Information Warfare

"Warfare" can be broadly defined as "the waging of armed conflict against an enemy." In this module we will consider what warfare means in the context of today's information systems and networks. We will see that the fundamental principles of warfare known for thousands of years are still relevant on today's new battleground.
Nội dung trích xuất từ tài liệu:
Information Warfare Information Warfare Security Essentials The SANS Institute Information Assurance Foundations - SANS ©2001 1 Warfare can be broadly defined as the waging of armed conflict against an enemy. In this module we will consider what warfare means in the context of today's information systems and networks. We will see that the fundamental principles of warfare known for thousands of years are still relevant on today's new battleground. 5-1 Agenda • What is Information Warfare? • Why is it Important? • Offensive Tactics • Introduction to Network Attacks • Defensive Tactics Information Warfare - SANS ©2001 2 After introducing the concept of information warfare, we will be concentrating on warfare principles and strategies. We will discuss both offensive and defensive tactics, both theory and practice. As a concrete example of offensive tactics, a quick introduction to TCP/IP network attacks is provided. 5-2 What is Information Warfare? Information warfare is the offensive and defensive use of information and information systems to deny, exploit, corrupt, or destroy, an adversary's information, information-based processes, information systems, and computer-based networks while protecting one's own. Such actions are designed to achieve advantages over military or business adversaries. Dr. Ivan Goldberg Information Warfare - SANS ©2001 3 We start our discussion with a definition of information warfare. The definition above simply maps our intuitive definition of warfare (subvert the enemy while protecting ourselves) into the realm of computers and networks. This definition has been provided by Dr. Ivan Goldberg, who leads the Institute for the Advanced Study of Information Warfare. The institute's website has a number of white papers and reports on information warfare topics. http://www.psycom.net/iwar.1.html Eric Hrovat provides some interesting perspectives on information warfare in his paper, Information Warfare: The Unconventional Art in a Digital World published by SANS: http://rr.sans.org/infowar/infowar.php 5-3 Examples of Information Warfare • A company breaking into a competitor’s computer system to find out their list of customers • An R&D company putting false information about research on their web site to mislead the competition • A foreign government stealing tapes containing classified information Information Warfare - SANS ©2001 4 There are many possible forms of information warfare, the above slide provides three examples. Any time someone uses information as a weapon against an adversary, that is information warfare. The distinguishing factors are only how the information is obtained, how it is used, and to what impact. We consider theft of information a form of information warfare, but the most critical issue is how the stolen information is used against its rightful owner. In terms of the examples, a company who discovers a list of their competitor's customers might send false or misleading information to the customers, might market to these people specifically, or might simply see to it that the customers are harassed by telemarketers and spam (so the recipients think that the company they trusted released their information without permission). A foreign government stealing classified backup tapes might be able to discover detailed technical information concerning the capabilities of their adversary's weapons, or might obtain documents detailing strategies, names of informants, or maps of secret testing facilities. The possibilities are endless. A startup tech company that has a next generation product to release might post information stating that their product will not be ready for several months. Such a posting might lull the company's competitors into a false sense of not needing to hurry their own development cycles. When the startup releases its product months earlier than advertised, the competition is caught flat-footed. 5-4 Key Points From the Examples • Information Warfare can be: – Theft – Deception – Sabotage • Does not have to be technical or sophisticated • Attackers will always go after the weakest link Information Warfare - SANS ©2001 5 Abstracting the previous examples a level, we can list out a few fundamental concepts. Theft, espionage, blackmail, deception, sabotage, destruction -- these are all common goals in information warfare attacks. As in other forms of warfare, a skilled attacker will seek out his opponent's weaknesses and attack those first and most vigorously. For example, sometimes social engineering or packet flooding attacks most effectively accomplish an attacker's goals, but neither of these attacks requires any sophisticated technical skills. 5-5 Why is it Important? • Affects all governments and companies, and even individuals • Can b ...