Title: He thus turned away a US warship -- on a UN mission -- wit
1Information and Cyber Warfare
2Motivating Factors in Hacking 4 Domains
outlined by Dr. Denning
- Play hacking/cracking, phreaking
- crime illegal acts including intellectual
property crime and computer fraud and abuse - individual rights conflicts over free speech
and privacy - national security foreign intelligence
operations, war and military conflicts,
terrorism, and operations against a nation by
nonstate players
3Motivation -- Play
4Motivation -- Play
- From an Interview of a cracker by Dr. Dorothy
Denning - Hacking was the ultimate cerebral buzz for me. I
would come home from another dull day at school,
turn my computer on, and become a member of the
hacker elite. It was a whole different world
where there were no condescending adults and you
were judged by your talent. I would first check
in to the private bulletin boards where other
people who were like me would hang out, see what
the new was in the community, and trade some info
with people across the country. Then I would
start actually hacking. My brain would be going
a million miles an hour and Id basically
completely forget about my body as I would jump
from one computer to another trying to find a
path into my target. It was the rush of working
on a puzzle coupled with the high discovery many
magnitudes intensified. To go along with the
adrenaline rush was the illicit thrill of doing
something illegal. Every step I made could be
the one that would bring the authorities crashing
down on me. I was on the edge of technology and
exploring past it, spelunking into electronic
caves where I wasnt supposed to be.
5Motivation -- Play
- Bored at school
- member of an elite group
- thrill (adrenaline rush)
- curiosity
- power sense of control
6Motivation -- Crime
- Intellectual Property (figures from Dennings
1999 book) - Piracy (losses exceed 20B, mostly external to
US) - Theft of trade secrets (40-250B)
- Biggest risk is insider
- Fraud
- telemarketing scams (40B)
- identity theft and bank fraud (s fuzzy but
includes credit card theft) - telecommunications (5-10B)
- Computer Fraud Abuse
- Organized Crime
7Motivation -- Individual Rights
Rights to Privacy Free speech Where do these
rights come from? Are they universal? Privacy,
who owns the info about you? Check a companys
privacy statement Conflicts between free speech
and harmful or disturbing speech flaming -vs-
defamation Conflicts over censorship some
countries restrict satellite and Internet access
for national interests or religious reasons some
restrict to protect groups such as children
8Governments at War
- The U.S. has been the target of widespread
technological and industrial espionage from our
allies. - In 1997, the American Society for Industrial
Security identified several nations that
routinely conduct industrial espionage against
the U.S. - France
- Germany
- Israel
- China
- South Korea
- Four of these are considered Allies.
9First real IW attack within 20 yrs
- From a 1996 GAO report to the DoD
- Defense officials and information systems
security experts believe that over 120 foreign
countries are developing information warfare
techniques. The techniques enable our enemies to
seize control of or harm sensitive Defense
information systems or public networks, which
Defense relies upon for communications.
Terrorists or other adversaries now have the
United States to launch untraceable attacks from
anywhere in the world.
10Information Warfare
- Information Warfare is about money. Its about
the acquisition of wealth and the denial of
wealth to competitors. - Information Warfare is about power. He who
controls the information controls the money. - Information Warfare is about fear. He who
controls the information can instill fear in
those who want to keep their secrets a secret. - Information Warfare is about politics.
- Information Warfare is about survival.
- Excerpts from Information Warfare by Winn
Schwartau
11Information Warfare
- Theres a war out there, and its about who
controls the information. Its all about the
information. - COSMO in Sneakers
- Information is the currency of victory on the
battlefield. - GEN Gordon Sullivan, CSA (1993)
12Schwartaus 3 classes of IW
- Class 1 Personal Information Warfare
- Class 2 Corporate Information Warfare
- Class 3 Global Information Warfare
13Information Warfare weapons
- Computer Viruses
- Worms
- Trojan Horses
- Logic Bombs
- Trap Doors
- Van Eck devices
- Chipping
- Nano machines and Microbes
- Electronic Jamming
- HERF Guns - EMP Bombs
- Penetration exploits and tools
14Tool development From Corporate Espionage by
Ira Winkler
Tools and Knowledge
Foreign Intelligence Agencies
Criminals
Information about Targets
15What is an act of war?
- Article 51 of the UN Charter
- Nothing in the present Charter shall impair the
inherent right of individual or collective
self-defense if an armed attack occurs against a
Member of the United Nations - Article 41
- The Security Council may decide what measures not
involving the use of armed force are to be
employed to give effect to its decisions, and it
may call upon the Members of the United Nations
to apply such measures. These may include
complete or partial interruption of economic
relations and of rail, sea, air,
postal,telegraphic, radio, and other means of
communication, and the severance of diplomatic
relations.
16What is a valid target?
WASHINGTON, May 23 (Reuters) - U.S. President
Bill Clinton has approved a top-secret plan to
destabilize Yugoslav leader Slobodan Milosevic,
using computer hackers to attack his foreign bank
accounts and a sabotage campaign to erode his
public support, Newsweek magazine reported on
Sunday. The magazine, in its May 23 edition,
quoted sources as saying Clinton issued an
intelligence "finding" allowing the Central
Intelligence Agency to find "ways to get at
Milosevic." The finding would permit the
CIA to train ethnic Albanian rebels in Kosovo in
the art of sabotage, including such tricks as
cutting telephone lines, fouling gasoline
reserves and pilfering food supplies, the
magazine said. The CIA also was instructed to
wage a cyberwar against Milosevic, using computer
hackers to tap into the Yugoslav president's
foreign bank accounts, the magazine said.
17Information Warfare
- Definition of Information Warfare
- 'Actions taken to achieve information superiority
by affecting an adversary information,
information-based processes, information systems,
and computer-based networks while defending one's
own information, information-based processes,
information systems, and computer-based
networks.' - Joint Chiefs of Staff Instruction No. 3210.01
18IW from Cornerstones
19(No Transcript)
20Information Operations
- For to win one hundred victories in one hundred
battles is not the pinnacle of skill. To subdue
the enemy without fighting is the pinnacle of
skill. -- Sun Tzu. - True hackers don't give up. They explore every
possible way into a network, not just the well
known ones. --
The hacker Jericho. - The most likely perpetrators of cyber attacks on
critical infrastructures are terrorists and
criminal groups rather than nation-states.
-- The
Gilmore Commission - Cyberspace is the battlefield of tomorrowInstead
of confronting us head-to-head on the traditional
battlefield, adversaries will confront the U.S.
at its point of least resistance-- our
information infrastructure. -- Sen. Fred
Thompson, Chairman of the Senate Committee on
Governmental Affairs, June 1998 - By failing to prepare, you are preparing to fail.
-- Benjamin Franklin
21What are the types/forms of IO?Martin Libicki,
NDU, August 1995, What is Information Warfare?
- Command-and-Control Warfare
- C2W Command-and control-warfare is the military
strategy that implements Information Warfare (DoD
Directive TS- 3600.1, 21 December 1992,
"Information Warfare") on the battlefield and
integrates physical destruction. Its objective is
to decapitate the enemy's command structure from
its body of command forces. - Intelligence-Based Warfare
- IBW occurs when intelligence is fed directly into
operations (notably, targeting and battle damage
assessment), rather than used as an input for
overall command and control. IBW results directly
in the application of steel to target (rather
than corrupted bytes).
22IO (cont)
- Electronic Warfare
- The first two forms of IW discussed deal with
attacks either on systems (C2 warfare) or by
systems (IBW). The third form is EW, or
operational techniques radioelectronic and
cryptographic, thus war in the realm of
communications. EW attempts to degrade the
physical basis for transferring information,
while cryptographic warfare works between bits
and bytes. - Psychological Warfare
- Psychological warfare, as used here, encompasses
the use of information against the human mind
(rather than against computer support). There are
four categories of psychological warfare (i)
operations against the national will, (ii)
operations against opposing commanders, (iii)
operations against troops, and -- a category much
respected abroad -- (iv) cultural conflict.
23IO (cont)
- Hacker Warfare
- Winn Schwartau, among others, uses the term
information warfare to refer almost exclusively
to attacks on computer networks. In contrast to
physical combat, these attacks are specific to
properties of the particular system because the
attacks exploit known holes in the system's
security structure. In that sense the system is
complicit in its own degradation. - Hacker warfare varies considerably. Attackers can
be on site, although the popular imagination can
place them anywhere. The intent of an attack can
range from total paralysis to intermittent
shutdown, random data errors, wholesale theft of
information, theft of services (e.g., unpaid-for
telephone calls), illicit systems' monitoring
(and intelligence collection), the injection of
false message traffic, and access to data for the
purpose of blackmail. Among the popular devices
are viruses, logic bombs, Trojan horses, and
sniffers.
24IO (cont)
- Economic Information Warfare
- The marriage of information warfare and economic
warfare can take two forms information blockade
and information imperialism. - The effectiveness of an information blockade
presumes an era in which the well-being of
societies will be as affected by information
flows as they are today by flows of material
supplies. Nations would strangle others' access
to external data. - To believe in information imperialism means
believing in modern day economic imperialism.
Thus, trade is war. Nations struggle with one
another to dominate strategic economic
industries. Nations specialize in certain
industries. The good industries command high
wages and, usually, feature high growth rates.
They tend to be knowledge- intensive. The
constant exchange of information, in particular,
early access to interesting technical questions
and information resources, provides one an edge
in coming up with interesting solutions. - (Libicki doesnt directly address it but what
about corporate information espionage?)
25IO (cont)
- Cyber Warfare
- Includes information terrorism, semantic attacks,
simula-warfare and Gibson-warfare. - Although terrorism is often understood as the
application of random violence against apparently
arbitrary targets, when terrorism works it does
so because it is directed against very specific
targets, often by name. Thus, Information
terrorism would target information about a
specific individual to affect their actions. - A system under semantic attack operates and will
be perceived as operating correctly (otherwise
the semantic attack is a failure), but it will
generate answers at variance with reality. - Could fighting a simulated war prove to the enemy
that it will lose? - Gibson-warfare from William Gibson's Neuromancer.
Think conflict on the Internet, maybe at first
only in the guise of virtual stalkers, sexual
harassers, or flame wars. Now consider
technologies capability to, in effect, launch a
simulacrum into the net, armed with its master's
wants and needs, to make reservations, acquire
goods, hand over assets, and, with work, to
negotiate terms for enforceable contracts. Now
take the next step and allow an individuals
online agents to conduct their own info battle.
-- TRON.
26Information Warfare
- Michael Brown in The Revolution in Military
Affairs The Information Dimension described
several aspects of IW. - May be aimed at the Nation or the military
- Has three distinct phases
- Peace
- Crisis
- War
- Identified three types
- Type I Perception Management
- Type II Denial, Destruction, degradation,
distortion - Type III Exploiting enemy information flows
27Recent IW
- 2007 Estonia Russian patriots wage campaign
- 2009 DOS on Georgia
- In July 2009, it appeared to the Georgian
government that it was being attacked by a
presumed ally the U.S., or at least from a
civilian computer in U.S. territory. In August,
cybersecurity experts observed a second, much
larger wave of DDoS attacks against Georgian
government Web sites. In response, the Georgian
government took an unorthodox step and sought
cyberrefuge in the U.S., Poland and Estonia.
Within the U.S., Georgia located its
cybercapabilities on servers at Tulip Systems
(TSHost) in Atlanta, Ga., and at Google in
California. When Estonia experienced a
cyberattack in 2007, it essentially defended in
place Georgia, on the other hand, maneuvered. It
elegantly relocated strategic IP-based
cybercapabilities to other defensive points on
the Internet, thereby ensuring continued war-time
communications with Georgian citizens and forces.
By doing so, the Georgian government partially
defeated the botnet cyberattack by flowing a
portion of its strategic C2 through the U.S. and
other allies. - Ref http//www.armedforcesjournal.com/2009/0
1/3801084
28Protecting the National Infrastructures
- What are they?
- Systems so critical to the United States that
their loss or damage would have serious impact on
the functioning and operation of the nation.
29Critical Infrastructures (original)
Information Communication Electrical Power
Systems Gas Oil Production, Storage
Transportation Banking Finance Transportation
Water Supply Systems Emergency
Services Government Services
30Protecting the National Infrastructures
What are they? Who might attack? Criminals (drug
cartels) terrorists crackers governments
31PSYOPS andPerception Management
- Perception Management
- information operations that aim to affect the
perceptions of others in order to influence their
emotions, reasoning, decisions, and ultimately
actions. - PSYOPS (psychological operations)
- aim to influence behavior by affecting the human
psyche through fear, desire, logic, and other
mental factors.
32Perception Management
- Any medium can be exploited
- face-to-face communications, print,
telecommunications, broadcast, and computer
networks. - PM often taken to mean media manipulation (for
good or bad). - NOT just a military function, also seen in
- Politics
- Advertising
- everyday relationships
33SOFTWAR (Chuck de Caro)
- The hostile use of global television to shape
another nations will by changing its vision of
reality. - Global television offers parties a cheap,
accurate, real-time, politico-military
intelligence service that simultaneously acts as
an extremely potent instrument to affect
adversely and directly the US domestic body
politic.
34Softwar (example)
- Haiti
- A Haitian dictator, using global TV as the
Poor Mans IW judged the likely US reaction
in the wake of revulsion at the video-tape of
Rangers being killed and mutilated in Somalia.
He optimized his political-military moves to
forestall US intervention by having a handful of
rabble assemble on a pier, mug angrily-on-cue for
global TV while waving English-language placards.
He thus turned away a US warship -- on a UN
mission -- with nothing more than the video of an
alleged mob that generated the perception of
imminent bloodshed projected and amplified by TV.
The perception was worsened by video coverage of
the warship sailing away. -- Chuck de Caro
Softwar - Somalia
35Softwar (example)
- L.A. rioting - skipping ignition pulse
- In 1965, the Watts area of Los Angeles was a
tinder-box, with an ignition temperature set by
local conditions of poverty, crime, racism and
escalating tensions between the populace and the
police. All that was needed was a localized
ignition pulse a spark that ironically came when
the police arrested an intoxicated black
motorist. Once ignited, the riot spread in the
classic manner, outward from the center by
word-of-mouth to the edges of Watts. By
contrast, the 1992 Los Angeles upheaval,
broadcast as-it-happened on global real-time TV
sent an ignition pulse that set off simultaneous
fires wherever the same ignition conditions
existed, without a localized spark. The result
was a hopping phenomenon, generating riots in
San Francisco, Seattle, Atlanta and then even to
Toronto, Canada. -- Chuck de Caro, Softwar
36The nature of TV
- Television, by its nature, is an effective,
insidious and dangerous medium for delivery of
propaganda television is a cool medium that
defines events by the viewers perception of
images and sound, rather than of reality. - Perception can be further distorted by various
aspects of telegenics lighting, sun angle,
star quality, voice quality, - An example
- The Nixon-Kennedy debate during the 1960
Presidential election is one example. The
transcripts show a fairly even contest those
listening on radio felt strongly that Nixon had
won. To the millions watching television,
however, Kennedys natural camera appeal was
enhanced by makeup and a dark suit and contrasted
with a perspiring Nixon with a five-oclock
shadow, leaving the perception that Kennedy had
won decisively.
37What can we trust on TV?
- 1st down line in football coverage
- Forrest Gump
- Wag the Dog
38Whats in a name?
- Pro-choice -vs- Pro-life
- Florida Election
- Fair -vs- Timely (or legal)
39The incubator story
- During the invasion, Iraqi soldiers entered
multiple Kuwaiti hospitals, removed babies from
incubators, shipped the incubators back to Iraq,
and left the babies on the floor. - Story repeated often, several witnesses came
forward.
40The incubator story
The players
Nayirah President Bush
Congressmen Citizens for a Free
Kuwait Congressional Human Rights Caucus Hill
Knowlton
41The Testimony
- Nayirah's full name was being kept confidential
to prevent Iraqi reprisals against her family in
occupied Kuwait. Sobbing, she described what she
had seen with her own eyes in a hospital in
Kuwait City. Her written testimony was passed
out in a media kit prepared by Citizens for a
Free Kuwait. - "I volunteered at the al-Addan hospital," Nayirah
said. "While I was there, I saw the Iraqi
soldiers come into the hospital with guns, and go
into the room where . . . babies were in
incubators. They took the babies out of the
incubators, took the incubators, and left the
babies on the cold floor to die. - -- John R. MacArthur, Second Front Censorship
and Propaganda in the Gulf War
42Lying to Congress?
- "The Human Rights Caucus is not a committee of
congress, and therefore it is unencumbered by the
legal accouterments that would make a witness
hesitate before he or she lied . . . Lying under
oath in front of a congressional committee is a
crime lying from under the cover of anonymity to
a caucus is merely public relations. - -- John R. MacArthur, Second Front Censorship
and Propaganda in the Gulf War
43The story continues
- Hill Knowlton had the baby incubator story
repeated before the United Nations Security
Council chamber in an audiovisual presentation on
November 27. - The presentation was loaded with anonymous
charges of Iraqi brutality and the reiteration of
the baby incubator story. A Kuwaiti dentist,
claiming to be a surgeon and using a false name,
testified that under his supervision 120 newborn
babies were buried in the second week of the
invasion.
44President Bush
- the baby incubator story was repeated six times
by George Bush in various political speeches,
including a speech to the troops near Dhahran - "It turns your stomach when you listen to the
tales of those that have escaped the brutality of
Saddam the invader. Mass hangings. Babies pulled
from incubators and scattered like firewood
across the floor."
45Was it True?
- January 17, 1991 article by Alexander Cockburn in
the Los Angeles Times openly challenged the
incubator myth. - According to London Amnesty International
spokesman Sean Styles, "we spoke to well over a
dozen doctors of different nationalities who had
been in Kuwait at the time and they couldn't
stand the story up, and it became quite clear to
us that credible medical opinion was that this
didn't happen." - Amnesty International backed down from their
original story in the seventh paragraph of a
press release, stating that they had found - "no reliable evidence that Iraqi forces had
caused the deaths of babies by removing them or
ordering their removal from incubators."
46Was it True?
- After the war, Middle East Watch was shown death
certificates for 30 Kuwaiti babies who were all
buried on August 24, 1990. Of those 30 babies, 19
had died before the Iraqi invasion began, and 11
died during the occupation. None of the 30 were
ever shown to have been removed from incubators.
All of the witnesses backed off from their
original claims of having supervised or
participated in the burial of babies. - Andrew Whitley, executive director of Middle East
Watch, and part of a two-man investigation in
Kuwait, was quoted as having said - "Soon after we arrived in Kuwait, two weeks after
the liberation it became apparent that the story
was a complete hoax. We were able to go 'round
the hospitals to count the incubators and find
that - possibly with one or two that had been
misplaced - that none were missing. So none of
the incubators were removed in the first place.
Moreover, it seemed quite clear that there
weren't any deaths which had been deliberately
the cause of the Iraqis having gone in and stolen
equipment."
47What was the effect?
- The final decision to go to war was made on
January 12, 1991 in a Senate vote of 52 to 47 (a
margin of 3). Before passing this resolution, six
pro-war senators specifically brought forth the
baby incubator allegations in their speeches
supporting the resolution. - OPERATION DESERT STORMOUTRIGHT DISINFORMATION
SCHEME by David Fingrut - Without this story, would there have been a war?
48Hill Knowlton
- 100 individuals worked on the campaign
- 11M in fees
- They present themselves as an international PR
firm - Interesting background considering their
Integrity statement
49Hill Knowlton
50Washington State suit against tobacco industry
- The defendants are American Tobacco Brown
Williamson Tobacco Corp., Lorillard Tobacco
Co., Philip Morris, R.J. Reynolds Tobacco Co.,
United State Tobacco Co., B.A.T. Industries
P.L.C. and related organizations, including Hill
Knowlton, The Council for Tobacco
Research-USA Inc., Smokeless Tobacco Council and
the Tobacco Institute.
51Tobacco PR
- Legendary PR figures John Hill, Ivy Lee and
Edward Bernays (now revered within the industry
as the "father of public relations") all worked
on PR for tobacco, pioneering techniques that
today remain the PR industry's stock in trade
third-party advocacy, subliminal message
reinforcement, junk science, phony front groups,
advocacy advertising, and buying favorable news
reporting with advertising dollars. - To persuade women cigarette smoking could help
them stay beautiful, Bernays developed a campaign
based on the slogan, "Reach for a Lucky Instead
of a Sweet." The campaign played on women's
worries about their weight and increased Lucky
sales threefold in just 12 months. (The message,
"cigarettes keep you thin," reverberates today in
the brand name Virginia Slims.)
52Tobacco and PR Crisis
- IN 1952, READER'S Digest ran an influential
article titled "Cancer by the Carton." A 1953
report by Dr. Ernst L. Wynder heralded to the
scientific community a definitive link between
cigarette smoking and cancer. - For help, the tobacco industry turned to John
Hill, the founder of the PR megafirm, Hill
Knowlton. Hill designed a brilliant and expensive
campaign the tobacco industry is still using
today in its fight to save itself from public
rejection and governmental action.
53Hills campaign
- At Hills suggestion, the industry created a
group called the Tobacco Institute Research
Committee (TIRC), and ran a full-page ad, titled
"A Frank Statement to Cigarette Smokers," in more
than 400 newspapers. The ad acknowledged tobacco
companies had a "special responsibility" to the
public, and promised to sponsor "independent
research" aimed at "learning the facts about
smoking and health. - The TIRC maintained a library with cross-indexed
medical and scientific papers from 2,500 medical
journals, as well as press clippings, government
reports and other documents. TIRC employees
culled this library for scientific data with
inconclusive or contrary results regarding
tobacco and the harm to human health. These were
compiled into a carefully selected 18-page
booklet, titled "A Scientific Perspective on the
Cigarette Controversy," which was mailed to over
200,000 people, including doctors, members of
Congress and the news media.
54Tobacco PR (cont.)
- In 1963 the TIRC changed its name to the Council
for Tobacco Research. In addition to this
"scientific" council, Hill Knowlton helped set
up a separate PR and lobbying organization, the
Tobacco Institute. - Philip Morris is fighting back through a
California PR firm called the Dolphin Group.
Dolphin CEO Lee Stitzenberger used a half-million
dollars from Philip Morris to set up a front
group called "Californians for Statewide Smoking
Restrictions." Using this deceptive name, members
gathered signatures to put a referendum on the
California ballot in November 1994, which the
Dolphin Group promoted with billboards reading,
"Yes on 188--Tough Statewide Smoking
Restrictions--The Right Choice." In reality,
Proposition 188 was a pro-tobacco referendum
which, if passed, would have undermined 270
existing local anti-smoking ordinances in
California cities, as well as the state's new
statewide smoke-free workplace law.
55Tobacco Advertising
56Tobacco Advertising
57Tobacco Advertising
58The Marlboro Man
59Image is important...
60To sum it all up...
-- http//www.desert.net/tw/11-22-95/cover.htm
61Summary
- What is the Importance and Significance of this
material? - How does this topic fit into the subject of
Voice and Data Security?