Information Warfare: What and How?

Copyright Megan Burns, 1999

Many people today are talking about the impact of information technology on the world.  They are discussing how business, the economy, education, and even personal relationships are being affected by the onset of the information age.  It should come as no surprise, then, that people are also talking about how technology is impacting the way we engage in one of our oldest traditions - war.  The term "information warfare" has been in use for a number of years now, intended to represent whatever warfare is becoming in the information-centric 21st century.  Unfortunately, though, many people use this term without really knowing what it means.  In an effort to make progress toward a common definition, this paper presents one possibility and expands on it by discussing the weapons, strategies, and countermeasures involved in "information warfare", as defined.

Defining Information Warfare: Easier Said than Done

If there were a single, obvious definition of information warfare, someone would have already written it down.  The fact that no one has done so indicates that perhaps no simple definition exists. Those in the IW community have come to agree that information warfare is not a single, simple thing, that it has many complex dimensions. Noted information warfare author Martin Libicki articulates this position in his book What is Information Warfare?.  He states that "Coming to grips with information like the effort of the blind men to discover the nature of the elephant: the one who touched its leg called it a tree, another who touched its tail called it a rope, and so on.  Manifestations of information warfare are similarly perceived...[T]aken together all the respectably held definitions of the elephant suggest that there is little that is not information warfare."

Unfortunately, agreeing on the fact that IW has many dimensions does little to further our understanding of it.  "Where interpretations diverge is on what it encompasses and if it replaces of modifies known methods of conducting war," [Singh].  Luckily, opinions are diverging on some things but converging on others.  There appears to be a subset of topics that are generally agreed upon by the IW community as falling inside the realm of information warfare.  For the purpose of this discussion, we define "information warfare" as the topics in that set. Specifically, we talk about information warfare as a class of techniques, including collection, transport, protection, denial, disturbance, and degradation of information, by which one maintains an advantage over one's adversaries [Cramer96], [Cramer97], [Singh].  Although this discussion focuses on the more traditional military notions of information warfare, the above definition can certainly be applied in any competitive situation, public or private, civilian or military.

Weapons of Information Warfare

Having established a definition of information warfare, the next logical question is - what do we need to be involved in it?  Specifically, what are the weapons of information warfare?  To answer this question, we look at each of the techniques mentioned above and give a brief overview of the most common weapons used to achieve them.

Information Collection

Information collection is included as part of information warfare because "[t]he information revolution implies the rise of a mode of warfare in which...the side that knows more...will enjoy decisive advantages," [AR]. The idea is that the more information one has, the higher his/her situational awareness, which leads to better battle plans and, hopefully, better outcomes.  According to Singh, "[t]ill recently, knowing your position and that of the friendly forces was itself a huge task.  Precision position locating technologies such as navigation based on the Global Positioning System (GPS) has eased those problems to a large extent.  Knowing the position of the enemy has also been made possible to a degree through employment of reconnaissance and surveillance technologies."  He goes on to point out that "reconnaissance and surveillance functions are ...moving towards use of sensors from spectra such as infrared, ultraviolet, olfactory, auditory, visual, seismic, etc. and fusion of data from these to formulate a comprehensive picture."  In information warfare, information collection is much less dangerous and much more complete because these technologies can be used to infiltrate situations and gather accurate information with minimal loss of fidelity.

Information Transport

Collecting a large amount of comprehensive information is certainly good practice, but collection is of little value if the information sits in a storage facility, unused.  As such, the ability to transport information into the hands of those who need it, in a timely manner, is another essential aspect of information warfare.  The tools used in this domain are not exactly weapons, but rather civilian technologies put to use in military situations.  The most important of these tools is communication infrastructure, composed of networks of computers, routers, telephone lines, fiber optic cable, telephones, televisions, radios, and other data transport technologies and protocols.  Without these technologies, the ability to transport information in the real-time fashion required by today's standards would be impossible.

Although somewhat out of the scope of this discussion, it is interesting to note at this point the introduction of the term "network" to the military vocabulary.  For hundreds of years, militaries have relied on hierarchies, not networks, to disseminate information.  Civilian advances in communication technology have followed a networked paradigm, though, which has the potential to seriously alter the way command and control are thought of  in military circles.  "Moving to networked structures may require some decentralization of command and control.  But decentralization is only part of the picture.  The new technology may also provide greater "topsight", a central understanding of the big picture that enhances the management of complexity," [AR].  From this we can see that even a seemingly basic change in technology for transporting information has the potential to make information age warfare a very different thing that its industrial age counterpart.

Information Protection

One of the most broadly agreed upon aspects of information warfare is the need to minimize the amount of information to which your opponent has access.  A large part of this is protecting the information you have from capture by the other side.  The weapons used to protect the security of our information fall into two classes.  First are those technologies that physically protect our vital data storage facilities, computers, and transport mechanisms, including bomb and bullet proof casings and intrusion prevention mechanisms such as locks and fingerprint scans.  Second, and perhaps more important, are technologies that prevent bits from being seen and intercepted by the the enemy.  This certainly includes basic computer security technologies such as passwords, as well as more sophisticated technologies like encryption.  According to Libicki, "By scrambling its own messages and unscrambling those of the other side, each side performs the quintessential act of information warfare, protecting its own view of reality while degrading that of the other side."

Information Manipulation

Information manipulation in the context of information warfare is the alteration of information with intent to distort the opponent's picture of reality.  This can be done using a number of technologies, including computer software for editing text, graphics, video, audio, and other information transport forms. Design of the manipulated data is usually done manually so those in command have control over what picture is being presented to the enemy, but the aforementioned technologies are commonly used to make the physical manipulation process faster once content has been decided [MSNBC].

Information Disturbance, Degradation, and Denial

The final aspects of information warfare, according to our earlier definition, are disturbance, degradation, and denial.  All three techniques are means to the same general end - preventing the enemy from getting complete, correct information.  Because of their similarity, many of the same weapons are used to achieve one or more of the goals.  As such, it makes sense to discuss them together.  Some of the more popular weapons used to wage these types of information warfare are spoofing, noise introduction, jamming, and overloading [Libicki].

Spoofing is a technique used to degrade the quality of the information being sent to the enemy.  The enemy's flow of information is disturbed by the introduction of a "spoof", or fake message, into that flow.  The technique works because it allows you to provide "false information to the targeted competitor's collection systems to induce this organization to make bad decisions based upon this faulty information," [Cramer96].

Another way to disturb the information being received by one's opponent is to introduce noise into the frequency they are using.  Background noise makes it difficult for the enemy to separate the actual message from the noise.  This is a particularly useful technique if the enemy is using forms of wireless communication, since those frequencies can be tapped without having to actually link into a physical network of cables.

Jamming is a technique used to achieve denial that involves intercepting signals sent between two communications links or between a sensor and a link.  The signal is intercepted, then "jammed" or stopped from further progress toward its intended destination.  In most cases, that same signal is stored by the captor as intelligence information and used to determine the enemy's view of its own position in the contest.

Finally, overloading is technique used to deny information to the enemy in both military and civilian settings.  By sending a volume of data to the enemy's communication system that is too large for it to handle, one causes a crash or severe degradation of the system's ability to deliver information.  The system is so busy dealing with the overload, it is unable to deliver the essential  information to those who need it.  This tactic is referred to as a "denial of service" attack, and has been proven both easy and effective.  At one point, a college student was even able to bring down the Whitehouse email server simply by sending 8000 copies of an email message at one time!

Defending Against Information Warfare

The techniques and weapons listed above certainly have the potential to cause severe damage to an information dependent military operation.  Unfortunately for us, though, America is arguably the most information dependent society, so we are at a greater risk than any of our enemies.  How do we defend ourselves, then?  There are several ways, many of which employ the same techniques we use to attack others.  The remainder of this discussion examines available countermeasures for each of the dimensions of information warfare.

Information Collection

To defend against information collection attacks is to prevent our enemies from assembling information about us and about the conflict situation.  Doing this involves protecting our own information from interception and preventing information from getting to the enemy's collection facilities.  The available countermeasures for defending against information collection, then, are the same weapons defined earlier for use in protection, disturbance, degradation, and denial attacks.  Specifically, the use of encryption, spoofing, noise introduction, jamming, and overloading are particularly useful for keeping the enemy's information collection to a minimum.

Information Transport

Because information transportation is heavily dependent upon infrastructure, the most effective countermeasure for preventing transport is the destruction of the enemy's infrastructure.  Referred to by Libicki as antineck command-and-control warfare, this particular countermeasure "requires knowing how the other side communicates," [Libicki].  With that knowledge, though, this defense can be relatively easy.  "If its architecture is written in wire, the nodes...are easily identified and disabled.  Like command centers, communication systems can be crippled by attacks on generators, substations, and fuel supply pipelines...If the architecture is electromagnetic, often the key nodes are visible...If satellites are used for transmission and signaling, then communication lines can be jammed, deafened, or killed."

Attacking an enemy's infrastructure as a countermeasure to information transport can not only be particularly easy, but can also have far-reaching effects on their entire information system. In his book Defensive Information Warfare, Dr. David S. Alberts remarks on this phenomenon:

Two distinct scenarios serve to illustrate the chaotic nature of infrastructure attacks.  In the first case, a particular infrastructure attack may trigger a series of proximate consequences that are difficult to predict and that greatly magnify the effects of the attack.  In the second case, a series of attacks will exhibit chaotic behavior when the sum of their cumulative effect far exceeds the sum of the individual affects of a series of independent events.  These are not uncommon patterns. 

Information Protection

To counteract enemy attempts to protect their own information supply, we must be able to get around their protection mechanisms.  As was mentioned earlier, the primary technological weapon for protecting ones own information is encryption. Unfortunately, recent increases in the sophistication of cryptography have made countermeasures very difficult to execute.  "Decoding computer-generated messages is fast becoming impossible.  The combination of technologies such as triple-digital encryption standard (DES) for message communication using private keys, and public key encryption (PKE) for passing private keys using public keys (so setup communications remain in the clear) will probably overwhelm the best code-breaking computers," [Libicki].  What this means for those wishing to counter information protection is that their efforts will eventually become futile.  Until then, though, attempts to break codes using powerful computers will most likely yield the best results.

Although it is the most effective, cryptography is not the only tool for information protection.  In fact, passwords are a much more widely used technique for protecting information systems from unauthorized access.  Unfortunately, however, password systems are dependent on humans to keep track of and enter codes, which opens them up to significant vulnerability.  If it is possible to get a physical presence near the system or those who use it, obtaining or guessing passwords can be amazingly easy, and is a very effective means for getting access to protected information.

Information Manipulation

Once an enemy has information, there is little anyone can do to prevent them from manipulating it.  In light of that, there are really only two countermeasures available to defend against this kind of attack.  First, one can work to prevent the enemy from intercepting information in the first place.  Techniques for information protection are most effective here, since they keep the enemy from either getting access to or being able to understand the information as originally transmitted.

The second, and perhaps more crucial, key in defending against data manipulation is to prevent the altered data from be re-introduced into the flow of real information.  Luckily, there are several techniques for doing this, the most common of which is redundancy.  Martin Libicki refers to information manipulation as a "semantic attack", and notes that "A system under semantic attack operates and will be perceived as operating correctly...but it will generate answers at variance with reality...,"  This occurs, he says, because those systems are dependent on some information source, which he calls a sensor, for information about the real world.  "If the sensors can be fooled, the systems can be tricked."  To counteract a semantic attack, "Safeguards against failure might lie in, say, sensors redundant by types and distributions, aided by a wise distribution of decisionmaking power among humans and machines," [Libicki].  By gathering the same information from multiple, redundant sources, you increase the likelihood that the correct information will get through.  Even if the enemy is successful at corrupting that data on one communication line, you will easily detect the bad data because it differs from the picture painted by the rest of your sources.

Information Disturbance, Degradation, and Denial

Defending against information disturbance, degradation, and denial requires the use of many of the countermeasures already mentioned.  Any of the weapons for mounting these types of attack require access to enemy communication channels, so information protection mechanisms and redundant channels can be effective in maintaining some lines of communication that are not affected by would-be attackers.  "[O]ur collection of legacy systems provides a certain amount of inherent robustness and resiliency.  They point to overlaps and duplications in these systems and argue that it would be very hard for anyone to completely disrupt a given set of services," [Alberts].

There are also several techniques available that are specifically designed to counteract the weapons described for performing disturbance, degradation, and denial attacks.  "Communicators move toward frequency-hopping, spread-spectrum, and code-division multiple access (CDMA) technologies, which are difficult to jam and intercept.  Communications to and from known locations...can use digital technologies to focus on frontal signals and discard jamming that comes from the sides.  Digital compression techniques coupled with signal redundancy mean that bit streams can be recovered intact, even if large parts are destroyed," [Libicki].  These techniques, and the thousands of others currently under development at research sites all over the world, make it easier every day to recover from attempts to mangle and block information as it travels to its intended destination.


From this discussion, it is easy to see that information warfare is no less complex than traditional warfare.  It involves many different strategies, techniques, weapons, and defenses.  Many would argue that the subset of topics presented here as information warfare leave out important threats to national security, and I might be inclined to agree.  I would also argue, however, that what is here is enough to keep our military busy for a very long time.  I propose that we take this set of more well understood aspects of information warfare and work on getting real plans in place for how to deal with the threats they pose.  As those at the top of the ladder in information warfare come to understand more about the newer information related threats, we can add them to the list of "information warfare" techniques and begin to define weapons and countermeasures for them.  Until then, we must use the information we have to prepare ourselves to be combatants in the information war that is already raging.