1

THEME

1. Manipulation of information has been a part of warfare since times immemorial. However, as

an instrument of national strategy, it is only in the last 10 years or so that information warfare has

gained special prominence as an element of warfare. Cyber warfare refers to conducting military

operations according to information–related principles, primarily against or in defence of military

connectivity and other vital elements of national power. It means disrupting, if not destroying,

information and communication systems. It may be applicable in low and high intensity conflicts, in

conventional and non-conventional environments, and for defensive or offensive purposes.

2. In this backdrop, study the term Cyber Warfare, determine its implications as a new paradigm

in warfare and identify the developmental way forward for Pakistan in this domain.
 2

THESIS STATEMENT

1. Throughout history, technology has brought about profound changes in military doctrine,

organization and strategy. Today, unprecedented changes are occurring in how information is

collected, stored, processed, communicated and presented. The past 25 years have witnessed

computer driven control, management and communication systems permeating nearly all strata of

military and civilian life. ‘Cyber Warfare’ aims at the degradation of these systems from the

standpoint of affecting connectivity of the military as well as other vital national organs and systems.

For nations, the implications of Cyber Warfare can be severe in terms of national security

compromises, and, therefore, it is crucial to develop a clear understanding of this new dimension in

warfare.

2 The process of understanding Cyber Warfare has to begin with a clear insight into its many

forms, characteristics and methods. This paper will, therefore, assign due coverage to that aspect.

Furthermore, any discussion on this new, and as yet developing concept, has to take into

consideration the overall cyber threat spectrum that countries such as Pakistan face and the level of

preparedness witnessed so far. The threat assumes significantly greater lethality when viewed in the

light of growing Indian mastery and capability in the field of information technology. The

introduction of erroneous or damaging information into computer driven and other electronic

systems has the potential of disabling vital national infrastructures, creating economic hardships and

disrupting military operations. Besides its formal dimension, the overall threat scenario also

encompasses an informal dimension, whereby, amateur hackers present a serious threat to sensitive

organizations through random as well as targeted attacks. Thus, Cyber Warfare has broad

ramifications for military organizations and doctrines. It would imply developing new doctrines
 3

about the types of forces needed, how to strike the enemy and what safeguards to implement against

own vulnerabilities.

3. This paper will, therefore, also identify the threat spectrum and corresponding response

options, bringing into discussion both the offensive and defensive facets of Cyberwar, and

recommending optimal and practicable strategies for developing requisite capabilities in this field.
 4

PREFACE

1. The modern era is being termed as the “Information Age”. The development in the field of
information technology has been so significant in terms of its impact on various spheres of human
life that it is now being recognized as a ‘revolution’, just as the agricultural and industrial revolutions
of the past. One major area of human activity that has truly been revolutionized is that of warfare.
The conduct of war essentially relies on information; knowing the battlefield, controlling the forces
and exercising leadership are the challenges that commanders have always been and will always be
faced with in the future. C4I2SR systems are now capable of providing real or near real time picture
of the battle field to the commanders, thus reducing the ‘fog and friction’ of war and enabling them
to take and transmit instant decisions to the lowest levels. C 4I2SR systems have become central to the
effective prosecution of modern wars; strategies are being formulated actively to disable the enemy’s
and safeguard own systems.

2. With the induction of modern communications and computer systems and their progressive
networking, new terms like cyber and information warfare have been introduced into the military
jargon. This new form of warfare presents an equally serious threat to certain non-military functions
of strategic significance as well, such as, telecommunications, electricity, financial and air/rail
transportation control systems etc. We cannot even begin to imagine the difficulties, and in some
cases devastation, that would follow as a consequence of any large scale or prolonged failure of these
systems caused by malicious tampering.

3. While much of the current hype on information/cyber warfare is based on futuristic scenarios,
barring the few military oriented manifestations noted in Gulf War-1 (1991) and Kosovo (1997), it
would be a lesson learnt the hard way if a country was to find itself ill-prepared or slow in reacting to
such an onslaught. Therefore, nations and military organizations that fail to prepare for this new type
of warfare will be of little relevance during future conflicts. With an increasingly modern
infrastructure, Pakistan and her armed forces are becoming more and more susceptible to such
warfare and therefore, need to remain on guard and battle ready in this sphere as well.

4.I am grateful to my advisor, Air Commodore Javed Anwar, for his valuable guidance and the
freedom of action granted to me during this study. Some other people I am indebted to for their
time, guidance and inputs are AVM Shamim Baig (NUST, Rawalpindi), Brig (Retd) Tariq
 5

Salahuddin (ISI, Islamabad), Brig Mukhtar (C4I Directorate, GHQ Rawalpindi) and Mr Shahid
Mahmood (Interactive Communications, Islamabad). Lt Col Saif and his staff at the NDC library
also require a special mention for their tremendous support during the research phase of this study.

5. Finally, it is now my conviction that because of its universality and threat potential, a subject

such as information or cyber warfare needs to be studied by all professional military officers and

their civilian counterparts. This would enable us to better understand the nature and implications of

this new threat to national security.

 6

CHAPTER - 1

INTRODUCTION

“Information Warfare – A wolf in sheep’s clothing.”1

1. The information revolution that gained momentum in the last two decades has virtually

changed our way of thinking and living. Throughout history, information has undeniably been an

important resource of humans in fulfilling their endeavors. However, the tremendous qualitative

change that has come about in this time and age was made possible only due to the development of

information technologies that allow information to be collected and disseminated accurately and

within a short span of time.

2. Information has now become critical in many spheres of human activity, which leads to two

conclusions. First, the overall efficiency and effectiveness of human endeavors have increased and

second, with growing dependence on information, its vulnerability to a disruption in its flow or

quality has also increased. It is this fact that has given rise to the idea of information warfare. Cyber

warfare can be understood within the broader context of information warfare as the two terms are

often used interchangeably, especially in the realm of military operations.

3. Warfare is no longer primarily a function of who puts the most capital, labour and technology

on the battlefield, but of who has the best information about the battlefield. 2 While the concept of

information warfare has fast gained acceptance, a true understanding of what it is, lags behind. As a

consequence, there are no fewer than 27 different definitions of Information Warfare (‘IW’) within

USA’s Department of Defense. One of the most elaborate definitions states, “Information Warfare

relates to actions taken to achieve information superiority by affecting adversary’s information,

information–based processes, information systems and computer based networks, while defending

1
An article by Lennart Borg, analyst, Swedish Employers’ Confederation
2
John Arquilla and David Ronfeldt, ‘Cyber War is Coming’ (RAND paper RP-223, 1996), P141
 7

one’s own”.3 Current USAF perception on ‘IW’ states, “Information Warfare is any attack against

an information function, regardless of the means”.4 Therefore, while bombing a telephone

switching facility is information warfare, destroying its software too is information warfare.5

Because of its evolutionary nature, coming to grips with information warfare is like the effort of five

blind men in discovering the nature of the elephant - the one who touched its leg called it a tree, the

one who touched its tail called it a rope, and so on. In theory, it would be possible to subdue an

adversary through information warfare, without firing a single bullet. The following famous quote

from Sun Tzu clearly characterizes the ultimate goal of ‘IW’:

“To win a hundred victories in a hundred battles is not the acme of skill, but to subdue the enemy

without fighting is the acme of skill”.6

Information Warfare Vs Cyber Warfare

4. As stated earlier, there is neither a standard definition existing on ‘IW’ at this time (even

though there is broad agreement on what ‘IW’ implies), nor a standard methods list. Some authors

divide the entire spectrum of ‘IW’ activities into ‘Net War’ (societal side of ‘IW’) and ‘Cyber War’

(military side of ‘IW’) as in the case of the RAND report on cyber war. 7 Basing information

warfare on these two pillars (Netwar & Cyberwar) has merit, because in such a case, cyber war

encompasses all ‘IW’ methods with military connotations, such as, Command & Control warfare

(C2W), Psychological, Hacker and Electronic warfare etc. Therefore, in that sense, ‘Cyber War’ is

analogous to ‘IW’. Resultantly, the term ‘IW’ and ‘Cyber War’ are generally used

interchangeably. A brief description of cyber war is given at Annex ‘A’ and a glossary of most

common information warfare terms is placed at page 51.

3
Yulin G Whitehead, ‘Information as a Weapon’ (Thesis presented to the Faculty of the School of Advanced Air
Power Studies, January, 1999), P4
4
Ronald R Fogleman, ‘Cornerstones of Information Warfare’ (USAF, 1995), P4
5
Ibid
6
Sun Tzu, ‘The Art of War’ (Reprinted by Wordsworth Editions Ltd, 1978)
7
John Arquilla and David Ronfeldt, ‘Cyber War is Coming’ (RAND paper RP-223, 1996), P141
 8

Objectives of Information Warfare

5. Strategic Level. The aim at the strategic level is to influence the adversary’s

information sources and systems so as to affect his decision making and controlling processes. Three

questions need to be addressed prior to the launch of such a campaign. 8 First, what is the

relationship of the information warfare campaign to the larger aims of the campaign? Second, what is

it we wish the adversary leaders to know or believe when the information warfare campaign is

concluded? Third, what are the best “IW’ tools and weapons to employ in order to meet the

established success criteria? That is how ‘means’ and ‘ends’ would be related to each other.

6. Operational/Tactical Level. At the operational/tactical level of war, offensive Cyber

warfare will aim at degrading and disrupting enemy’s capabilities to wage war. The focus would be

to deny, disrupt, destroy, or otherwise control an adversary’s use of information and information

systems through viruses in software, electronic warfare, physical attacks, destruction of Command

and Control targets, intelligence and other information systems supporting enemy operations.

Consequently, a successful cyber attack, for example on an air defence controlling hub may corrupt

the system to an extent that real time information ceases to be available or it may become impossible

to distinguish friend from foe.

Methods of Information Warfare

5. There are seven distinct forms of information warfare aimed against military forces and state

infrastructures.9 These are fought both offensively and defensively, and are briefly defined in Annex

‘B’. The methods are:-

a. Command and Control Warfare (C2W)

b. Electronic Warfare (EW)

8
Brig Javed Akmal, ‘Information Warfare’, (Group Research Paper, NDC, Islamabad, 1996), P16-18
9
Martin C Libicki, ‘What Is Information Warfare’ (NDU Press, 1995), P7
 9

c. Intelligence-Based Warfare (IBW)

d. Psychological Warfare (Psyops)

e. Cyber Warfare

f. Hackers Warfare

g. Economic Information Warfare

6. With the ongoing developments in IT in Pakistan, both civil and military sectors are

vulnerable Cyber targets for India. As the armed forces modernize and build new capabilities, they

will increasingly rely on critical digital electronic information to store, process and move essential

data for planning, directing and executing operations. While on this path, there has to be a clear

recognition of the powerful and sophisticated threats that exist at this time and which could exploit

security weaknesses in many of these new systems. There are thus, serious security implications for

Pakistan, particularly the armed forces, while adapting to new technologies. Therefore, there is a

pressing need for a comprehensive and integrated approach towards defending Pakistan’s critical

infrastructure and its command and control systems from a fast growing Cyber threat, not only to

defend ourselves but to take all necessary measures to take Cyber war to the enemy’s frontiers if

required.

7. Aim. The aim of this paper is to study the term Cyber Warfare, identify the overall threat

spectrum and its implications on Pakistan as a new paradigm in warfare, and present

options/strategies for Pakistan for the conduct of warfare in this domain.

 10

CHAPTER - 2

MILITARY INFORMATION OPERATIONS

“….If (IT) is the vanguard of the new technological revolution then information

warfare will be the core of the new military revolution.”10

1. For a comprehensive understanding of Cyber/information warfare precepts, it would be

prudent to first develop an insight into military information operations. Military decision makers

have long regarded the ability to generate and assess information in a timely manner as vital.

Accordingly, the development of tools required to gather and process information has all along been

in step with today’s rapid pace of technological development. This has enhanced the criticality of

information for military forces to an extent that ‘information systems’ are now a significant part of

the conventional warfare capability. For an understanding of the expression ‘Military Information

Operations’ (MIO), an examination of each of its three terms would be useful.11

Military

2. ‘IW’ is an emerging new paradigm of warfare, and information operations are likely to be as

common place in the near future as any present day conventional warfare tactic. Military planners,

therefore, need to start developing information skills and strategies as part of their capabilities, with

an ultimate aim of preparing forces for full-scale information wars.

Information

3. Information is obtained by processing data, while data itself is the product of some

observation. The processed data has to be presented in a particular format for it to be called

10
Quote by Zhang Qinsheng, Chinese Military Strategist, 1998
11
Sqn Ldr C J Westwood, ‘Military Information Operations in a Conventional Warfare Environment’(Air Power
Studies Centre Paper No 47, 1996), P8
 11

information. This format could be in a human readable form or a machine-readable sequence. The

result is information and this can be manipulated to enable decisions to be made.

4. Information System. An information system consists of data, hardware, software,

communications, people and procedures. Any individual element of the information system, as well

as information processes which convert raw data into various forms of information, may provide a

suitable target for physical or cyber attack. The information system as a whole, and not just the

information itself, is the target of information operations.

Operations

5. Information operations (IO) seek to influence the decision making process. These are

offensive and defensive activities aimed at all levels of the decision making process, and are focused

directly on warfare. In the modern warfare environment, attacking and defending information

systems is a vital combat task, which requires strategies to be formulated within the overall military

plan.

6. From the foregoing, a definition of MIO may now be obtained, which is, “Any activity that

consciously targets or protects the elements of an information system in pursuit of military

objectives”.12 The three factors fundamental to the success of MIOs are as follows:-

a. Planning. An MIO strategy requires careful planning, starting with the selection of

an achievable aim. MIOs must remain focused on the overall military strategy.

b. Security. An information operations strategy would be ineffective if the enemy

knows the plan. Therefore, the integrity of friendly software, hardware,

communications, procedures, people and strategies is essential for successful conduct

of MIOs.

12
Ibid, P9
 12

c. Intelligence. Availability of comprehensive and real time intelligence support to

‘IW’ warriors on an enemy’s information system, and its likely reactions in the event

of an information attack, is crucial for planning successful attacks.

Information as a Weapon

7. Security is no longer defined by armed forces standing between the aggressor and the

homeland alone. The weapons of ‘IW’ have the capability to outflank and circumvent military

establishments. In general terms, the information weapon will be an effective tool to supplement the

military’s arsenal of more traditional weapons. Its application, prior to actual engagement of forces,

will make conventional attacks more effective against a blinded and degraded enemy. However,

some experts are of the opinion that nations should not consider the information weapon to be a

technological ‘silver bullet’ that could completely subdue an adversary’s will and capacity to fight.

8. Some advocates of information warfare refer to Col. John Warden’s view of the enemy as a

system13, and state that since the outcome of a war is the product of ‘will’ (morale) and the ‘capacity

to fight’ (physical), it follows that if the physical side could be driven close to zero, even the best

morale in the world would not produce a favourable outcome for the enemy. According to Col.

Warden, the physical side is easier to target than morale, and on this basis, these advocates strongly

argue in favour of information warfare being used as a means of decimating the enemy’s capacity to

fight, i.e., the physical side.

‘IW’ and the ‘OODA’ (Observe – Orientate – Decision – Action) Loop

13
John. A. Warden, ‘The Enemy as a System’ (Aerospace Power Journal No 1, 1995), P40-55
 13

9. The OODA loop concept has been applied to most aspects of modern warfare. A constantly

evolving military education system and continuously improving technology has altogether changed

the reference of time in warfare as clearly depicted in Figure1 below.14

The ‘OODA’ Loop

Revolution
Observe: telescope
Orient: weeks Civil War
Decide: months Observe: telegraph
Act: a season Orient: days
1776-1783 Decide: weeks
WW-II
Act: a month
Observe: radio/wire
1861-1865
Orient: hours
1776-1783
Decide: days
Gulf War Act: a week
Observe: near real time 1939-1945
Orient: minutes 1776-1783
Tomorrow Decide: hours
Observe: real time Act: a day
Orient: continuous 1990-1991
Decide: immediate 1776-1783
Act: hour or less
20??
1776-1783
Figure 1

10. This is a clear reminder of the significance of staying inside the enemy’s decision loop.

Successful C2W operations will, therefore, increase the enemy’s decision cycle – his ‘OODA’ loop –

to such a point that he will become increasingly vulnerable.

Catastrophic Failures

11. Cyber war has the potential of affecting large segments of population by creating lack of

food, fuel, medical care, or by causing utilities failure, which, besides having severe implications for

14
Gordon R Sullivan and James M Dubik, ‘War in the Information Age’ (Military Review, April 1994), P47
 14

the military, could inflict great general pain and chaos.15 Since information networks and computers

today are integral parts of all aspects of human life, Cyber attacks have the potential to cause failure

or collapse of:-

a. Electric/power grids.
b. Telephone/telecommunication systems.
c. Air/rail traffic control systems.
d. Banking and Financial systems.
e. Water supply systems
f. Day to day government functioning
g. Emergency and vital services
h. Military operations

12. Cyber War Techniques as Weapons of Mass Destruction (WMD). A major issue

under active consideration at present relates to whether cyber war weapons be declared as WMDs.

The question is, would blinding enemy leaders affect their will to fight? Would they actually

surrender, or would blinding operations actually backfire and panic adversary leaders into using

WMDs? For example, Russia adopted a military doctrine in November 1993, which indicated that

during an East-West conflict, an attack on Russia’s early warning system for strategic nuclear forces

is possible. With their sensors blinded and C2 systems destroyed, the Russians might assume the

worst and resort to their intact and still operable arsenal of strategic nuclear weapons. The question

that arises is, how can the information warfare advocates be certain that Russia would not employ

nuclear weapons16?

13. The issues and subjects presented in this chapter are specifically concerned with the conduct

of military information operations, and the effects that Cyber warfare is capable of generating. The

stage is now set to examine as to how information warfare is conducted offensively and defensively.

15
Cdr Byard Q Clemmons and Maj Gary D Brown, ‘Cyberwarfare: Ways, Warriors and Weapons of Mass
Destruction’ (Military Review, Sep-Oct 1999), P43
16
Op.cit. Whitehead, ‘Information as a Weapon’, P29
 15

CHAPTER - 3

CYBER WARFARE METHODOLOGIES

“You may not be interested in war, but war is interested in you.”17

1. As an instrument of statecraft, information operations can be employed in support of national

policy generally in the same manner as diplomacy or economic policy. One of the major

characteristics differentiating information operations from other instruments of statecraft is that these

can impose severe damage with low levels of violence. Cyber warfare can be conducted in two

domains - defensive and offensive. The entire range of information operations would require both

offensive and defensive elements to be exercised for a comprehensive cover involving denial,

protection and assurance.

Defensive Information Warfare (IW-D)

2. Defensive information warfare seeks to protect information resources from attack. The

sources to be defended include decision makers, the information and information-based processes

they rely on and their means of communicating their decisions. IW-D requires a proactive rather

than a reactive approach. The aim is to preserve the integrity of the resource, or in the case of a

successful attack, to be able to make full recovery.

3. Unauthorized computer intrusions / break-ins have emerged as a major security hazard for

military and other government organizations. A 1995 estimate reports an alarming 250,000 attacks

on US Department of Defense computers 18. Only 5% of the attacks are noticed by the victim. With

computers playing an ever-increasing role in military affairs, the requirement to setup defenses

against such break-ins assumes a vital significance for military organizations.

17
Quote by Leon Trotsky
18
Jason Sherman, ‘Info-war: What Kind of Defense’ (Repertory, April 1998), P50
 16

4. Threat Topology. As discussed in chapter 1, military ‘IW’/Cyberwar can be

accomplished in 6 ways (after excluding economic ‘IW’ from the military domain). Four of these

methods (C2W, IBW, EW and Psyops) have long remained recognized features of modern

conventional / unconventional warfare. What is new in C 4I is, the aspect brought in by the

introduction of computers and the manner in which it has revolutionized the conduct of military

operations. Cyberwar, as it is generically called, is a range of computer operations aimed at

destroying or degrading the adversary’s C2W, IBW, EW and Psyops capabilities, while protecting

one’s own. The attacks on C2W, IBW & EW systems could result in hard kills, as in the case of a

physical attack, or soft kills, as in the case of an information attack through computers or other

electromagnetic (EM) devices. C2 systems are vulnerable because they tend to be centralized, while

IBW and EW systems are vulnerable because they rely on sensors and the communications that unify

them. Similarly, success in Psyops mainly depends upon the levels of morale and motivation

prevailing in the force. Annex ‘C’ presents a topology of some basic threats to a C 4I system.

Included in it are elements that are threatened and defensive measures that are recommended to be

adopted. The recommended measures are elaborate, but by no means, complete.

5. Who is Vulnerable? Purely from a cyber perspective, any computer system, which is not

a closed loop system and is accessible from the outside through an internet connection or a dial-in

facility, is vulnerable to cyber attack through hacking. A major problem in this connection is the

difficulty in distinguishing cyber attack symptoms from a normal system malfunction.

6. Types of Cyber Defense.19 The following system controls provide the most effective

defense against various forms of cyber attacks:-

19
Dorothy E Denning, ‘Information Warfare and Security’ (ACM Press Books, 1998), P38
 17

a. Prevention. This serves to keep an attack from occurring by denying the offensive

party access to the target information resource. Defenses include:-

(1) Information Hiding. It aims to prevent unauthorized disclosure of

information. Data encryption is amongst the most effective means available to

achieve this. Encryption can be used to protect stored data, including

complete files or communications, phone calls, fax transmissions and e-mail.

Encryption keys of upto 56-bit have already been broken.

(2) Shielding. Computers, monitors, printers and fax machines all give off

electromagnetic signals, which are vulnerable to interception (Van Ecq

phenomenon). Such equipment has to be shielded to protect it from receptors

that pick off electro magnetic signals.

(3) Authentication. This refers to mechanisms for confirming the identity of

people and authenticity of information. Passwords and call back mechanisms

can help guard against cyber intruders. The degree of difficulty for breaking a

password increases tremendously if the password consists of as long a string

as possible (at least 8 characters), and if the character set includes other non-

alphanumeric characters from the keyboard (#, <, %, ^, etc).

(4) Access Controls. These serve to enforce an authorization policy, which

specifies what activity is allowed and who all are allowed to initiate it.

Enforcement mechanisms include firewalls, log-in programmes and other

controls. A firewall is a network monitor or collection of monitors placed

between an organization’s internal network and the internet, or between two

local area networks. The objective is to keep intruders, malicious code, and
 18

unwanted information out. A firewall is essentially a guarded gateway

between two networks.

(5) Vulnerability Assessment and Avoidance. This aspect aims to find and

eliminate security holes in information resources and human practices.

Mechanisms include personnel screening, security training and awareness,

network scanning and backups. Backup systems are a protection against loss

of data and service.

b. Intrusion and Misuse Detection. These mechanisms aim to detect unauthorized or

damaging activity either at its onset or after the fact. This can be done by watching

current activity or by reviewing audit logs. These operate on the principle that it is

neither practical nor feasible to prevent all attacks.

Offensive Information Warfare (IW-O)

7. An offensive military information operation is one that targets or exploits the elements of an

adversary’s information system in pursuit of military objectives. Offensive operations are attractive

because they are cheap in relation to the cost of maintaining advanced military capabilities.

Additionally, these operations have the capability to produce large effects from a meager effort.

However, as of now, these are meant to augment rather than replace military’s conventional

capability.

8. Scope. Offensive ‘IW’ revolves around the same six methods that were discussed in the

domain of defensive ‘IW’. Military operations against four of the more recognized of these methods,

i.e., C2W, EW, IBW and Psyops, could be undertaken by employing conventional as well as cyber

techniques. In both cases, consolidation of offensive capability would not only require a dedicated

effort, but some hardware acquisitions as well, particularly in the realm of EW and IBW. Hacker

warfare is one of the most effective cyberwar techniques that could be applied to these methods in
 19

order to augment other conventional warfare efforts. Annex ‘D’ presents a brief outline of how all

can an adversary’s C4I system be attacked.

9. ‘IW’ Weapons. Computers can be used as weapons in their own right. Although

generally strategic in nature, computer operations can be applied to the tactical and operational

components of the conventional warfare environment, such as in support of C2W, EW or Psyops

operations etc.20 The various types of ‘IW’ weapons are briefly covered at Annex ‘E’. A brief

history of computer viruses is also attached as Annex ‘F’.

10. Hacker Warfare. The process of breaking into a computer, with or without malicious

intent, is called ‘hacking’. Tremendous benefits can be derived by employing hacking techniques as

an offensive tactic. Knowledge of information stored in an enemy’s database, and the capabilities,

vulnerabilities and architecture of any targeted system, can be successfully found out using hacking

techniques. In future wars, information derived from hacking will become an important source of

intelligence, allowing manipulation or destruction of the enemy’s decision-making support systems.

The various tools available to a hacker are network scanners (SATAN, ISS etc), packet sniffers,

password crackers, buffer overflows and social engineering.

11. The criticality of this type of warfare can be gauged by the fact that a DDOS (Distributed

Denial of Service) attack on Pakistan’s internet gateway infrastructure in 2002, caused a general

month long slow down of the internet service and recovery from this attack presented a significant

challenge to system managers.21

12. In an incident prior to the 1991 Gulf war, five hackers from Netherlands penetrated computer

systems at 34 US military sites on the internet, including sites that were directly supporting

Operation Desert Storm. They obtained information on troops, weapons and movement plans and

then exited without leaving any traces. They could have changed logistic plans, but they did not.

20
Op.cit. Sqn Ldr Westwood, ‘Military Information Operations’, P17
21
Brig Tariq Salahudin (Retd), personal interview, 9 October, 2004
 20

Then they tried to sell this information to Iraq, but fearing an entrapment, Baghdad declined the

offer.22 This example clearly illustrates the power that a successful hacker can wield over crucial

military plans. ‘Hacktivist’ is a new term coined to describe those hackers who are social and

political activists taking up a cause.23

13. This chapter has examined the various offensive and defensive cyber warfare methodologies

in detail. On the defensive side, the major conclusion is that computer systems must possess

adequate protection to combat unauthorized intrusion attempts, while on the offensive side, major

conclusions relate to the necessity of developing ‘IW’ weapons (EMP bombs etc), and skills for

hacker warfare. This provides a sound basis for gauging own vulnerabilities and strengths, viz-a-viz,

information warfare, in the next chapter.

CHAPTER - 4

THREAT SPECTRUM AND VULNERABILITIES

“To err is human; to blame it on computer is even more.”24

1. Pakistan’s ideological moorings, strong diplomatic and moral support to the Kashmir

freedom struggle and her indigenous nuclear programme continue to trouble the West in general and

India in particular. Therefore, there are multiple pressures on Pakistan despite her crucial role in the

22
Op.cit. Denning, ‘Information Warfare and Security’, P3
23
Yashwant Deva, ‘Secure or Perish’ (Ocean Books Pvt Ltd, New Delhi, 2001), P71
24
Op.cit. Yashwant, ‘Secure or Perish’, P161
 21

post 9/11 scenario and the ongoing efforts to improve ties with India. India is expected to continue

looking for opportunities to degrade our military and economic potential because of our stance on

Kashmir. Pakistan is, therefore, a ripe target for attacks in the fifth dimension as well, i.e., the Cyber

dimension. There is a general perception that since Pakistan does not rely totally on computers and

information systems, Cyber threat to Pakistan is minimal. This however, is not true for two reasons.

First, as explained earlier, information warfare is not just about computers, and second, whatever

infrastructure Pakistan possesses, has already come under attack on many an occasion in the past

(briefly referred to at para 11 of Chapter-3). In fact, with the type of infrastructural and economic

growth that Pakistan is undergoing at this time, warfare in the fifth dimension would only grow

deadlier in quality and magnitude as time passes.

Pakistan’s Cyber Vulnerabilities

2. The main vulnerabilities/constraints are as follows:

a. We still lack a dedicated and cohesive national policy on Cyber warfare, although an

IT policy has already been issued.

b. Lack of awareness amongst the general public about information warfare (IW) and its

impact on national security.

c. While several limited initiatives have been undertaken to counter Cyber threats, there

is lack of an effective central body to coordinate, augment and strengthen efforts

25
against cyber threats at the national level. In USA, the CERT/CC team serves as a

focal point on such matters.

d. A general lack of security culture, viz-a-viz, electronic sources of information.

Greater automation may lead to more security leaks unless checked conscientiously.

25
Computer Emergency Response Team/Coordination Center (established at Carnegie-Mellon University)
 22

Likely Adversaries

3. Warfare in the virtual realm knows no boundaries. An Indian sitting in New York can target

Pakistani interests with as much stealth and force as one sitting in New Delhi. Wherever a Cyber

threat to Pakistan comes from, its design and contours are more or less going to be the same. Hence,

the type and intensity of safeguards will not vary significantly (some exceptions notwithstanding).

The Indian Threat

4. ‘IT’ Development in India. It is said that, in future, IT would be to India what the oil is

to the Gulf. India has one of the fastest growing IT industries in the World. She is well poised to play

a significant role in the 21st century due to the availability of outstanding talent in IT sector. With a

vibrant IT industry, the IT infrastructure is expanding in the industrial, economic and military set ups

at a rapid pace. The country is an exporter of engineers and scientists to the west. 37% of top

Microsoft officials are Indians. While the Indian IT industry earned revenues of US $8.6 billion in

the year 2000, the Indian National Association of Software Companies (NASSCOM) predicts that by

2008, projected revenues from India's software industry would zoom to $87 billion out of which $50

billion would be earned from exports.26

5. Indian ‘IW’ Programmes. The Indian military has taken advantage of India’s

remarkable growth in the ‘IT’ sector, and has launched several ‘IW’ related projects in all three

services. The programmes envisage that all management, communications, logistics and intelligence

gathering activities would be executed and coordinated through computers based on protected local

and wide area networks. India is producing about 55,000 high quality software professionals each

year, which add to an already impressive pool. The Indian Army plans to get ‘wired up’ by 2008

with fully automated management and operational systems. It is also setting up an ‘IT’ school for

training its officers and to develop software for its needs. Needless to say, this would provide the

Indians with a sound platform for conducting information warfare. Indian capabilities can further be
26
NASSCOM – Mckinsey report (www.indianembassy.org/indiainfo/india_it.htm)
 23

augmented by a large population of expatriate Indians working in USA’s Silicon Valley. These

highly experienced and capable professionals will almost certainly be used to conduct ‘IW’ against

Pakistani strategic and military targets prior to, or during the next Indo-Pak conflict.

6. Indian Navy. The Navy has been the most progressive in its ‘IW’ programme. It has

successfully developed ‘Trinetra’27, a secure indigenous system to transmit secret military data. The

system is capable of transmitting encoded secret military messages. A Navy analysis states that ‘IT’,

‘IW’ and exploitation of space based surveillance and reconnaissance capabilities were essential to

safeguard India’s strategic frontiers.

7. New Doctrines. At present, the Indian armed forces are busy developing new doctrines

based on information warfare requirements. The Navy has already published such a document. This

is a major institutional step designed to bring Indian armed forces in the fold of ‘IW’ education. The

programmes launched by the Indians would certainly bring about a force multiplier effect on the

country’s regional concerns and conflicts.

Insiders and Moles

8. The most significant threat to the security of information infrastructure comes right from

within. According to an international research conducted by ‘Datapro Research’ in USA, internal

breaches account for ‘57% of all security incidents globally’. Some analysts go even further and

opine that it could be ‘as high as 80% of all security incidents’. 28 Moles are often planted by

intelligence agencies while others operate on their own for making quick money or just for the kick

of it.

9. Internal hackers often install commercially-available password ‘sniffers’, which gives them

unauthorized access and enables them to record log-on scripts and use the accounts of others. The

27
Rahul Bedi, ‘Mixed Fortunes for India’s Defense Industrial Revolution’ (Jane’s International Defense Review, May
1999), P29
28
Op.cit. Yashwant, ‘Secure or Perish’, P81
 24

main source of virus infection is not from the Internet, but from use of corrupt floppies and pirated

software. In this regard, the government departments invariably emerge as major culprits. There are

usually no checks on employees and visitors bringing in and taking out floppies.

Implications for Pakistan

10. The Indian ambitions of becoming an important global player are abundantly clear from her

growing economic and military potential, and her jostling for a permanent UNSC seat. Therefore, in

order to firmly establish her regional credentials, India has been attempting to coerce her neighbours

either with political pressure or military muscle. Cyber warfare provides her with yet another

effective and relatively convenient tool to apply coercion without causing international upheaval.

With a clearly demonstrated excellence in the field of IT, India possesses a credible and well

established capability to engage offensively in Hacker warfare. The future Cyber warfare threat from

India may have following implications for Pakistan:

a. Employment of Cyber weapons such as viruses, logic bombs, Trojan horses and EMP

devices to disrupt military/civilian communications infrastructure and critical

networks in Pakistan (DEFCOM, PASCOM, PAFCOM and NAVCOM providing

crucial military connectivity for various services).

b. Digital attacks on Pakistan’s financial infrastructure to inflict financial losses and

economic degradation.

c. The early warning and surveillance systems including completely networked air

defence system of Pakistan and armed forces command and control can come under

cyber attacks and have to be guarded.

d. As information becomes a strategic resource, security of armed forces C 4I, mission-

critical systems like nuclear command and control and missile control systems may

come under cyber attacks.

 25

e. Energy sector including power, oil and natural gas can be seriously disrupted.

f. Transportation including railways, national highways, civil aviation, airports (Air

Traffic Controls) and seaports are vulnerable to cyber attacks.

g. Telecommunication and space including telephone, media services, research

organizations are vulnerable. Vital public utilities and services such as, water supply,

hospitals and emergency services are also candidates for cyber attacks.

h. Defacement of Pakistani websites and misinformation campaign on internet may be

carried out for propaganda purposes.

11. In the light of concrete evidence of possession of Cyber Warfare capability by India and its

implications for Pakistan, positive and urgent steps have to be taken to overcome vulnerabilities

outlined at para 2 of this chapter. Foremost amongst these is the need to address infrastructural

flaws, i.e., absence of a central body to consolidate all Cyber Warfare efforts at national level, and

the lack of a cohesive national policy on Cyber War. This is closely followed by the need to enhance

general awareness on ‘IW’ and put in place a well entrenched electronic security culture in

government establishments.
 26

CHAPTER - 5

RESPONSE OPTIONS AND STRATEGIES

“As an innovation in warfare, cyber war may be to the 21st century what

blitzkrieg was to the 20th.”29

1. The basic point to remember while devising a Cyber war strategy is the fact that everything

cannot be secured. Also, security cannot be defined in absolute terms; it keeps changing, and,

therefore, attainment of security is only a relative phenomenon.

2. As stated earlier, there is no unifying body at the national level to coordinate, augment and

strengthen efforts against cyber threats at the national level. There is however, ample evidence to

suggest that an encouraging and continuous rise in awareness levels about cyber warfare is taking

place within service headquarters and departments considered vital for national security. 30

Accordingly, requisite steps have either been taken or are in process to fill security gaps and provide

29
John Arquilla and David Ronfeldt, ‘Cyber War is Coming’ (RAND paper RP-223, 1996)
30
Deduction made on the basis of personal interviews conducted during the course of research.
 27

for a long term, flexible and sustainable defense mechanism. That said, the need for a central

controlling/coordinating body at the national level indeed remains paramount.

3. Information Security Needs. Any Cyber strategy has to first and foremost address

issues relating to adequacy of own system’s cyber defence. Only then would it become logical to

progress towards devising an offensive strategy to take cyberwar to the enemy’s front. A wholesome

Cyber strategy designed to succeed must encompass the following features to ensure information

security (infosec) and a favourable ‘OODA’ loop for own forces:

a. A positive and visible change in the security culture prevailing within our offices (which

at this time is quite lax to say the least).

b. Physical security of the premises.

c. Network security, including security management and operating procedures.

d. Communications security (comsec)

e. Cyber security (cybersec) including virus protection

f. Computer security (compusec)

g. Data security (datasec)

h. Hardware emanations (TEMPEST or Van Ecq phenomenon)

j. Protection against chipping attack

4. Cyber Strategies. A strategy to conduct cyber warfare can be devised under three heads:

a. Defensive Strategy

b. Offensive Strategy
 28

c. Core Strategy – common to both the defensive and offensive domains

Defensive Strategy

5. An introduction to the overall threat spectrum, as given at Annex ‘G’, clearly indicates that

the task of creating defenses against cyber war is a difficult one. There are many holes to plug, and

where a cyber warfare strategy has yet to evolve, one may only proceed by making a selective

beginning, focusing initially on critical areas. The concept for defending the infra structure should

basically revolve around the requirement of keeping critical functions and systems operable in the

presence of cyber attacks. The risks associated with such degraded systems must be managed, since

cyber warfare is now a reality and cannot be set aside. Besides ensuring physical security, the main

elements of a defensive strategy are as follows:

a. Encryption Policy. It is widely known that, by law, USA’s National Security

Agency (NSA) acquires master keys to all equipment manufactured in USA.

Therefore, the emphasis should be on getting customized encryption solutions

developed (both hardware and software) locally, rather than using commercially

available ones. This is the only effective way of keeping ‘Trojan Horses’ and other

trapdoors at bay.

b. Frequent Encryption Key Changes. This is a highly effective means of

ensuring the integrity of the encryption process through a more responsive,

customized and indigenized system.31

c. EM Shielding. Provide for electromagnetic and electrostatic shielding of all

important communication nerve centers.

d. Network / Single Computer Safeties. The minimum securities required to be

installed on networks or stand alone computers are:

31
Op.cit. Denning, ‘Information Warfare and Security’, P286
 29

(1) Use of passwords and immediate change of default passwords upon receipt of new

machines.

(2) Incorporating effective firewalls into the systems.

(3) Backup copies of vital data should be saved on CDs. This protects data from

destruction due to HERF gun/EMP attack.

(4) Use of non licensed software be strictly avoided

e. Security Culture. This is an over-riding requirement in order to eliminate

possibility of action by ‘insiders’ or cases of data loss through theft or neglect.

f. System Integrity Checks. Formulation of special Hacker teams to check out

resilience of own system defenses against cyber attacks would assign the desired

degree of operational credibility to the system.

g. TEMPEST Proofing. Make structures in critical areas TEMPEST proof.

Offensive Strategy

6. Attackers and defenders are locked in an ongoing battle of wits and resources in cyberspace.

However, the attacker is usually one step ahead of the defender because he can pick the time, place,

medium and method of attack.32 Military forces have to develop their own potent and credible

offensive capability in the form of information operations and cyber warfare in order to stay relevant

in the face of this paradigm shift in warfare.

7. Hackers Warfare. Pakistan will have to develop a core capability in this type of warfare

by granting requisite academic and practical training to selected personnel in the science of computer

break-in, virus generation and virus insertion etc. These hackers will form the backbone of any

32
David S Alberts, ‘Defensive Information Warfare’ (NDU Press, 1996), P33
 30

offensive cyber war effort aimed at rendering enemy’s C4I systems and critical elements ineffective.

Capabilities of a ‘hackers-based’ computer warfare offensive task force would need to include the

following:

a. Ability to inject viruses in a controlled environment to target only the desired

networks.

b. Overloading of key computers.

c. Ability to turn off power stations

d. Ability to disrupt communications by attacking computers that control the

communication grid.

8. Miscellaneous Requirements. The following additional capabilities would need to be

developed to carry out offensive operations:-

a. ‘IW’ Weapons. A brief description of the weapons needed to be developed as

part of offensive Cyber warfare is provided at Annex ‘E’.

b. Psychological Operations (Psyops). Psyops aim to influence behaviour by

affecting the human psyche through fear, logic and other mental factors. It can target

an entire nation for the purpose of influencing its policies. Television and internet

have to be concentrated upon as tools of perception management.

Core Strategy

9. Some basic institutional level changes would be required to ensure that the concept of

information warfare takes firm roots as a new paradigm of warfare.

10. Capability Assessment. Continuous assessment of Indian and Western Cyber Warfare

capabilities would be vital in order to adjust own response/action appropriately. This would require
 31

yet another crucial facet of information warfare, that of intelligence gathering, to be developed and

strengthened in order to remain relevant in this new realm of warfare.

11. Higher Qualification in Cryptology. The science of cryptology does for electronic

information, what locks do for printed information. 33 It would be vital for any organization to have

good cryptologists for providing updated data security, as well as break adversary’s crypto codes.

12. Computer Security Standards. The ‘Trusted Computer System Evaluation Criteria’

(TCSEC) is a U.S. Department of Defense document, which specifies security requirements for

computer systems. From the lowest to the highest, the levels are, D (minimal protection), C1

(discretionary security protection), C2 (controlled access protection), B1 (labeled security

protection), B2 (structured protection), B3 (security domains) and A1 (verified protection). The

higher the security level, the greater the system cost. The current DOD standard is B2. In Pakistan,

there is a need to evaluate and determine minimum security levels for each military and each critical

civilian infrastructure.

13. Hiring of Civilian Computer Professionals. Civilians impart continuity and stability

to institutions and are good for running and sustaining long-term programmes. Their expertise

continues to grow as well. Employing civilians as a core resource will be a good step towards

establishing an ‘IW’ capability.

14. Organizational Setup in the Armed Forces. Without widespread knowledge of

computers and the electronic security precautions that accompany today’s information systems, it

would be difficult to measure up to the requirements of a potent ‘IW’ system. To this end, Cyber

warfare demands dedicated management and organizational stress. Therefore, not only does ‘IW’

need to be recognized as a new paradigm in warfare, but organizational structures should reflect

these new realities.

33
Op.cit. Denning, ‘Information Warfare and Security’, P286
 32

CHAPTER - 6

CONCLUSION AND RECOMMENDATIONS

34
“There is nothing more difficult to take in hand, more perilous to conduct or more uncertain in

its success, than to take the lead in the introduction of a new order of things”.

1. Military Information Operations have a tremendous cost-effect advantage. Even with limited

military resources at its disposal, a nation can launch these operations virtually against any nation of

the world with devastating effects. In today’s cyberspace, not even institutions of the stature of

Microsoft are safe anymore. The break-in of hackers into Microsoft in February, 2000 was just one

example of the threat that organizations face. But the most worrying aspect was that if a company

such as Microsoft, which probably has the densest concentration of intellectual firepower, could fall

prey to hackers, can anything be safe?35

2. Communication systems in the Third World have been built around borrowed or imported

software and hardware. These may possess several loopholes that an adversary could exploit.

Pakistan has indeed found itself at the receiving end of cyber vandalism in the past, and with

growing computerization and automation in Pakistani armed forces and other strategic organizations,

the magnitude of our vulnerability is bound to increase. This, coupled with the fact that only about

34
Quote by Machiavelli
35
Dawn Newspaper, “Hackers Attack on Microsoft Rings Alarm Bells in USA”, 29 October, 2000
 33

5% of cyber ingresses are detected by organizations, justifies a strong case for an effective and

comprehensive ‘IW’ programme of our own without further delay.

3. Understanding ‘IW’ correctly requires a mind set change. Cyber warfare has to be understood

at the grassroots as well as the highest levels. A coterie of young, energetic and intelligent officers

with an aptitude for computers, networking, encryption and internet applications has to be cultivated

as an ‘IW’ asset in our armed forces, government departments and civilian institutions of strategic

significance. That would serve as a crucial element towards ensuring the sanctity and safety of our

decision making processes, and the effectiveness of the all important ‘OODA’ loop.

4. Amidst the concern on cyber warfare however, an important point to consider for the decision

makers would be to determine the extent to which the enemy, particularly a nuclear capable

adversary, is to be taken out or blinded, so that an unintended raising of the ante is prevented.

RECOMMENDATIONS

National Level

5. The following recommendations are made in the light of the threat that Cyber Warfare poses

to Pakistan:

a. Formulation of a committee under central government, responsible for monitoring and

coordinating information warfare activities, is needed without further delay. This

body may be placed under the Defence Minister and could include Chairman Joint

Chiefs of Staff Committee, representatives from the three services, intelligence

agencies, secretaries from ministries of foreign affairs, communications, science and

technology, information and broadcasting, commerce and defence production

division. This governing body may be mandated to make national ‘IW’ policy, evolve

comprehensive short and long term ‘IW’ programmes, procure funds, make
 34

allocations to the assigned agencies and monitor progress.

b. In the realm of offensive Cyber warfare, and as part of the national ‘IW’ policy, there

would be a need to determine the desired thresholds by way of stipulating the

magnitude and intensity of an offensive application.

c. Most countries with advanced ‘IW’ programmes have established a central ‘Computer

Emergency Response Team’ (CERT) to combat emergencies caused by Hackers. The

Ministry of Science and Technology (MoST) may also be directed to set up such a

team in line with the American CERT. This would enable control of cyber-crime and

fight cyber threat from hackers.

d. Making use of the ‘Trusted Computer System Security Criteria’ (TCSEC), the

proposed central ‘IW’ committee may evaluate and determine minimum security

levels for all vital military and civilian establishments.

e. There is a dire need to introduce and sustain a new (stricter and uncompromising)

work place security culture in all departments and functions of the government which

would eliminate possibility of action by ‘insiders’ or data loss through theft or

neglect.

f. Institute measures for increasing education levels of the public and development of

human resource in IT. Awareness of policy makers, information system managers and

general public on information and cyber security aspects needs to be promoted at the

national level.

g. Advance training in ‘Cryptology’ be imparted to selected personnel in-country, and

cryptographic software and hardware be developed and procured, as far as possible,

through expertise available in-country.

 35

h. As a long term measure, to overcome vulnerabilities imposed by imported software,

programmes be initiated with requisite incentives to the private sector to make new

strides in software development in-country.

Armed Forces Level

6. The recommendations are as follows:

a. An Information Warfare directorate be set-up at the Joint Services Headquarters, to

co-ordinate on Information Warfare activities at national level. A comprehensive

Cyber Warfare strategy be evolved based on military and defence policy.

b. Information and Cyber Warfare be recognized as the fifth dimension in warfare.

Towards this end, JSHQ may issue required policy directives to all service HQs to

initiate development and employment planning.

a. Computer literacy of officers and men may be enhanced. At junior levels, competency in

computer skills may be made a part of the promotion examinations for officers and

men.

d. A comprehensive and practicable ‘IW’ module be integrated into all single and joint

service war gaming and exercises in the armed forces.

e. Training and awareness on ‘IW’ be enhanced through orientation courses and

seminars for officers and men of the three services.

f. Protection of Defence Communication Networks (DEFCOM, PASCOM, PATCOM,

PAFCOM and NAVCOM) communication systems (exchanges) and operational

networks be maximized through the use of fire walls, access codes, multi-layered
 36

defences and data encryption. Implementation be monitored through individual

services ‘IW’ Directorates.

g. All sensitive establishments be equipped with TEMPEST proof equipment, or

specially coated building walls.

h. Hiring of civilian computer professionals be encouraged.

j. Use of non-licensed software be strictly discouraged.

7. Recommendations offered in this paper are by no means conclusive and exhaustive because
of the nature of the subject and ever emerging new threats and technologies to counter the threats.
However, these can serve as a starting point for developing Cyber Warfare strategies at all tiers in a
national effort to master this new paradigm in warfare.
 37

ANNEX ‘A’

CYBER WAR

1. Cyber war refers to conducting, and preparing to conduct military operations according to

information – related principles, primarily against or in defence of military connectivity. It means

disrupting, if not destroying, information and communication systems. It also means turning the

‘balance of information and knowledge’ in one’s favour, especially if the balance of force is not. The

special characteristics of cyber war are low cost, precision, standoff and stealth.

2. For many, the term cyber war brings up images of deadly, malicious programmes causing

computer systems to freeze, weapon systems to fail, and enemy’s technological prowess being

neutralized to bring about a bloodless conquest. This picture, in which cyber war is isolated from the

broader conflict, operates in an altogether different realm from traditional warfare and offers a

bloodless alternative to the dangers and costs of modern warfare, is attractive but unrealistic. Such a

scenario is not beyond the realm of possibility, but it is unlikely, at least in the foreseeable future. As

of now, Cyber warfare will almost certainly have very real physical consequences as well.

3. Cyber war may have broad implications for military organization and doctrine. It may imply

developing new doctrine about the kinds of forces needed, where and how to deploy them, and what

and how to strike on the enemy’s side. Similarly, questions such as, how and where to position what

kinds of computers and related sensors, networks, databases and so forth, are also of utmost

relevance. Cyber war would also have implications for strategy, tactics and weapons design. It may

be applicable in low and high intensity conflicts, in conventional and non-conventional

environments, and for defensive or offensive purposes.

 38

4. Pakistan Armed Forces have an elaborate organizational structure, both at the operational and

tactical levels. They possess reasonably advanced information-based processes and information

systems that could be prime targets for cyber attacks. Likewise, systems elsewhere in use within the

government machinery are increasingly becoming automated and hence, prime targets for cyber

attacks.

ANNEX ‘B’

INFORMATION WARFARE METHODS

 39

1. C2W (Command and Control Warfare). Its objective is to decapitate the enemy’s

command structure from its body of command forces.

2. Electronic Warfare. A set of actions taken to deny the use of the electromagnetic spectrum

to hostile forces, while retaining the ability to use it oneself.

3. Intelligence - Based Warfare (IBW). Integration of sensors, emitters, and processors into

reconnaissance, surveillance, target acquisition, and battle field damage assessment systems.

4. Psychological Warfare. Designed to affect the perception, intentions and orientations of

decision makers, commanders and soldiers.

5. Cyber War. The use of information systems against or in defence of military connectivity.

6. Hacker Warriors. Who use their techniques to destroy, degrade, exploit, or compromise

information systems.

7. Economic Information Warfare. The marriage of information warfare and economic

warfare can take two forms _ Information blockade and information imperialism. The former

presumes that societies will be as affected by information flows as by flow of material supplies,

while the latter equates information imperialism with modern day economic imperialism.
 40

ANNEX ‘C’

DEFENSIVE INFORMATION WARFARE

WHAT IS RECOMMENDED
THREAT
THREATENED? MEASURES
- Commanders - Protect commanders
C2W
- Command Centers - Harden structures
(Command &
Control - Communications - Disperse communications.
Warfare) (physical security) Keep size of elements
small.

- Protect computers &

networks within the system
- Battlefield Intelligence - Protect reconnaissance,
IBW surveillance & navigation
- Real time SA (own, sensors
(Intelligence friendly & enemy forces)
Based Warfare) - Protect computers & network.
- Precision in weapon
delivery.
- Sensors - Physical security of sensors &
EW communication links
- Communications
(Electronic (interference & - Peacetime ELINT/ESM
Warfare) monitoring)
- Stay ahead through ECMs &
ECCMs.
- Psychological - Create awareness & exposure
Psy Ops manipulation of of personnel to ‘IW’
Commanders/ mechanisms
(Psychological Personnel (Effects
Warfare) dependent upon - Counter by launching own
prevailing levels offensive Psy War through
of morale, motivation & internet
leadership)
- Protect computer networks

ANNEX ‘D’
 41

OFFENSIVE INFORMATION WARFARE

WHAT IS
OPERATION TARGETS
REQUIRED?
- Commanders - Knowledge of enemy’s C2
C2W architecture for gainful target
- Command Centers selection
(Command &
Control Warfare) - Communications - Weapons
(physical security)
- Conventional and/or ‘IW’
weapons
-
- Offensive ‘IW’ (Hacker
War).
- Battlefield Intelligence - Anti-Situational awareness
IBW Sensors measures through destruction
of Sensors
(Intelligence Based
Warfare) - Conventional and/or ‘IW’
weapons

- Offensive ‘IW’ (Hacker War)

- Sensors - Anti-Sensor and anti-
EW Communication operations
- Communications (destruction or degradation)
(Electronic (interference &
Warfare) monitoring) - Conventional and/or ‘IW’
weapons

- Offensive ‘IW’ (Hacker

War)

- Psychological - Use of media to project

Psy Ops manipulation of morale sapping images
adversary’s
(Psychological commanders & - Deception maneuvers to
Warfare) personnel catch adversary off-guard

- Spreading disinformation
through internet (Hacker
War)

ANNEX ‘E’

INFORMATION WARFARE WEAPONS

 42

1. Viruses. A virus is a fragment of code that attaches itself to other computer

instructions, modifying that programme. A virus executes only when its host begins to run. The virus

corrupts data, logically destroys hard drives and causes errors in application programmes and

operating systems.

2. Worms. A worm is an independent programme that propagates from one computer to

another over a computer network by breaking into computers in the same way that a hacker would

break into them. As it travels, it copies itself onto remote computers. Worms can destroy data or

slow down networks.

3. Trojan Horses. A Trojan horse programme pretends to be benign but it actually causes

destruction when activated. It is an information tool that is used to gain access to an information

resource.

4. Logic / Time Bombs. A bomb is a type of Trojan horse used to release a virus, a worm

or some other system attack. It’s either an independent programme, or a piece of code that has been

planted by a system developer or a programmer. Such a Trojan horse would prove to be an

invaluable asset for a country that wants to acquire long-term control over some one else’s

information resources. Due to the overwhelming demand for US based software in the world today,

the US government could decide to have Trojans implanted in all software exported out of USA in

order to have them activated upon occurrence of specific events. Hackers continue to capture

passwords by replacing the standard login programme on a computer with a Trojan horse version

that looks normal, but behind the scene is stealing the passwords of unsuspecting users, and storing

them for subsequent use by the hacker.

5. Trapdoors. A trap door or a back door is a mechanism built into a system by its designers

to give them a way to sneak back into the system, circumventing normal system protection.
 43

6. Chipping. Just as software can contain unexpected functions, it is also possible to

implant similar functions inside the hard-ware. Today’s chips contain millions of integrated circuits

that can easily be configured by the manufacturer so as to make them initiate unexpected events at a

specific time or at the occurrence of specific circumstances.

7. HERF Guns. High Energy Radio Frequency (HERF) is a device that directs high power

radio energy at an electronic target. A HERF gun simply overloads particular circuits to disable

specific pieces of equipment that are dependent on that circuit. The damage severity could range

from moderate to severe. A HERF gun pointed at a ‘fly-by-wire’ aircraft could trigger a catastrophic

failure.

8. EMP Bombs. An Electro Magnetic Pulse (EMP) has been described as ‘the next great

weapon to evolve in modern warfare’. These pulses are much more powerful than HERF guns, and

upon detonation, cause permanent damage to unshielded electronic circuits.

ANNEX ‘F’

A SHORT HISTORY OF COMPUTER VIRUSES AND ATTACKS

Compiled by Brian Krebs

washingtonpost.com Staff Writer

Friday, February 14, 2003;

1945: Rear Admiral Grace Murray Hopper discovers a moth trapped between relays in a Navy
computer. She calls it a "bug," a term used since the late 19th century to refer to problems with
 44

electrical devices. Murray Hopper also coined the term "debugging" to describe efforts to fix
computer problems.

1949: Hungarian scientist John von Neumann (1903-1957) devises the theory of self-replicating
programs, providing the theoretical foundation for computers that hold information in their
"memory."

1960: AT&T introduces its Dataphone, the first commercial modem.

1963: Programmers develop the American Standard Code for Information Interchange (ASCII), a
simple computer language that allows machines produced by different manufacturers to exchange
data.

1964: AT&T begins monitoring telephone calls to try to discover the identities of "phone freaks," or
"phreakers," who use "blue boxes" as tone generators to make free phone calls. The team's
surveillance chief tells Newsweek magazine in 1975 that the company monitored 33 million toll calls
to find phreakers. AT&T scores 200 convictions by the time the investigation ends in 1970.

1969: Programmers at AT&T's Bell Laboratories develop the UNIX operating system, the first
multi-tasking operating system.

1969: The Advanced Research Projects Agency launches ARPANET, an early network used by
government research groups and universities, and the forerunner of the Internet.

1972: John Draper, soon to be known as "Captain Crunch," discovers that the plastic whistle in a box
of breakfast cereal reproduces a 2600-hertz tone. With a blue box, the whistle unlocks AT&T's
phone network, allowing free calls and manipulation of the network. Among other phreakers of the
1970s is famous future hacker Kevin Mitnick.

1972: Future Apple Computer co-founder Steve Wozniak builds his own "blue box." Wozniak sells
the device to fellow University of California-Berkeley students.

1974: Telenet, a commercial version of ARPANET, debuts.

1979: Engineers at Xerox Palo Alto Research Center discover the computer "worm," a short program
that scours a network for idle processors. Designed to provide more efficient computer use, the worm
 45

is the ancestor of modern worms -- destructive computer viruses that alter or erase data on
computers, often leaving files irretrievably corrupted.

1983: The FBI busts the "414s," a group of young hackers who break into several U.S. government
networks, in some cases using only an Apple II+ computer and a modem.

1983: University of Southern California doctoral candidate Fred Cohen coins the term "computer
virus" to describe a computer program that can "affect other computer programs by modifying them
in such a way as to include a (possibly evolved) copy of itself." Anti-virus makers later capitalize on
Cohen's research on virus defense techniques.

1984: In his novel, "Neuromancer," author William Gibson popularizes the term "cyberspace," a
word he used to describe the network of computers through which the characters in his futuristic
novels travel.

1986: One of the first PC viruses ever created, "The Brain," is released by programmers in Pakistan.

1988: Twenty-three-year-old programmer Robert Morris unleashes a worm that invades ARPANET
computers. The small program disables roughly 6,000 computers on the network by flooding their
memory banks with copies of itself. Morris confesses to creating the worm out of boredom. He is
fined $10,000 and sentenced to three years' probation.

1991: Programmer Philip Zimmerman releases "Pretty Good Privacy" (PGP), a free, powerful data-
encryption tool. The U.S. government begins a three-year criminal investigation on Zimmerman,
alleging he broke U.S. encryption laws after his program spread rapidly around the globe. The
government later drops the charges.

1991: Symantec releases the Norton Anti-Virus software.

1994: Inexperienced e-mail users dutifully forward an e-mail warning people not to open any
message with the phrase "Good Times" in the subject line. The missive, which warns of a virus with
the power to erase a recipient's hard drive, demonstrates the self-replicating power of e-mail virus
hoaxes that continue to circulate in different forms today.
 46

1995: Microsoft Corp. releases Windows 95. Anti-virus companies worry that the operating system
will be resistant to viruses. Later in the year, however, evolved "macro" viruses appear that are able
to corrupt the new Windows operating system.

1998: Intruders infiltrate and take control of more than 500 military, government and private sector
computer systems. The incidents -- dubbed "Solar Sunrise" after the well-known vulnerabilities in
computers run on the Sun Solaris operating system -- were thought to have originated from
operatives in Iraq. Investigators later learn that two California teenagers were behind the attacks. The
experience gives the Defense Department its first taste of what hostile adversaries with greater skills
and resources would be able to do to the nation's command and control center, particularly if used in
tandem with physical attacks.

1999: The infamous "Melissa" virus infects thousands of computers with alarming speed, causing an
estimated $80 million in damage and prompting record sales of anti-virus products. The virus starts a
program that sends copies of itself to the first 50 names listed in the recipient's Outlook e-mail
address book. It also infects Microsoft Word documents on the user's hard drive, and mails them out
through Outlook to the same 50 recipients.

2000: The "I Love You" virus infects millions of computers virtually overnight, using a method
similar to the Melissa virus. The virus also sends passwords and usernames stored on infected
computers back to the virus's author. Authorities trace the virus to a young Filipino computer student
who goes free because the Philippines has no laws against hacking and spreading computer viruses.
This spurs the creation of the European Union's global Cybercrime Treaty.

2000: Yahoo, eBay, Amazon, Datek and dozens of other high-profile Web sites are knocked offline
for up to several hours following a series of so-called "distributed denial-of-service attacks."
Investigators later discover that the DDOS attacks -- in which a target system is disabled by a flood
of traffic from hundreds of computers simultaneously -- were orchestrated when the hackers co-
opted powerful computers at the University of California-Santa Barbara.

2001: The "Anna Kournikova" virus, promising digital pictures of the young tennis star, mails itself
to every person listed in the victim's Microsoft Outlook address book. This relatively benign virus
frightens computer security analysts, who believe it was written using a software "toolkit" that
allows even the most inexperienced programmer to create a computer virus.
 47

2001: The Code Red worm infects tens of thousands of systems running Microsoft Windows NT and
Windows 2000 server software, causing an estimated $2 billion in damages. The worm is
programmed to use the power of all infected machines against the White House Web site at a
predetermined date. In an ad hoc partnership with virus hunters and technology companies, the
White House deciphers the virus's code and blocks traffic as the worm begins its attack.

2001: Debuting just days after the Sept. 11 attacks, the "Nimda" virus infects hundreds of thousands
of computers around the world. The virus is considered one of the most sophisticated, with up to five
methods of infecting systems and replicating itself.

2001: Melissa virus author David L. Smith, 33, is sentenced to 20 months in federal prison.

2002: The "Klez" worm -- a bug that sends copies of itself to all of the e-mail addresses in the
victim's Microsoft Outlook directory -- begins its march across the Web. The worm overwrites files
and creates hidden copies of the originals. The worm also attempts to disable some common anti-
virus products and has a payload that fills files with all zeroes. Variants of the Klez worm remain the
most active on the Internet.

2002: A denial-of-service attack hits all 13 of the "root" servers that provide the primary roadmap for
almost all Internet communications. Internet users experience no slowdowns or outages because of
safeguards built into the Internet's architecture. But the attack -- called the largest ever -- raises
questions about the security of the core Internet infrastructure.

2003: The "Slammer" worm infects hundreds of thousands of computers in less than three hours. The
worm ever wreaks havoc on businesses worldwide, knocking cash machines offline and delaying
airline flights. It holds the ranking as the fastest-spreading computer worm ever.

2004: The "MyDoom" worm becomes the fastest-spreading e-mail worm as it causes headaches --
but very little damage -- almost a year to the day after Slammer ran rampant in late January 2003.
MyDoom uses "social engineering," or low-tech psychological tricks, to persuade people to open the
e-mail attachment that contains the virus. It claims to be a notification that an e-mail message sent
earlier has failed, and prompts the user to open the attachment to see what the message text originally
said. Many people fall for it.
 48

ANNEX ‘G’

NETWORK / COMPUTER THREAT SPECTRUM

Human Factor Based

 Information freely available (Information glut)
 Poor password choices
 Poor system configuration
 Vulnerability to ‘social engineering’

Authentication-Based
 Password sniffing /cracking
 Social engineering
 Via corrupted / trusted system
 49

Data Driven
 Directing e-mail to a program
 Embedded programming languages
o Microsoft word macro
o Postscript printer
 Remotely accessed software
o JAVA, Active-X

Software-Based
 Viruses
 Flaws
 Excess privileges
 Unused security features
 Trap doors
 Poor system configuration

Protocol-Based
 Weak authentication
 Easily guessed sequence numbers
 Source routing of packets
 Unused header fields

Denial of Service
 Network flooding
 ‘Spamming’
 Morris worm

Cryptosystem Weakness
 Inadequate key size / characteristics
 50

 Mathematic algorithm flaws

Key Management
 Deducing key
 Substituting key
 Intercepting key
 Setting key

Bypassing
 Capture data before encryption
 Turn off encryption
 Replay
 Denial of service

BIBLIOGRAPHY

Books

1. Alexander, Yonah and Swetnam, Michael S, Cyber Terrorism and Information Warfare,

Transnational Publishers, Inc., 2001

2. Campen, Alan D / Dearth, Douglas H / Goodden, R Thomas, Cyberwar: Security, Strategy,

and Conflict in the Information Age, Bookmart Publishers (New Delhi), 2000

3. Alberts, David S, Defensive Information Warfare, NDU Press, 1996.

4. Johnson, Stuart E and Libicki Martin C, Dominant Battle Space Knowledge, NDU Press,

1995.
 51

5. Denning, Dorothy E, Information Warfare and Security, ACM Press Books, 1998.4

6. Alberts, David S / Garstka, John J / Stein, Frederic P, Network Centric Warfare, CCRP

Publication Series, 1999.

7. Schneier, Bruce, Secrets & Lies, John Wiley & Sons, Inc,2000

8. Deva Yashwant, Secure or Perish, Ocean Books Pvt. Ltd (New Delhi), 2001

9. Libicki, Martin C, The Mesh and The Net, NDU Press, 1994.

10. Campen, Alan D, The First Information War, Army Education Press, 2000

11. Adams, James, The next World War, Simon & Schuster, 1998

12. Alberts, David S, The Unintended Consequences Of Information Age Technologies, NDU

Press, 1996.

13. Bhonsle, Colonel Rahul K, Transforming to the Information Warfare Paradigm, Ocean Books

Pvt. Ltd (New Delhi), 2001

14. Toffler, Alvin and Heidi, War and Anti-War, Little, Brown and Company (UK) Ltd, 1993.

15. Libicki, Martin C, What Is Information Warfare, NDU Press, 1995.

Journals

16. Col Szafranski, Richard USAF, “A Theory Of Information Warfare: Preparing for 2020”,

Airpower Journal, Spring 1995, pp 56-64.

17. Col Kanwal, Gurmeet, “Cyber Warfare - War In The Mega Media Age”, Indian Defence

Review, Oct-Dec 1998, pp 43-49.

18. “Cyber Wars”, Spider, September 1999, pp 24-26.

 52

19. Col Allen, Patrick D, “The Palestinian-Israeli Cyber War”, Military Review, Mar-Apr

2003.

20. Lt.Col. Toomey, Christopher J, “C4ISR in the Stryker Brigade Combat Teams”, Military

Review, May-Jun 2003.

21. Bickers, Charles, “Combat on the Web”, Far Eastern Economic Review, Aug, 2001.

22. Maj Zubair, Muhammad, “Information Warfare”, Pakistan Defence Review, Winter 2001

23. Sqn Ldr Saluja, A.R, “Cyber Security in the Defence Services”, USI Journal, Apr-Jun

2000.

24. Mishra, Shitanshu, “Network Centric Warfare in the Context of Operation Iraqi Freedom”,

Strategic Analysis, Oct-Dec 2003.

25. Joshi, Akshay, “The Scourge of Cyber Terrorism”, Strategic Analysis, July 2000.

26. Brig Saleem, Muhammad Ashraf, “Information Warfare”, Pakistan Defence Review,

Summer 1999.

27. Thomas, Timothy L, “Deterring Information Warfare: A New Strategic Challenge”

Parameters, Winter 1996-97, pp 81-91.

28. Cdr Clemmons, Byard Q and Maj Brown, Gary D, “Cyberwarfare: Ways, Warriors and

Weapons of Mass Destruction”, Military Review, Sep-Oct 1999, pp 35-45.

29. Titelli Jr, John H and Gerhardt, William P, “Information-Age Warfare: Solving Threat SOF

Challenge”, Military Review, Sep-Oct 1998, pp 59-64.

30. Richardson, Doug, “Information Warfare: New Threats and New Opportunities”, Asian

Defence Journal, April 1997, pp 50-55.

 53

31. Singh, Ajay, “Information Warfare: Organizational Paradigm”, Strategic Analysis, January

1998, pp 1509-1518.

32. Sherman, Jason, “Info-war: What Kind of Defense”, Repertory, April 1998, pp 49-56

33. Machrone, Bill, “Protect and Defend”, PC Magazine, June 2000, pp 169-171.

34. Bakshi, G D, “The Gulf War Reassessed”, Strategic Analysis, September 1996, pp 901-

919.

35. Nifong, Michael R, “The Key to Information Dominance”, Military Review, May-Jun

1996, pp 62-67.

36. Sullivan, Gordon R and Dubik, James M, “War in the Information Age”, Military

Review, April 1994, pp 46-62.

Technical Report

37. Fogleman, Ronald R, Cornerstones of Information Warfare, USAF, 1995.

Government Papers

38. Arquilla, John and Ronfeldt, David, Cyber War is Coming, 1996, RAND/RP-223,

International Policy Deptt, RAND, Santa Monica, CA, USA

39. Sqn Ldr Westwood, C J, Military Information Operations in a Conventional Warfare

Environment, Paper No 47, 1996, Air Power Studies Centre.

40. Molander, Roger C / Riddile, Andrew S / Wilson, Peter A, Strategic Information Warfare:

A New Face of War, 1996, RAND.

 54

Other Sources

41. Whitehead, Yulin G, “Information As a Weapon”, Thesis Presented to the Faculty of the

School of Advanced Air Power Studies”, January, 1999.

42. Adelphi Paper 359, “Protecting Critical Infrastructures Against Cyber-Attack”, The

International Institute for Strategic Studies, August 2003.

43. Dawn Newspaper, “Hackers Attack on Microsoft Rings Alarm Bells in USA”, 29

October, 2000.

44. Washington Post, “Bush Orders Guidelines for Cyber Warfare”, 07 February, 2003.

Interviews

45. AVM Shamim Baig, Dir Gen, Centre for Cyber Technology and Frequency Management,

NUST, Islamabad

46. Brig Mukhtar, Director C4I, GHQ, Rawalpindi

47. Brig Tariq Salahuddin (Retd), Directorate General ISI, Islamabad

48. Gp Capt Moin, Directorate General ISI, Islamabad

49. Air Cdre Khalid Banuri, Director (Addl) ACDA, SPD, JS HQ, Chaklala

50. Gp Capt Nisar Ahmed, DD (Computers), C4I Dte, SPD, JS HQ, Chaklala

51. Gp Capt Shahid Mahmood, Dir IT, AHQ, Islamabad

52. Gp Capt Wajahat Suri, Dir Communications, AHQ, Islamabad.

53. Mr Ammar Jaffri, Dir Cyber Crime, FIA HQ, Islamabad

 55

54. Mr Shahid Mahmood, Chief Executive, Interactive Communications, Islamabad

GLOSSARY OF INFORMATION WARFARE TERMS

 56

AES
Advanced Encryption Standard. The United States encryption standard that replaced the older
and weaker DES standard.
AFCERT
Air Force Computer Emergency Response Team
AFIWC
Air Force Information Warfare Center
AHFID
Allied High Frequency Interoperability Directory.
AIA
Air Intelligence Agency at Kelly Air Force Base.
AIS
Automated Information Systems.
ATM
Asynchronous Transfer Mode.
C2
Command and Control: Command and control functions are performed through an
arrangement of personnel, equipment, communications, facilities, and procedures employed
by a commander in planning, directing, coordinating, and controlling forces and operations in
the accomplishment of a mission.
C2W
Command-and-control warfare. The integrated use of operations security, military deception,
psychological operations, electronic warfare, and physical destruction, mutually supported by
intelligence, to deny information to, influence, degrade, or destroy adversary command and
control capabilities, while protecting friendly command and control capabilities against such
actions. Command systems, rather than commanders, are the chief target, as in Persian Gulf
War.
C3I
Command, control, communications and intelligence.
C4
Command, Control, Communications, and computers.
C4I
 57

Command, Control, Communications, Computers, and Intelligence

C4I2SR
Command, Control, Communications, Computers, Intelligence, Information, surveillance and
Reconnaissance
CARNIVORE
An FBI system to monitor email and other traffic through Internet service providers.
CCIPS
Computer Crime and Intellectual Property Section (US Department of Justice)
CNA
Computer Network Attack: Operations, via the datastream, to disrupt, deny, degrade, or
destroy information resident in computers and computer networks, or the computers and
networks themselves.
CNE
Collateral Nature of Effects: Collateral effects are unintentional or incidental direct or
indirect effects causing injury or damage to persons or objects.
COMSEC
Communications Security.
COMINT
Communications intelligence
Copernicus
The code-name under which the Navy plans to reformulate its command and control
structures in response to the realization that information is a weapon. Through Copernicus
warfighters will get the information that they need to make tactical decisions. The
architecture of Copernicus was designed by Vice Admiral Jerry O. Tuttle.
Cracking
Illegally gaining entry to a computer or computer network in order to do harm.
C-SIGINT
Counter-signals intelligence
Cyberspace
The global network of interconnected computers and communication systems.
Cyberwar
A synonym for information warfare.
 58

DARPA
Defense Advanced Research Project Agency
Data driven attack
A form of attack that is encoded in innocuous seeming data which is executed by a user or
other software to implement an attack. In the case of firewalls, a data driven attack is a
concern since it may get through the firewall in data form and launch an attack against a
system behind the firewall.
DBK
Dominant battlefield knowledge.
Defense information infrastructure
The worldwide shared or interconnected system of computers, communications, data,
applications, security, people, training, and other support structures serving a nation's
military's information needs.
DES
Data Encryption Standard. The formerly popular algorithm for encrypting data. Now replaced
by AES.
DISA
Defense Information Security Administration. Military organization charged with
responsibility to provide information systems support to fighting units.
DISN
Defense Information System Network
DNS
Domain Name Service
DNS spoofing
Assuming the DNS name of another system by either corrupting the name service cache of a
victim system, or by compromising a domain name server for a valid domain.
DoD
Department of Defense.
DoS
Denial of Service. An electronic attack whose purpose is to prohibit an opponent the use of a
program or an entire system.
Dumster diving
 59

Accessing an opponent's information by examining the contents of garbage pails and

recycling bins.
ECCM
Electronic Counter-Countermeasures. The use of any active of passive means to defeat
hostile ECM.
ECHELON
A multinational survellance network, centered at Sugar Grove, WV, that intercepts all forms
of electronic communications.
Monitoring the activity of a computer or other electronic equipment by detecting low levels
of electromagnetic emissions from the device. Named after Dr. Wim van Eck who published
on the topic in 1985.
van Eck monitoring

ECM
Electronic Countermeasures. The use of any active or passive system to elude, degrade or
confuse hostile sensor/scanner suites and communications traffic.
EKMS
Electronic Key Management System.

ELINT
Electronic intelligence.
EMI
Electromagnetic interference.
EMP
Electromagnetic pulse. A pulse of electromagnetic energy capable of disrupting computers.
Computer networks, and many forms of telecommunication equipment.
EMP/T Bomb
A device to destroy electronic networks that is similar to a HERF Gun but many times more
powerful.
EMSEC
Emissions Security.
EPS
 60

Electronic Protection System.

EW
Electronic warfare.
Firewall
A system or combination of systems that enforces a boundary between two or more networks,
i.e., an electronic gate that limits access between networks in accordance with local security
policy.
GCCS
Global Command and Control System.
GCSS
Global Combat Support System.
Global information environment
A military term for cyberspace.
Hacker
A person who either breaks into systems for which they have no authorization or intentionally
overstep their bounds on systems for which they do have legitimate access, i.e., an
unauthorized individual who attempts to penetrate information systems; to browse, steal, or
modify data; deny access or service to others; or cause damage or harm in some other way.
HERF
High Energy Radio Frequency. As in HERF gun: a device that can disrupt the normal
operation of digital equipment such as computers and navigational equipment by directing
HERF emissions at them.
IASE Information Assurance Support Environment.
IBW
Intelligence-based warfare.
IEW
Intelligence and electronic warfare
IPMO
INFOSEC Program Management Office.
Information Warfare
 61

Information warfare is the offensive and defensive use of information and information
systems to deny, exploit, corrupt, or destroy, an adversary's information, information-based
processes, information systems, and computer-based networks while protecting one's own.
Such actions are designed to achieve advantages over military or business adversaries (Dr.
Ivan Goldberg's definition)
INFOSEC
Information Security: Protection of classified information that is stored on computers or
transmitted by radio, telephone teletype, or any other means.
ISS Internet Security Scanner
ISSO
NSA Information Systems Security Organization.
IW/C2W
Information warfare/command and control warfare.
Logic bomb
Unauthorized computer code, sometimes delivered by email, which, when executed, checks
for particular conditions or particular states of the system which, when satisfied, triggers the
perpetration of an unauthorized, usually destructive, act.
NSA
National Security Agency. This agency is charged with the tasks of exploiting foreign
electromagnetic signals and protecting the electronic information critical to U. S. national
security.
OODA
Observe – Orientate – Decision – Action (the decision loop)
OOTW
Operations other than war.
Phreaking
"Hacking" the public phone network.
PKI
Public Key Infrastructure.
PSTN
Public Switched Telecommunications Networks.
Psychological operations
 62

Planned psychological activities in peace and war directed to enemy, friendly, and neutral
audiences in order to influence attitudes and behavior affecting the achievement of political
and military objectives. They include strategic psychological activities, consolidation
psychological operations and battlefield psychological activities.
PSYOPS
See: Psychological operations.
RMA
Revolution in Military Affairs. The realization by the military that information, and
information technologies must be considered as a weapon in achieving national objectives via
military activity.
SATAN
Security Analysis Tool for Auditing Networks
SIGINT
The interception and analysis of electromagnetic signals. Also, Intelligence recovered from
intercepted and decoded transmissions.

Spoofing
Assuming the identity of another as in sending email under someone else's name.

TEMPEST
Military code-name for activities related to van Eck monitoring, and technology to defend
against such monitoring.
Trojan horse
A seemingly harmless computer virus that turns out to be extremely destructive.
TST
Time-Sensitive Target: A target which requires immediate response because it poses (or will
soon pose) a clear and present danger to friendly forces or is a highly lucrative, fleeting target
of opportunity.
Virus
A self-replicating program that is hidden in another piece of computer code, such as an email.
Worm
 63

A self-replicating destructive program that stands alone and spreads itself through computer
networks.