http://www.networkworld.com/newsletters/sec/2007/0723sec2.html By M. E. Kabay Security Strategies Newsletter Network World 07/26/07 Regular readers may know that I have a longstanding interest in information warfare. I was reviewing materials that might be useful in a new elective graduate course for the Norwich University MSIA program that my friend and colleague Peter Stephenson is planning for us and ran across a couple of interesting articles that are available on the Web for anyone to read. I’ll review the first in this column and the second in the next. In _NATO Review_ for Winter 2001/2002, Timothy Shimeall (at that time a senior analyst with the Computer Emergency Response Team - CERT - Analysis Center), Phil Williams (a former NATO Fellow and a professor at the University of Pittsburgh) and Casey Dunleavy (former intelligence analyst and director of the CERT Analysis Center) argued [1] that “defence planning has to incorporate the virtual world to limit physical damage in the real.” The authors dismiss Web vandalism as “a form of harassment or graffiti and not as cyber war _per se_.” They distinguish among three major levels of cyber war: “cyber war as an adjunct to military operations; limited cyber war; and unrestricted cyber war.” The first category focuses on “achieving information superiority or information dominance in the battle space.” I would put it this way: This form of cyber war involves physical or cyber attacks directed at military cyber targets and is intended to interfere with C4I [2] (command, control, communications, computing and intelligence). Limited cyber war focuses cyberattack tools on cybernetic targets with few real-world modalities but with real-world consequences. Vectors for attacks could include networks, malware, denial-of-service techniques, and data distortions useful in psychological operations, economic warfare and other forms of aggression. “Unrestricted cyber war” is, in the view of the three authors, “More serious, and perhaps more likely, than limited cyber war.” This form of information-based warfare makes “no distinctions between military and civilian targets” and may have distinct physical repercussions “from attacks deliberately intended to create mayhem and destruction.” Targets could include any part of the critical infrastructure: “energy, transportation, finance, water, communications, emergency services and the information infrastructure itself.” Such attacks could easily result in physical harm and even death to members of the civilian population. For example, the authors suggest, a denial-of-service attack on, say the electrical power grid could cause massive disruption and danger and also potentially lead to destabilization of civil order as the population lost confidence in government structures. The authors make the following recommendations (with much detail that I am not presenting): 1. Improve “anticipation and assessment”; 2. Improve “preventive or deterrent measures”; 3. Improve “defensive measures”; 4. Improve “measures for damage mitigation and reconstitution.” In light of this perspective, security and network administrators and all who are responsible for ensuring corporate and national information assurance (IA) must realize that our work is far more significant than simply protecting our own local assets for the benefit of our own stakeholders; we are engaged in nothing less than a critical component of national security. I think that this excellent article [1] by some very intelligent and highly qualified experts will be useful in educating senior management about the importance of IA. I hope you enjoy reading it. -=- M. E. Kabay, Ph.D., CISSP-ISSMP, is Associate Professor of Information Assurance and CTO of the School of Graduate Studies at Norwich University in Northfield, Vt. [1] http://www.cert.org/archive/pdf/counter_cyberwar.pdf [2] http://www.c4i.org/whatisc4i.html _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Thu Jul 26 2007 - 23:41:30 PDT