military protective effort to prevent an aggressor from destroying military information technology capabilities, industrial and manufacturing information technology infrastructure, and civilian and government information technology-based economic activities of a nation, region, or population.
Defensive ruinous information warfare An organized deliberate military effort to totally destroy the military information technology capabilities, industrial and manufacturing information infrastructure, and information technology-based civilian and government economic activities of an aggressor nation, region, population, or military/terrorist force.
Defensive responsive containment information warfare An organized deliberate military effort to cripple or disable military information technology capabilities, halt industrial and manufacturing information technology activities, and disrupt information technology-based civilian and government economic activity to leverage a strong negotiating posture over an aggressor nation, region, population, or military/terrorist force.
Sustained rogue information warfare The ongoing deliberate efforts of an organized nonpolitical, criminal, or mercenary group against the military, industrial, civilian, and government economic information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.
Random rogue information warfare The sporadic efforts of an organized nonpolitical, criminal, or mercenary group or individuals against the military, industrial, civilian, and government information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.
Amateur rogue information warfare The sporadic efforts of untrained and nonaligned individuals or small groups against the military, industrial, civilian, and government information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.
The Probability of Various Information Warfare The Cold War and the existence of nuclear weapons is proof that a strat- egy or a weapons system can exist and not be used by the nations or groups that have the ability to use it. Of course, this does mean we are operating under an assumption that a nuclear weapon was not used in an act of aggression since the end of World War II. Letting the assump- tion stand, we can conclude that the wide range of information warfare strategies in this analysis can exist and that nations can be prepared to implement such strategies during political conflicts, but the strategies never need to be used. We can also assume that even though it is not likely that an extreme information warfare strategy will be used, it is still prudent to be capable of defending against a wide variety of strategies. As in any warfare, a key element in predicting what kind of informa- tion warfare to be prepared to defend against is to analyze what resources are required to implement an information warfare strategy.Each of the ten categories of information warfare has a price tag, a required organizational structure, and a timeline for preparation and implementation.
Strategies Being Implemented
- Offensive ruinous information warfare requires a well-trained military force that is capable of attacking and destroying an infor- mation infrastructure from both afar and on location. The strat- egy requires a wide range of mental and physical skill sets and an in-depth understanding of information architectures, program- ming, telecommunications, hardware, software, security, and encryption. It also requires access to a wide variety of telecom- munications systems and many types of computers. It may also require a physically capable and equipped task force to physically penetrate a computer or communications facility, retrieve or modify information, and possibly even destroy the equipment. This information warfare strategy is extremely expensive and could only be implemented by a nation that is willing to spend billions of dollars to develop specific methods and train the hundreds, if not thousands, of people necessary to implement the strategy. Very few nations can afford to implement offensive ruinous information warfare strategies.
Offensive containment information warfare strategies are similar to offensive ruinous information warfare in resource requirements. It is not likely that real containment could be achieved without a highly skilled force. It is possible to achieve a harassing effect and be menacing using terrorist tactics-which could be also referred to as guerrilla or resistance tactics-and cause disruption. Depending on the circumstances, containment of an isolated region could be possible-even the least-equipped warriors of the past knew to cut the telegraph lines so the cavalry could not be wired to send help. Sophisticated offensive containment information warfare strategies, however, still require substantial investment and years of development and training of forces. As with offensive ruinous information warfare strategies, very few nations can afford to implement offensive containment information warfare strategies.
Sustained terrorist information warfare is not an expensive process and can be implemented and maintained over long periods of time with an investment of a few million dollars. Certainly good skill sets are needed, but the process of terrorism is far more focused on disruption and harassment than complete destruction or containment. In a complete destruction or containment scenario, it is necessary not to do things to information architectures that will impede or injure one's allies. Since terrorists usually have few allies and generally have the worst of manners in the first place, they can use sloppy techniques that can disrupt and to some extent probably destroy some aspects of information technology-based economies. There are, or at least have been, several terrorist groups that can afford to carry out this type of information warfare strategy.
Random terrorist information warfare is even less expensive than sustained terrorist information warfare. Sporadic terrorism does not require the ongoing recruitment, maintenance, and training of information warriors and thus can be implemented on a really slim budget. In general, random terrorist acts have little lasting impact except on those people who are immediately injured or killed. These random terrorist acts can have great public relations value for political causes, and if such acts are directed toward information technology, the press coverage will be widespread and dramatic. Again, there are, or at least have been, several terrorist groups that can afford to carry out this type of information warfare strategy.
Defensive preventive information warfare has the same basic set of requirements that offensive ruinous information warfare has in terms of personnel, organization structure, and costs. Defensive preventive information warfare is necessary to defend against virtually all forms of offensive information warfare strategies. All information technology-dependent countries must develop defensive strategies, either independently or in a coalition. These strategies take years to develop and cost billions of dollars to implement and sustain.
Defensive ruinous information warfare is a counteroffensive strategy that requires the full set of skills, organization structure, and cost structure associated with offensive ruinous information warfare and offensive containment information warfare strategies. It costs billions of dollars to implement and probably requires a coalition to implement and maintain.
Defensive responsive containment information warfare and offensive containment information warfare strategies are similar except in the circumstances in which they are deployed. The cost is high, and it takes considerable time to develop strategies and tactics and train forces. There are few countries that can independently implement this strategy.
Sustained rogue information warfare has a similar overhead requirement to that of sustained terrorist information warfare. It is not an expensive process and can be carried out over long periods of time with an investment of a few million dollars. Good skill sets are required, but staff may be relatively easy to recruit given the fact that legitimate information technology jobs are not the best-paying positions. The process of embezzlement, fraud, and blackmail pays well for those who get away with it, and those...
Table of Contents
|Chapter 1||Information Warfare: A New Framework for Analysis||1|
|Types of Information Warfare Strategies and Activities||3|
|The Probability of Various Information Warfare Strategies Being Implemented||5|
|The Anatomy of a National Information Warfare Defense Structure||9|
|Putting International Treaties into Perspective||17|
|The Military Side of Information Warfare||20|
|Civilian Law Enforcement and Information Warfare||27|
|The Impact of Information Warfare on Private Companies||29|
|Information Warfare Will Result in Civilian Casualties||32|
|Conclusions and an Agenda for Action||35|
|Chapter 2||Measuring the Economic Impact of Information Warfare||41|
|The Nature of the Economic Impact of Information Warfare Attacks||43|
|The Immediate Economic Impact of Information Warfare Attacks||46|
|The Short-Term Economic Impact of Information Warfare Attacks||51|
|The Long-Term Economic Impact of Disruption||57|
|There Is No Day After in Cyberwar||61|
|Conclusions and an Agenda for Action||62|
|Chapter 3||The Electronic Doomsday Scenario: How Ten People Could Cause $1 Trillion in Economic Disruption||65|
|The PH2 Team||66|
|The Conception of PH2||68|
|Day 1||The Launch of PH2||69|
|Day 2||The Big Bug Bite||70|
|Day 3||Is It War Yet?||71|
|Day 4||A Russian Connection?||72|
|Day 5||Chaos Realized||72|
|Day 6||It Isn't Over Yet||72|
|Day 7||Attacks in Germany and Japan||73|
|Day 8||A German Bank Goes Down||75|
|Day 9||Wall Street Denial-of-Service Attack||75|
|Day 10||Middle East Conflict Brews, Wrong Number in Australia||76|
|Day 11||The Tiger Prowls||79|
|Day 12||Our Asian Daughters||80|
|Day 13||Tonya Strikes||82|
|Day 14||The Shambles of Electronic Commerce||83|
|Day 15||Busy Signal in London||84|
|Day 16||Target NASDAQ||86|
|Day 17||PH2 Realized||87|
|Day 18||Stock Brokerage Take-Down||88|
|Day 19||NASDAQ Foiled, Microsoft Hit||90|
|Day 20||Information Warfare, Guns, and Bombs||92|
|Day 21||Vulnerability and Exposure||93|
|Day 22||Santa Claus Hits||94|
|Day 23||Merry Christmas||94|
|The Aftermath of Information Warfare Attacks||95|
|Chapter 4||Preparing to Fight Against Major Threats||97|
|Assessing the Preparedness for Information Warfare in the United States||99|
|Assessing the Preparedness for Information Warfare of Other Governments||105|
|Assessing the Preparedness for Information Warfare of Terrorists and Criminals||107|
|Assessing the Preparedness for Information Warfare of Industry Groups||108|
|Traditional Diplomacy and Information Warfare||110|
|The Role of International Organizations||112|
|The Role of the Global Military Alliances||113|
|Martial Law and Cyberspace||115|
|The Super Cyber Protection Agency||117|
|Preparation from a Global Viewpoint||118|
|Conclusions and an Agenda for Action||119|
|Chapter 5||Information Warfare Strategies and Tactics from a Military Perspective||123|
|The Context of Military Tactics||124|
|Offensive and Defensive Ruinous Information Warfare Strategies and Tactics||125|
|Offensive and Responsive Containment Information Warfare Strategies and Tactics||130|
|Defensive Preventive Information Warfare Strategies and Tactics||135|
|Random and Sustained Terrorist Information Warfare Strategies and Tactics||139|
|Sustained and Random Rogue Information Warfare Strategies and Tactics||143|
|Amateur Rogue Information Warfare Strategies and Tactics||146|
|Conclusions and an Agenda for Action||147|
|Chapter 6||Information Warfare Strategies and Tactics from a Corporate Perspective||151|
|Overview of Defensive Strategies for Private Companies||152|
|Participating in Defensive Preventive Information Warfare Planning||154|
|Surviving Offensive Ruinous and Containment Information Warfare Attacks||158|
|Surviving Terrorist Information Warfare Attacks||162|
|Countering Rogue Information Warfare Attacks||165|
|Dealing with Amateur Rogue Information Warfare Attacks||168|
|Conclusions and an Agenda for Action||171|
|Chapter 7||Strategies and Tactics from a Terrorist and Criminal Perspective||173|
|Why Terrorists and Rogues Have an Advantage in Information Warfare||174|
|The Future Computer-Literate Terrorist and Criminal||176|
|Selecting Information Warfare Targets||177|
|Targets that Appeal to Both Terrorists and Rogue Criminals||185|
|Targets that Appeal to Terrorists, but Not Rogue Criminals||186|
|Targets that Appeal to Rogue Criminals, but Not Terrorists||189|
|Working from the Inside of Information Warfare Targets||190|
|Avoiding Pursuit and Capture||192|
|Fund Raising for Terrorist and Rogue Criminal Information Warriors||193|
|Conclusions and an Agenda for Action||194|
|Chapter 8||The Arms Dealers and Industrial Mobilization in Information Warfare||197|
|Mobilization Requirements for Technology Companies in Information Warfare||198|
|The Top Technology Companies that Can Provide Information Warfare Expertise||200|
|Aerospace and Defense Companies that Can Provide Information Warfare Expertise||202|
|Computer System Manufacturers that Can Provide Information Warfare Expertise||205|
|ZiLOGComputer Networking Product Companies that Can Provide Information Warfare Expertise||208|
|Telecommunications Systems Companies that Can Provide Information Warfare Expertise||209|
|Telecommunications Service Providers that Can Provide Information Warfare Support||212|
|Software Producers that Can Provide Information Warfare Expertise||217|
|Computer Services and Consulting Firms that Can Provide Information Warfare Expertise||222|
|Internet Service Providers that Can Provide Support to Information Warriors||224|
|Cooperation Between Governments and Technology Companies in Information Warfare||225|
|Conclusions and an Agenda for Action||226|
|Chapter 9||Civilian Casualties in Information Warfare||229|
|Why the Cyber Masses Are at Risk||231|
|Circumstances with the Highest Potential Impact for Individual Citizens||232|
|Conclusions and an Agenda for Action||234|
|Chapter 10||The New Terrorist Profile: The Curious Nerd Is Moving to the Dark Side||237|
|The New Techno-Terrorists and Criminals||238|
|Computer Crimes and Terrorist Attacks||242|
|Where Information Warriors Will Come From||249|
|Understanding Why People Become Cyberwarriors||252|
|Motivations for Warriors in the New Frontier||254|
|The Alienation of Computer Geeks||255|
|Affinity Within the Pocket Protector Sect||256|
|Why Cybercrime and Terrorism Can Be Fun and Profitable||257|
|Will Americans Make Good Terrorists and Cyber Soldiers of Fortune?||261|
|Gender, Race, and Nationality in Information Warfare Careers||262|
|Conclusions and an Agenda for Action||264|
|Chapter 11||Law Enforcement: Being Behind the Technology Curve and How to Change That||267|
|The Good Guys: Poorly Paid and Under-Trained||269|
|Computers and Beyond: New Requirements for Cops and Special Agents||271|
|The Challenge of Developing Cyber Cops||276|
|Working for Big Brother: The New Information Highway Patrol||278|
|Terrorist and Criminal Profiling in Cyberspace||280|
|Conclusions and Agenda for Action||280|
|Chapter 12||Final Words for Policy Makers, Military Planners, and Corporate Executives||283|
|Cutting Through the Rhetoric||284|
|Funding National Defense||285|
|Risk Management in the Corporate Environment||286|
|Ecommerce and Information Warfare||286|
IntroductionThis book presents a new and independent viewpoint on information warfare. One of the many things that are different about this analysis, compared to other perspectives of information warfare, is that this analysis is not military-centric. There are many reasons for the departure from the traditional military perspectives. The Internet has helped change the world of communications and commerce a great deal since information warfare strategies were first developed by the military. A global communications infrastructure has now made it possible for a wider assortment of groups towage information warfare. This makes the threat of information warfare far greater than it was in 1990 and has produced a wider variety of targets to be attacked.
Putting Information Warfare into ContextInformation warfare must be considered within the context of war in general. Traditionally, many types of groups have been able to wage a variety of types of wars. Huge groups of military forces have used sophisticated tactics and weapons, as was done in the Gulf War. In Vietnam, a dedicated but fairly scraggly horde of soldiers took on a wellequipped, centrally controlled military organization. In Mexico, small bands of freedom fighters have been willing to fight the entire national army and police force. In Afghanistan, indigenous forces defeated the might of the Soviet-military machine that had previously invoked fear on the part of many more sophisticated armies. In other words, war comes in all shapes and sizes.
Before the Internet, information warfare was a war that would be fought among giants. The widespread use of the Internet and readily available access to the global communications systems and an arsenal of software tools has brought information warfare down to levels that all types of warfare eventually fall back to-once again, almost anyone can launch an information warfare attack.
The warfare tactics are very similar across the ten information warfare strategies. What differentiates the strategies are the purpose of the fight and the philosophies and motivations of the fighters. In ruinous information warfare strategies, for example, a sophisticated military operation can be launched to totally destroy the information technology and communications infrastructure of a nation or a region. In sustained terrorist information warfare strategies, a well-funded but small group of terrorists can attack a country, a city, an industrial sector, or a company and halt its operations or severely stifle economic activity. In many ways, the Internet has made some information warfare strategies cheap and relatively easy to implement, thus making the strategies usable to almost anyone in the world.
In this analysis, information warfare is comprised of ten different deliberate strategies to totally destroy or partially disable the military war fighting capability, industrial and manufacturing information infrastructure, or information technology-based civilian and government economic activities of a target nation, region, or population. Military organizations, terrorist groups, or rogue criminals can use these strategies to attack military systems, government operations, industrial infrastructures and communications systems, as well as civilian economic services such as electronic commerce. The ten strategies are examined in Chapter 1.
Is It a Question of If or When?At the end of World War II, the threat of nuclear war loomed high in everyday life. Perhaps nuclear war is still possible, but it does not loom quite as high in the minds of citizens. The nuclear holocaust did not happen, but it could have, and the mighty nations of the world were prepared for mass destruction of the planet. We have now entered the information age and face the possibility of virtual destruction instead of physical destruction. Will it happen? When will it happen? Who will do it? These are questions that twenty-first century information warfare planners and strategists are grappling with as they prepare for the next war of wars.
The focus of military preparation has long been on devising plans to protect the national infrastructure from attacks from afar and take down the infrastructures of the enemy. This has certainly been a prudent and worthwhile pursuit. But what good would it do for one massive army of information warriors to attack one of their economic-interdependent allies? None! Especially when considering the dynamics of the global economy. Any nation that is capable of waging such an all-out information warfare attack is so tightly woven into the global economy that the attacker would suffer equal if not greater economic damage in the event of successful information warfare attacks on a super economic power.
Terrorists and rogue criminals, on the other hand, have less to protect and often little to hold onto and could perhaps even benefit from a successful attack. The military mind in the United States is still geared for big wars and is equipped to fight big armies. The focus of the military is on protecting the infrastructure while the budding digital economy is being built on ground outside the fort and is easy prey for attackers. Indeed, the infrastructure should be protected, but it is time to start thinking beyond the infrastructure protection strategy. An analysis of the economics of information warfare is included in Chapter 1 within the new framework for analysis, which offers a fresh look at the dynamics and nature of information warfare.
New Targets for Information WarriorsTerrorists strike at weak points, and rogue criminals steal what is the most valuable and the least protected. Both groups have their own cost! benefit equations. Terrorists and rogue criminals are the information warfare threat of the future. They will not attack the infrastructure, partially because it is so well guarded, but also because there is less chance of achieving drama for the terrorist and riches for the rogue. The terrorist and the rogue would rather not fight the military.
The terrorist, of course, loves headlines and drama, and strives to make people fearful while simultaneously embarrassing one or more governments in the process. The rogue loves money and would rather steal than fight. He is motivated by wealth, not fame, and certainly not by the religious salvation promised to so many terrorists who have died in the name of their country and their god. The terrorist and the rogue will cause tremendous damage to national economies while completely avoiding the military. They will strike at what is easy, and electronic commerce companies, banks, and stock brokerages remain very easy targets compared to the expansive military communications systems, and the relatively well-guarded electric utility grid and telecommunications infrastructure. The economic impact of information warfare is further explored in Chapter 2.
Chapter 3 presents a scenario outlined for massive attacks, not by the military, but by would-be terrorists, that illustrates how ten people could cause severe economic damage. The scenario is called PH2, for Pearl Harbor Two. It is good drama that could readily happen-in fact, almost all of the tricks, hacks, and bugs that the PH2 team use in their attack are already proven tactics and techniques. It is just a matter of how they are put together in combination, sequence, and frequency that makes the difference between mischief and war.
New Weapons and Defense StrategiesHow information warfare will be waged will be dependent on the resources of the attackers at the time they attack. New technologies are constantly emerging to help the defender ward off attackers, as are many new weapons for the attacker to use to foil the defenses established by the guardians. Chapter 4 establishes a process to assess defensive and offensive information warfare capabilities. Information warfare strategies and tactics are examined from a military perspective in Chapter 5.
An overview of defensive strategies for private companies that may well become the direct target of information warfare is provided in Chapter 6 through an examination of information warfare strategies and tactics from a corporate perspective. The emergence of the computerliterate terrorist and criminal is examined in Chapter 7, and the reasons why terrorists and rogues have an advantage in information warfare are analyzed. The importance and process of industrial mobilization in information warfare is covered in Chapter 8 as the mobilization requirements for technology companies in information warfare are analyzed.
In most wars, there are civilian casualties, and information warfare attacks will leave many civilians economically wounded and perhaps even destroyed. Chapter 9 examines the impact that information warfare can have on the innocent-and maybe the not-so-innocentbystanders on the information superhighway. It is important that cybercitizens understand what can happen to them. Perhaps even more important is that military planners come to grips with the fact that the next war could have economic consequences for everyone, especially those who have assets that are computer-based or accounted for in an information system somewhere in the vast caverns of data maintained by the financial complex of the western world.
The New Information WarriorsNot all of the new information warriors are good guys. In fact, on some days the bad guys could easily outnumber the good guys. Chapter 10 examines the emergence of the new terrorists and rogue criminals that are wandering cyberspace. It is important to get to know these people because they are the ones who will be the mostly likely information war aggressors. This analysis delves into the minds and motivations of the new techno terrorists and criminals by reviewing the crimes of the past and speculating on the crimes of the future. Chapter 10 also examines the motivations of information warriors, both those who fight for good and those who serve evil. It explores many reasons why a talented computer professional may find the dark side of the information warrior elite more attractive than the humdrum everyday life of a programmer working in a bank somewhere in New Jersey.
Cyber Law Enforcement ChallengesThe defenders on the information warfare front have already found that is tough to find a few good warriors. Recruitment and training of information warriors is critical if the good guys are going to have enough troops. The process and challenges are examined in Chapter 11. The mentalities and motivations of the good guys are also examined along with their training requirements, pay scales, and some of the temptations the guardians may face. The needs of law enforcement agencies are examined, as is the need to develop an information highway patrol and profiling methodology for cyber-terrorists and rogue criminals.
Things to Remember When Reading this BookThe author has interviewed hundreds of people over the last five years who were involved in computer security, information warfare planning, intelligence gathering, and law enforcement. These interviews were conducted for a variety of projects, including market analysis, product evaluations, and articles for journals and magazines. It is important to note that during all of these projects the people who were interviewed did not compromise any sensitive material. Although their input helped the author forage out the perspectives that are the foundation of this analysis, the work in this book is an independent perspective and is by no means to be considered an expose of insider or confidential information regarding military or law enforcement operations.