Table of Contents
Information warfare has in the recent past, been considered a new threat and an instrument for adversaries. Various stories about disabled satellites, break-ins, as well as phone networks that have been downed have called for the public attention as well as the security on the need of defense against information warfare (Cordesman and Cordesman, 2002, 45). The probability that the new information on the warfare tools could be a threat in a nation’s ability to realize its interests as well as its ability to exercise power calls for public awareness and analytical attention.
Had there been a single and obvious definition of information warfare many writers would have documented it. Therefore, the fact that no writer has done so interprets to the fact that there is perhaps no existence of a simple definition. It is therefore arguable that information warfare is complex in dimensions. In an effort to define the complexity of information warfare, Martin Libicki asserted that ‘coming to grasp with information warfare can be compared to the effort of blind men who attempted to discover an elephant’s nature. The one that touched a leg defined it as a tree, the other that touched the tail defined it as a rope, and so on.’ For the sake of this discussion, information warfare shall be defined as a collection of techniques such as protection, disturbance, transport, degradation, and denial of information by which an individual(s) maintains advantage over their adversaries. Arguably, this definition can be applied in any situation with competition, military or civilian, private or public.
With the definition of information warfare having been established, the other most logical thing to highlight is the weaponry. There have been established two types of information weaponry, Hi-tech weapons and Low-tech weapons. The Hi-tech weapons include websites, prosthetics of communication, the virus, phishing, email bombs, satellite networks, identity theft, and renunciation of service attacks, virtual sit-ins, hacking, computer technology, and the internet among others (Ventre, 2016, 34). Low-tech weapons include leaflets, rumors, slogans, pamphlets, social engineering, and speech acts (Ventre, 2016, 34).
The techniques that were mentioned in the definition of Information warfare above can also be used to provide an overview of the weapons used.
- Collection of Information: this is included as a phase in information warfare since the upheaval of information signifies the increase of a type of warfare the group or individual that has more knowledge enjoys more benefits. This is based on the idea that the more information, the higher the situational awareness, hence better plans for a battle, which would hopefully result to a better outcome (Floridi and Taddeo, 2014, 87).
- Information transport: It is definitely of an advantage to collect as much information as possible. However, the information would be of little use, if any, if it stays unused in a store. For such a reason, transporting such information to those that need it within the required time is a significant part of information warfare. For this domain, the tools used need not be weapons, but rather technologies of civilian nature put together to be used in military situations. The most common tools here are communication infrastructure, which is made up of routers, fiber optic cable, computer networks, televisions, and radios among other technologies of information transport (Hutchinson and Warren 2012, 143). Without such weapons, the possibility of transporting such information within a real-time frame as required in the current standards would be minimal.
- Information protection: Most people have agreed that as an aspect of information warfare, there should be minimization of the amount of information accessed by the opponents. The largest part of this is the protection of the acquire information from capture by the opposite side. The information weaponry used in this case fall under two divisions (Jones, et.al, 2002, 245). The first division is the technology that protects the significant information storage facilities, transport mechanisms, and computers such as bullet and bombproof casings. This also includes mechanisms to prevent intrusions such as fingerprint scans and locks. The second division and probably the most important include technologies that protect information pieces from being like as passwords and other more complex expertise such as encryption (Jones, et.al, 2002, 245).
- Information manipulation: This, in information warfare context, refers to the change of information with the intention of distorting the picture of reality from the opponent’s side. This can be achieved using such technologies as computer software to edit videos, texts, audios, or graphics (Hart 2013, 95). This is often manually achieved so that the people in command can have control over what information to present to the enemy.
- Information degradation, disturbance, and denial: From the above definition of information warfare, degradation, disturbance, and denial of information are further aspects. These three techniques are means through which the end, (preventing the enemy from acquiring correct and complete information) is achieved (Hart 2013, 95). Since the three are closely related, similar weapons are used in achieving them. Some of these weapons include, jamming, spoofing, overloading, and noise introduction. Spoofing is used in degrading the quality of information availed to the opponent. The flow of the opponent’s information is destructed by introducing a ‘spoof’ or a fake message into its flow. This technique is applicable since it gives one the chance to provide false information to the opponent’s systems of collection so that the organization can make wrong decisions based on the information provided.
- Noise introduction is a further technique of disturbing the information being received by the enemy. Noise from the background makes it impossible for the opponent to distinguish the real information from the noise. Specifically, this is useful in instances when the opponent’s medium is wireless strategy of communication. Jamming on the other hand is a technique used in denial involving the interception of signals between two links of communication or between a link and a sensor. The signal is first intercepted then stopped or jammed to prevent further progress towards its desired destination (Pauline, 2012, 31). In a large number of cases, such a signal is then stored by its captor as vital information and used in determining the view of the enemy of its position in the scenario. Overloading in turn is a technique used to prevent the enemy accessing information in both civilian and military settings. This is done by sending too large a volume of data into the opponent’s system of communication such that it cannot handle the amount. Such intensity causes a serious degradation of the ability of the system to deliver information or a complete crash. In such a case, the system becomes too busy handling the overload such that it is not in a position to deliver important information where it is required. This technique is often referred to as denial of service attack, and has been found both effective and easy to use. For instance, a college student was once able to bring down the email server of the Whitehouse by sending 8000 email copies at a go (Munro, 2004, 85).
With the above information on information warfare, it only makes sense to illuminate on the defense against information warfare. Notably, the weapons and techniques discussed above have high chances of causing serious damage to information dependent especially in a military operation. America is considered at a greater risk of information warfare because it is highly dependent on information. Defense against information warfare should be countermeasures to the dimensions of information warfare. For example, defending against information collection would mean preventing the opponent from collecting the needed information about the central conflict (Munro, 2004, 85). This would involve protecting the information from interception as well as preventing it from reaching the collection facilities of the enemy. Some of the countermeasures that would be used here to prevent information collection are the same weapons defined above in the protection, degradation, denial, and disturbance of information.
Analyzing this topic of information warfare from a life incidence takes us back to the 2013 cyber-attack where criminals got access to and stole payment cards of about forty million customers as well as the personal data of about 70 million. This incidence not only tarnished the reputation of the company, but also caused a plunge to its profits. It also cost the CIO and CEO their jobs. However, a fact that was not well known was the fact that although the actual criminals were outsiders, they received entry to the company’s system using credentials of an insider (Upton and Creese, 2014). It is therefore important to note that most cyber security and information warfare threats originate from insiders. In this respect, over the past few years, an international research project has been ongoing with the intention of notably improving the ability of firms and institutions to neutralize and uncover internal threats. Many organizations have admitted that they do not have enough safeguards for preventing or detecting attacks from insiders. One of the reasons for this is that they are still in denial as far as the magnitude of the threat is concerned.
Recent research has shown that there has been a rising threat for organizations from attacks by insiders (Upton and Creese, 2014). The doors that have left most organizations susceptible to insider attacks are ubiquitous and mundane. They include:
- The dramatic increase in complexity and size of IT
- The continued use of personal devices by employees for work
- The worldwide explosion to social media
It is therefore important that organizations should think about the risks and come up with measures to narrow down the chances of insider attacks. There are several proposals that have been put forward that leaders of enterprises should immediately adopt. These are:
- Assume a robust insider policy: Such a policy should address the dos and don’ts of insiders who have shown negligence, mistakes, and carelessness. This policy should be easy and concise with everyone. Violations to these policies should come with their well stipulated penalties.
- Look out for threats when hiring: These threats have made it more critical than ever to employ interview techniques as well as screening processes with the aim of assessing sincerity and honesty of potential employees.
- Raise awareness: these calls for top management to open up about possible threats so that everyone can be on the look out to detect them. In addition to this, there should be customized training taking into account the type of attacks that could be made on people in a given section (Upton and Creese, 2014).
- Rigorous processes of subcontracting should be employed. This ensures that distributors and suppliers do not put the institution at a risk, for example by reducing the chances of some external IT provider may create a secret entry to the systems.
From the above discussion, it is evident that information warfare is a rather broad topic. The most obvious thing is that it is one of the most significant impacts of technology in the world. Both individuals and institutions are at risk of attack of their personal and private information. It is however important to note that information warfare leads to more than just vulnerability. For instance, in the US, new information warfare techniques and tools offer the country a potential to achieve its objectives for national security using more efficient, lesser lethal, and cheaper methods.
- Army War College (US) Strategic Studies Institute, 2001, Chinese Information Warfare: A Phantom Menace Or Emerging Threat? DIANE Publishing.
- Cordesman A and Cordesman J., 2002, Cyber-threats, Information Warfare, and Critical Infrastructure Protection: Defending the U.S. Homeland, California: Greenwood Publishing Group.
- Floridi L. and Taddeo M., 2014, The Ethics of Information Warfare, Berlin: Springer Science & Business Media.
- Hart D. 2013, Proceedings of the 8th International Conference on Information Warfare and Security: ICIW 2013, Mexico: Academic Conferences Limited.
- Hutchinson W. and Warren M. 2012, Information Warfare, Abingdon-on-Thames: Routledge.
- Jones A., Jones A., Kovacich G., and Luzwick P. 2002, Global Information Warfare: How Businesses, Governments, and Others Achieve Objectives and Attain Competitive Advantages, Florida: CRC Press.
- Molander R., Riddile A., Woilson P., and Williamson S. 1996, Strategic Information Warfare: A New Face of War. Santa Monica: Rand Corporation.
- Munro I. 2004, Information Warfare in Business: Strategies of Control and Resistance in the Network Society, Abingdon-on-Thames: Routledge.
- Pauline R, 2012, Law, Policy, and Technology: Cyberterrorism, Information Warfare, and Internet Immobilization: Cyberterrorism, Information Warfare, and Internet Immobilization, New York: IGI Global.
- Upton D and Creese S. 2014, The danger from within, Havard Business Review
- Ventre, 2016, Information Warfare, new York: John Wiley & Sons.