Information Warfare: A Two-Edged Sword

Information war has no front line. Potential battlefields are anywhere networked systems allow access--oil and gas pipelines, for example, electric power grids, telephone switching networks. In sum, the U.S. homeland may no longer provide a sanctuary from outside attack.

The sword of information-age technology cuts both ways. The United States wielded it in the Persian Gulf war to blind and demoralize the Iraqi high command. But the flush of victory had not faded before Pentagon officials began to ask themselves how vulnerable U.S. forces might be to similar attacks in cyberspace--the new dimension created by the proliferation of satellites, massive databases, cellular phones, fax machines and global computer networks.

Four years later, the defense establishment is still struggling to define information warfare, and defense experts are still wrangling over basic concepts. Is information war a completely new form of conflict that exists because of the burgeoning global information infrastructure or is it merely a new dimension of an old form, like spying, whose origins lie in the "grayware" of the human brain?

A Vital Strategic Resource

Where they do agree is that information has itself become a vital strategic resource and that combat in this realm may have many fronts--or none. Information war is not only a matter of exploiting information technology to best the enemy on the battlefield, say the generals, but of protecting information systems critical to the functioning of U.S. society.

The United States is the most advanced nation in the world in cyberspace, but the dilemma for the Pentagon is that it may also be the nation most vulnerable to attacks in that arena. Take the military itself. Nearly everything it does--from designing weapons and guiding missiles to paying, training, equipping and mobilizing soldiers--depends upon computer-driven civilian information networks. About 95 percent of military communications travel over the same phone networks used to fax a contract or to talk with a friend in another state. American military bases are powered by the national electric power grid. Pentagon purchases are paid for via the federal banking network. Soldiers are transported under the guidance of civilian rail and air traffic control systems. Each of these information nodes represents a substantial vulnerability for the military in times of crisis.

Moreover, the military has no legal or political authority in peacetime to protect civilian information networks from hackers, saboteurs and terrorists.

To gain a better understanding of the nature of information warfare, the Department of Defense asked RAND to conduct a series of strategic exercises simulating an information attack on the United States and its allies. But even before playing the game, the Pentagon took steps to reduce its vulnerabilities. Earlier this year, the Defense Information Systems Agency (DISA), which protects the military's computers, opened a "continuity-of-operations" center in Slidell, Louisiana. The center stands ready to solve computer and communications problems triggered by accident or design at any of the military's 16 main computer centers. Also, DISA has recently awarded several large computer security contracts and signed its biggest contract ever for antivirus software.

The RAND exercises are based on a meth-odology known as "The Day After . . ."--which was originally developed by senior researcher Roger C. Molander and a team of RAND colleagues to explore a variety of nuclear proliferation threats and counter-proliferation strategies. The object of the game is not merely to create plausible and challenging crisis scenarios as an exercise for decisionmakers, but to help them develop policies to minimize the prospect that such crises could occur--or, if they did, to mitigate their consequences.

Players in the cyberwar game--high-level government officials and industry executives--were cast as top advisors to the president. Six exercises, aimed at refining the concept of information warfare and its implications for national security, were conducted over the course of five months from January to June, 1995.

Imagining Cyberwar

How might a no-holds-barred global information war unfold? Consider the following scenario set in the year 2000.

The crisis: A Middle East state decides the time is ripe for a power grab in the Persian Gulf and directs its threat to an oil-rich neighbor that the United States is pledged to protect. Determined not to repeat Saddam Hussein's mistake, the aggressors elect not to challenge America in a head-on military confrontation. Instead they prepare a more insidious assault. In the United States and abroad among U.S. allies, a pattern of computer mayhem begins to emerge in a cascading sequence of events. Actually, the war has already begun but no one in the United States yet realizes it; keyboard mice, logic bombs and computer viruses don't make much noise.

The attack: A three-hour power blackout in a Middle Eastern city has no reasonable explanation, computer-controlled telephone systems in the United States "crash" or are paralyzed for hours, misrouted freight and passenger trains collide, killing and injuring many passengers; malfunctions of computerized flow-control mechanisms trigger oil refinery explosions and fires . . . electronic "sniffers" sabotage the global financial system by disrupting international fund-transfer networks, causing stocks to plunge on the New York and London exchanges. In America, local automatic teller machines begin randomly crediting or debiting thousands of dollars to customers' accounts; as news spreads across the country, people panic and rush to make withdrawals. Television stations in the Middle East lose control of their programming and a misinformation campaign of unknown orchestration sows widespread confusion. Computerized dial-in attacks paralyze the phone systems at bases where U.S. troops are scheduled to begin deployment; various groups flood the Internet calling for massive rallies to protest U.S. war preparations; computers at U.S. military bases around the world are stricken--slowing down, disconnecting, crashing; more ominous, some of the military's most sophisticated computer-controlled weapon systems are exhibiting flickering screens and other signs of electronic malaise.

No Smoking Gun

Even though U.S. intelligence indicates hostile military intent by the aggressor, there is still no solid information on who is behind the events that have undermined the country's ability to respond to the threats. The reluctant conclusion is that unknown "bad actors" have launched an "infowar attack" against the United States.

The task: At this point in a RAND cyberwar exercise, the participants would be asked, "What action do you think the commander in chief should take? He expects your action memorandum in 50 minutes."

What Makes Cyberwar Different?

In compiling the lessons learned from the exercises, Molander and his colleagues note what are emerging as the defining features of this unique form of warfare:

  • Waging information war is relatively cheap. Unlike traditional weapon technologies, acquiring information weapons does not require vast financial resources or state sponsorship. Computer expertise and access to major networks may be the only prerequisites.

  • Boundaries are blurred in cyberspace. Traditional distinctions--public versus private interests, warlike versus criminal behavior, geographic boundaries, such as those between nations-- tend to get lost in the chaotic and rapidly expanding world of cyberspace.

  • Opportunities abound to manipulate perception in cyberspace. Political action groups and other nongovernment organizations can utilize the Internet to galvanize political support, as the Chiapas of Mexico were able to do. Further, the possibility arises that the very "facts" of an event can be manipulated via multimedia techniques and widely disseminated.

  • Information war has no front line. Potential battlefields are anywhere networked systems allow access. Current trends suggest that the U.S. economy will increasingly rely on complex, interconnected network control systems for such necessities as oil and gas pipelines, electric grids, etc. The vulnerability of these systems is currently poorly understood. In addition, the means of deterrence and retaliation are uncertain and may rely on traditional military instruments in addition to cyberwar threats.

  • In sum, the U.S. homeland may no longer provide a sanctuary from outside attack.


    RAND Research Review Contents

    RAND's Home Page