September 11, 2001… that date will be engraved upon the memories of most Americans for many years to come. That is the date when Terrorists brought their battle to the U.S. soil. One week later, the Internet came under attack by the Nimda worm. Many claimed this was an act of Information Warfare. This was not the first "attack" on the Internet, and it certainly won’t be the last, but was this an act of Info War? I don’t believe it was. Let’s compare the tragic events from the 11th with the Nimda worm to see if we can draw some conclusions about Information Warfare.


On September 11th, without warning, 4 commercial jets were hijacked. Contrary to the historic profile of such events, no negotiations took place. Instead the aircraft were flown into prominent U.S. landmarks. Both World Trade Center towers were completely destroyed, and the Pentagon suffered major damage as a result of this attack.


On or about September 18th, the first signs of the Nimda worm began to surface. This worm used several methods to propagate around the Internet. It was again targeted at computers running various Microsoft products (Internet Information Server, and Outlook). It rapidly moved throughout the Internet, compromising thousands of computer systems around the world. So, was it Info War? In a word… No!


This was just another Internet worm. It used well-known vulnerabilities just like previous worms, Trojans, and malicious software. It was not targeted against prominent U.S. targets. It did not specifically target any of the U.S. critical infrastructures. Instead, it indiscriminately scoured the Internet for vulnerable computers, infected them, and moved on. This is not what we can expect in the event of a true Information War.



So what is Information Warfare? There have been many definitions of Information Warfare offered. My favorite definition comes from Dr. John Alger, at a seminar on Information Warfare (I found this reference here).


Information warfare is the offensive and defensive use of information and information systems to deny, exploit, corrupt, or destroy, an adversary’s information, information-based processes, information systems, and computer-based networks while protecting one’s own.


Now that we have a definition, we can think about the form these attacks might take. How will we know if and when we’ve been targeted by an Info War attack? Let’s see what lessons, if any, can we learn from the events of September 11th?