Information Warfare: How to Survive Cyber Attacks

Information Warfare: How to Survive Cyber Attacks

Paperback

$25.35 $29.99 Save 15% Current price is $25.35, Original price is $29.99. You Save 15%.

Temporarily Out of Stock Online

Eligible for FREE SHIPPING

Overview

Information Warfare: How to Survive Cyber Attacks by Michael Erbschloe

In today's electronic age, the threat of cyber attacks is great. For any organization with information-based assets, the deadliest weapons can come in the form of a keyboard, mouse, or personal computer. With hacking attacks and computer-based crimes increasing both in frequency and degree of seriousness, it's clear that information warfare is real and companies must protect themselves in order to survive. But how do you avoid getting caught in the crossfire of these attacks and how do you prepare when the electronic future is uncertain? The answers can be found inside Information Warfare, from recognized security expert and information technology consultant Michael Erbschloe.

This revealing book explores the impact of information warfare and the disruption and damage it can cause to governments, corporations, and commercial Web sites. Is it possible for a small number of people to cause millions of dollars worth of economic destruction from a computer? Through the use of scenarios and profiles of the cyber-terrorist subculture, you'll learn practical defense strategies for protecting your company or eCommerce site from cyber attacks.

The book also examines the steps that governments around the world need to take in order to combat the advanced skill levels of some of the most dangerous cyber-criminals today. Whether you're responsible for making technology decisions that affect your company's future, or interested in computer security in general, you won't find a more accurate and up-to-date book covering the emerging field of information warfare.

Product Details

ISBN-13: 9780072132601
Publisher: McGraw-Hill Professional
Publication date: 06/01/2001
Series: McGraw-Hill Computer Security Series
Pages: 315
Product dimensions: 6.32(w) x 9.26(h) x 1.09(d)

About the Author

Michael Erbschloe has more than 30 years of experience in business and IT management and consults with global companies on strategic technology and business issues. He consults with organizations on the economic impact of information systems attacks, and speaks on these topics at numerous conferences, including COMDEX, COBOL World, TECHXNY, and ISECURITY 2001. He has provided consulting services to the U.S. Department of Defense, General Dynamics, IBM, MCI, Wells Fargo, and Bank of America, to name a few. He has also served as an expert witness in lawsuits on technology value and software copyrights.

Erbschloe has taught and developed curriculum at several universities. He is currently the vice president of research for Computer Economics in Carlsbad, Calif. He is also on the advisory board of the COMDEX conference and Global Information Infrastructure awards program. He has authored more than 2,500 articles and dozens of reports that have guided technology decisions in the largest organizations in the world.

Read an Excerpt

Chapter 1

Information Warfare: A New Framework for Analysis

Information warfare strategies and tactics have been of utmost concern to defense planners in industrialized nations since the middle of the 1980s. The growth in popularity of the Internet and the widespread use of the World Wide Web and related technologies have dramatically increased this concern. The U.S. Department of Defense and its counterparts in NATO and other military alliances have been training both offensive and defensive information technology warriors since the late 1980s. This concern and the training that has evolved have been primarily focused on the protection or the destruction of the strategic information infrastructure and military technologies. There is no doubt that the protection of these technology assets should be of concern, as should the ability of the military to attack and disable or destroy the information infrastructure of enemy states as an offensive strategy or counteroffensive measure. This perspective, although sound within itself, is far too narrow for planning defensive or offensive information warfare in the age of electronic commerce. Considerable effort has gone into protecting the infrastructure and securing military capabilities, but the commercial information and electronic commerce technologies on which so many corporations have become dependent remains highly vulnerable.

A simple and straightforward analogy is the vulnerability of civil aviation and how the need for airport and in-flight security has evolved over the last 40 years. Military airbases have always been under fairly tight security because of the need to protect national defense assets and personnel. As civil air transportation became the target of hijackings and bombings in the 1960s and 1970s, it became apparent that there was a need for security at public airports. As a result, the use of metal detectors, security forces, explosive-sniffing dogs, and x-ray equipment for baggage contents has become almost universal. In addition, there are the key questions by airline staff at check-in regarding the control of passenger baggage and the chance that a stranger has asked an innocent passenger to transport a package for him or her. Although not 100 percent foolproof, these simple security precautions make it more difficult for terrorists to abscond with a civilian aircraft or to smuggle weapons or explosives. Other examples of shifts in security attitudes are apparent at courthouses, public schools, and other civilian facilities. The Internet, however, has no such protections. The open access of the Internet is what makes Internet-connected organizations more vulnerable to terrorist attacks and economic espionage.

To begin to address the vulnerabilities that are inherent in the age of the Internet and electronic commerce, a new framework of analysis of information warfare, electronic terrorism, and economic espionage is absolutely necessary. The old school of information warfare that focuses on the protection or the destruction of military and industrial infrastructure is no longer adequate as a basis for planning national defense strategies against cyber attacks. This chapter presents elements of the framework that are necessary to include the protectionor for that matter, the destruction-of civilian activities in cyberspace, as information warfare strategies and tactics evolve.

To help establish a good understanding of the principles, dynamics, and economics of information warfare, this chapter examines, updates, and expands on several aspects of information warfare, including:

  • The ten categories of information warfare strategies and activities
  • The probability of various information warfare strategies being implemented
  • The establishment of a national information warfare defense structure
  • The military side of information warfare
  • The origin and mentality of technology terrorists
  • How private companies will need to defend themselves during an information warfare attack
  • The dynamics and viability of international treaties

Types of Information Warfare Strategies and Activities

To prepare for information warfare, it is necessary to define what information warfare is and-as with any type of warfare-identify and classify what types of information warfare can be practiced. Information warfare strategies, like physical warfare strategies, are designed to hinder or disable military forces, disable industrial infrastructures and manufacturing capabilities, or disrupt civilian and government economic activities in order to put an aggressor or a target country at a disadvantage. The purposes of establishing an advantage can run along a continuum from improving the negotiating position of the aggressor to the absolute destruction of a nation. Information warfare activities fall into ten major categories:
    Offensive ruinous information warfare An organized deliberate military effort to totally destroy the military information capabilities, industrial and manufacturing information infrastructure, and information technology-based civilian and government economic activities of a target nation, region, or population.

    Offensive containment information warfare An organized deliberate military effort to cripple or disable military information capabilities, halt industrial and manufacturing information activities, and disrupt information technology-based civilian and government economic activity to leverage a strong negotiating posture for an aggressor over a target nation, region, or population.

    Sustained terrorist information warfare The ongoing deliberate efforts of an organized political group against the military, industrial, and civilian and government economic information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.

    Random terrorist information warfare The sporadic efforts of an organized political group or individuals against the military, industrial, and civilian and government information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.

    Defensive preventive information warfare An organized deliberate military protective effort to prevent an aggressor from destroying military information technology capabilities, industrial and manufacturing information technology infrastructure, and civilian and government information technology-based economic activities of a nation, region, or population.

    Defensive ruinous information warfare An organized deliberate military effort to totally destroy the military information technology capabilities, industrial and manufacturing information infrastructure, and information technology-based civilian and government economic activities of an aggressor nation, region, population, or military/terrorist force.

    Defensive responsive containment information warfare An organized deliberate military effort to cripple or disable military information technology capabilities, halt industrial and manufacturing information technology activities, and disrupt information technology-based civilian and government economic activity to leverage a strong negotiating posture over an aggressor nation, region, population, or military/terrorist force.

    Sustained rogue information warfare The ongoing deliberate efforts of an organized nonpolitical, criminal, or mercenary group against the military, industrial, civilian, and government economic information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.

    Random rogue information warfare The sporadic efforts of an organized nonpolitical, criminal, or mercenary group or individuals against the military, industrial, civilian, and government information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.

    Amateur rogue information warfare The sporadic efforts of untrained and nonaligned individuals or small groups against the military, industrial, civilian, and government information infrastructures or activities of a nation, region, organization of states, population, or corporate entity.

The Probability of Various Information Warfare
Strategies Being Implemented

The Cold War and the existence of nuclear weapons is proof that a strat- egy or a weapons system can exist and not be used by the nations or groups that have the ability to use it. Of course, this does mean we are operating under an assumption that a nuclear weapon was not used in an act of aggression since the end of World War II. Letting the assump- tion stand, we can conclude that the wide range of information warfare strategies in this analysis can exist and that nations can be prepared to implement such strategies during political conflicts, but the strategies never need to be used. We can also assume that even though it is not likely that an extreme information warfare strategy will be used, it is still prudent to be capable of defending against a wide variety of strategies. As in any warfare, a key element in predicting what kind of informa- tion warfare to be prepared to defend against is to analyze what resources are required to implement an information warfare strategy.Each of the ten categories of information warfare has a price tag, a required organizational structure, and a timeline for preparation and implementation.

    Offensive ruinous information warfare requires a well-trained military force that is capable of attacking and destroying an infor- mation infrastructure from both afar and on location. The strat- egy requires a wide range of mental and physical skill sets and an in-depth understanding of information architectures, program- ming, telecommunications, hardware, software, security, and encryption. It also requires access to a wide variety of telecom- munications systems and many types of computers. It may also require a physically capable and equipped task force to physically penetrate a computer or communications facility, retrieve or modify information, and possibly even destroy the equipment. This information warfare strategy is extremely expensive and could only be implemented by a nation that is willing to spend billions of dollars to develop specific methods and train the hundreds, if not thousands, of people necessary to implement the strategy. Very few nations can afford to implement offensive ruinous information warfare strategies.

    Offensive containment information warfare strategies are similar to offensive ruinous information warfare in resource requirements. It is not likely that real containment could be achieved without a highly skilled force. It is possible to achieve a harassing effect and be menacing using terrorist tactics-which could be also referred to as guerrilla or resistance tactics-and cause disruption. Depending on the circumstances, containment of an isolated region could be possible-even the least-equipped warriors of the past knew to cut the telegraph lines so the cavalry could not be wired to send help. Sophisticated offensive containment information warfare strategies, however, still require substantial investment and years of development and training of forces. As with offensive ruinous information warfare strategies, very few nations can afford to implement offensive containment information warfare strategies.

    Sustained terrorist information warfare is not an expensive process and can be implemented and maintained over long periods of time with an investment of a few million dollars. Certainly good skill sets are needed, but the process of terrorism is far more focused on disruption and harassment than complete destruction or containment. In a complete destruction or containment scenario, it is necessary not to do things to information architectures that will impede or injure one's allies. Since terrorists usually have few allies and generally have the worst of manners in the first place, they can use sloppy techniques that can disrupt and to some extent probably destroy some aspects of information technology-based economies. There are, or at least have been, several terrorist groups that can afford to carry out this type of information warfare strategy.

    Random terrorist information warfare is even less expensive than sustained terrorist information warfare. Sporadic terrorism does not require the ongoing recruitment, maintenance, and training of information warriors and thus can be implemented on a really slim budget. In general, random terrorist acts have little lasting impact except on those people who are immediately injured or killed. These random terrorist acts can have great public relations value for political causes, and if such acts are directed toward information technology, the press coverage will be widespread and dramatic. Again, there are, or at least have been, several terrorist groups that can afford to carry out this type of information warfare strategy.

    Defensive preventive information warfare has the same basic set of requirements that offensive ruinous information warfare has in terms of personnel, organization structure, and costs. Defensive preventive information warfare is necessary to defend against virtually all forms of offensive information warfare strategies. All information technology-dependent countries must develop defensive strategies, either independently or in a coalition. These strategies take years to develop and cost billions of dollars to implement and sustain.

    Defensive ruinous information warfare is a counteroffensive strategy that requires the full set of skills, organization structure, and cost structure associated with offensive ruinous information warfare and offensive containment information warfare strategies. It costs billions of dollars to implement and probably requires a coalition to implement and maintain.

    Defensive responsive containment information warfare and offensive containment information warfare strategies are similar except in the circumstances in which they are deployed. The cost is high, and it takes considerable time to develop strategies and tactics and train forces. There are few countries that can independently implement this strategy.

    Sustained rogue information warfare has a similar overhead requirement to that of sustained terrorist information warfare. It is not an expensive process and can be carried out over long periods of time with an investment of a few million dollars. Good skill sets are required, but staff may be relatively easy to recruit given the fact that legitimate information technology jobs are not the best-paying positions. The process of embezzlement, fraud, and blackmail pays well for those who get away with it, and those...

Table of Contents

Forewordxi
Acknowledgmentsxiii
Introductionxv
Chapter 1Information Warfare: A New Framework for Analysis1
Types of Information Warfare Strategies and Activities3
The Probability of Various Information Warfare Strategies Being Implemented5
The Anatomy of a National Information Warfare Defense Structure9
Putting International Treaties into Perspective17
The Military Side of Information Warfare20
Civilian Law Enforcement and Information Warfare27
The Impact of Information Warfare on Private Companies29
Information Warfare Will Result in Civilian Casualties32
Conclusions and an Agenda for Action35
Chapter 2Measuring the Economic Impact of Information Warfare41
The Nature of the Economic Impact of Information Warfare Attacks43
The Immediate Economic Impact of Information Warfare Attacks46
The Short-Term Economic Impact of Information Warfare Attacks51
The Long-Term Economic Impact of Disruption57
There Is No Day After in Cyberwar61
Conclusions and an Agenda for Action62
Chapter 3The Electronic Doomsday Scenario: How Ten People Could Cause $1 Trillion in Economic Disruption65
The PH2 Team66
The Conception of PH268
Day 1The Launch of PH269
Day 2The Big Bug Bite70
Day 3Is It War Yet?71
Day 4A Russian Connection?72
Day 5Chaos Realized72
Day 6It Isn't Over Yet72
Day 7Attacks in Germany and Japan73
Day 8A German Bank Goes Down75
Day 9Wall Street Denial-of-Service Attack75
Day 10Middle East Conflict Brews, Wrong Number in Australia76
Day 11The Tiger Prowls79
Day 12Our Asian Daughters80
Day 13Tonya Strikes82
Day 14The Shambles of Electronic Commerce83
Day 15Busy Signal in London84
Day 16Target NASDAQ86
Day 17PH2 Realized87
Day 18Stock Brokerage Take-Down88
Day 19NASDAQ Foiled, Microsoft Hit90
Day 20Information Warfare, Guns, and Bombs92
Day 21Vulnerability and Exposure93
Day 22Santa Claus Hits94
Day 23Merry Christmas94
The Aftermath of Information Warfare Attacks95
Chapter 4Preparing to Fight Against Major Threats97
Assessing the Preparedness for Information Warfare in the United States99
Assessing the Preparedness for Information Warfare of Other Governments105
Assessing the Preparedness for Information Warfare of Terrorists and Criminals107
Assessing the Preparedness for Information Warfare of Industry Groups108
Traditional Diplomacy and Information Warfare110
The Role of International Organizations112
The Role of the Global Military Alliances113
Martial Law and Cyberspace115
The Super Cyber Protection Agency117
Preparation from a Global Viewpoint118
Conclusions and an Agenda for Action119
Chapter 5Information Warfare Strategies and Tactics from a Military Perspective123
The Context of Military Tactics124
Offensive and Defensive Ruinous Information Warfare Strategies and Tactics125
Offensive and Responsive Containment Information Warfare Strategies and Tactics130
Defensive Preventive Information Warfare Strategies and Tactics135
Random and Sustained Terrorist Information Warfare Strategies and Tactics139
Sustained and Random Rogue Information Warfare Strategies and Tactics143
Amateur Rogue Information Warfare Strategies and Tactics146
Conclusions and an Agenda for Action147
Chapter 6Information Warfare Strategies and Tactics from a Corporate Perspective151
Overview of Defensive Strategies for Private Companies152
Participating in Defensive Preventive Information Warfare Planning154
Surviving Offensive Ruinous and Containment Information Warfare Attacks158
Surviving Terrorist Information Warfare Attacks162
Countering Rogue Information Warfare Attacks165
Dealing with Amateur Rogue Information Warfare Attacks168
Conclusions and an Agenda for Action171
Chapter 7Strategies and Tactics from a Terrorist and Criminal Perspective173
Why Terrorists and Rogues Have an Advantage in Information Warfare174
The Future Computer-Literate Terrorist and Criminal176
Selecting Information Warfare Targets177
Targets that Appeal to Both Terrorists and Rogue Criminals185
Targets that Appeal to Terrorists, but Not Rogue Criminals186
Targets that Appeal to Rogue Criminals, but Not Terrorists189
Working from the Inside of Information Warfare Targets190
Avoiding Pursuit and Capture192
Fund Raising for Terrorist and Rogue Criminal Information Warriors193
Conclusions and an Agenda for Action194
Chapter 8The Arms Dealers and Industrial Mobilization in Information Warfare197
Mobilization Requirements for Technology Companies in Information Warfare198
The Top Technology Companies that Can Provide Information Warfare Expertise200
Aerospace and Defense Companies that Can Provide Information Warfare Expertise202
Computer System Manufacturers that Can Provide Information Warfare Expertise205
ZiLOGComputer Networking Product Companies that Can Provide Information Warfare Expertise208
Telecommunications Systems Companies that Can Provide Information Warfare Expertise209
Telecommunications Service Providers that Can Provide Information Warfare Support212
Software Producers that Can Provide Information Warfare Expertise217
Computer Services and Consulting Firms that Can Provide Information Warfare Expertise222
Internet Service Providers that Can Provide Support to Information Warriors224
Cooperation Between Governments and Technology Companies in Information Warfare225
Conclusions and an Agenda for Action226
Chapter 9Civilian Casualties in Information Warfare229
Why the Cyber Masses Are at Risk231
Circumstances with the Highest Potential Impact for Individual Citizens232
Conclusions and an Agenda for Action234
Chapter 10The New Terrorist Profile: The Curious Nerd Is Moving to the Dark Side237
The New Techno-Terrorists and Criminals238
Computer Crimes and Terrorist Attacks242
Where Information Warriors Will Come From249
Understanding Why People Become Cyberwarriors252
Motivations for Warriors in the New Frontier254
The Alienation of Computer Geeks255
Affinity Within the Pocket Protector Sect256
Why Cybercrime and Terrorism Can Be Fun and Profitable257
Will Americans Make Good Terrorists and Cyber Soldiers of Fortune?261
Gender, Race, and Nationality in Information Warfare Careers262
Conclusions and an Agenda for Action264
Chapter 11Law Enforcement: Being Behind the Technology Curve and How to Change That267
The Good Guys: Poorly Paid and Under-Trained269
Computers and Beyond: New Requirements for Cops and Special Agents271
The Challenge of Developing Cyber Cops276
Working for Big Brother: The New Information Highway Patrol278
Terrorist and Criminal Profiling in Cyberspace280
Conclusions and Agenda for Action280
Chapter 12Final Words for Policy Makers, Military Planners, and Corporate Executives283
Cutting Through the Rhetoric284
Funding National Defense285
Risk Management in the Corporate Environment286
Ecommerce and Information Warfare286
Closing Comments287
Glossary289
Index299

Introduction

Introduction

This book presents a new and independent viewpoint on information warfare. One of the many things that are different about this analysis, compared to other perspectives of information warfare, is that this analysis is not military-centric. There are many reasons for the departure from the traditional military perspectives. The Internet has helped change the world of communications and commerce a great deal since information warfare strategies were first developed by the military. A global communications infrastructure has now made it possible for a wider assortment of groups towage information warfare. This makes the threat of information warfare far greater than it was in 1990 and has produced a wider variety of targets to be attacked.

Putting Information Warfare into Context

Information warfare must be considered within the context of war in general. Traditionally, many types of groups have been able to wage a variety of types of wars. Huge groups of military forces have used sophisticated tactics and weapons, as was done in the Gulf War. In Vietnam, a dedicated but fairly scraggly horde of soldiers took on a wellequipped, centrally controlled military organization. In Mexico, small bands of freedom fighters have been willing to fight the entire national army and police force. In Afghanistan, indigenous forces defeated the might of the Soviet-military machine that had previously invoked fear on the part of many more sophisticated armies. In other words, war comes in all shapes and sizes.

Before the Internet, information warfare was a war that would be fought among giants. The widespread use of the Internet and readily available access to the global communications systems and an arsenal of software tools has brought information warfare down to levels that all types of warfare eventually fall back to-once again, almost anyone can launch an information warfare attack.

The warfare tactics are very similar across the ten information warfare strategies. What differentiates the strategies are the purpose of the fight and the philosophies and motivations of the fighters. In ruinous information warfare strategies, for example, a sophisticated military operation can be launched to totally destroy the information technology and communications infrastructure of a nation or a region. In sustained terrorist information warfare strategies, a well-funded but small group of terrorists can attack a country, a city, an industrial sector, or a company and halt its operations or severely stifle economic activity. In many ways, the Internet has made some information warfare strategies cheap and relatively easy to implement, thus making the strategies usable to almost anyone in the world.

In this analysis, information warfare is comprised of ten different deliberate strategies to totally destroy or partially disable the military war fighting capability, industrial and manufacturing information infrastructure, or information technology-based civilian and government economic activities of a target nation, region, or population. Military organizations, terrorist groups, or rogue criminals can use these strategies to attack military systems, government operations, industrial infrastructures and communications systems, as well as civilian economic services such as electronic commerce. The ten strategies are examined in Chapter 1.

Is It a Question of If or When?

At the end of World War II, the threat of nuclear war loomed high in everyday life. Perhaps nuclear war is still possible, but it does not loom quite as high in the minds of citizens. The nuclear holocaust did not happen, but it could have, and the mighty nations of the world were prepared for mass destruction of the planet. We have now entered the information age and face the possibility of virtual destruction instead of physical destruction. Will it happen? When will it happen? Who will do it? These are questions that twenty-first century information warfare planners and strategists are grappling with as they prepare for the next war of wars.

The focus of military preparation has long been on devising plans to protect the national infrastructure from attacks from afar and take down the infrastructures of the enemy. This has certainly been a prudent and worthwhile pursuit. But what good would it do for one massive army of information warriors to attack one of their economic-interdependent allies? None! Especially when considering the dynamics of the global economy. Any nation that is capable of waging such an all-out information warfare attack is so tightly woven into the global economy that the attacker would suffer equal if not greater economic damage in the event of successful information warfare attacks on a super economic power.

Terrorists and rogue criminals, on the other hand, have less to protect and often little to hold onto and could perhaps even benefit from a successful attack. The military mind in the United States is still geared for big wars and is equipped to fight big armies. The focus of the military is on protecting the infrastructure while the budding digital economy is being built on ground outside the fort and is easy prey for attackers. Indeed, the infrastructure should be protected, but it is time to start thinking beyond the infrastructure protection strategy. An analysis of the economics of information warfare is included in Chapter 1 within the new framework for analysis, which offers a fresh look at the dynamics and nature of information warfare.

New Targets for Information Warriors

Terrorists strike at weak points, and rogue criminals steal what is the most valuable and the least protected. Both groups have their own cost! benefit equations. Terrorists and rogue criminals are the information warfare threat of the future. They will not attack the infrastructure, partially because it is so well guarded, but also because there is less chance of achieving drama for the terrorist and riches for the rogue. The terrorist and the rogue would rather not fight the military.

The terrorist, of course, loves headlines and drama, and strives to make people fearful while simultaneously embarrassing one or more governments in the process. The rogue loves money and would rather steal than fight. He is motivated by wealth, not fame, and certainly not by the religious salvation promised to so many terrorists who have died in the name of their country and their god. The terrorist and the rogue will cause tremendous damage to national economies while completely avoiding the military. They will strike at what is easy, and electronic commerce companies, banks, and stock brokerages remain very easy targets compared to the expansive military communications systems, and the relatively well-guarded electric utility grid and telecommunications infrastructure. The economic impact of information warfare is further explored in Chapter 2.

Chapter 3 presents a scenario outlined for massive attacks, not by the military, but by would-be terrorists, that illustrates how ten people could cause severe economic damage. The scenario is called PH2, for Pearl Harbor Two. It is good drama that could readily happen-in fact, almost all of the tricks, hacks, and bugs that the PH2 team use in their attack are already proven tactics and techniques. It is just a matter of how they are put together in combination, sequence, and frequency that makes the difference between mischief and war.

New Weapons and Defense Strategies

How information warfare will be waged will be dependent on the resources of the attackers at the time they attack. New technologies are constantly emerging to help the defender ward off attackers, as are many new weapons for the attacker to use to foil the defenses established by the guardians. Chapter 4 establishes a process to assess defensive and offensive information warfare capabilities. Information warfare strategies and tactics are examined from a military perspective in Chapter 5.

An overview of defensive strategies for private companies that may well become the direct target of information warfare is provided in Chapter 6 through an examination of information warfare strategies and tactics from a corporate perspective. The emergence of the computerliterate terrorist and criminal is examined in Chapter 7, and the reasons why terrorists and rogues have an advantage in information warfare are analyzed. The importance and process of industrial mobilization in information warfare is covered in Chapter 8 as the mobilization requirements for technology companies in information warfare are analyzed.

In most wars, there are civilian casualties, and information warfare attacks will leave many civilians economically wounded and perhaps even destroyed. Chapter 9 examines the impact that information warfare can have on the innocent-and maybe the not-so-innocentbystanders on the information superhighway. It is important that cybercitizens understand what can happen to them. Perhaps even more important is that military planners come to grips with the fact that the next war could have economic consequences for everyone, especially those who have assets that are computer-based or accounted for in an information system somewhere in the vast caverns of data maintained by the financial complex of the western world.

The New Information Warriors

Not all of the new information warriors are good guys. In fact, on some days the bad guys could easily outnumber the good guys. Chapter 10 examines the emergence of the new terrorists and rogue criminals that are wandering cyberspace. It is important to get to know these people because they are the ones who will be the mostly likely information war aggressors. This analysis delves into the minds and motivations of the new techno terrorists and criminals by reviewing the crimes of the past and speculating on the crimes of the future. Chapter 10 also examines the motivations of information warriors, both those who fight for good and those who serve evil. It explores many reasons why a talented computer professional may find the dark side of the information warrior elite more attractive than the humdrum everyday life of a programmer working in a bank somewhere in New Jersey.

Cyber Law Enforcement Challenges

The defenders on the information warfare front have already found that is tough to find a few good warriors. Recruitment and training of information warriors is critical if the good guys are going to have enough troops. The process and challenges are examined in Chapter 11. The mentalities and motivations of the good guys are also examined along with their training requirements, pay scales, and some of the temptations the guardians may face. The needs of law enforcement agencies are examined, as is the need to develop an information highway patrol and profiling methodology for cyber-terrorists and rogue criminals.

Things to Remember When Reading this Book

The author has interviewed hundreds of people over the last five years who were involved in computer security, information warfare planning, intelligence gathering, and law enforcement. These interviews were conducted for a variety of projects, including market analysis, product evaluations, and articles for journals and magazines. It is important to note that during all of these projects the people who were interviewed did not compromise any sensitive material. Although their input helped the author forage out the perspectives that are the foundation of this analysis, the work in this book is an independent perspective and is by no means to be considered an expose of insider or confidential information regarding military or law enforcement operations.

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews