Professional Documents
Culture Documents
Cyber Warfare-Implication
Cyber Warfare-Implication
THEME
1. Manipulation of information has been a part of warfare since times immemorial. However, as
an instrument of national strategy, it is only in the last 10 years or so that information warfare has
gained special prominence as an element of warfare. Cyber warfare refers to conducting military
connectivity and other vital elements of national power. It means disrupting, if not destroying,
information and communication systems. It may be applicable in low and high intensity conflicts, in
2. In this backdrop, study the term Cyber Warfare, determine its implications as a new paradigm
in warfare and identify the developmental way forward for Pakistan in this domain.
2
THESIS STATEMENT
1. Throughout history, technology has brought about profound changes in military doctrine,
organization and strategy. Today, unprecedented changes are occurring in how information is
collected, stored, processed, communicated and presented. The past 25 years have witnessed
computer driven control, management and communication systems permeating nearly all strata of
military and civilian life. ‘Cyber Warfare’ aims at the degradation of these systems from the
standpoint of affecting connectivity of the military as well as other vital national organs and systems.
For nations, the implications of Cyber Warfare can be severe in terms of national security
compromises, and, therefore, it is crucial to develop a clear understanding of this new dimension in
warfare.
2 The process of understanding Cyber Warfare has to begin with a clear insight into its many
forms, characteristics and methods. This paper will, therefore, assign due coverage to that aspect.
Furthermore, any discussion on this new, and as yet developing concept, has to take into
consideration the overall cyber threat spectrum that countries such as Pakistan face and the level of
preparedness witnessed so far. The threat assumes significantly greater lethality when viewed in the
light of growing Indian mastery and capability in the field of information technology. The
introduction of erroneous or damaging information into computer driven and other electronic
systems has the potential of disabling vital national infrastructures, creating economic hardships and
disrupting military operations. Besides its formal dimension, the overall threat scenario also
encompasses an informal dimension, whereby, amateur hackers present a serious threat to sensitive
organizations through random as well as targeted attacks. Thus, Cyber Warfare has broad
ramifications for military organizations and doctrines. It would imply developing new doctrines
3
about the types of forces needed, how to strike the enemy and what safeguards to implement against
own vulnerabilities.
3. This paper will, therefore, also identify the threat spectrum and corresponding response
options, bringing into discussion both the offensive and defensive facets of Cyberwar, and
recommending optimal and practicable strategies for developing requisite capabilities in this field.
4
PREFACE
1. The modern era is being termed as the “Information Age”. The development in the field of
information technology has been so significant in terms of its impact on various spheres of human
life that it is now being recognized as a ‘revolution’, just as the agricultural and industrial revolutions
of the past. One major area of human activity that has truly been revolutionized is that of warfare.
The conduct of war essentially relies on information; knowing the battlefield, controlling the forces
and exercising leadership are the challenges that commanders have always been and will always be
faced with in the future. C4I2SR systems are now capable of providing real or near real time picture
of the battle field to the commanders, thus reducing the ‘fog and friction’ of war and enabling them
to take and transmit instant decisions to the lowest levels. C 4I2SR systems have become central to the
effective prosecution of modern wars; strategies are being formulated actively to disable the enemy’s
and safeguard own systems.
2. With the induction of modern communications and computer systems and their progressive
networking, new terms like cyber and information warfare have been introduced into the military
jargon. This new form of warfare presents an equally serious threat to certain non-military functions
of strategic significance as well, such as, telecommunications, electricity, financial and air/rail
transportation control systems etc. We cannot even begin to imagine the difficulties, and in some
cases devastation, that would follow as a consequence of any large scale or prolonged failure of these
systems caused by malicious tampering.
3. While much of the current hype on information/cyber warfare is based on futuristic scenarios,
barring the few military oriented manifestations noted in Gulf War-1 (1991) and Kosovo (1997), it
would be a lesson learnt the hard way if a country was to find itself ill-prepared or slow in reacting to
such an onslaught. Therefore, nations and military organizations that fail to prepare for this new type
of warfare will be of little relevance during future conflicts. With an increasingly modern
infrastructure, Pakistan and her armed forces are becoming more and more susceptible to such
warfare and therefore, need to remain on guard and battle ready in this sphere as well.
4.I am grateful to my advisor, Air Commodore Javed Anwar, for his valuable guidance and the
freedom of action granted to me during this study. Some other people I am indebted to for their
time, guidance and inputs are AVM Shamim Baig (NUST, Rawalpindi), Brig (Retd) Tariq
5
Salahuddin (ISI, Islamabad), Brig Mukhtar (C4I Directorate, GHQ Rawalpindi) and Mr Shahid
Mahmood (Interactive Communications, Islamabad). Lt Col Saif and his staff at the NDC library
also require a special mention for their tremendous support during the research phase of this study.
5. Finally, it is now my conviction that because of its universality and threat potential, a subject
such as information or cyber warfare needs to be studied by all professional military officers and
their civilian counterparts. This would enable us to better understand the nature and implications of
CHAPTER - 1
INTRODUCTION
1. The information revolution that gained momentum in the last two decades has virtually
changed our way of thinking and living. Throughout history, information has undeniably been an
important resource of humans in fulfilling their endeavors. However, the tremendous qualitative
change that has come about in this time and age was made possible only due to the development of
information technologies that allow information to be collected and disseminated accurately and
2. Information has now become critical in many spheres of human activity, which leads to two
conclusions. First, the overall efficiency and effectiveness of human endeavors have increased and
second, with growing dependence on information, its vulnerability to a disruption in its flow or
quality has also increased. It is this fact that has given rise to the idea of information warfare. Cyber
warfare can be understood within the broader context of information warfare as the two terms are
3. Warfare is no longer primarily a function of who puts the most capital, labour and technology
on the battlefield, but of who has the best information about the battlefield. 2 While the concept of
information warfare has fast gained acceptance, a true understanding of what it is, lags behind. As a
consequence, there are no fewer than 27 different definitions of Information Warfare (‘IW’) within
USA’s Department of Defense. One of the most elaborate definitions states, “Information Warfare
information–based processes, information systems and computer based networks, while defending
1
An article by Lennart Borg, analyst, Swedish Employers’ Confederation
2
John Arquilla and David Ronfeldt, ‘Cyber War is Coming’ (RAND paper RP-223, 1996), P141
7
one’s own”.3 Current USAF perception on ‘IW’ states, “Information Warfare is any attack against
switching facility is information warfare, destroying its software too is information warfare.5
Because of its evolutionary nature, coming to grips with information warfare is like the effort of five
blind men in discovering the nature of the elephant - the one who touched its leg called it a tree, the
one who touched its tail called it a rope, and so on. In theory, it would be possible to subdue an
adversary through information warfare, without firing a single bullet. The following famous quote
“To win a hundred victories in a hundred battles is not the acme of skill, but to subdue the enemy
4. As stated earlier, there is neither a standard definition existing on ‘IW’ at this time (even
though there is broad agreement on what ‘IW’ implies), nor a standard methods list. Some authors
divide the entire spectrum of ‘IW’ activities into ‘Net War’ (societal side of ‘IW’) and ‘Cyber War’
(military side of ‘IW’) as in the case of the RAND report on cyber war. 7 Basing information
warfare on these two pillars (Netwar & Cyberwar) has merit, because in such a case, cyber war
encompasses all ‘IW’ methods with military connotations, such as, Command & Control warfare
(C2W), Psychological, Hacker and Electronic warfare etc. Therefore, in that sense, ‘Cyber War’ is
analogous to ‘IW’. Resultantly, the term ‘IW’ and ‘Cyber War’ are generally used
interchangeably. A brief description of cyber war is given at Annex ‘A’ and a glossary of most
3
Yulin G Whitehead, ‘Information as a Weapon’ (Thesis presented to the Faculty of the School of Advanced Air
Power Studies, January, 1999), P4
4
Ronald R Fogleman, ‘Cornerstones of Information Warfare’ (USAF, 1995), P4
5
Ibid
6
Sun Tzu, ‘The Art of War’ (Reprinted by Wordsworth Editions Ltd, 1978)
7
John Arquilla and David Ronfeldt, ‘Cyber War is Coming’ (RAND paper RP-223, 1996), P141
8
5. Strategic Level. The aim at the strategic level is to influence the adversary’s
information sources and systems so as to affect his decision making and controlling processes. Three
questions need to be addressed prior to the launch of such a campaign. 8 First, what is the
relationship of the information warfare campaign to the larger aims of the campaign? Second, what is
it we wish the adversary leaders to know or believe when the information warfare campaign is
concluded? Third, what are the best “IW’ tools and weapons to employ in order to meet the
established success criteria? That is how ‘means’ and ‘ends’ would be related to each other.
warfare will aim at degrading and disrupting enemy’s capabilities to wage war. The focus would be
to deny, disrupt, destroy, or otherwise control an adversary’s use of information and information
systems through viruses in software, electronic warfare, physical attacks, destruction of Command
and Control targets, intelligence and other information systems supporting enemy operations.
Consequently, a successful cyber attack, for example on an air defence controlling hub may corrupt
the system to an extent that real time information ceases to be available or it may become impossible
5. There are seven distinct forms of information warfare aimed against military forces and state
infrastructures.9 These are fought both offensively and defensively, and are briefly defined in Annex
8
Brig Javed Akmal, ‘Information Warfare’, (Group Research Paper, NDC, Islamabad, 1996), P16-18
9
Martin C Libicki, ‘What Is Information Warfare’ (NDU Press, 1995), P7
9
e. Cyber Warfare
f. Hackers Warfare
6. With the ongoing developments in IT in Pakistan, both civil and military sectors are
vulnerable Cyber targets for India. As the armed forces modernize and build new capabilities, they
will increasingly rely on critical digital electronic information to store, process and move essential
data for planning, directing and executing operations. While on this path, there has to be a clear
recognition of the powerful and sophisticated threats that exist at this time and which could exploit
security weaknesses in many of these new systems. There are thus, serious security implications for
Pakistan, particularly the armed forces, while adapting to new technologies. Therefore, there is a
pressing need for a comprehensive and integrated approach towards defending Pakistan’s critical
infrastructure and its command and control systems from a fast growing Cyber threat, not only to
defend ourselves but to take all necessary measures to take Cyber war to the enemy’s frontiers if
required.
7. Aim. The aim of this paper is to study the term Cyber Warfare, identify the overall threat
spectrum and its implications on Pakistan as a new paradigm in warfare, and present
CHAPTER - 2
“….If (IT) is the vanguard of the new technological revolution then information
prudent to first develop an insight into military information operations. Military decision makers
have long regarded the ability to generate and assess information in a timely manner as vital.
Accordingly, the development of tools required to gather and process information has all along been
in step with today’s rapid pace of technological development. This has enhanced the criticality of
information for military forces to an extent that ‘information systems’ are now a significant part of
the conventional warfare capability. For an understanding of the expression ‘Military Information
Military
2. ‘IW’ is an emerging new paradigm of warfare, and information operations are likely to be as
common place in the near future as any present day conventional warfare tactic. Military planners,
therefore, need to start developing information skills and strategies as part of their capabilities, with
Information
3. Information is obtained by processing data, while data itself is the product of some
observation. The processed data has to be presented in a particular format for it to be called
10
Quote by Zhang Qinsheng, Chinese Military Strategist, 1998
11
Sqn Ldr C J Westwood, ‘Military Information Operations in a Conventional Warfare Environment’(Air Power
Studies Centre Paper No 47, 1996), P8
11
information. This format could be in a human readable form or a machine-readable sequence. The
communications, people and procedures. Any individual element of the information system, as well
as information processes which convert raw data into various forms of information, may provide a
suitable target for physical or cyber attack. The information system as a whole, and not just the
Operations
5. Information operations (IO) seek to influence the decision making process. These are
offensive and defensive activities aimed at all levels of the decision making process, and are focused
directly on warfare. In the modern warfare environment, attacking and defending information
systems is a vital combat task, which requires strategies to be formulated within the overall military
plan.
6. From the foregoing, a definition of MIO may now be obtained, which is, “Any activity that
objectives”.12 The three factors fundamental to the success of MIOs are as follows:-
a. Planning. An MIO strategy requires careful planning, starting with the selection of
an achievable aim. MIOs must remain focused on the overall military strategy.
of MIOs.
12
Ibid, P9
12
‘IW’ warriors on an enemy’s information system, and its likely reactions in the event
Information as a Weapon
7. Security is no longer defined by armed forces standing between the aggressor and the
homeland alone. The weapons of ‘IW’ have the capability to outflank and circumvent military
establishments. In general terms, the information weapon will be an effective tool to supplement the
military’s arsenal of more traditional weapons. Its application, prior to actual engagement of forces,
will make conventional attacks more effective against a blinded and degraded enemy. However,
some experts are of the opinion that nations should not consider the information weapon to be a
technological ‘silver bullet’ that could completely subdue an adversary’s will and capacity to fight.
8. Some advocates of information warfare refer to Col. John Warden’s view of the enemy as a
system13, and state that since the outcome of a war is the product of ‘will’ (morale) and the ‘capacity
to fight’ (physical), it follows that if the physical side could be driven close to zero, even the best
morale in the world would not produce a favourable outcome for the enemy. According to Col.
Warden, the physical side is easier to target than morale, and on this basis, these advocates strongly
argue in favour of information warfare being used as a means of decimating the enemy’s capacity to
13
John. A. Warden, ‘The Enemy as a System’ (Aerospace Power Journal No 1, 1995), P40-55
13
9. The OODA loop concept has been applied to most aspects of modern warfare. A constantly
evolving military education system and continuously improving technology has altogether changed
Revolution
Observe: telescope
Orient: weeks Civil War
Decide: months Observe: telegraph
Act: a season Orient: days
1776-1783 Decide: weeks
WW-II
Act: a month
Observe: radio/wire
1861-1865
Orient: hours
1776-1783
Decide: days
Gulf War Act: a week
Observe: near real time 1939-1945
Orient: minutes 1776-1783
Tomorrow Decide: hours
Observe: real time Act: a day
Orient: continuous 1990-1991
Decide: immediate 1776-1783
Act: hour or less
20??
1776-1783
Figure 1
10. This is a clear reminder of the significance of staying inside the enemy’s decision loop.
Successful C2W operations will, therefore, increase the enemy’s decision cycle – his ‘OODA’ loop –
Catastrophic Failures
11. Cyber war has the potential of affecting large segments of population by creating lack of
food, fuel, medical care, or by causing utilities failure, which, besides having severe implications for
14
Gordon R Sullivan and James M Dubik, ‘War in the Information Age’ (Military Review, April 1994), P47
14
the military, could inflict great general pain and chaos.15 Since information networks and computers
today are integral parts of all aspects of human life, Cyber attacks have the potential to cause failure
or collapse of:-
a. Electric/power grids.
b. Telephone/telecommunication systems.
c. Air/rail traffic control systems.
d. Banking and Financial systems.
e. Water supply systems
f. Day to day government functioning
g. Emergency and vital services
h. Military operations
12. Cyber War Techniques as Weapons of Mass Destruction (WMD). A major issue
under active consideration at present relates to whether cyber war weapons be declared as WMDs.
The question is, would blinding enemy leaders affect their will to fight? Would they actually
surrender, or would blinding operations actually backfire and panic adversary leaders into using
WMDs? For example, Russia adopted a military doctrine in November 1993, which indicated that
during an East-West conflict, an attack on Russia’s early warning system for strategic nuclear forces
is possible. With their sensors blinded and C2 systems destroyed, the Russians might assume the
worst and resort to their intact and still operable arsenal of strategic nuclear weapons. The question
that arises is, how can the information warfare advocates be certain that Russia would not employ
nuclear weapons16?
13. The issues and subjects presented in this chapter are specifically concerned with the conduct
of military information operations, and the effects that Cyber warfare is capable of generating. The
stage is now set to examine as to how information warfare is conducted offensively and defensively.
15
Cdr Byard Q Clemmons and Maj Gary D Brown, ‘Cyberwarfare: Ways, Warriors and Weapons of Mass
Destruction’ (Military Review, Sep-Oct 1999), P43
16
Op.cit. Whitehead, ‘Information as a Weapon’, P29
15
CHAPTER - 3
policy generally in the same manner as diplomacy or economic policy. One of the major
characteristics differentiating information operations from other instruments of statecraft is that these
can impose severe damage with low levels of violence. Cyber warfare can be conducted in two
domains - defensive and offensive. The entire range of information operations would require both
offensive and defensive elements to be exercised for a comprehensive cover involving denial,
2. Defensive information warfare seeks to protect information resources from attack. The
sources to be defended include decision makers, the information and information-based processes
they rely on and their means of communicating their decisions. IW-D requires a proactive rather
than a reactive approach. The aim is to preserve the integrity of the resource, or in the case of a
3. Unauthorized computer intrusions / break-ins have emerged as a major security hazard for
military and other government organizations. A 1995 estimate reports an alarming 250,000 attacks
on US Department of Defense computers 18. Only 5% of the attacks are noticed by the victim. With
computers playing an ever-increasing role in military affairs, the requirement to setup defenses
17
Quote by Leon Trotsky
18
Jason Sherman, ‘Info-war: What Kind of Defense’ (Repertory, April 1998), P50
16
accomplished in 6 ways (after excluding economic ‘IW’ from the military domain). Four of these
methods (C2W, IBW, EW and Psyops) have long remained recognized features of modern
conventional / unconventional warfare. What is new in C 4I is, the aspect brought in by the
introduction of computers and the manner in which it has revolutionized the conduct of military
destroying or degrading the adversary’s C2W, IBW, EW and Psyops capabilities, while protecting
one’s own. The attacks on C2W, IBW & EW systems could result in hard kills, as in the case of a
physical attack, or soft kills, as in the case of an information attack through computers or other
electromagnetic (EM) devices. C2 systems are vulnerable because they tend to be centralized, while
IBW and EW systems are vulnerable because they rely on sensors and the communications that unify
them. Similarly, success in Psyops mainly depends upon the levels of morale and motivation
prevailing in the force. Annex ‘C’ presents a topology of some basic threats to a C 4I system.
Included in it are elements that are threatened and defensive measures that are recommended to be
5. Who is Vulnerable? Purely from a cyber perspective, any computer system, which is not
a closed loop system and is accessible from the outside through an internet connection or a dial-in
facility, is vulnerable to cyber attack through hacking. A major problem in this connection is the
6. Types of Cyber Defense.19 The following system controls provide the most effective
19
Dorothy E Denning, ‘Information Warfare and Security’ (ACM Press Books, 1998), P38
17
a. Prevention. This serves to keep an attack from occurring by denying the offensive
(2) Shielding. Computers, monitors, printers and fax machines all give off
can help guard against cyber intruders. The degree of difficulty for breaking a
as possible (at least 8 characters), and if the character set includes other non-
specifies what activity is allowed and who all are allowed to initiate it.
local area networks. The objective is to keep intruders, malicious code, and
18
(5) Vulnerability Assessment and Avoidance. This aspect aims to find and
network scanning and backups. Backup systems are a protection against loss
damaging activity either at its onset or after the fact. This can be done by watching
current activity or by reviewing audit logs. These operate on the principle that it is
7. An offensive military information operation is one that targets or exploits the elements of an
adversary’s information system in pursuit of military objectives. Offensive operations are attractive
because they are cheap in relation to the cost of maintaining advanced military capabilities.
Additionally, these operations have the capability to produce large effects from a meager effort.
However, as of now, these are meant to augment rather than replace military’s conventional
capability.
8. Scope. Offensive ‘IW’ revolves around the same six methods that were discussed in the
domain of defensive ‘IW’. Military operations against four of the more recognized of these methods,
i.e., C2W, EW, IBW and Psyops, could be undertaken by employing conventional as well as cyber
techniques. In both cases, consolidation of offensive capability would not only require a dedicated
effort, but some hardware acquisitions as well, particularly in the realm of EW and IBW. Hacker
warfare is one of the most effective cyberwar techniques that could be applied to these methods in
19
order to augment other conventional warfare efforts. Annex ‘D’ presents a brief outline of how all
9. ‘IW’ Weapons. Computers can be used as weapons in their own right. Although
generally strategic in nature, computer operations can be applied to the tactical and operational
operations etc.20 The various types of ‘IW’ weapons are briefly covered at Annex ‘E’. A brief
10. Hacker Warfare. The process of breaking into a computer, with or without malicious
intent, is called ‘hacking’. Tremendous benefits can be derived by employing hacking techniques as
an offensive tactic. Knowledge of information stored in an enemy’s database, and the capabilities,
vulnerabilities and architecture of any targeted system, can be successfully found out using hacking
techniques. In future wars, information derived from hacking will become an important source of
The various tools available to a hacker are network scanners (SATAN, ISS etc), packet sniffers,
11. The criticality of this type of warfare can be gauged by the fact that a DDOS (Distributed
Denial of Service) attack on Pakistan’s internet gateway infrastructure in 2002, caused a general
month long slow down of the internet service and recovery from this attack presented a significant
12. In an incident prior to the 1991 Gulf war, five hackers from Netherlands penetrated computer
systems at 34 US military sites on the internet, including sites that were directly supporting
Operation Desert Storm. They obtained information on troops, weapons and movement plans and
then exited without leaving any traces. They could have changed logistic plans, but they did not.
20
Op.cit. Sqn Ldr Westwood, ‘Military Information Operations’, P17
21
Brig Tariq Salahudin (Retd), personal interview, 9 October, 2004
20
Then they tried to sell this information to Iraq, but fearing an entrapment, Baghdad declined the
offer.22 This example clearly illustrates the power that a successful hacker can wield over crucial
military plans. ‘Hacktivist’ is a new term coined to describe those hackers who are social and
13. This chapter has examined the various offensive and defensive cyber warfare methodologies
in detail. On the defensive side, the major conclusion is that computer systems must possess
adequate protection to combat unauthorized intrusion attempts, while on the offensive side, major
conclusions relate to the necessity of developing ‘IW’ weapons (EMP bombs etc), and skills for
hacker warfare. This provides a sound basis for gauging own vulnerabilities and strengths, viz-a-viz,
CHAPTER - 4
1. Pakistan’s ideological moorings, strong diplomatic and moral support to the Kashmir
freedom struggle and her indigenous nuclear programme continue to trouble the West in general and
India in particular. Therefore, there are multiple pressures on Pakistan despite her crucial role in the
22
Op.cit. Denning, ‘Information Warfare and Security’, P3
23
Yashwant Deva, ‘Secure or Perish’ (Ocean Books Pvt Ltd, New Delhi, 2001), P71
24
Op.cit. Yashwant, ‘Secure or Perish’, P161
21
post 9/11 scenario and the ongoing efforts to improve ties with India. India is expected to continue
looking for opportunities to degrade our military and economic potential because of our stance on
Kashmir. Pakistan is, therefore, a ripe target for attacks in the fifth dimension as well, i.e., the Cyber
dimension. There is a general perception that since Pakistan does not rely totally on computers and
information systems, Cyber threat to Pakistan is minimal. This however, is not true for two reasons.
First, as explained earlier, information warfare is not just about computers, and second, whatever
infrastructure Pakistan possesses, has already come under attack on many an occasion in the past
(briefly referred to at para 11 of Chapter-3). In fact, with the type of infrastructural and economic
growth that Pakistan is undergoing at this time, warfare in the fifth dimension would only grow
a. We still lack a dedicated and cohesive national policy on Cyber warfare, although an
b. Lack of awareness amongst the general public about information warfare (IW) and its
c. While several limited initiatives have been undertaken to counter Cyber threats, there
Greater automation may lead to more security leaks unless checked conscientiously.
25
Computer Emergency Response Team/Coordination Center (established at Carnegie-Mellon University)
22
Likely Adversaries
3. Warfare in the virtual realm knows no boundaries. An Indian sitting in New York can target
Pakistani interests with as much stealth and force as one sitting in New Delhi. Wherever a Cyber
threat to Pakistan comes from, its design and contours are more or less going to be the same. Hence,
the type and intensity of safeguards will not vary significantly (some exceptions notwithstanding).
4. ‘IT’ Development in India. It is said that, in future, IT would be to India what the oil is
to the Gulf. India has one of the fastest growing IT industries in the World. She is well poised to play
a significant role in the 21st century due to the availability of outstanding talent in IT sector. With a
vibrant IT industry, the IT infrastructure is expanding in the industrial, economic and military set ups
at a rapid pace. The country is an exporter of engineers and scientists to the west. 37% of top
Microsoft officials are Indians. While the Indian IT industry earned revenues of US $8.6 billion in
the year 2000, the Indian National Association of Software Companies (NASSCOM) predicts that by
2008, projected revenues from India's software industry would zoom to $87 billion out of which $50
5. Indian ‘IW’ Programmes. The Indian military has taken advantage of India’s
remarkable growth in the ‘IT’ sector, and has launched several ‘IW’ related projects in all three
services. The programmes envisage that all management, communications, logistics and intelligence
gathering activities would be executed and coordinated through computers based on protected local
and wide area networks. India is producing about 55,000 high quality software professionals each
year, which add to an already impressive pool. The Indian Army plans to get ‘wired up’ by 2008
with fully automated management and operational systems. It is also setting up an ‘IT’ school for
training its officers and to develop software for its needs. Needless to say, this would provide the
Indians with a sound platform for conducting information warfare. Indian capabilities can further be
26
NASSCOM – Mckinsey report (www.indianembassy.org/indiainfo/india_it.htm)
23
augmented by a large population of expatriate Indians working in USA’s Silicon Valley. These
highly experienced and capable professionals will almost certainly be used to conduct ‘IW’ against
Pakistani strategic and military targets prior to, or during the next Indo-Pak conflict.
6. Indian Navy. The Navy has been the most progressive in its ‘IW’ programme. It has
successfully developed ‘Trinetra’27, a secure indigenous system to transmit secret military data. The
system is capable of transmitting encoded secret military messages. A Navy analysis states that ‘IT’,
‘IW’ and exploitation of space based surveillance and reconnaissance capabilities were essential to
7. New Doctrines. At present, the Indian armed forces are busy developing new doctrines
based on information warfare requirements. The Navy has already published such a document. This
is a major institutional step designed to bring Indian armed forces in the fold of ‘IW’ education. The
programmes launched by the Indians would certainly bring about a force multiplier effect on the
8. The most significant threat to the security of information infrastructure comes right from
breaches account for ‘57% of all security incidents globally’. Some analysts go even further and
opine that it could be ‘as high as 80% of all security incidents’. 28 Moles are often planted by
intelligence agencies while others operate on their own for making quick money or just for the kick
of it.
9. Internal hackers often install commercially-available password ‘sniffers’, which gives them
unauthorized access and enables them to record log-on scripts and use the accounts of others. The
27
Rahul Bedi, ‘Mixed Fortunes for India’s Defense Industrial Revolution’ (Jane’s International Defense Review, May
1999), P29
28
Op.cit. Yashwant, ‘Secure or Perish’, P81
24
main source of virus infection is not from the Internet, but from use of corrupt floppies and pirated
software. In this regard, the government departments invariably emerge as major culprits. There are
usually no checks on employees and visitors bringing in and taking out floppies.
10. The Indian ambitions of becoming an important global player are abundantly clear from her
growing economic and military potential, and her jostling for a permanent UNSC seat. Therefore, in
order to firmly establish her regional credentials, India has been attempting to coerce her neighbours
either with political pressure or military muscle. Cyber warfare provides her with yet another
effective and relatively convenient tool to apply coercion without causing international upheaval.
With a clearly demonstrated excellence in the field of IT, India possesses a credible and well
established capability to engage offensively in Hacker warfare. The future Cyber warfare threat from
a. Employment of Cyber weapons such as viruses, logic bombs, Trojan horses and EMP
economic degradation.
c. The early warning and surveillance systems including completely networked air
defence system of Pakistan and armed forces command and control can come under
critical systems like nuclear command and control and missile control systems may
e. Energy sector including power, oil and natural gas can be seriously disrupted.
organizations are vulnerable. Vital public utilities and services such as, water supply,
hospitals and emergency services are also candidates for cyber attacks.
11. In the light of concrete evidence of possession of Cyber Warfare capability by India and its
implications for Pakistan, positive and urgent steps have to be taken to overcome vulnerabilities
outlined at para 2 of this chapter. Foremost amongst these is the need to address infrastructural
flaws, i.e., absence of a central body to consolidate all Cyber Warfare efforts at national level, and
the lack of a cohesive national policy on Cyber War. This is closely followed by the need to enhance
general awareness on ‘IW’ and put in place a well entrenched electronic security culture in
government establishments.
26
CHAPTER - 5
“As an innovation in warfare, cyber war may be to the 21st century what
1. The basic point to remember while devising a Cyber war strategy is the fact that everything
cannot be secured. Also, security cannot be defined in absolute terms; it keeps changing, and,
2. As stated earlier, there is no unifying body at the national level to coordinate, augment and
strengthen efforts against cyber threats at the national level. There is however, ample evidence to
suggest that an encouraging and continuous rise in awareness levels about cyber warfare is taking
place within service headquarters and departments considered vital for national security. 30
Accordingly, requisite steps have either been taken or are in process to fill security gaps and provide
29
John Arquilla and David Ronfeldt, ‘Cyber War is Coming’ (RAND paper RP-223, 1996)
30
Deduction made on the basis of personal interviews conducted during the course of research.
27
for a long term, flexible and sustainable defense mechanism. That said, the need for a central
3. Information Security Needs. Any Cyber strategy has to first and foremost address
issues relating to adequacy of own system’s cyber defence. Only then would it become logical to
progress towards devising an offensive strategy to take cyberwar to the enemy’s front. A wholesome
Cyber strategy designed to succeed must encompass the following features to ensure information
a. A positive and visible change in the security culture prevailing within our offices (which
4. Cyber Strategies. A strategy to conduct cyber warfare can be devised under three heads:
a. Defensive Strategy
b. Offensive Strategy
28
Defensive Strategy
5. An introduction to the overall threat spectrum, as given at Annex ‘G’, clearly indicates that
the task of creating defenses against cyber war is a difficult one. There are many holes to plug, and
where a cyber warfare strategy has yet to evolve, one may only proceed by making a selective
beginning, focusing initially on critical areas. The concept for defending the infra structure should
basically revolve around the requirement of keeping critical functions and systems operable in the
presence of cyber attacks. The risks associated with such degraded systems must be managed, since
cyber warfare is now a reality and cannot be set aside. Besides ensuring physical security, the main
developed (both hardware and software) locally, rather than using commercially
available ones. This is the only effective way of keeping ‘Trojan Horses’ and other
trapdoors at bay.
(1) Use of passwords and immediate change of default passwords upon receipt of new
machines.
(3) Backup copies of vital data should be saved on CDs. This protects data from
resilience of own system defenses against cyber attacks would assign the desired
Offensive Strategy
6. Attackers and defenders are locked in an ongoing battle of wits and resources in cyberspace.
However, the attacker is usually one step ahead of the defender because he can pick the time, place,
medium and method of attack.32 Military forces have to develop their own potent and credible
offensive capability in the form of information operations and cyber warfare in order to stay relevant
7. Hackers Warfare. Pakistan will have to develop a core capability in this type of warfare
by granting requisite academic and practical training to selected personnel in the science of computer
break-in, virus generation and virus insertion etc. These hackers will form the backbone of any
32
David S Alberts, ‘Defensive Information Warfare’ (NDU Press, 1996), P33
30
offensive cyber war effort aimed at rendering enemy’s C4I systems and critical elements ineffective.
Capabilities of a ‘hackers-based’ computer warfare offensive task force would need to include the
following:
networks.
communication grid.
affecting the human psyche through fear, logic and other mental factors. It can target
an entire nation for the purpose of influencing its policies. Television and internet
Core Strategy
9. Some basic institutional level changes would be required to ensure that the concept of
10. Capability Assessment. Continuous assessment of Indian and Western Cyber Warfare
capabilities would be vital in order to adjust own response/action appropriately. This would require
31
yet another crucial facet of information warfare, that of intelligence gathering, to be developed and
11. Higher Qualification in Cryptology. The science of cryptology does for electronic
information, what locks do for printed information. 33 It would be vital for any organization to have
good cryptologists for providing updated data security, as well as break adversary’s crypto codes.
12. Computer Security Standards. The ‘Trusted Computer System Evaluation Criteria’
(TCSEC) is a U.S. Department of Defense document, which specifies security requirements for
computer systems. From the lowest to the highest, the levels are, D (minimal protection), C1
higher the security level, the greater the system cost. The current DOD standard is B2. In Pakistan,
there is a need to evaluate and determine minimum security levels for each military and each critical
civilian infrastructure.
13. Hiring of Civilian Computer Professionals. Civilians impart continuity and stability
to institutions and are good for running and sustaining long-term programmes. Their expertise
continues to grow as well. Employing civilians as a core resource will be a good step towards
computers and the electronic security precautions that accompany today’s information systems, it
would be difficult to measure up to the requirements of a potent ‘IW’ system. To this end, Cyber
warfare demands dedicated management and organizational stress. Therefore, not only does ‘IW’
need to be recognized as a new paradigm in warfare, but organizational structures should reflect
33
Op.cit. Denning, ‘Information Warfare and Security’, P286
32
CHAPTER - 6
34
“There is nothing more difficult to take in hand, more perilous to conduct or more uncertain in
its success, than to take the lead in the introduction of a new order of things”.
1. Military Information Operations have a tremendous cost-effect advantage. Even with limited
military resources at its disposal, a nation can launch these operations virtually against any nation of
the world with devastating effects. In today’s cyberspace, not even institutions of the stature of
Microsoft are safe anymore. The break-in of hackers into Microsoft in February, 2000 was just one
example of the threat that organizations face. But the most worrying aspect was that if a company
such as Microsoft, which probably has the densest concentration of intellectual firepower, could fall
2. Communication systems in the Third World have been built around borrowed or imported
software and hardware. These may possess several loopholes that an adversary could exploit.
Pakistan has indeed found itself at the receiving end of cyber vandalism in the past, and with
growing computerization and automation in Pakistani armed forces and other strategic organizations,
the magnitude of our vulnerability is bound to increase. This, coupled with the fact that only about
34
Quote by Machiavelli
35
Dawn Newspaper, “Hackers Attack on Microsoft Rings Alarm Bells in USA”, 29 October, 2000
33
5% of cyber ingresses are detected by organizations, justifies a strong case for an effective and
3. Understanding ‘IW’ correctly requires a mind set change. Cyber warfare has to be understood
at the grassroots as well as the highest levels. A coterie of young, energetic and intelligent officers
with an aptitude for computers, networking, encryption and internet applications has to be cultivated
as an ‘IW’ asset in our armed forces, government departments and civilian institutions of strategic
significance. That would serve as a crucial element towards ensuring the sanctity and safety of our
decision making processes, and the effectiveness of the all important ‘OODA’ loop.
4. Amidst the concern on cyber warfare however, an important point to consider for the decision
makers would be to determine the extent to which the enemy, particularly a nuclear capable
adversary, is to be taken out or blinded, so that an unintended raising of the ante is prevented.
RECOMMENDATIONS
National Level
5. The following recommendations are made in the light of the threat that Cyber Warfare poses
to Pakistan:
body may be placed under the Defence Minister and could include Chairman Joint
division. This governing body may be mandated to make national ‘IW’ policy, evolve
comprehensive short and long term ‘IW’ programmes, procure funds, make
34
b. In the realm of offensive Cyber warfare, and as part of the national ‘IW’ policy, there
c. Most countries with advanced ‘IW’ programmes have established a central ‘Computer
Ministry of Science and Technology (MoST) may also be directed to set up such a
team in line with the American CERT. This would enable control of cyber-crime and
d. Making use of the ‘Trusted Computer System Security Criteria’ (TCSEC), the
proposed central ‘IW’ committee may evaluate and determine minimum security
e. There is a dire need to introduce and sustain a new (stricter and uncompromising)
work place security culture in all departments and functions of the government which
neglect.
f. Institute measures for increasing education levels of the public and development of
human resource in IT. Awareness of policy makers, information system managers and
general public on information and cyber security aspects needs to be promoted at the
national level.
programmes be initiated with requisite incentives to the private sector to make new
Towards this end, JSHQ may issue required policy directives to all service HQs to
a. Computer literacy of officers and men may be enhanced. At junior levels, competency in
computer skills may be made a part of the promotion examinations for officers and
men.
d. A comprehensive and practicable ‘IW’ module be integrated into all single and joint
networks be maximized through the use of fire walls, access codes, multi-layered
36
7. Recommendations offered in this paper are by no means conclusive and exhaustive because
of the nature of the subject and ever emerging new threats and technologies to counter the threats.
However, these can serve as a starting point for developing Cyber Warfare strategies at all tiers in a
national effort to master this new paradigm in warfare.
37
ANNEX ‘A’
CYBER WAR
1. Cyber war refers to conducting, and preparing to conduct military operations according to
disrupting, if not destroying, information and communication systems. It also means turning the
‘balance of information and knowledge’ in one’s favour, especially if the balance of force is not. The
special characteristics of cyber war are low cost, precision, standoff and stealth.
2. For many, the term cyber war brings up images of deadly, malicious programmes causing
computer systems to freeze, weapon systems to fail, and enemy’s technological prowess being
neutralized to bring about a bloodless conquest. This picture, in which cyber war is isolated from the
broader conflict, operates in an altogether different realm from traditional warfare and offers a
bloodless alternative to the dangers and costs of modern warfare, is attractive but unrealistic. Such a
scenario is not beyond the realm of possibility, but it is unlikely, at least in the foreseeable future. As
of now, Cyber warfare will almost certainly have very real physical consequences as well.
3. Cyber war may have broad implications for military organization and doctrine. It may imply
developing new doctrine about the kinds of forces needed, where and how to deploy them, and what
and how to strike on the enemy’s side. Similarly, questions such as, how and where to position what
kinds of computers and related sensors, networks, databases and so forth, are also of utmost
relevance. Cyber war would also have implications for strategy, tactics and weapons design. It may
4. Pakistan Armed Forces have an elaborate organizational structure, both at the operational and
tactical levels. They possess reasonably advanced information-based processes and information
systems that could be prime targets for cyber attacks. Likewise, systems elsewhere in use within the
government machinery are increasingly becoming automated and hence, prime targets for cyber
attacks.
ANNEX ‘B’
1. C2W (Command and Control Warfare). Its objective is to decapitate the enemy’s
2. Electronic Warfare. A set of actions taken to deny the use of the electromagnetic spectrum
3. Intelligence - Based Warfare (IBW). Integration of sensors, emitters, and processors into
reconnaissance, surveillance, target acquisition, and battle field damage assessment systems.
5. Cyber War. The use of information systems against or in defence of military connectivity.
6. Hacker Warriors. Who use their techniques to destroy, degrade, exploit, or compromise
information systems.
warfare can take two forms _ Information blockade and information imperialism. The former
presumes that societies will be as affected by information flows as by flow of material supplies,
while the latter equates information imperialism with modern day economic imperialism.
40
ANNEX ‘C’
WHAT IS RECOMMENDED
THREAT
THREATENED? MEASURES
- Commanders - Protect commanders
C2W
- Command Centers - Harden structures
(Command &
Control - Communications - Disperse communications.
Warfare) (physical security) Keep size of elements
small.
ANNEX ‘D’
41
WHAT IS
OPERATION TARGETS
REQUIRED?
- Commanders - Knowledge of enemy’s C2
C2W architecture for gainful target
- Command Centers selection
(Command &
Control Warfare) - Communications - Weapons
(physical security)
- Conventional and/or ‘IW’
weapons
-
- Offensive ‘IW’ (Hacker
War).
- Battlefield Intelligence - Anti-Situational awareness
IBW Sensors measures through destruction
of Sensors
(Intelligence Based
Warfare) - Conventional and/or ‘IW’
weapons
- Spreading disinformation
through internet (Hacker
War)
ANNEX ‘E’
instructions, modifying that programme. A virus executes only when its host begins to run. The virus
corrupts data, logically destroys hard drives and causes errors in application programmes and
operating systems.
another over a computer network by breaking into computers in the same way that a hacker would
break into them. As it travels, it copies itself onto remote computers. Worms can destroy data or
3. Trojan Horses. A Trojan horse programme pretends to be benign but it actually causes
destruction when activated. It is an information tool that is used to gain access to an information
resource.
4. Logic / Time Bombs. A bomb is a type of Trojan horse used to release a virus, a worm
or some other system attack. It’s either an independent programme, or a piece of code that has been
invaluable asset for a country that wants to acquire long-term control over some one else’s
information resources. Due to the overwhelming demand for US based software in the world today,
the US government could decide to have Trojans implanted in all software exported out of USA in
order to have them activated upon occurrence of specific events. Hackers continue to capture
passwords by replacing the standard login programme on a computer with a Trojan horse version
that looks normal, but behind the scene is stealing the passwords of unsuspecting users, and storing
5. Trapdoors. A trap door or a back door is a mechanism built into a system by its designers
to give them a way to sneak back into the system, circumventing normal system protection.
43
implant similar functions inside the hard-ware. Today’s chips contain millions of integrated circuits
that can easily be configured by the manufacturer so as to make them initiate unexpected events at a
7. HERF Guns. High Energy Radio Frequency (HERF) is a device that directs high power
radio energy at an electronic target. A HERF gun simply overloads particular circuits to disable
specific pieces of equipment that are dependent on that circuit. The damage severity could range
from moderate to severe. A HERF gun pointed at a ‘fly-by-wire’ aircraft could trigger a catastrophic
failure.
8. EMP Bombs. An Electro Magnetic Pulse (EMP) has been described as ‘the next great
weapon to evolve in modern warfare’. These pulses are much more powerful than HERF guns, and
ANNEX ‘F’
1945: Rear Admiral Grace Murray Hopper discovers a moth trapped between relays in a Navy
computer. She calls it a "bug," a term used since the late 19th century to refer to problems with
44
electrical devices. Murray Hopper also coined the term "debugging" to describe efforts to fix
computer problems.
1949: Hungarian scientist John von Neumann (1903-1957) devises the theory of self-replicating
programs, providing the theoretical foundation for computers that hold information in their
"memory."
1963: Programmers develop the American Standard Code for Information Interchange (ASCII), a
simple computer language that allows machines produced by different manufacturers to exchange
data.
1964: AT&T begins monitoring telephone calls to try to discover the identities of "phone freaks," or
"phreakers," who use "blue boxes" as tone generators to make free phone calls. The team's
surveillance chief tells Newsweek magazine in 1975 that the company monitored 33 million toll calls
to find phreakers. AT&T scores 200 convictions by the time the investigation ends in 1970.
1969: Programmers at AT&T's Bell Laboratories develop the UNIX operating system, the first
multi-tasking operating system.
1969: The Advanced Research Projects Agency launches ARPANET, an early network used by
government research groups and universities, and the forerunner of the Internet.
1972: John Draper, soon to be known as "Captain Crunch," discovers that the plastic whistle in a box
of breakfast cereal reproduces a 2600-hertz tone. With a blue box, the whistle unlocks AT&T's
phone network, allowing free calls and manipulation of the network. Among other phreakers of the
1970s is famous future hacker Kevin Mitnick.
1972: Future Apple Computer co-founder Steve Wozniak builds his own "blue box." Wozniak sells
the device to fellow University of California-Berkeley students.
1979: Engineers at Xerox Palo Alto Research Center discover the computer "worm," a short program
that scours a network for idle processors. Designed to provide more efficient computer use, the worm
45
is the ancestor of modern worms -- destructive computer viruses that alter or erase data on
computers, often leaving files irretrievably corrupted.
1983: The FBI busts the "414s," a group of young hackers who break into several U.S. government
networks, in some cases using only an Apple II+ computer and a modem.
1983: University of Southern California doctoral candidate Fred Cohen coins the term "computer
virus" to describe a computer program that can "affect other computer programs by modifying them
in such a way as to include a (possibly evolved) copy of itself." Anti-virus makers later capitalize on
Cohen's research on virus defense techniques.
1984: In his novel, "Neuromancer," author William Gibson popularizes the term "cyberspace," a
word he used to describe the network of computers through which the characters in his futuristic
novels travel.
1986: One of the first PC viruses ever created, "The Brain," is released by programmers in Pakistan.
1988: Twenty-three-year-old programmer Robert Morris unleashes a worm that invades ARPANET
computers. The small program disables roughly 6,000 computers on the network by flooding their
memory banks with copies of itself. Morris confesses to creating the worm out of boredom. He is
fined $10,000 and sentenced to three years' probation.
1991: Programmer Philip Zimmerman releases "Pretty Good Privacy" (PGP), a free, powerful data-
encryption tool. The U.S. government begins a three-year criminal investigation on Zimmerman,
alleging he broke U.S. encryption laws after his program spread rapidly around the globe. The
government later drops the charges.
1994: Inexperienced e-mail users dutifully forward an e-mail warning people not to open any
message with the phrase "Good Times" in the subject line. The missive, which warns of a virus with
the power to erase a recipient's hard drive, demonstrates the self-replicating power of e-mail virus
hoaxes that continue to circulate in different forms today.
46
1995: Microsoft Corp. releases Windows 95. Anti-virus companies worry that the operating system
will be resistant to viruses. Later in the year, however, evolved "macro" viruses appear that are able
to corrupt the new Windows operating system.
1998: Intruders infiltrate and take control of more than 500 military, government and private sector
computer systems. The incidents -- dubbed "Solar Sunrise" after the well-known vulnerabilities in
computers run on the Sun Solaris operating system -- were thought to have originated from
operatives in Iraq. Investigators later learn that two California teenagers were behind the attacks. The
experience gives the Defense Department its first taste of what hostile adversaries with greater skills
and resources would be able to do to the nation's command and control center, particularly if used in
tandem with physical attacks.
1999: The infamous "Melissa" virus infects thousands of computers with alarming speed, causing an
estimated $80 million in damage and prompting record sales of anti-virus products. The virus starts a
program that sends copies of itself to the first 50 names listed in the recipient's Outlook e-mail
address book. It also infects Microsoft Word documents on the user's hard drive, and mails them out
through Outlook to the same 50 recipients.
2000: The "I Love You" virus infects millions of computers virtually overnight, using a method
similar to the Melissa virus. The virus also sends passwords and usernames stored on infected
computers back to the virus's author. Authorities trace the virus to a young Filipino computer student
who goes free because the Philippines has no laws against hacking and spreading computer viruses.
This spurs the creation of the European Union's global Cybercrime Treaty.
2000: Yahoo, eBay, Amazon, Datek and dozens of other high-profile Web sites are knocked offline
for up to several hours following a series of so-called "distributed denial-of-service attacks."
Investigators later discover that the DDOS attacks -- in which a target system is disabled by a flood
of traffic from hundreds of computers simultaneously -- were orchestrated when the hackers co-
opted powerful computers at the University of California-Santa Barbara.
2001: The "Anna Kournikova" virus, promising digital pictures of the young tennis star, mails itself
to every person listed in the victim's Microsoft Outlook address book. This relatively benign virus
frightens computer security analysts, who believe it was written using a software "toolkit" that
allows even the most inexperienced programmer to create a computer virus.
47
2001: The Code Red worm infects tens of thousands of systems running Microsoft Windows NT and
Windows 2000 server software, causing an estimated $2 billion in damages. The worm is
programmed to use the power of all infected machines against the White House Web site at a
predetermined date. In an ad hoc partnership with virus hunters and technology companies, the
White House deciphers the virus's code and blocks traffic as the worm begins its attack.
2001: Debuting just days after the Sept. 11 attacks, the "Nimda" virus infects hundreds of thousands
of computers around the world. The virus is considered one of the most sophisticated, with up to five
methods of infecting systems and replicating itself.
2001: Melissa virus author David L. Smith, 33, is sentenced to 20 months in federal prison.
2002: The "Klez" worm -- a bug that sends copies of itself to all of the e-mail addresses in the
victim's Microsoft Outlook directory -- begins its march across the Web. The worm overwrites files
and creates hidden copies of the originals. The worm also attempts to disable some common anti-
virus products and has a payload that fills files with all zeroes. Variants of the Klez worm remain the
most active on the Internet.
2002: A denial-of-service attack hits all 13 of the "root" servers that provide the primary roadmap for
almost all Internet communications. Internet users experience no slowdowns or outages because of
safeguards built into the Internet's architecture. But the attack -- called the largest ever -- raises
questions about the security of the core Internet infrastructure.
2003: The "Slammer" worm infects hundreds of thousands of computers in less than three hours. The
worm ever wreaks havoc on businesses worldwide, knocking cash machines offline and delaying
airline flights. It holds the ranking as the fastest-spreading computer worm ever.
2004: The "MyDoom" worm becomes the fastest-spreading e-mail worm as it causes headaches --
but very little damage -- almost a year to the day after Slammer ran rampant in late January 2003.
MyDoom uses "social engineering," or low-tech psychological tricks, to persuade people to open the
e-mail attachment that contains the virus. It claims to be a notification that an e-mail message sent
earlier has failed, and prompts the user to open the attachment to see what the message text originally
said. Many people fall for it.
48
ANNEX ‘G’
Authentication-Based
Password sniffing /cracking
Social engineering
Via corrupted / trusted system
49
Data Driven
Directing e-mail to a program
Embedded programming languages
o Microsoft word macro
o Postscript printer
Remotely accessed software
o JAVA, Active-X
Software-Based
Viruses
Flaws
Excess privileges
Unused security features
Trap doors
Poor system configuration
Protocol-Based
Weak authentication
Easily guessed sequence numbers
Source routing of packets
Unused header fields
Denial of Service
Network flooding
‘Spamming’
Morris worm
Cryptosystem Weakness
Inadequate key size / characteristics
50
Key Management
Deducing key
Substituting key
Intercepting key
Setting key
Bypassing
Capture data before encryption
Turn off encryption
Replay
Denial of service
BIBLIOGRAPHY
Books
1. Alexander, Yonah and Swetnam, Michael S, Cyber Terrorism and Information Warfare,
and Conflict in the Information Age, Bookmart Publishers (New Delhi), 2000
4. Johnson, Stuart E and Libicki Martin C, Dominant Battle Space Knowledge, NDU Press,
1995.
51
5. Denning, Dorothy E, Information Warfare and Security, ACM Press Books, 1998.4
6. Alberts, David S / Garstka, John J / Stein, Frederic P, Network Centric Warfare, CCRP
7. Schneier, Bruce, Secrets & Lies, John Wiley & Sons, Inc,2000
8. Deva Yashwant, Secure or Perish, Ocean Books Pvt. Ltd (New Delhi), 2001
9. Libicki, Martin C, The Mesh and The Net, NDU Press, 1994.
10. Campen, Alan D, The First Information War, Army Education Press, 2000
11. Adams, James, The next World War, Simon & Schuster, 1998
12. Alberts, David S, The Unintended Consequences Of Information Age Technologies, NDU
Press, 1996.
13. Bhonsle, Colonel Rahul K, Transforming to the Information Warfare Paradigm, Ocean Books
14. Toffler, Alvin and Heidi, War and Anti-War, Little, Brown and Company (UK) Ltd, 1993.
Journals
16. Col Szafranski, Richard USAF, “A Theory Of Information Warfare: Preparing for 2020”,
17. Col Kanwal, Gurmeet, “Cyber Warfare - War In The Mega Media Age”, Indian Defence
19. Col Allen, Patrick D, “The Palestinian-Israeli Cyber War”, Military Review, Mar-Apr
2003.
20. Lt.Col. Toomey, Christopher J, “C4ISR in the Stryker Brigade Combat Teams”, Military
21. Bickers, Charles, “Combat on the Web”, Far Eastern Economic Review, Aug, 2001.
22. Maj Zubair, Muhammad, “Information Warfare”, Pakistan Defence Review, Winter 2001
23. Sqn Ldr Saluja, A.R, “Cyber Security in the Defence Services”, USI Journal, Apr-Jun
2000.
24. Mishra, Shitanshu, “Network Centric Warfare in the Context of Operation Iraqi Freedom”,
25. Joshi, Akshay, “The Scourge of Cyber Terrorism”, Strategic Analysis, July 2000.
26. Brig Saleem, Muhammad Ashraf, “Information Warfare”, Pakistan Defence Review,
Summer 1999.
28. Cdr Clemmons, Byard Q and Maj Brown, Gary D, “Cyberwarfare: Ways, Warriors and
29. Titelli Jr, John H and Gerhardt, William P, “Information-Age Warfare: Solving Threat SOF
30. Richardson, Doug, “Information Warfare: New Threats and New Opportunities”, Asian
31. Singh, Ajay, “Information Warfare: Organizational Paradigm”, Strategic Analysis, January
1998, pp 1509-1518.
32. Sherman, Jason, “Info-war: What Kind of Defense”, Repertory, April 1998, pp 49-56
33. Machrone, Bill, “Protect and Defend”, PC Magazine, June 2000, pp 169-171.
34. Bakshi, G D, “The Gulf War Reassessed”, Strategic Analysis, September 1996, pp 901-
919.
35. Nifong, Michael R, “The Key to Information Dominance”, Military Review, May-Jun
1996, pp 62-67.
36. Sullivan, Gordon R and Dubik, James M, “War in the Information Age”, Military
Technical Report
Government Papers
38. Arquilla, John and Ronfeldt, David, Cyber War is Coming, 1996, RAND/RP-223,
40. Molander, Roger C / Riddile, Andrew S / Wilson, Peter A, Strategic Information Warfare:
Other Sources
41. Whitehead, Yulin G, “Information As a Weapon”, Thesis Presented to the Faculty of the
42. Adelphi Paper 359, “Protecting Critical Infrastructures Against Cyber-Attack”, The
43. Dawn Newspaper, “Hackers Attack on Microsoft Rings Alarm Bells in USA”, 29
October, 2000.
44. Washington Post, “Bush Orders Guidelines for Cyber Warfare”, 07 February, 2003.
Interviews
45. AVM Shamim Baig, Dir Gen, Centre for Cyber Technology and Frequency Management,
NUST, Islamabad
49. Air Cdre Khalid Banuri, Director (Addl) ACDA, SPD, JS HQ, Chaklala
50. Gp Capt Nisar Ahmed, DD (Computers), C4I Dte, SPD, JS HQ, Chaklala
AES
Advanced Encryption Standard. The United States encryption standard that replaced the older
and weaker DES standard.
AFCERT
Air Force Computer Emergency Response Team
AFIWC
Air Force Information Warfare Center
AHFID
Allied High Frequency Interoperability Directory.
AIA
Air Intelligence Agency at Kelly Air Force Base.
AIS
Automated Information Systems.
ATM
Asynchronous Transfer Mode.
C2
Command and Control: Command and control functions are performed through an
arrangement of personnel, equipment, communications, facilities, and procedures employed
by a commander in planning, directing, coordinating, and controlling forces and operations in
the accomplishment of a mission.
C2W
Command-and-control warfare. The integrated use of operations security, military deception,
psychological operations, electronic warfare, and physical destruction, mutually supported by
intelligence, to deny information to, influence, degrade, or destroy adversary command and
control capabilities, while protecting friendly command and control capabilities against such
actions. Command systems, rather than commanders, are the chief target, as in Persian Gulf
War.
C3I
Command, control, communications and intelligence.
C4
Command, Control, Communications, and computers.
C4I
57
DARPA
Defense Advanced Research Project Agency
Data driven attack
A form of attack that is encoded in innocuous seeming data which is executed by a user or
other software to implement an attack. In the case of firewalls, a data driven attack is a
concern since it may get through the firewall in data form and launch an attack against a
system behind the firewall.
DBK
Dominant battlefield knowledge.
Defense information infrastructure
The worldwide shared or interconnected system of computers, communications, data,
applications, security, people, training, and other support structures serving a nation's
military's information needs.
DES
Data Encryption Standard. The formerly popular algorithm for encrypting data. Now replaced
by AES.
DISA
Defense Information Security Administration. Military organization charged with
responsibility to provide information systems support to fighting units.
DISN
Defense Information System Network
DNS
Domain Name Service
DNS spoofing
Assuming the DNS name of another system by either corrupting the name service cache of a
victim system, or by compromising a domain name server for a valid domain.
DoD
Department of Defense.
DoS
Denial of Service. An electronic attack whose purpose is to prohibit an opponent the use of a
program or an entire system.
Dumster diving
59
ECM
Electronic Countermeasures. The use of any active or passive system to elude, degrade or
confuse hostile sensor/scanner suites and communications traffic.
EKMS
Electronic Key Management System.
ELINT
Electronic intelligence.
EMI
Electromagnetic interference.
EMP
Electromagnetic pulse. A pulse of electromagnetic energy capable of disrupting computers.
Computer networks, and many forms of telecommunication equipment.
EMP/T Bomb
A device to destroy electronic networks that is similar to a HERF Gun but many times more
powerful.
EMSEC
Emissions Security.
EPS
60
Information warfare is the offensive and defensive use of information and information
systems to deny, exploit, corrupt, or destroy, an adversary's information, information-based
processes, information systems, and computer-based networks while protecting one's own.
Such actions are designed to achieve advantages over military or business adversaries (Dr.
Ivan Goldberg's definition)
INFOSEC
Information Security: Protection of classified information that is stored on computers or
transmitted by radio, telephone teletype, or any other means.
ISS Internet Security Scanner
ISSO
NSA Information Systems Security Organization.
IW/C2W
Information warfare/command and control warfare.
Logic bomb
Unauthorized computer code, sometimes delivered by email, which, when executed, checks
for particular conditions or particular states of the system which, when satisfied, triggers the
perpetration of an unauthorized, usually destructive, act.
NSA
National Security Agency. This agency is charged with the tasks of exploiting foreign
electromagnetic signals and protecting the electronic information critical to U. S. national
security.
OODA
Observe – Orientate – Decision – Action (the decision loop)
OOTW
Operations other than war.
Phreaking
"Hacking" the public phone network.
PKI
Public Key Infrastructure.
PSTN
Public Switched Telecommunications Networks.
Psychological operations
62
Planned psychological activities in peace and war directed to enemy, friendly, and neutral
audiences in order to influence attitudes and behavior affecting the achievement of political
and military objectives. They include strategic psychological activities, consolidation
psychological operations and battlefield psychological activities.
PSYOPS
See: Psychological operations.
RMA
Revolution in Military Affairs. The realization by the military that information, and
information technologies must be considered as a weapon in achieving national objectives via
military activity.
SATAN
Security Analysis Tool for Auditing Networks
SIGINT
The interception and analysis of electromagnetic signals. Also, Intelligence recovered from
intercepted and decoded transmissions.
Spoofing
Assuming the identity of another as in sending email under someone else's name.
TEMPEST
Military code-name for activities related to van Eck monitoring, and technology to defend
against such monitoring.
Trojan horse
A seemingly harmless computer virus that turns out to be extremely destructive.
TST
Time-Sensitive Target: A target which requires immediate response because it poses (or will
soon pose) a clear and present danger to friendly forces or is a highly lucrative, fleeting target
of opportunity.
Virus
A self-replicating program that is hidden in another piece of computer code, such as an email.
Worm
63
A self-replicating destructive program that stands alone and spreads itself through computer
networks.