On September 11th, without warning, 4 commercial jets were hijacked. Contrary to the historic profile of such events, no negotiations took place. Instead the aircraft were flown into prominent U.S. landmarks. Both World Trade Center towers were completely destroyed, and the Pentagon suffered major damage as a result of this attack.
On or about September 18th, the first signs of the Nimda worm began to surface. This worm used several methods to propagate around the Internet. It was again targeted at computers running various Microsoft products (Internet Information Server, and Outlook). It rapidly moved throughout the Internet, compromising thousands of computer systems around the world. So, was it Info War? In a word… No!
This was just another Internet worm. It used well-known vulnerabilities just like previous worms, Trojans, and malicious software. It was not targeted against prominent U.S. targets. It did not specifically target any of the U.S. critical infrastructures. Instead, it indiscriminately scoured the Internet for vulnerable computers, infected them, and moved on. This is not what we can expect in the event of a true Information War.
So what is Information Warfare? There have been many definitions of Information Warfare offered. My favorite definition comes from Dr. John Alger, at a seminar on Information Warfare (I found this reference here).
Information warfare is the offensive and defensive use of information and information systems to deny, exploit, corrupt, or destroy, an adversary’s information, information-based processes, information systems, and computer-based networks while protecting one’s own.
Now that we have a definition, we can think about the form these attacks might take. How will we know if and when we’ve been targeted by an Info War attack? Let’s see what lessons, if any, can we learn from the events of September 11th?
The airline hijackings and subsequent attacks against the World Trade Center and the Pentagon buildings were almost a complete surprise. It turns out the Intelligence community was aware of a threat of “unprecedented attacks” against the U.S., but they didn’t have the specifics. It also quickly became clear that these attacks were very well planned out. Preparations had been ongoing for at least 12-18 months. Terrorists had established a presence in the community, and had even taken flying lessons. Even now we don’t know the extent of their plans, or how long they’ve been setting this up.
I suggest that we will get hit with Info War attacks in a very similar manner. We already know the threat, in vague terms. There will be “offensive use of information and information systems to deny, exploit, corrupt, or destroy our information, information-based processes, information systems, and computer based networks. More simply put, we’ll be the target of crippling viruses and worms. Our infrastructure will be infiltrated with the goal of manipulating, corrupting or destroying our data and systems. We’ll also be denied access to our systems and infrastructure by some form of “denial of service” attacks. Hmmm… sound familiar?