Information as a Military Asset
Key Concepts:
  • What cyberwarfare is
  • How warfare has evolved over the course of history
  • The role of information in warfare
  • The role of cyber in the domains of warfare
  • The categories of information operations in the cyber domain
  • The techniques of information operations
At the end of this lesson, you should be able to:
  • Describe the relationship between cyberwarfare, information warfare, and information operations
  • Explain the role that information has played in armed conflict over the course of military history
  • Describe the concept of cyberwarfare and how it relates to the traditional domains of armed conflict
  • Describe the techniques used to effectively fight in the cyber domain
In this lesson, you will learn the fundamentals of cyberwarfare and how information is a military asset. You will learn that cyberwarfare includes a wide range of activities that use information systems as weapons against an opposing force and that cyberwarfare is the latest step in the evolution of warfare.
DISCOVER
APPLY
CREATE
CONCEPTS
OBJECTIVES
CONTEXT
TECHNOLOGY
UNDERSTANDING
DEMO LAB
HANDS-ON LAB
CHALLENGE
CONTRIBUTING FACTORS
COURSE OF ACTION

In this section, you will examine a number of topics related to cyberwarfare. You will learn about how cyberwarfare is waged and the means used for combating cyberwarfare.

Concepts: Military leaders have always realized that information is a critical part of conducting warfare. It is not surprising that cyberwarfare is simply a natural extension of traditional warfare in the digital realm (or landscape).

Objectives: The objectives of cyberwarfare are similar to those of conventional warfare—to protect one’s own private information and attempt to intercept and decipher the information of one’s adversaries.

Context: Our world has experienced momentous changes over the past few decades. You need to know how these changes have led to today’s real-world challenges in order to have a context for how cyberwarfare is conducted and combated.

Technology: Cyberwarfare involves the use of the latest developments in technology. The evolution of technology, and the technology of war, has revolutionized the way information is gathered, protected—and attacked.

Understanding: Cyberspace has become mankind’s latest battlefield. You will come away from this course with a firm understanding of the techniques used in both offensive and defensive information warfare as well as how cyberwarfare shapes military policy.

What is Cyberwarfare?
Throughout the history of warfare, information has played a crucial role in shaping the way that war is waged. Military leaders seek information about opposing forces and attempt to spread misinformation about their own plans and objectives. Information is, and always has been, a critical military asset. Because information is a military asset, it is also a military target. Advances in information technology (IT) have changed the way people do business—and the way nations fight wars.

Click on each of the following items to learn more. Next, click the ACTIVITY button to complete a brief exercise.
  • What is cyberwarfare?
  • The likelihood of cyberwar
The Role of Information in Armed Conflict
Throughout the history of armed conflict, militaries and military leaders have understood the importance of protecting sensitive information. They have also gone to great lengths to obtain the sensitive information of others that may be of strategic or tactical value. Today, with large amounts of information stored in computer systems, it is only natural that militaries would seek to infiltrate those systems and gain access to enemy secrets.

Click on each of the following items to learn more.
  • Ancient warfare
  • World wars
  • Cold war
  • Iraq War and weapons of mass destruction
Domains of Warfare
Military planners have traditionally divided war-fighting capabilities into four domains that are used to develop strategies and tactics as well as to organize forces. Only recently has the cyber domain been recognized as a fifth domain that complements the other four.

Click on each item to learn more. Next, click the ACTIVITY button to complete a brief exercise.
  • The four traditional
    domains of warfare
  • The early stages of
    cyberwarfare
  • The U.S. Cyber Command
    (USCYBERCOM)
Exploring the Cyber Domain
As the newest domain of warfare, the cyber domain is the least understood. Military planners specializing in land and sea operations have millennia of military history to draw upon when developing plans and strategies. Air and space have shorter histories as war-fighting domains but have still existed for more than half a century. The cyber domain is much newer and military plans have not adapted fully to this new way of fighting.

Click on each of the two major categories of information operations to learn more.
  • Offensive information operations
  • Defensive information operations
Information Operations Techniques
Information operations are more than cyberwarfare. They include any activity undertaken to attack or protect information and information systems.

In 2003, the Department of Defense organized information operations into seven categories and made specific recommendations about how the military might better organize, train, and equip to wage information operations in the future.

The figure illustrates the relationship between the seven techniques of information operations, cyberwarfare, and information operations. In the figure, notice that:
  • Computer network defense and computer network attacks fall within the realm of cyberwarfare.
  • Some intelligence-gathering activities fall within the cyber domain: specifically those that use cyberespionage techniques.
  • While all intelligence gathering fits within the domain of information operations, not all intelligence operations are cyberwarfare.
Click on each of the seven categories of information operations techniques to learn more about each one. Next, click the ACTIVITY button to complete a brief exercise.
  • Computer network attack
  • Computer network defense
  • Intelligence gathering
  • Electronic warfare
  • Psychological operations
  • Military deception
  • Operations security

In this section, you will have an opportunity to practice the concepts and processes that you have explored in this lesson.

The Demo Lab provided in this lesson guides you through the steps needed to perform tasks related to cyberwarfare. You may review these guided interactions as many times as needed.

The Hands-On Lab provides you with an engaging learning experience that is diagnostic and flexible. Follow the instructions provided in the Lab Manual.

In this section, you will have an opportunity to apply what you have learned in this lesson. A scenario is provided here that depicts the challenges often faced by professionals in the workplace.

You will explore the scenario, review related critical information, research a topic, and present your findings. Complete your work by submitting the graded assignment.

You work for General Technology Security, Inc. (GTSI). GTSI is a military contractor specializing in information systems security.

The organization is responding to a request for proposal (RFP) from the U.S. Cyber Command. The proposal will detail how and why your firm should be contracted to provide information systems security services to USCYBERCOM.

You have just attended a meeting in your firm’s conference room that discussed the RFP.

Click on your papers to read the brief of your role in preparing the RFP.

This RFP is important to our firm. I am asking each of you to be involved in our proposal.

Your particular assignment will be to research USCYBERCOM to find out more about the organization—its mission, its role in protecting our nation, and the details regarding a few of the commands that are part of USCYBERCOM (NETCOM, 1st IO Command, and INSCOM).

Thank you in advance for your effort.

Lt. Colonel Findlay, U.S. Army, retired
President and Chief Executive Officer
General Technology Security, Inc.

In this lesson, you learned that information is a military asset. You learned some of the basics of cyberwarfare and that cyberwarfare includes a wide range of activities that use information systems as weapons against an opposing force.

Research USCYBERCOM. Then write a paper that describes the organization, including its mission, its role in protecting our nation, and the role of NETCOM, 1st IO Command, and INSCOM.

For a checklist of action items, navigate to Course of Action on the right panel of the screen.

Use the following checklist as a guide to complete this assignment. Note that the tasks you have completed are already checked on the list.

  • Read the verbiage of the brief from your company president.
  • Consider all the factors that contribute to the challenge.
  • Research USCYBERCOM.
  • Write a paper that:
  • Describes USCYBERCOM’s mission
  • Discusses USCYBERCOM’s role in protecting our nation
  • Describes the role of NETCOM, 1st IO Command, and INSCOM
X

What is cyberwarfare?

Cyberwarfare includes a wide range of activities that use information systems as weapons against an opposing force. Cyberwarfare is the combination of activities designed to participate in cyberattacks and cyberespionage. Militaries will use the weapons of cyberwarfare to gain advantage when possible and, at the same time, counterattack against cyberwarfare activities. The combination of these offensive and defensive activities is cyberwarfare.

The terminology of cyberwarfare may seem confusing and overlapping. There is an important distinction between cyberwarfare and information operations, which is a broader term used to describe the ways that information affects military operations. Cyberwarfare activities (including cyberattacks and cyberespionage) are part of information operations. Information operations include activities (such as psychological operations and military deception) that are not included in cyberwarfare. Note that this course uses the terms information operations and information warfare interchangeably.
X

The likelihood of cyberwar

Although there is no broad agreement, the most common thought regarding the likelihood of cyberwar is that large-scale catastrophic cyberattacks are unlikely in the short term. Very few groups possess the ability to wage sophisticated, sustained cyberwarfare. Although it is unlikely that a nation will launch a massive cyberattack against another nation, it is very likely that cyberattacks will occur. With limited exceptions, the cyberattacks that take place today are not traceable back to a national government. They are the work of nonstate actors. These individuals and groups may be extremely motivated to conduct hostile actions to advance their agendas but lack the sophistication and technical capability to conduct a sustained cyberwar. They do, however, pose the threat of causing significant damage against a limited scope of targets.
X

Ancient warfare

One of the earliest recorded attempts to preserve military secrets dates back to approximately 50 BC, when Julius Caesar used a rudimentary encoding system to communicate with his military forces spread across the Roman Empire. He used a simple, but effective technology now known as the Caesar cipher. He simply went through his written messages character by character and shifted each character three places. For example, every A in the message became a D, every B became an E, and so on. Anyone intercepting the message would not be aware of the encoding system and would be unable to decipher its meaning. When a general in the field received a message from Caesar, he knew how to reverse the encoding system to decipher the original message. Caesar’s communication system opened an era of communications security in military operations.

X

World wars

The invention of the radio improved the ability to communicate dramatically. However, the same technology that made it easier for friendly troops to communicate also made it possible for the enemy to intercept those communications. The wide use of radios made the use of codes or encoding more important. Specialized mathematicians, known as cryptographers, worked to develop encryption technology that made it difficult for the enemy to decipher communications.

During World War II, the German and Japanese governments developed a specialized encryption device known as Enigma. The operator would first set the machine to the code of the day and then key in the message letter by letter. As each key was pressed, a different letter would light up on the device. This would be the letter transmitted as part of the encrypted message. When the receiver got the message, he would reverse the process by pressing the keys corresponding to the letters in the encrypted message. The letters of the original message would then light up on the Enigma device.

It took years before British mathematicians could finally break the Enigma code. Once it was broken, the entire German communications system fell into Allied hands.

X

Cold war

The end of World War II marked the beginning of escalated tension between the United States and the Soviet Union that lasted almost 50 years. The two superpowers postured with large stockpiles of nuclear weapons but rarely engaged in direct combat. Instead, one of the main characteristics of the cold war was the battles fought between intelligence officers. Agencies on both sides developed intelligence capabilities that included spies, eavesdroppers, satellites, and spy planes.

The success of the Enigma program and the wide use of electronic communications after World War II led to the development of sophisticated electronic intelligence capabilities. The U.S. National Security Agency (NSA) led the fight for the Americans, while the Committee on State Security (known by its Russian acronym, KGB) performed a similar function in the Soviet Union. Over the course of the cold war, both sides developed massive signals intelligence capabilities and were able to spy on each other’s communications.
X

Iraq War and weapons of mass destruction

Bad intelligence can have serious consequences. Prior to the war in Iraq that took place from 2003 to 2011, U.S. and British officials claimed to have evidence that Iraq was developing weapons of mass destruction (WMD). Analysis after the war revealed that the programs had ended in the early 1990s, and that there was no credible evidence that Iraq was pursuing the WMD program that the Allies claimed.

The reputation of the intelligence community suffered from this incident and it took years to recover.
X

The four traditional domains of warfare

The four domains of warfare are:
  • Land—The oldest domain of warfare. It consists of any fighting force that remains on the ground, such as infantry, cavalry, armored vehicles, antiaircraft batteries, and artillery. In the U.S. military, the United States Army primarily controls the land domain.
  • Sea—The domain of warfare fought on oceans, rivers, and seas. The sea domain includes all of a nation’s naval forces. In the U.S. military, the United States Navy controls the sea domain.
  • Air—The domain of warfare that includes fighters, bombers, reconnaissance aircraft, cargo planes, and fuel tanker aircraft. After World War II, responsibility for the air domain in the U.S. military transferred from the Army to the Air Force.
  • Space—With the advent of space flight, the military added space as a domain of warfare. The primary operations in this domain include satellite operations and the use of intercontinental ballistic missiles. In the U.S. military, the space domain is a mission of the Air Force.
X

The early stages of cyberwarfare

During the early stages of cyberwarfare, planners struggled with placing the cybermission into the four traditional domains of warfare and each branch of the service claimed responsibility for a portion of the mission. In 2010, a panel conducting the Quadrennial Defense Review for the U.S. Department of Defense (DoD) recognized the cyber domain as the fifth domain of warfare and concluded that they must organize, equip, and train forces to operate in the cyber domain just as they do for the four traditional domains. Additionally, they recognized that they must be able to conduct their operations across the other domains in cases where use of the cyber domain is degraded by enemy action.
X

The U.S. Cyber Command (USCYBERCOM)

The DoD reacted to this new domain by creating the U.S. Cyber Command (USCYBERCOM). The DoD outlines three needs that USCYBERCOM must fulfill for the military:
  • “Manage cyberspace risk through efforts such as increased training, information assurance, greater situational awareness, and creating secure and resilient network environments;
  • “Assure integrity and availability by engaging in smart partnerships, building collective self defenses, and maintaining a common operating picture; and
  • “Ensure the development of integrated capabilities by working closely with Combatant Commands, Services, Agencies, and the acquisition community to rapidly deliver and deploy innovative capabilities where they are needed the most.”
USCYBERCOM is responsible for conducting operations across all of the military services in these three areas of responsibility. The Director of the National Security Agency commands USCYBERCOM.
X

Computer network attack

Computer network attack (CNA) is one of the core capabilities of offensive information operations and cyberwarfare. Knowledge of a military’s CNA capabilities provides helpful information to an adversary’s defense efforts, so governments are extremely reluctant to openly describe CNA activities, even in a theoretical sense.

The weapons used by military forces engaging in CNA activities are similar (and sometimes identical) to those hackers use in seeking to undermine information systems security. The significant financial and human resources of military forces provide them the ability to create CNA weapons that exploit zero-day vulnerabilities.
X

Computer network defense

The domain of computer network defense (CND) closely maps to the civilian field of information security, and there is a frequent exchange of talent and tools between the military and the private sector in this area.
X

Intelligence gathering

Intelligence gathering is one of the core competencies of information operations. Military effectiveness is enhanced when leaders and planners have access to information about their adversary and intelligence operations. They seek to obtain as much of this information as possible.

The domain of intelligence collection includes a wide variety of activities that use diverse sources and methods. When those methods include the exploitation of computer systems and networks, the activities fall under the category of cyberespionage and are part of both information operations and cyberwarfare. The cyberespionage capabilities of the U.S. military are commonly referred to using the term computer network exploitation (CNE).
X

Electronic warfare

Electronic warfare is waged using a wide variety of weapons systems, including fixed ground stations, specialized aircraft, and ships at sea. The U.S. military has been conducting electronic warfare operations for decades and has entire units dedicated to the electronic warfare mission. Examples of electronic warfare include:
  • Jamming enemy radio transmissions
  • Disrupting the use of global navigation systems
  • Placing false images on enemy radar screens or removing real images from those screens
The Joint Chiefs of Staff divide electronic warfare activities into three subdivisions:
  • Electronic attack—The use of electromagnetic energy, directed energy, or antiradiation weapons to attack personnel, facilities, or equipment.
  • Electronic protect—Actions taken to protect personnel, facilities, and equipment from any effects of friendly or enemy use of electronic warfare.
  • Electronic warfare support—Actions taken to search for, intercept, identify, and locate sources of electromagnetic radiation. This is done for threat recognition, targeting, planning, and engaging in electronic attack operations.
X

Psychological operations

The military outlines five roles for psychological operations (PSYOPs):
  • Influence foreign populations by subjectively sharing information that is designed to influence the population’s attitudes and behavior and obtain compliance or other desired changes in behavior.
  • Advise military commanders on ways to conduct military actions in a way that attacks the enemy’s will to resist and minimizes the adverse impacts on psychological targets.
  • Provide public information to foreign populations to support humanitarian activities, restore or reinforce legitimacy, ease suffering, and maintain or restore civil order.
  • Serve as the commander’s voice to foreign populations to convey intent and establish credibility.
  • Counteract enemy propaganda to portray friendly intent and actions in a positive light for foreign audiences.
Oral and written propaganda is one of the major tools of psychological operations.
X

Military deception

The goal of military deception is to guide the adversary toward taking actions desired by the entity engaging in deception. Military deception may occur at two different levels:
  • The strategic level—Attempting to mislead foreign leaders into making strategic mistakes.
  • The tactical level—Field commanders trying to mislead each other about their intentions.
X
X

Operations security

Operations security (OPSEC) is designed to prevent the enemy from successfully engaging in intelligence gathering. The five steps of the OPSEC process are:
  1. Identification of critical information—Analysts seek to identify the essential information elements that would be valuable to the enemy and cause harm if disclosed. The work product of this phase is a document known as the critical information list (CIL).
  2. Threat analysis—Operations planners conduct research based upon collected intelligence, knowledge of adversary intelligence capabilities, and publicly available information to paint an informed picture of the adversary that may be compared with vulnerabilities in friendly forces during the risk assessment.
  3. Vulnerability analysis—OPSEC planners examine every aspect of a planned operation to identify the ways that an adversary could gather pieces of critical information from the operation. The vulnerability analysis phase is focused on indicators.
  4. Risk assessment—OPSEC planners perform a thorough assessment of the information collected in the first three phases and the countermeasures that may be used to limit the ability of adversaries to collect those indicators. Planners then perform a cost-benefit analysis to identify which, if any, countermeasures should be implemented.
  5. Countermeasure implementation—Commanders execute the OPSEC plan. The overall strategy should meet four criteria:
  • Minimize predictability from previous operations.
  • Identify indicators that may tip the adversary off to the OPSEC activities.
  • Conceal indicators of key capabilities and military objectives.
  • Counter vulnerabilities in mission processes and technologies.
Once the OPSEC countermeasures are in place, OPSEC staff should monitor enemy reactions to identify whether the countermeasures are effective and feed this information back into the planning process.
X