Principles of Information Warfare - Assignment Example

Reading 1 Principles of Information Warfare Information warfare is not a new phenomenon and the topic has caught the attention of numerous researchers (Hutchison & Warren, 2001, p. 1). The nature and the characteristics of information make it susceptible to attacks and subsequent manipulation (Hutchison &Warren, 2001, p. 1). For this reason, the two authors designed a conceptual framework, which illustrates how data, information and knowledge are interlinked in context and consequently to demonstrate how to protect each level from attacks. During information warfare there are several elements that are targeted and intruders can either capitalize on one or integrate two or more elements to carry out the operation (Hutchison & Warren, 2001, p.2). To begin with, when attackers target data, they do so with various goals in mind. Firstly, intruders might hinder access to data by attacking the storage area. Secondly, data can be destroyed or disrupted when intruders interfere with the medium. Furthermore, they can manipulate data either by deletion, addition or amendments to fulfill whatever motive the intruders had in mind. More importantly, intruders can steal sensitive data and use it to their advantage and the gravity of the matter is that the company might never have any idea that their data was stolen (Hutchison & Warren, 2001, pp.2-3). On the same note, the context upon which data is to be interpreted can be manipulated by altering sensory surroundings, place and political climate (Hutchison & Warren, 2001, p. 3). Finally, information that is contained in the stored data is also prone to attack and usually intrusions are intended to make the receiver doubt credibility of such data (Hutchison & Warren, 2001, p. 4). For this reason, data security officials should adopt every available strategy to prevent the above attacks. Moreover, data stores, communication channels, input and output devices plus data manipulation devices should be well guarded to prevent possible attacks (Hutchison & Warren, 2001, p. 4). Reading 2 Information warfare going on the offensive Information warfare is not likely to gone away anytime soon, if at all the intensity and dimension of offensive data attacks continue to increase each day fueled by the rapid growth and innovations in internet usage (Cummins,2000, par. 4). This implies that traditional defensive measures are not likely to be effective in today’s information warfare environment, and therefore it is imperative that, information system managers upgrade their awareness about potential offensive threats that their systems are expected to experience during this information era (Cummins, 2000, par. 6). Although, the internet have facilitated organizations’ effectiveness by placing most information within reach of all and sundry, the convenience is not without a cost since at the same time sensitive information is at risk of landing in the wrong hands (Cummins,2000, par. 6). This implies that companies have to bear the huge costs of information protection since laxity or ignorance will obviously lead to irreparable damages (Cummins, 2000, par. 7). On the same note, Cummins (2000, par.16) underscores that, initially, data protection was effected simply by using defensive mechanisms to deny access. However, the threat today is more imminent as hackers and joy seekers continue to develop viruses and Trojan horses aimed at denying access to data. Moreover, humans pose the greatest risk to information through espionage, electronic eavesdropping and social engineering (Cummins, 2000, par. 8). Owing to the above reasons, information warfare and subsequent defensive soft wares have become the norm of the day as developers earn millions, while on the other hand companies sink millions as they rush towards installing upgraded defensive systems to avoid falling victims. However, to be able to make informed decisions about the type of defensive software to adopt, information security managers ought to first understand the kind of threat that their respective companies face since they vary from organization to another (Cummins, 2000, par. 20). As a result, the awareness will save organizations millions of money since they will only incur cost for the relevant system instead of relying on a trial and error method (Cummins, 2000, par. 22). Reading 3 Deception Deception in information technology can take place in various forms but mostly data and its context of delivery are the most prone to deceptive strategies whereby the attacker intends to gain advantage by downplaying the credibility of such data (Hutchison & Warren, 2002, p.88). Specifically, attackers target the receiver of data whereby by altering the mental models the intended recipient only gains access to distorted data and by so doing deception is realized. Owing to its success, deception has become an integral part of information warfare since the embarrassment and other implications arising from the same have proven to be more effective in the long run (Hutchison & Warren, 2002, p. 89).According to Hutchison and Warren (2002, p.89), deception operates on two levels whereby on one hand it is aimed at hiding the truth while on the other hand deception aims at displaying false information to the users. The ease to which digital media can be manipulated is both an advantage as well as a disadvantage since this nature makes it susceptible to deception (Hutchison & Warren, 2002, p. 91). Since digital technology provides a platform for deception, any organization willing to avoid falling victim must be aware of potential avenues for deception so as to fine tune organization operations and decisions towards counterattacking measures of deception (Hutchison & Warren, 2002, p. 91). As matter of fact, the motive behind deceptive tactics is either to promote an organization’s image or to compromise an enemy’s image and consequently to work on the distorted image so as to gain an advantage over a competitor (Hutchison & Warren, 2002, p. 102). On the positive side, amidst the increased level of surveillance in modern society, organizations can use deception to evade surveillance either by governments, corporate or individuals since this is the only way to ensure their secrets are safe (Hutchison & Warren, 2002, p. 104). Reading 4 Corporate Espionage: Tomorrow Arrived Yesterday Cyber risks and threats are here to stay and to survive the attacks organizations have to be prepared to tackle numerous threats beyond what was considered normal in the previous decades (Power, 2010, par. 2). As we move on to the 21st century industrial and economic espionage will be a thing of the past as information age espionage will demand extra knowhow to enable organizations to survive the cutthroat competition (Power, 2010, par. 5). If the recent stories about Climategate and China-Google is anything to go by then the world will never be the same especially in the face of globalization and geopolitics; since hackers are using hybrid intelligence to gain assess to the most sensitive data (Power, 2010, par. 8). Power (2010, p.10) underscores that the recent hacking of Climategate E-mails is not just a normal cyber-attack, but an intelligence operation, perhaps, with support from a certain government, but out to fulfill a wider global target since the implications behind the Climategate report touches on macroeconomic, geopolitical and millennial goals globally. On the same note, Power link the China-Google affair to information espionage and as a matter of caution he advices the businesses to embrace the concept of Holistic Security whereby a security program that integrates personnel, physical and information security is put in place to protect them from such attacks (2010, par. 11). In addition, Power also highlights that in China-Google affair it is not just secrets which were lost but also fortunes although this is still debatable since the fortunes were not yet exploited (2010, par.12). This implies that cyber attacks and threats in the 21st century have taken a new dimension since companies and countries are trying to utilize information intelligence to gain an immense edge in the global arena. Therefore as Power (2010, par.26) insinuate, any enterprise wishing to excel globally must adhere to the elements of holistic security outlined above, instead of anticipating Google and the like to take care of their security. Reading 5 Beyond Security: A Data Quality Perspective on Defensive Information Warfare Although most information security focuses on defensive strategies to prevent data from eminent threats, Kaomea, Hearold and Ward (1996, p. 173) underscore that such measures are not effective incase the attacks passess-by unnoticed. Conventional measures incorporate physical security, encryption techniques as well as electronic countermeasures that are aimed preserving stored data from intruders (Kaomea, Hearold & Ward, 1996, p. 174). However, Kaomea, Hearold and Ward (1996, p. 174) highlight that defensive measures are unable to detect changes and manipulation of data in terms of timeliness, credibility and accuracy and that the omission can have far reaching consequences especially to military and other national security agencies. Therefore, there is need to upgrade information warfare measures among national security agencies since information power is the new strategy for any organization willing to gain control (Kaomea, Hearold & Ward, 1996, p. 173). According to Kaomea, Hearold and Ward (1996, p. 175) information contained in stored data ought to be protected to ensure the status quo in terms of availability, integrity and confidentially is maintained. On availability, Kaomea, Hearold and Ward (1996, p. 176) underscore that attacks that hamper availability of data even for a short while can greatly deplete its effectiveness especially when significant military data is compromised. On the same note, manipulative attacks aimed at altering data integrity can impact negatively in an organization especially when such data is subsequently adopted to make important nation security decisions. Thirdly, confidentiality of data is lost once it is leaked through attacks and more often that not leaked secrets land in the enemies’ hands, and the implications for such a situation are obvious (Kaomea, Hearold & Ward, 1996, p. 178). Furthermore, citing the famous Desert Storm Scud Missile case study Kaomea, Hearold and Ward (1996, p. 180) accentuate the four levels that exposes data quality to imminent manipulation. They explain that data vulnerability is always present and that a subsequent attack usually exploits this vulnerable nature to gain access and controls and consequently expose protected data to unauthorized personnel, hence there is need to come up with airtight system to eliminate possible interpenetration (Kaomea, Hearold & Ward, 1996, p. 184). Reading 6 The Ten Commandments of Counterintelligence Although the realities of Cold War and threats of physical war in today’s world are like a mirage, the looming threat of information, economic and political espionage is chilling and world governments are caught in a quagmire on how to avoid being victims. For instance, the US government has been concerned about Chinese espionage especially to her nuclear weapon department (Oslon, 2005, p. 251). It is against this background that Oslon (2005, pp.251-259) offers timely advice on the tactics of counterintelligence. Moreover, Oslon (2005, p. 251) emphasizes that the US is likely to be at the centre of most espionage threats generally originating from its foes such as China, Cuba and Russia and also from friends like French, Greece, Israel and the like seeing that those countries would do anything to overthrow the US from her superpower position. Oslon (2005, p. 272) whose background career is in counterintelligence (CI) laments that, the rules being followed by the CI in USA are likely to be ineffective in the wave of increased threat of foreign espionage. For this reason he formulates what he calls ‘Ten Commandments of Counterintelligence’ that are mandatory to protect the US from any form of espionage. Firstly, Oslon advices CI practitioner to adopt offensive strategies as passive and defensive mode is doomed to fail (2005, p. 253). Secondly, Oslon advices that it is imperative to honor professionals in CI through awards, promotions and recognition to be able to attract the best minds in the profession (Oslon, 2005, p.253). Thirdly, CI should always maintain their undercover presence in foreign territories in spite of the high cost involved (Oslon, 2005, p. 254). Fourthly, CI officers should take time to read the history of American CI since an understanding of past failures will bring success today (Oslon, 2005, p.254). Fifthly, mistakes occurred in the past because the predecessors in American CI department had ignored advice from analysts. However, Oslon (2005, p.255) warns against such ignorance. Moreover, he warns against blame games and calls for unity and support among CI officers and other affiliated departments (Oslon, 2005, p.255). More importantly, is the need for training to fine tune CI skills among the officers (Oslon, 2005, p.255). On the same note, CI should impose themselves in sensitive organizations to offer protection in spite of any resistance (Oslon, 2005, p.256). Similarly, CI officers should not take too long in this career since they are likely to be ineffective in the long run (Oslon, 2005, p.258). Finally, the never give up attitude is the key to winning the war against espionage (Oslon, 2005, p. 259). References Cummins, D. A. 2000. Information warfare going on the offensive. “Doctoral Dissertation”, University of Maryland – European Division Bowie State University. Hutchinson, W. & Warren, M. 2002. Information warfare: corporate attack and defence in a digital world. Oxford: Butterworth-Heinemann. Hutchison, W. & Warren, M. 2001. Principles of Information Warfare. Journal of Information Warfare, 1(1), 1-6. Kaomea,P., Hearold, S. & Ward, P. 1996, “Beyond Security : A Data Quality. Perspective on Defensive Information Warfare", IQ'96, MIT, pp : 172-185. Oslon, J. M. 2005. The Ten Commandments of Counterintelligence . In Z. G. Roger & D.K. Robert, Intelligence and the national security strategist: enduring issues and challenges (pp. 251-279). Lanham, MD: Rowman & Littlefield . Power, R. 2010. Corporate Espionage: Tomorrow Arrived Yesterday. [Online] Available from www.csoonline.com [accessed 6 September 2011]. Read More