1 / 25

Information Warfare Theory of Information Warfare

Information Warfare Theory of Information Warfare. Reading list. This lecture Denning Chapters 2 Denning, D. E. Stuxnet: What Has Changed? Future Internet 2012, 4 , 672-687 . ( .pdf ).

hayek
Download Presentation

Information Warfare Theory of Information Warfare

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. InformationWarfare Theory of Information Warfare

  2. Reading list • This lecture • Denning Chapters 2 • Denning, D. E. Stuxnet: What Has Changed? Future Internet 2012, 4, 672-687. (.pdf)

  3. Information Security: “The protection of information against unauthorized disclosure, transfer, modification, or destruction, whether accidental or intentional.” (U.S. federal standards) • Information assurance: Information security + defensive information warfare • Information Warfare: Only intentional attacks + offensive operations

  4. Information Dominance Information Dominance - a condition that results from the use of offensive and defensive information operations to build a comprehensive knowledge advantage at a time, place, and on decision issues critical to mission success – from the IW Site, http://www.iwar.org.uk/iwar/resources/info-dominance/issue-paper.htm

  5. Information Warfare • Information resources • Players • Offensive operations • Defensive operations WIN-LOSE NATURE OF OPERATIONS

  6. Way of Thinking • S. R. Covey: 7 Habits of Highly Effective People • Habit 4: Think Win-Win • Character-based code for human interaction and competition • Win-lose  zero-sum game, competing for limited resources • Win-win  the ultimate winner? • How are these direction affecting our (cyber) future?

  7. Value of Resources • Exchange value • Determined by market value • Quantifiable • Operational value • Determined by the benefits that can be derived from using the resource • May no be quantifiable • May not be the same value for each player (offensive and defensive players) • Actual (before) and potential (after) value • Give examples!

  8. Players • Offense: motives, means, opportunity • Insiders, hackers, criminals, corporations, government, terrorists • Defense: protection • Federal Bureau of Investigation • U.S., Secret Service • Department of Treasury • Department of Defense • National Institute of Standards and technology ROLE OF GOVERNMENT

  9. Offensive Information Warfare • Target: particular information resources – resources does not need to be owned or managed by the defense • Objective: increase the value of the resource for the offense and decrease it for the defense • Gain: financial, strategic, thrill, etc. • Loss (defense): financial, tactical, strategic, reputation, human loss, etc.

  10. Cost of Information Warfare • Monetary expense • Personal time • Risk of getting caught • Punishment • Resources used • Measuring cost of cyber attacks

  11. Offense • Increase availability of resource • Decrease integrity of resource • Decrease availability of resource for defense

  12. Defense • Prevent availability of resource for offense • Ensure integrity • Ensure availability

  13. Offense: Increased availability • Collection of secret: • Espionage (illegal) and intelligence (may be legal) • Piracy • Penetration (hacking) • Superimposition fraud • Identity theft • Perception management

  14. Offense: Decrease Availability for Defense • Physical theft • Sabotage • Censorship

  15. Offense: Decreased Integrity • Tampering • Penetration • Cover up • Virus, worm, malicious code • Perception management • Fabrication, forgeries, fraud, identity theft, social engineering

  16. Defense • Prevention: keeps attacks from occurring • Deterrence: makes attack unattractive • Indications and warning: recognize attacks before it occurs • Detection: recognize attacks • Emergency preparedness: capability to recover from and response to attacks • Response: actions taken after the attack

  17. Playgrounds to Battlegrounds

  18. IW Activities • Context of human actions and conflict • Domains: • Play: hackers vs. owners • Crime: perpetrators vs. victims • Individual rights: individuals vs. individuals/organizations/government • National security: national level activities

  19. Play • Playing pranks • Actors: hackers/crackers/phreakers • Motivation: challenge, knowledge, thrill • Culture: social/educational • “global networks” • publications • forums • Law

  20. Crime • Intellectual Property Crimes • IT targets: research and development, manufacturing and marketing plan, customer list, etc. • Attacker: insiders, formal insiders • 1996: Economic Espionage Act (U.S. Congress) • Fraud • Telemarketing scam, identity theft, bank fraud, telecommunication fraud, computer fraud and abuse • Fighting crime

  21. Crime • Actors: • Employees • Temp. staff • Vendors • Suppliers • Consultants • Trade secrets • Identity theft • Law

  22. Individual Rights • Privacy • Secondary use of information • Free speech • Harmful/disturbing speech • Theft and distribution of intellectual property • Censorship

  23. National Security • Foreign Intelligence • Peace time: protecting national interests • Open channels, human spies, electronic surveillance, electronic hacking (?) • War time: support military operations • U.S. Intelligence Priorities: • Intelligence supporting military needs during operation • Intelligence about hostile countries • Intelligence about specific transnational threats • Central Intelligence Agency (CIA) • Primary targets in U.S.A.: high technology and defense-related industry

  24. War and Military Conflict • IT support, e.g., sensors, weapons, surveillance, etc. • Psyops and perception management • Physical weapons (?) • Cyber space battle (?) • Unmanned devices (?)

  25. Terrorism • Traditional: • Intelligence collection • Psyops and perception management • New forms: • Exploitation of computer technologies • Internet propaganda • Cyber attacks (electronic mail flooding, DOS, etc.) • Protection of national infrastructure

More Related