Information Operations
Newsletter
Compiled by: Mr. Jeff Harley
US Army Space and Missile Defense Command
Army Forces Strategic Command
G39, Information Operations Division
The articles and information appearing herein are intended for educational and non-commercial purposes to promote discussion of research in
the public interest. The views, opinions, and/or findings and recommendations contained in this summary are those of the original authors and
should not be construed as an official position, policy, or decision of the United States Government, U.S. Department of the Army, or U.S.
Table of Contents
Army Strategic Command.
ARSTRAT IO Newsletter on OSS.net
ARSTRAT IO Newsletter at Joint Training Integration Group for Information Operations (JTIG-IO) Information Operations (IO) Training Portal
Page 1
Table of Contents
Vol. 11, no. 10 (July – September 2011)
1.
"The Coming Cyber Wars"
2.
Chinese Army Targets iPhone, iPad With Propaganda App
3.
U.S. Military Disables Iraqi Insurgent Websites, Book ‘Counterstrike’ Says
4.
Computer Lab’s Chinese-Made Parts Raise Spy Concerns
5.
U.S. EW Threatened By Budget Cutting
6.
How ‘Quiet Americans’ helped defeat Al Shabaab
7.
Chinese Concepts and Capabilities of Information Warfare
8.
Battle Updates Space and Missile Defense Conference on Cyber Huntsville Progress
9.
Army Cyber 2020
10. 10 Years Later: How We Won
11. Information Warfare: A Historical Approach
12. Anti-Israel Turks Erroneously Hack Into Palestinian Sites
13. China's Use of Cyber Warfare: Espionage Meets Strategic Deterrence
14. 7 Lessons: Surviving a Zero-Day Attack
15. Tactical Information Operations in Contemporary COIN Campaigns
16. The Taliban are winning Afghanistan's information war
17. Arab Protesters and Social Media: Need For Engagement – Analysis
Page 2
"The Coming Cyber Wars"
By Richard Clarke Op-Ed, Boston Globe, July 31, 2011
Obama's cyber strategy is missing the strategy
Imagine if President Kennedy issued a nuclear war strategy in the 1960s that omitted the fact that we had
nuclear weapons, B-52 bombers, and long-range missiles. What if his public strategy had just talked about
fallout shelters and protecting the government? As absurd as that would have been, that is similar to what the
Obama administration just did with regard to the nation's cyber war strategy. The strategy doesn't even admit
that we have cyber weapons.
Under pressure from Congress and commentators to provide a strategy for how the new US Cyber Command
will use its "cyber war fighters," the administration recently issued a strategy that was met with barely stifled
yawns from cyber experts and military strategists. Apparently, that was the intent. The State Department
wanted to avoid charges that the United States was "militarizing" cyberspace, or that we were the first to
conduct cyber war (the attack on the Iranian nuclear facility at Natanz). And the White House wanted to avoid
any public discussion of cyber war or our strategy to fight one.
What got issued were five "strategic initiatives." First, the United States will "treat cyberspace as a domain,"
but only for the purposes of organizing, training, and equipping. There is nothing in the initiative about
treating it as a domain for war fighting.
Second, the Pentagon will employ new defense concepts "to protect" the Department of Defense. Apparently,
those new concepts won't protect the rest of us. Third, Defense will partner with other departments and the
private sector "to enable a whole of government cyber security strategy." It's not a "whole country" strategy,
just government.
Fourth, the Pentagon will build "robust relations" with other countries.
Finally, Defense will "leverage ingenuity" to create an exceptional workforce and make rapid technology
advances.
While it may be difficult to object to those platitudes, it is also hard to call them a strategy. For one thing,
they don't even mention that the United States has an offensive cyber war capability. Somehow that was
omitted from the 13-page unclassified document dribbled out by the Pentagon.
Retiring General James E. Cartwright, the vice chairman of the joint staff, worked on the strategy and has
since said that current approach of just trying to plug the holes in our networks does not punish attackers for
their rampant cyber espionage against us. As head of US Cyber Command, General Keith B. Alexander has
talked about a strategy of "active defense" that suggests that the United States engage in preemptive cyber
attacks. Both generals have bemoaned the inability of the civilian departments and the private sector to
defend critical US networks (like banking, electricity, and transportation) and have suggested the military may
have to defend those networks.
Congress should demand answers to questions like: What is the role of cyber war in US military strategy? Is it
acceptable to do "preparation of the battlefield" by lacing other countries' networks with "Trojan horses" or
"back doors" in peacetime? Would the United States consider a preemptive cyber attack on another nation? If
so, under what circumstances? Does US Cyber Command have a plan to seize control and defend private
sector networks in a crisis? Do the rules of engagement for cyber war allow for military commanders to
engage in "active defense" under some circumstances? Are there types of targets we will not attack, such as
banks or hospitals? If so, how can we assure that they are not the victims of collateral damage from US cyber
attacks?
That last question, about collateral damage, is no longer theoretical. The so-called Stuxnet cyber weapon,
which attacked and destroyed nuclear centrifuges in Iran, escaped into cyberspace. This sophisticated cyber
weapon was then captured by many computer experts around the world and is now freely available for anyone
to download. It raises the specter of whether non-state actors will soon be able to engage in cyber war.
During his confirmation hearings, Secretary of Defense Leon Panetta voiced concern about the possibility of a
"digital Pearl Harbor" that would cripple our electric power grid, banks, and transportation networks.
Now that he is in the Pentagon, he might want to suggest to the State Department and the White House that
it is time to treat the American people like adults and have a real public discussion of our cyber war strategy.
Table of Contents
Page 3
Chinese Army Targets iPhone, iPad With Propaganda App
By Adam Rawnsley, Wired, August 11, 2011
China The U.S. isn’t the only military with designs on invading the smartphone world. China’s armed forces
are starting to fill the app gap with a new iPhone program from the People’s Liberation Army.
China’s Ministry of Defense announced Monday that it was releasing an official app for iPhones and iPads to let
users keep up on People’s Liberation Army (PLA) goings-on. It’s a newsreader app that lets users view press
releases, pictures and video from official military outlets like the PLA Daily newspaper and China’s Ministry of
Defense.
Peng Guangqian, a retired PLA general and a strategist at China’s Academy of Military Science, told the staterun newspaper China Daily that cooperation with a cool company like Apple will help the military be more hip
and transparent.
Despite what Guangqian says, the PLA isn’t exactly cooperating with Apple on its news app. Quite the
opposite, actually. Try looking for it in the app store and you won’t find it. Why? It’s only available on
jailbroken iPhones. Some news outlets speculate that China may have chafed at Apple’s stringent app
development rules for its mobile military mouthpiece.
An app that soaks up official news feeds and spits them out on iPhones probably isn’t what Pentagon officials
had in mind when they pestered China’s military for greater transparency. Not that a lot of American military
types are likely to install the PLA app anyway. China has been suspected of a number of hacking incidents,
from a break-in on an unclassified Pentagon network to a recent attack against mega contractor Lockheed
Martin. Given the history, installing PLA software on your mobile device would likely be a big security faux
pas.
Putting the PLA app on iOS, Apple’s mobile operating system, make sense given the popularity of Apple mobile
devices in China, now the world’s second largest market for iPhone apps. There’s no word yet on a companion
app for the rival Android mobile operating system. (Although the PLA may not want to go there, given China’s
ongoing feud with Android’s developer, Google.)
But don’t worry, America. The Defense Department may not have completely embraced smartphones yet, but
we’re still number one in mobile technology compared to China. The Army and Navy have had their own apps
with news and recruiting info for a while now. Contractors are also looking to sell apps for use on the
battlefield, offering up programs like the SoldierEyes Common Operating Picture and the Raytheon Advanced
Tactical Systems that let troops track the position of their buddies in the field. For it’s part, the Army’s also
toying with its own app store and Android-based smartphone for soldier.
Table of Contents
U.S. Military Disables Iraqi Insurgent Websites, Book ‘Counterstrike’
Says
By Tony Capaccio and Brendan McGarry, Bloomberg, Aug 15, 2011
The U.S. military has hacked and temporarily disabled Iraqi insurgent and terrorist-based websites, a littleknown tactic that’s part of a government “counterstrike” capability, according to a new book.
At least two sites were “knocked off the web” prior to Iraq’s March 2010 national election after “the largest
interagency meetings held since” the September 11, 2001 terrorist attacks, write New York Times reporters
Eric Schmitt and Thom Shanker in “Counterstrike: The Untold Story of America’s Secret Campaign Against AlQaeda.” The book is scheduled for publication tomorrow.
The sites, including one sponsored by a “shadowy organization” called the JRTN “were posting specific
operational information that was considered a clear and emerging threat to the security of the vote,” they
wrote.
At least one site, hosted by a U.S.-based Internet service provider, was shut down after a visit from U.S.
lawyers “presenting snapshots of virulent, extremist and violent web pages carried on their server,” they
wrote. The U.S. provider was not identified.
The book, in chapters called “Terror 2.0” and “The New Network Warfare,” sheds light on offensive U.S. cyber
operations almost never discussed by U.S. officials. The book’s cites tactics such as “overloading,” without
details.
Cyber Deterrence
Page 4
The book’s disclosures contrast with the Pentagon’s public description of its strategy for blunting cyberattacks, which focuses on improving defenses instead of deterring intrusions or threatening retaliation.
Deputy Defense Secretary William Lynn July 14 released the Pentagon’s “Strategy for Operating In
Cyberspace,” which outlines five “strategic initiatives.” One is to partner with other U.S. agencies and private
industry to craft a “whole-of- government” approach.
Left unsaid was that the approach includes a capability to review and approve selective U.S. attacks under a
forum known as the “Strategic Operational Planning Interagency Group for Terrorist Use of The Internet,” the
authors write.
Proposals for attacks are reviewed by what Schmitt and Shanker call a “powerful board of governors assigned
to oversee counterstrikes on the Internet,” under a “three-way agreement” among the Pentagon, intelligence
agencies and the Justice Department “for considering timely attacks on terrorist web sites, with the president
making the final decision on whether to proceed.”
Then-President George W. Bush, in a secret authorization, in effect “declared Iraq an official battle space for
America’s cyberwarriors,” as it became “a real-world laboratory for computer network warfare,” they write.
Postings, Jamming, Scanning
To sow distrust and confusion among jihadists, the U.S. also uses a technique of “webspoofing” called “false
band replacement” where U.S. intelligence infiltrate networks and post their own materials.
The agencies have forged al-Qaeda “web watermarks” that in effect “makes messages posted on these sites
official,” Schmitt and Shanker wrote.
One official told them “we have learned to mimic their watermarks.”
The U.S. military also “had the ability to hack into their phones and we would text message guys” telling them
“another guy is cheating you out of money,” one “senior official” told the reporters.
Radio Jamming
Pentagon and State officials in Kabul devised an “over- broadcast” technique to jam insurgent pirate radio
networks using a strong signal over to block the adversaries’ message and send “counterprogram” coalition
messages on adjacent channels.
“The goal is fuzzing out the militants’ radio broadcasts so everybody has to turn to another station -- and that
station is yours,” said a U.S. official. The commercial technology to track, locate and “overbroadcast a signal”
costs about $10,000 the official said.
Perhaps the U.S. greatest technological advance in the war on terror is the eavesdropping National Security
Agency’s supercomputers that can “collect, analyze, sort and store data from a range of communications, in
particular cell phone conversations, emails and web sites, billions of times faster than humans can.”
The NSA computers scan and store the call history of cell phones turned over by thousands of temporary and
permanent detainees that pass through U.S. camps in Iraq and Afghanistan or voluntary applicants for
government jobs, they write.
“Each of these cell phones can be copied or cloned in seconds” and scanned for any matches to terrorist group
members. “It opens the door to a whole command and control network,” he told the authors.
Table of Contents
Computer Lab’s Chinese-Made Parts Raise Spy Concerns
By Eli Lake, The Washington Times, August 16, 2011
A U.S. supercomputer laboratory engaged in classified military research concluded a recent deal involving
Chinese-made components that is raising concerns in Congress about potential electronic espionage.
The concerns are based on a contract reached this summer between a computer-technology firm and the
National Center for Computational Engineering at the University of Tennessee, whose supercomputers
simulate flight tests for next-generation U.S. military aircraft and spacecraft, and simulate submarine warfare
for the Navy.
The storage system for the contract calls for using software from U.S. cybersecurity firm Symantec installed
over devices made by Huawei Technologies, a Chinese telecommunications giant that U.S. officials have said
has close ties to China’s military. Huawei and Symantec formed a joint venture in 2008, with Huawei owning
51 percent of the shares of the enterprise.
Page 5
Last week, four Republican senators and one member of the House Permanent Select Committee on
Intelligence urged the Pentagon and Energy Department in a letter to review the contract for potential risks to
national security.
The lawmakers’ request highlights tensions between the intelligence community and high-technology
companies on how sensitive computer servers, microchips and software that are designed or produced in
foreign countries can provide foreign intelligence services backdoor access to sensitive information systems.
“Given Huawei’s close ties to the [Chinese] government and its military and intelligence sectors, its history of
alleged corrupt practices and infringement on intellectual-property rights, and concerns it may act as an agent
for a foreign government, Huawei is not an appropriate partner for advanced U.S. research centers especially those working on critical or classified defense projects for the United States government,” the five
lawmakers stated in an Aug. 9 letter to Defense Secretary Leon E. Panetta, Energy Secretary Steven Chu and
Mary Schapiro, chairwoman of the Securities and Exchange Commission.
The lawmakers were Sens. Jon Kyl of Arizona, Jim DeMint of South Carolina and Tom Coburn and Sen. James
M. Inhofe, both of Oklahoma, and Rep. Sue Wilkins Myrick, a North Carolina Republican who chairs the House
Intelligence subcommittee that oversees counterintelligence.
Huawei’s vice president for external affairs, William Plummer, said in an interview Tuesday that the concerns
expressed by the lawmakers are misplaced.
“This letter is just the most recent chapter in what has become a tiresome book promoting fear about China
and slandering Huawei as a proxy,” he said. “The fiction is growing old.”
Huawei was founded in 1988 by Ren Zhengfei, a former engineer for the People’s Liberation Army, the
Chinese military. U.S. intelligence agencies suspect the company of having the capability of bugging
microchips it seeks to install in U.S. networks and equipment that could give China’s government the
equivalent of a listening post inside U.S. telecommunications architecture.
In 2008, the Treasury Department-led Committee on Foreign Investment in the United States blocked a
proposed sale of the software company 3com to Huawei, based on national security grounds. Last year,
representatives of the National Security Agency urged major telecommunications companies such as AT&T and
Sprint to cancel a deal that would put Huawei firmware and hardware on the cell towers of the national 4G
wireless network.
“My understanding is the ownership of Huawei is closely tied to the government of China,” said retired Air
Force Col. John Toomer, who left the service this year as deputy director of the cyber and information
operations directorate.
“We’ve had that fear for a long time, of having chips compromised by intelligence services,” he said. “You are
inviting a risk by using chips manufactured by Huawei at such a sensitive facility.”
Mr. Plummer said in response to that allegation that his company should not be singled out.
“Cybersecurity concerns are real, they are global, they are agnostic to national borders and they apply equally
to the entire information, communication, technology industry supply chain,” Mr. Plummer said. “It is incorrect
to suggest that the gear of one vendor is somehow less secure than the gear of another.”
A 2009 white paper prepared for the congressional U.S.-China Economic and Security Review Commission said
China’s military has “begun employing this capability to mount a large-scale computer-network exploitation
effort for intelligence-gathering purposes against the U.S. and many countries around the world.”
The five lawmakers, in their letter, raised concerns that Huawei is seeking to place its gear inside sensitive
installations by partnering with U.S. vendors. In the case of the University of Tennessee National Center for
Computational Engineering, a company called MPAK Technologies won the bid. That company specializes in
data-storage architecture, and it has sensitive contracts with the FBI and other U.S. government agencies.
In an interview, MPAK founder and CEO Michael Kornblum said his storage architecture was not at risk of
being compromised by an intelligence service. Data for the system would be encrypted, and the storage
system will not be connected to the Internet. He also said the Huawei hardware was not installed on the disc
drives, where the data would be stored.
“If you were to do the kinds of activities the senators are talking about, you would put that technology in the
disk drives because the data lives on the disk drives,” Mr. Kornblum said. “Huawei does not manufacture the
disk drives.”
Jeffrey Carr, the CEO and founder of Taia Global, a cybersecurity firm said, however, that encryption is not
enough.
Page 6
“There are so many alternative ways of compromising a network. It can be done through a thumb drive, a
printer server,” he said. “It could be done through a vendor that seeks to install or to service the equipment,
it could be done through an insider, an alternative communication channel like Bluetooth or another peer-topeer network. It could done through an internal email.”
Mr. Carr, who first wrote about the lab’s contract on his blog last month, said: “If you are targeting an
advanced facility, the bad guy will figure out the layout of the network.”
Another concern expressed by the lawmakers is that Huawei has been subsidized by the Chinese government,
giving it an unfair advantage over U.S. companies such as Cisco Systems.
In the letter, the U.S. lawmakers stated that Chinese policy gives Huawei the ability to offer much lower prices
than their competitors.
Mr. Kornblum said his company’s bid to build the storage system for the supercomputer was “significantly
cheaper.”
“It’s no mystery that Huawei is trying to get into the U.S. market,” he said. “They have done some things to
enter the U.S. market that were less publicized. But they are going to get into the market, and they are going
to eat Cisco’s lunch. Huawei’s technology is superior.”
Huawei’s Mr. Plummer said his company was given $25 billion in credit from 28 banks around the world,
including the Chinese development bank.
Mr. Plummer added: “We are doing business no differently than anyone else does business. We have
customers, and we have partners, and we have suppliers, and that is how business is done.”
Table of Contents
U.S. EW Threatened By Budget Cutting
By David A. Fulghum, Aviation Week, 10 Aug 2011
A clash between the complexity of threats facing the U.S. and the nation’s shrinking resources is under way,
but the Pentagon is losing the battle due to the growing cost of equipment and personnel.
A congressionally driven, debt-reduction compromise—which could trigger defense cuts of as much as $800
billion over a decade—may slow down the military’s upgrading of its electronic warfare, cyberattack, directedenergy and intelligence, surveillance and reconnaissance (ISR) systems, say congressional and military
analysts, just as foreign advances in the field are testing the U.S.’s ability to cope.
Traditionally, in times of funding slowdown, “electronic warfare is the first thing we cut,” says Rep. Rick Larsen
(D-Wash.), who chairs the House electronic warfare working group. But that template may change because
international threats from electronic, directed-energy, information and cyber operations—all now mixed in the
electronic warfare (EW) realm—are growing at lightning speed.
While electronic and cybercombat may dominate future battles, funding is not keeping pace. Moreover, the
military is wearing out its assets, particularly in airborne electronic attack, which could lead to a considerable
EW shortfall, Washington-based analysts contend.
Already, the Air Force has no dedicated high-performance EW platform like the Navy’s EA-18G Growler, points
out Daniel Goure, vice president of the Lexington Institute. And whether the F-35 Joint Strike Fighter will carry
the capability is in question with the anticipated defense budget decline, he says.
The need to transform Air Force electronic attack systems while at the same time spending to upgrade aging
EW systems is presenting a huge financial burden.
“The Air Force cannot sustain systems whose effectiveness does not justify the cost of ownership,” says Col.
Joseph Skaja, chief of Air Combat Command’s combat enabler division for requirements. “Legacy systems
struggle to evolve to meet the challenge,” he says. “[The combat air forces] will spend almost $3 billion to
sustain EW systems. The B-52 systems alone will account for $884 million and the F-15 will soak up a further
$603 million.”
Part of the solution will be changes in what the Pentagon buys, says Jacques Gansler, professor in the
University of Maryland’s School of Public Policy and former undersecretary of defense for acquisition,
technology and logistics.
“Unit cost must be a design requirement,” Gansler says. He points to the Joint Direct Attack Munition as one
of the few programs where that policy applied and notes that cost dropped to $17,000 each from $40,000.
The Pentagon also must stop buying ships, airplanes, tanks and other 20th-century weapons and shift to
intelligence, information, unmanned, anti-missile and networked systems, he says.
Page 7
“An integrated [network-centric] system will include distributed sensors and shooters, rather than requiring
every weapon to be self-sufficient and therefore extremely complex and expensive,” Gansler says. “The lower
cost of individual elements will enable far larger numbers to be acquired.”
The plan to get out from under legacy cost involves focusing investments in the airborne electronic attack (EA)
system of systems, Skaja says. One element is the counter communications electronic attack pod for
communications jamming. The MQ-9 Block 5 Reaper is the platform for testing. Another advance will be the
upgrading of existing EA pods for the F-16 and A-10 using digital radio frequency memory to replace obsolete
parts. The EC-130 Compass Call fleet will be upgraded and enlarged with additional airframes. It will begin
functioning within the Distributed Mission Operations Network. The final component of the upgrading will be
introduction of the Miniature Air-Launched Decoy and Jammer (MALD and MALD-J). The MALD-J provides
stand-in jamming in heavily defended areas. It can degrade and deny the use of radars. An Increment II
improvement is designed to increase the basic jammer payload by a factor of 10. It also will be the vehicle for
high-power microwave attacks to damage enemy electronics.
However, more could be accomplished if the Pentagon and industry cooperate to ensure new investments,
including private funding for EW, and if flag officers in each service are appointed to head EW development
and its associated capabilities and represent the discipline at the highest levels of military and government
decision-making, Larsen says.
The U.S. Army also is trying to move quickly to shore up gaps in its EW capabilities, says Maj. Richard
Savageau of Army Headquarters’ EW division. A total of 29 gaps are being addressed. Among the
improvements planned are linkages to a Joint EW system of systems and the introduction of directed-energy
weapon systems to target improvised explosive devices, unmanned aircraft data links and vehicle electronics.
The jewel in the crown of Army efforts is the Multi-Function EW system that will generate both offensive and
defensive effects against command-and-control communications, indirect fire, radar, electro-optics, infrared
equipment and infrastructure electronics.
Raytheon officials have provided some details about how directed energy—in this case light, inexpensive
lasers—can be introduced to the battlefield.
The services need a cheap, lightweight laser system that operates at slow speeds and low altitudes for
helicopters and unmanned aircraft. Raytheon has integrated a wide range of laser and missile-warning
systems to empirically assess anti-missile capabilities. Company researchers are refining a system that
combines fiber lasers and a seeker from the AIM-9X air-to-air missile.
“This has been pooh-poohed as immature technology,” says Mike Booen, Raytheon’s vice president of
advanced security and directed energy. “It’s not. Part of our preparation is a program with the Air Force that
is called the Quiet Eyes Laser Turret assembly . . . that marries the quantum cascade laser with the turret.
We’ve tested it against real targets . . . through rain and fog and other adverse conditions.”
The scheme to cut costs involves reusing hardware coming off existing production lines and lasers that are
being used for applications in the commercial world. The goal is to offer lightweight, high-reliability hardware
to the Army, Air Force and Navy for new, smaller classes of airborne platforms.
Since unmanned air vehicles, light helicopters and light attack aircraft operating in an ISR or EW role will be
within the threat rings of anti-aircraft missiles, there is interest in lasers that would provide these smaller
platforms maximum operational flexibility and self protection in a lightweight payload.
Table of Contents
How ‘Quiet Americans’ helped defeat Al Shabaab
By Kevin J. Kelley, The East African, 20 Aug 2011
A US-based military training organisation that has been quietly working in Somalia for the past three years is
seen as a key factor behind the recent successes of African Union forces battling the al-Shabaab Islamist
insurgency.
Bancroft Global Development, headquartered on Washington’s Embassy Row, employs about 40 South African
and European trainers who work with the Ugandan and Burundian troops that comprise the AU military
mission in Somalia (Amisom).
Bancroft director Michael Stock told The EastAfrican last week that these mentors are embedded with Amisom
units in Mogadishu and southern and central Somalia. They coach commanders on peace-support operations
strategies, especially on how to predict and defeat the tactics which foreign fighters bring from outside East
Africa and teach to al-Shabaab.
Page 8
The group’s trainers do not carry weapons and have no affiliation with the Pentagon or the CIA, Mr Stock said.
Several have been wounded during Amisom’s battles with Shabaab, but none have been killed, he added.
Mr Stock attributed the survival of his organisation’s employees to Amisom soldiers’ immense courage
protecting Bancroft staff over the past three years. He said this is a very moving sign of the bond between the
mentors and the protégés.”
Mr Stock, a 34-year-old graduate of an Ivy League university, was at pains to distinguish Bancroft from the
private contracting firms that work directly with the US military in Iraq, Afghanistan and other war zones
around the world.
Bancroft, which initially engaged in land mine-clearing operations, is a not-for-profit, non-governmental
organisation, Mr Stock noted. It does not receive funding directly from the US government but is instead paid
by Amisom, which is then reimbursed by the State Department for these outlays.
The Associated Press reports that Bancroft has been paid $12.5 million for its work in Somalia since 2008.
Mr Stock is keen to steer clear of the controversies that have arisen as a result of the Pentagon’s growing
dependence on private contractors. These profit-making firms play essential support roles in US military
operations but they are not subject to public oversight.
Private contractors have become a vital element in Washington’s global strategy because of American political
reluctance or financial inability to assign responsibilities directly to US military personnel. The contractors are
seen as proxies who often work closely with US client forces in the Middle East and elsewhere.
Despite the distinction drawn by Mr Stock, Bancroft is being indirectly funded by the United States in order to
help the Pentagon avoid putting boots on the ground in Somalia.
Obama administration officials have repeatedly said they do not want to insert US troops directly into a war
that Washington does regard as crucial to its counter-terrorism operations worldwide.
Painful memories linger of the sudden US military withdrawal from Somalia in the early 1990s following militia
attacks that took the lives of several American soldiers.
The US relies mainly on Amisom and Somalia’s Transitional Federal Government to counter Shabaab, which
Washington describes as a terrorist organisation with links to al-Qaeda. The US has spent hundreds of millions
of dollars to equip and train Amisom and the TFG’s forces. In addition, the CIA has established a base at
Mogadishu’s airport where it also maintains its own aircraft. The US has also been carrying out its own drone
strikes and special-forces raids against suspected Shabaab targets.
This multi-faceted approach has lately inflicted significant losses on Shabaab, causing it to withdraw from
Mogadishu. Analysts in Somalia suggest that Bancroft deserves some of the credit for this development. Mr
Stock’s organisation is said to have enhanced Amisom troops’ fighting skills and helped the anti-Shabaab
forces gain political support by instructing them in tactics that have reduced civilian casualties in Mogadishu.
On his part, Mr Stock says Uganda and Burundi sent capable, experienced soldiers to Amisom from the
beginning of the mission. Bancroft mentors who have experience in such operations from other parts of the
world helped to transform the conventional combat forces into a much more sophisticated peace-support
operations capability.
The Amisom troops have become truly impressive,” Mr Stock declares. Bancroft is committed to remaining in
Somalia as long as there are humanitarian and development needs and as long as the Somali government and
people want Bancroft to be there, he adds.
Well-placed analysts of the military situation in Somalia caution that Shabaab is likely to adopt a strategy of
assassinations and bombings with the aim of returning Mogadishu to a condition of chaos and thereby
discrediting Amisom and the TFG.
Table of Contents
Chinese Concepts and Capabilities of Information Warfare
By Vinod Anand, Strategic Affairs, Volume 30 Issue 4, October 2006
The People’s Liberation Army (PLA) has been sensitive to continuous changes in geo-political and geo-strategic
contexts, as well as the changing nature of warfare. It has fashioned its responses by evolving appropriate
military doctrines and strategies to meet future threats and challenges. Thus, China’s military doctrine has
over the years undergone a transition from people’s war to ‘people’s war under modern conditions’ and
thereafter from ‘limited local war’ to ‘limited war under high tech conditions’.
The concept of limited war under high tech conditions was formulated as a response to ‘Operation Desert
Storm’ and the lessons learnt from it, especially in the areas of information technologies and knowledge-based
Page 9
warfare. China’s November 2004 White Paper on National Defence outlines the acceleration of a Revolution in
Military Affairs (RMA) with Chinese characteristics by building an ‘informationalised’ force. ‘Limited war under
high tech conditions’, which remained in force for over 10 years, has now been replaced by ‘local war under
informationalised conditions’’ after studying the lessons of the Second Gulf War, ‘Operation Enduring Freedom’
in Afghanistan and ‘Operation Allied Force’ in Kosovo. The White Paper mentions the main objective of PLA as:
“The PLA, aiming at building an informationalised force and winning an information war, deepens its reforms,
dedicates itself to innovation, improves its quality and actively pushes forward the RMA with Chinese
characteristics with informationalisation at its core.”1
Though the term ‘informationalisation’ has not been clearly defined, what can be inferred is that it covers a
wide ambit and includes intelligencebased weaponry besides all elements of command, control, computer,
communications, intelligence, surveillance and reconnaissance (C4ISR) and traditional components of
information warfare. While informationalisation is only a sub-set of the RMA, with Chinese characteristics,
information warfare is a sub-set of informationalisation. But at the national and strategic levels, it transcends
the military aspects and becomes an important tool for shaping perceptions and belief systems of adversaries
and competitors on a higher plane. The 2004 White Paper, among other things, makes certain observations
and places emphasis and focus on:2
 Means of information operations and automated command systems, information measures, sound
organisational structures and advance weaponry and equipment, which possesses an integrated and
complete array of information support and operational means.
 Promotion of informationalisation of missiles and equipment, and improvements in communications and
reconnaissance capabilities, especially of the. Second Artillery Force.
 A series of projects on military information systems have been completed and information technology
elements have been incorporated into battle systems and development support to military information
structure has been guaranteed.
 Development of new military and operational theories and increased emphasis on training for information
warfare.
 Integration of military and civil resources for efficient information mobilisation mechanisms for exploiting
synergies.
Importance of Information Warfare
Given the above context, one can get an insight into evolution of Chinese theories and concepts on
Information Warfare (IW). As with all its military theories and strategic perspectives, Chinese traditional
wisdom and strategic thought is applied to all new concepts and precepts originating from the US, Russia or
elsewhere. The first wave of Chinese writings on IW appeared in the mid-1990s following the success of US
information technologies in the first Gulf War of 1991. Though this war was a defining event for all militaries
of the world, its impact on the PLA was greater because of the aspirations of the Chinese political and military
leadership towards acquiring comprehensive national strength. The PLA was first off the block in developing
theories of IW and adapting Western concepts to suit local conditions. A PLA General, writing on challenges
and importance of IW, observed:
In near future, Information warfare will control the form and future of war. We recognise this developmental
trend of information warfare and see it as a driving force in China’s military and combat readiness. This trend
will be highly critical to achieve victory in future wars.3
The General further emphasised that China must use a practical combination of IW and Maoist and Marxist
military thought to guide IW issues under military construction. The military must study ways of using inferior
equipment to achieve victory over the enemy’s superior equipment. He advocated study on how to conduct
‘People’s war in IW domain’. The underlying theme of Chinese concepts on IW has been emphasis on devising
ways and means to attack an enemy’s weaknesses and vulnerabilities, and on exploiting own strengths. The
other fundamental assumption is that superior tactics can compensate for inferior technology.
People’s Warfare in Information Warfare Context
According to some Chinese military analysts, because of the increasing relevance of information technology
(IT) to people’s lives, individuals who take part in IW are not all soldiers and that anybody who understands
computers may become a fighter. IW is inexpensive as the targeted party can be delivered a paralysing blow
through the net and it may be difficult for the latter to discern where the attack originated. Large amount of
useless information can be created to block or stop the functioning of an adversary’s information system.
Thus, a People’s War in context of IW can be carried out by hundreds of millions of people, using open-type
Page 10
modern information systems. Even political mobilisation for war can be achieved via the internet, by sending
patriotic e-mail messages and by setting up databases for education.4
This finds further support from another Chinese author, who observes that “even as … government mobilised
troops, the numbers and roles of traditional warriors will be sharply less than those of technical experts…since
thousand of personal computers can be linked up to perform a common operation, to perform many tasks in
in place of a large-scale military computer, an IW victory will very likely be determined by which country can
mobilise the most computer experts and part-time fans… That will be a real People’s War.”
Preparing for people’s war is a recurring theme in Chinese writing, as IW will be carried out by the PLA and
society as a whole. This concept has found practical expression in turning some of the 1.5 million reserve
forces into mini-IW regiments. The People’s Armed Forces Department (PAFD) has reportedly organised
militia/ reserve IW regiments at district levels in many provinces. For instance, in Echeng district of Hubei
province, the PAFD has a network warfare battalion as well as electronic warfare, intelligence and
psychological warfare battalions, and also a training base for IW activities. The PAFD has also carried out
‘Informaticised People’s Warfare Network Simulation Exercise’.5 A version of this concept was also put into
practice following the bombing of the Chinese embassy in Belgrade on May 8, 1999, during ‘Operation Allied
Force’. The Chinese hacked a number of US political, military and diplomatic web sites, and also carried out a
network battle by mobilising thousands of net users for sending emails and viruses. This caused servers to
crash, paralysing a large number of web sites.
Cyber Warfare
Concerns about China’s net force were heightened after the aforementioned attacks on US computer systems
and after the Chinese militia carried out IW exercises, which included India, the US, Taiwan and Japan as
target countries.6 The aim of such training was to disrupt critical infrastructure like banking, power supply and
telecommunication networks in the target country as part of China’s strategy of asymmetric approach to
warfare. In the cyber domain, the Chinese have adopted three methods for targetting such networks; the first
is the use of e-mails for planting viruses; then phishing and lastly, the introduction of ‘intelligent trojans’ and
‘vacuum trojans’. Diverse routes of planting trojans and viruses have been used to attack critical PCs, which in
turn send out files or cause Chinese Concepts and Capabilities of Information Warfare 785 malfunction.
Hackers’ tools are becoming more robotic and simple; for instance, a vacuum trojan will extract information
from a pen drive automatically when connected to a USB port. It is also believed that the next step could be
planting the targeted sites with the more difficult to detect fake data or partially fake data.
In Nanjing, the PLA has developed more than 250 trojans and similar tools. Here, it needs to be remembered
that foreign companies like Network Solutions, were made to hand over 300 computer viruses by the Ministry
of Public Security’s lab in an effort to speed up the certification of antivirus products .7 Further, the Chinese
Academy of Sciences, which provides suggestions about national information security policy and law, has
established the State Lab for Information Security. The lab has ‘National Attack Project’ as one of its research
programmes. Also, select professionals have been inducted into militia organisations to boost combat
capabilities in future wars.8 Thus, China has been paying much attention to offensive strategies in cyberspace
even as it concentrates on defensive IW.
Definition and Goals of Information Warfare
The Chinese understanding of IW, which was initially based on western concepts, has increasingly moved
towards evolving its own orientation. Chinese experts believe that IW’s essence is the sum of information
capabilities capable of breaking the will to resist by attacking an enemy’s cognitive understanding and
convictions, forcing it to give up all resistance and terminate the war. The goal is to “force enemy to regard
their goal as our goal, to force the opponent to give up the will to resist and end confrontation and stop fight
by attacking enemy’s perceptions and belief via information energy.” Xie Guang, the then Vice Minister of
Science and Technology and Industry for National Defence, defined IW in December 1999 thus: “IW in military
sense means overall use of various types (of) information technologies, equipment and systems, particularly
his command systems, to shake determination of enemy’s policy makers and at the same time, the use of all
the means possible to ensure that that one’s own systems are not damaged or disturbed.” This definition
apparently includes the aspects of IW’s goals at the larger national level. A further elaboration was done by
two senior PLA colonels, who described IW as consisting of five major elements and two general areas.9 The
five elements are:
 Substantive destruction, the use of hard weapons to destroy enemy headquarters, command posts, and
command and control (C2) information centres
Page 11
 Electronic warfare, the use of electronic means of jamming or the use of anti-radiation [electromagnetic]
weapons to attack enemy information and intelligence collection systems such as communications and
radar
 Military deception, the use of operations such as tactical feints [simulated attacks] to shield or deceive
enemy intelligence collection systems
 Operational secrecy, the use of all means to maintain secrecy and keep the enemy from collecting
intelligence on our operations.
 Psychological warfare, the use of TV, radio, and leaflets to undermine the enemy’s military morale.
The two general areas are information protection (defence) and information attack (offence). Information
defence means preventing the destruction of one’s own information systems, ensuring that these systems can
perform their normal functions. In future wars, key information and information systems will become “combat
priorities”, the key targets of enemy attack. It also includes many other manifestations of IW like computer
virus warfare, precision warfare and stealth warfare, all dependent in some manner on information and
software programmes.
Information Operations
Information Operations (IO) are specific operations and are considered to be at the core of IW, in the same
manner as IW is considered to be at the core of informationalisation. In fact, IO is a manifestation of IW on
the battlefield. It can be both of the defensive and offensive types, and can be conducted at the strategic,
operational, campaign and tactical levels at times of peace, wars and crises. Principles of IO have been
defined by Chinese military authors to include centralised command, decentralised control (multi-level power
delegation), multi-dimension inspection and testing, timely decision-making and integration of military and
civil actions with focus on key links. Major General Dai Qingmin, Director of PLA’s General Staff responsible for
IW and IO (and also ex-Commander of PLA’s IW Centre in Wuhan) observes that integrated and joint
information operations give more scope and purpose to people’s war. (In fact, jointness and integration is a
major theme of the 2004 White Paper). He defines IO as a series of operations with an informationalised
environment as the basic battlefield condition, with military information and information systems as the direct
operational targets and electronic warfare (EW) and computer networks as the principal form. He has outlined
various IO strategies because, as mentioned earlier, according to the traditional Chinese approach strategies
can compensate for inferior equipment and technologies and, in the case of IO, it may also compensate for
gaps in information or poor information about the enemy.10 Some of the IO strategies are:
 Jamming or sabotaging an enemy’s information or information system.
 Sabotaging an enemy’s overall information operational structure.
 Weakening an enemy’s information fighting capacity.
 Dispersing enemy forces, arms and fires while concentrating own forces, arms and fire.
 Confusing or diverting an enemy and creating an excellent combat opportunity for on self.
 Diverting an enemy’s reconnaissance attempt and making sufficient preparations for it.
 Giving the enemy a false impression and launching surprise information attack on him at the same time.
 Blinding or deafening an enemy with false impressions.
 Confusing an enemy or disrupting his thinking.
 Making an enemy believe that what is true is false and what is false is true.
 Causing an enemy to make a wrong judgement or take wrong action.
In the IW exercises conducted by PAFD, 10 methods of IO were practised and these can be viewed as tactics
in the electronic battlefield. These are: 11
 Planting information mines
 Conducting information reconnaissance
 Changing network data
 Releasing information bombs
 Dumping information garbage
 Disseminating propaganda
 Applying information deception
 Releasing clone information
Page 12
 Organising information defence
 Establishing network spy stations
Computer Network Operations
In Chinese writings on Information Warfare, networking has also been the focus of discussions. The recent
emphasis on jointness and integration apply equally to integrating various military networks. A critique by
Timothy Thomas notes that the Chinese feel it necessary to prepare for a “network people’s war”. Computer
network warfare has been included by Dai Qing as one of the six forms of IW (i.e. operational security,
military deception, psychological warfare, electronic warfare, computer network warfare and physical
destruction). Though there is no evidence of a formal Chinese doctrine, Chinese theorists have coined the
term “Integrated Network Electronic Warfare” (INEW) and this has also been referred to by Timothy Thomas
as a half cousin, given its similarities and points of divergences to the US approach.12
INEW has been described as a series of combat operations that integrate electronic warfare and computer
network warfare measures to disrupt the normal operation of an enemy’s battlefield systems while protecting
one’s own with the objective of attaining information superiority. The essence of computer network warfare
(CNW) is “to disrupt layers in which information is processed, by seizing and maintaining control of network
space”. EW is targeted at networked information systems and informationalised weapon systems in order to
increase combat effectiveness. According to Dai, INEW is necessary for system to system confrontation on the
informationalised battlefield, as systems are centres of gravity. Any disruption in system will lead to a
disconnect between the people and weapons. Thus, INEW lays stress on coordinating and integrating all
aspects of C4ISR and weapon platforms and weapon systems to produce the desired effects at the target end.
The effectiveness of weapon platforms and network systems is directly proportional to its levels of integration.
As in other spheres, integration produces a combat capability greater than the sum of its parts and, this is
true for information operations as well.
China’s computer network operations (CNO) comprise network attacks, defence, and exploitation. According to
the Pentagon’s Annual Report for 2005 to the Congress on China’s military power, the PLA views CNO as
critical to seize the initiative and “electromagnetic dominance” early in a conflict, and as a force multiplier.
This concept outlines the integrated use of electronic warfare, CNO and limited physical strikes against key
C4ISR nodes to disrupt an enemy’s battlefield network information systems. It is believed that the PLA has
established information warfare units to develop viruses to attack enemy computer systems and networks,
and tactics to protect friendly computer systems and networks. The PLA has increased the role of CNO in its
military exercises. Although initial training efforts focused on increasing the PLA’s proficiency in defensive
measures, recent exercises have incorporated offensive operations, primarily as first strikes against enemy
networks.13
The main area of weakness that the Chinese espy, especially with regard to US forces, is the deployment
phase. US forces are largely dependent upon computer and communication systems, both military and
nonmilitary, and the particularly weak links in the logistics network systems make them susceptible to
computer network attacks. Logistics network systems may be relatively easy to penetrate compared to other
C4 systems though it will be more useful to penetrate command and information links. However, the priority
of Chinese CNW seems to be to prevent the force from deploying at the first place and thereafter breaking the
linkages between decision-makers and weapon platforms. This approach rhymes with the oft-stated Chinese
strategy of attacking weaknesses and avoiding strengths of the enemy. As observed by James Mulvenon,
Chinese strategists theorise that:
 Computer network attack is the most effective means for a weak adversary to fight a strong one.
 It can be used as a means to deter the enemy.
 It has longer range than the conventional power projection assets, as long distance surveillance and
precise powerful and long distance attacks are available to the military.14
Psychological Operations and Information Warfare
Another important component of information Warfare with Chinese characteristics is psychological warfare.
Chinese doctrine has traditionally focused more attention on the psychological dimensions of IW, including
deception, though of late they have also been paying equal, if not more, attention to the technological
dimensions.15 The target in psychological operations is always the people and decision-makers, so that their
will and perceptions are attacked to alter their beliefs, goals and behaviour. This is aimed at both military and
civil components of an adversary’s populace. Psychological operations comprise of manipulation of media to
support military efforts and include conventional methods of propaganda like distribution of leaflets, radio and
TV broadcasts, and other means of communication. Like most of the components of IW, psychological
operations are a continuum of actions in peacetime, crisis time and war time.
Page 13
In August 2005, the PLA conducted a joint exercise, involving not only all its services but also troops from
Russia. The exercise involved distribution of leaflets over the opponent, electronic warfare to confuse incoming
missiles and adoption of electronic counter measures. These exercises involved the use of live missiles and
ammunition, and showcased precision warfare capabilities as well as the latest military equipment.16 These
exercises could also be said to have had a psychological dimension for deterring Taiwan or those aiding it in
its political objectives. Here, it can be argued that the Chinese appear to have taken a leaf out of the US
forces’ tom-tomming of the awesome power of their arsenal and military capabilities before the start of
‘Operation Iraqi Freedom’, which had the effect of lowering the morale of the Iraqi military. The US forces also
air dropped over 31 million leaflets for propaganda purposes besides physically attacking Iraqi forces’
command and control networks based on fibre optic lines and radio and computer servers. US forces had been
issued cyber-guidance as early as February 2003 for operations in Iraq. The PLA has thus been quick to
absorb lessons on IW from ‘Operation Iraqi Freedom’.
The Chinese also observed the power of media when CNN’s broadcast of a US soldier’s body being dragged
through the streets of Mogadishu transformed perceptions of victory into defeat. Authors of the Chinese book
titled Unrestricted Warfare reflected on the incident thus: Did CNN’s broadcast of an exposed corpse of a US
soldier in the streets of Mogadishu shake the determination of the Americans to act as the world’s policeman,
thereby altering the world’s strategic situation? And should an assessment of wartime actions look at the
means or the results?17
PLA’s IW/EW Capabilities
The 2004 White Paper shows that the Chinese military has understood that there is a large and expanding
technology gap between it and modern militaries, especially that of the US. China’s leaders, including
President Hu Jintao, have ordered the PLA to pursue “leap ahead” technologies and “informationalised”
capabilities to increase weapons’ mobility, firepower and precision. This perspective applies to IW also.
The Central Military Commission’s (CMC) Third or Technical Department of General Service Headquarters is
responsible for strategic SIGINT and has established a number of monitoring stations to intercept signals from
countries like India, Taiwan, Japan, South Korea and others. The PRC also established a Fourth Armed Forces
Department in 1990 to look after offensive and defensive IW activities. It has also built “an information
warfare simulation centre” for training its corps of network warriors. The centre uses high technology
simulation skills and equipment to simulate information warfare and its environment. The Fourth Department
has special detachments and units that manage and direct SIGINT and EW operations for the PLA at all levels
and includes operations of the Air Force and the Navy.18
The PRC has completed one million km of fibre optics line and communication infrastructure called “Eight
Horizontal Grids and Eight Vertical Grids” supported by satellite, ground mobile receiving stations and ground
to air data links.19 With technologies obtained from Western countries and by exploiting its booming
commercial IT and telecommunications sector, it has improved the quality of its military programmes. The PLA
has acquired and deployed a wide variety of air, sea and land-based intelligence, surveillance and
reconnaissance (ISR) systems to enhance its ability to detect monitor and target military activities in Asia and
West Pacific Ocean. Some of the latest programmes include electro-optics, synthetic aperture radar, over the
horizon radars, and surveillance systems that can detect stealth aircraft.
EW is a key element in the PLA’s ‘Three Attacks and Three Defences’ strategy (attack stealth aircraft, cruise
missiles and helicopters; defend against precision strikes, electronic warfare, and enemy reconnaissance) to
meet the requirements of ‘local war under high tech conditions’ which has now progressed to ‘local war under
informationalised conditions’. Both military and civil sectors are actively exploring IW concepts which could
lead to developing a corps of network warriors to defend China’s telecommunication, command and
information networks while uncovering vulnerabilities of adversaries’ networks.
At the national level, China has a C3I system based on fibre optic cables, satellite communications, microwave links, tropo-scatter communications and automated command and control systems. The PLA has both
secured and non-secured telecommunications and has an army wide data communication network and
integrated field operations communication system. Its WAN is capable of supporting peacetime operations
within Chinese borders and limited pre-planned operations along China’s periphery but is inadequate for largescale joint operations.20
The Chinese Army has a family of battlefield ELINT systems like DZ 9002 that detect, intercept, analyse and
record an adversary’s signal emissions. DZ 9001 has been developed both for defensive and offensive
electronic counter measures (ECM). DZ 9300 is a man-packed radar reconnaissance system meant for special
operations forces and rapid reaction forces. A bodyguard laser countermeasures system has also been
developed to counter precision-guided munitions guided by laser emissions.21 There are also a variety of
jamming systems with the ground forces.
Page 14
The PLA Air Force is developing capabilities in airborne warning and control systems (AWACS), airborne early
warning, and ECM aircraft and UAVs. Shaanxi Y-8 has been designed for special EW, ELINT and ECM missions.
This aircraft was first observed in operation in the summer of 2004 and it is believed that some of its
equipment may be from the US Navy’s EP-3 ELINT aircraft that made an emergency landing in Hainan in April
2001. Another version of the Y-8 aircraft is ‘Balance Beam’ airborne early warning aircraft meant for tactical
ISR, EW and ELINT missions. It made its maiden flight in 2001 and its finalised version Y-8 F600 flew in
January 2005. The PLA Air Force is planning for 4-6 AWACS and has about 20 other dedicated ELINT aircraft
like HD-5, TU-154M and HZ-6. HD-5, an older version, is being replaced by HZ-6 which has improved
capabilities. UAV’s configured for ELINT and EW missions are also in use.22 In July 2002, the PLA inducted the
Israeli anti-radar hunter killer HARPY UAV.
The Chinese Navy also has over a dozen ships and several trawlers for various electronic warfare missions.
Four Yuan Wang and Shiyan class ships monitor space events and are capable of collecting and monitoring
missile and satellite telemetry data and communications. Chinese industry has developed three types of
systems, based on Soviet-era systems, which have been further upgraded and modernised.
Space is another area where the Chinese have been making rapid advances, especially in the field of ISR and
anti-satellite technologies. China considers space as a ‘commanding height’ and it plans to control space and
win the information war after having built up an informationalised PLA. In 2003, the PLA had six dual-use
dedicated satellites for military purposes. In 2004, China placed 10 satellites into orbit and has a similar
schedule through 2006. It hopes to have more than 100 satellites in orbit by 2010, and launch an additional
100 satellites by 2020. In the next decade, Beijing will most likely field radar, ocean surveillance, and
improved filmbased photo-reconnaissance satellites. China will eventually deploy advanced imagery,
reconnaissance, and Earth resource systems with military applications. China’s ZY-2 payloads have digital
imagery reconnaissance capabilities and have worldwide coverage. Beijing also tested new film-based imagery
satellites and small digital imagery satellites in 2003 and 2004. It is also developing its own GPS navigation
system based on the Beidou series of navigational satellites. The PLA possesses anti-GPS jammers obtained
from Russia, which however may not be very effective against the NAVSAT satellite system of the US.23
China is also developing electronic intelligence (ELINT) and signals intelligence (SIGINT) reconnaissance
satellites. These digital data systems will be able to transmit directly to ground sites, and China may be
developing a system of data relay satellites to support global coverage. Furthermore, Beijing has acquired
mobile data reception equipment that can support more rapid data transmission to deployed military forces
and units. China is developing micro satellites for remote sensing as well as for putting into place networks of
electro-optical and radar satellites. In April 2004, Beijing launched a micro satellite with a probable imagery
mission. China is also conducting research to develop ground-based laser ASAT Weapons.24 All these
capabilities will contribute to China’s prowess in the field of information warfare.
Implications for India
Attaining information superiority has become one of the most important objectives to be achieved in the era of
knowledge age warfare. The concept of information superiority is somewhat analogous to similar concepts of
air, sea or space superiority. This is because proper use of information is as lethal as other kinds of power.
Further, the concept of information superiority leads us to attainment of decision superiority. Information
operations are increasingly being considered as important as sea, land and air operations. Information
operations can vary from physical destruction to psychological operations to computer network defence.
Wellconducted joint information operations with new RMA technologies, improved organisations and doctrine
will greatly contribute to a successful and decisive outcome.
It is in this context that a Defence Information Warfare Agency (DIWA) under the Integrated Defence Staff
Headquarters has been formed to coordinate efforts of the three services and certain other agencies to handle
all aspects of information warfare.25 The Indian concepts of IW are generally based on Western concepts and
according to the 2004 Army Doctrine, IW encompasses the elements of command and control warfare,
intelligencebased warfare, electronic warfare, cyber warfare, psychological warfare and network centric
warfare, military deception and secrecy as well as media support. Though the three Services have different set
ups for IW activity, DIWA is the nodal and apex policy-making body to formulate joint and integrated
responses to IW challenges. Therefore, an IW doctrine needs to be formulated, which it is believed, is under
the process of being evolved by DIWA. However, it is at operational levels that weaknesses in our IW efforts
exist. There is a need for joint linkages and joint planning to synchronise our response to all elements of
information warfare.
The Indian armed forces have made considerable progress in establishing C4ISR networks. But given that
these are service wise, there is a need for establishing a Joint Inter-Services Network26. The other areas that
need attention are:
Page 15
 In the era of cyber warfare, information warfare and net wars, information systems, both civil and military
networks, should have adequate redundancy, survivability and electronic security.
 For optimisation, the strengths of our IT infrastructure and industry and advancements in satellites and
radio-based systems should be jointly exploited by the military and civil sectors.
 Joint network and individual services networks should be able to function in all environments including
nuclear. For instance, they should be hardened against or be resistant to an EMP attack.
 We need to induct a wide variety of military satellites for upgrading our strategic ISR, SIGINT, ELINT,
COMMINT, imagery and navigation capabilities.
 We need to reflect on the Chinese model of net force based on their militia and examine whether there is
a need to adopt a similar model in our Territorial Army units. Even though Computer Emergency Response
Teams (CERT) at national and lower levels have been formed to respond to cyber attacks on civilian
infrastructure, the concept is more defensive in nature. A pro-active concept like that of net force may be
more appropriate.
Conclusion
China sees IW as a field where asymmetric strategies can be used to better its rivals, especially the ones with
better technological capabilities. It has applied People’s War concept in the context of IW to leverage the
availability of a large number of civilian IT experts. Simultaneously, it has not neglected the technological
aspects. Over the years, it has acquired state-of-the-art technologies from the West and Israel, and as the
Cox Report of May 1999 revealed through pilferage and spying, to upgrade its arsenal.
China has a large reservoir of scientists and a booming economy, which will help it in acquiring improved
capabilities in the sphere of IW. It has made rapid advances in the field of IT and space-based systems, which
will assist it in closing the technological gap with its peer competitors.
IW is important at the national, strategic and operational levels. At the national level, the aim is to alter the
perceptions of the adversary so that victory can be achieved without fighting or at the lowest cost. Militaries
all over the world have recognised IT and IW as force multipliers and as key battle winning tools. The electromagnetic spectrum, a key component of the information domain, has become the new high ground to be
captured for success of operations, thus highlighting the operational aspects of IW. China’s rising military
power has created concerns not only for the US but also its neighbours, which are equally if not more
concerned of the possible destabilising effects of a likely assertive China. India and other neighbours need to
evolve holistic strategies to safeguard their information domains and protect them from a variety of
information attacks.
References/End Notes
1. “China’s National Defense in 2004", White Paper, at http://english.people.com.cn/whitepaper/defense2004/defense2004.html. See Chapter
III, Revolution in
Military Affairs with Chinese Characteristics.
2. Ibid.
3. Wang Pufeng, “Challenge of Information Warfare,” in Michael Pillsbury (ed.), Chinese Views of Future Warfare, National Defense University
Press, Washington D.C., 1997, at http://www.au.af.mil/au/awc/awcgate/ndu/chinview/chinacont.html
4. Wei Jincheng, “Information War: A New Form of People’s War”, in Michael Pillsbury (ed.), Chinese Views of Future Warfare, Part Four at
http://www.au.af.mil/ au/awc/awcgate/ndu/chinview/chinacont.html
5. Timothy L. Thomas, “Like Adding Wings to Tiger: Chinese Information War Theory and Practice,” at
http://www.iwar.org.uk/iwar/resources/china/iw/chinaiw.htm
6. Ravi Visvesvaraya Prasad, “At the Hackers”, The Hindustan Times, December 19,2000.
7. Evan S. Mederios et al, “A New Direction for China’s Defense Industry,” p. 242, at
www.rand.org
8. “Over 500 Information Professionals Enrolled into Militia Organization,” PLA Daily, at www.english.chinamil.cn
9. Wang Baocun and Li Fei, “Information Warfare” in Michael Pillsbury (ed.), no. 3.
10. Dai Qingmin, “Innovating and Developing Views on Information Operations,” Beijing Zhongguo, August 20, 2000, article reviewed by
Timothy L. Thomas in “China’s Electronic Strategies,” Military Review, May-June 2001, pp. 72-77.
11. Ibid
12. Timothy L. Thomas, “Chinese and American Network Centric Warfare”, Joint Forces Quarterly (38) at
http://www.dtic.mil/doctrine/jel/jfq_pubs/1538.pdf.
13. Annual Report to Congress on “The Military Power of People’s Republic of China 2006,” (Department of Defense, Washington D.C.) at
www.defenselink.mil/ pubs/pdfs/china%20Report%202006.pdf
14. Testimony of James C. Mulvenon, “Chinese Information Operations Strategies in a Taiwan Contingency” before US-China Economic and
Security Review Commission Hearing “China’s Military Modernization and Cross Strait Balance,” September 15, 2005 at
www.uscc.gov/hearings/2005hearings/written_ testimonies/ 05_09_15wrts/mulvenon.pdf
Page 16
15. For China’s increased emphasis on Psywar, see views of Maj. Gen. Xu Hezen as quoted in, Timothy L. Thomas, “Comparing US, Russian
and Chinese Information Operation Concepts,” Foreign Military Studies Office, Fort Leavenworth, KS 66048, February 2004 at
www.dodccrp.org/events/2004_CCRTS/CD/papers/ 064.pdf
16. Vinod Anand and Arun Sahgal, “China and Russia, the new shooting stars,”, Asia Times, September 9, 2005.
17. Qiao Liang and Wang Xiang Sui, Unrestricted Warfare, PLA Literature and Arts Publishing House, Beijing, February 1999. Electronic edition
of the book available at http://212.111.49.124/iwar/resources/china/iw/unrestricted-warfare.pdf
18. Manuel Cerejo, “China, Cuba and Information Warfare, Signal Intelligence, Electronic Warfare and Cyber Warfare,” at
http://www.futurodecuba.org/ChinaandInformationWarfare4.htm
19. Abe C. Lin, “Comparison of Information Warfare Capabilities of the ROC and PRC,” at http://cryptome.org/cn2-infowar.htm.
20. Details of China’s C4ISR systems available at http://sinodefence.com.
21. Ibid
22. Ibid. Also see Manuel Cerejo, no. 18.
23. See Annual Report to Congress on “The Military Power of People’s Republic of China 2006", no. 13.
24. Ibid
25. Saikat Dutta, “Forces get ready for Information War,” The Indian Express,February 23, 2003.
26. Vinod Anand, Joint Vision for the Indian Armed Forces, Delhi Papers No. 16, IDSA, New Delhi, 2001, pp. 36-49.
Table of Contents
Battle Updates Space and Missile Defense Conference on Cyber
Huntsville Progress
By Mike Kelley, Huntsville Times, August 19, 2011
HUNTSVILLE, Alabama – A lot has happened over the past year to make Huntsville a center for cyber security,
Huntsville Mayor Tommy Battle said at the 14th annual Space and Missile Defense Conference.
Battle announced at the 2010 SMD conference his plans to create a Cyber Security Center of Excellence in
Huntsville that would leverage Huntsville's intellectual capital and capabilities to help solve the growing cyber
security challenges faced by the United States.
Battle and other local information technology leaders also see the initiative as an economic development boon
that would bring jobs to an area threatened by cutbacks in NASA and defense employment.
An increased pace of cyber attacks on government, military, and commercial targets such as financial
institutions has raised the level of awareness and need for information technology security specialists.
According to Gary Warner, a leading cyber forensics researcher at the University of Alabama in Birmingham,
the federal government alone could hire upward of 10,000 cyber security analysts per year if they were
available.
In his presentation, Battle pointed out that Huntsville would occupy a niche in the overall framework of cyber
security, providing cyber security research and development, modeling and simulation, engineering, training
and education and experimentation. Other areas of the U.S. are already heavily involved in cyber intelligence
exploitation, cyber operations, and government and infrastructure defense.
Since the announcement a year ago, Battle said a steering committee has been formed, and currently nearly
200 people locally are involved in some aspect of Cyber Huntsville, as the initiative has been named. "We
have a fantastic crew working on this effort," Battle said.
Cyber Huntsville now consists of an advisory panel made up of current and retired Army generals and Senior
Executive Service members and a collection of working groups. The effort recently took a major step by
reorganizing itself as a 501(c)(6) corporation and appointing a board of directors.
In his presentation, Battle pointed to the effort to get the word out about Huntsville and the Tennessee
Valley's expertise as one of the accomplishments of the past. Dr. Rodney Robertson, who is leading the local
effort, has made numerous visits to cyber security decision makers to further Huntsville's bid as a cyber
research center. "People in Washington recognize Huntsville as an aerospace and missile town, and we want
them to recognize us as a cyber security town," Robertson said recently.
The committee also recently developed a survey of cyber security needs, developments, and capabilities.
Battle also pointed to a late June cyber security summit as another accomplishment. Following the April 27
tornadoes that knocked out power throughout the Huntsville area for several days, the committee held a
"Resilience of our Critical Infrastructure and Cyber Security Summit – Lessons Learned after the Disaster"
event with Energy Department and Homeland Security Department officials. Commenting on the outcome of
the summit, Battle said, "We've seen what our vulnerabilities are and what our opportunities are."
Page 17
A major upcoming activity will be a Table Top exercise, planned for October that will simulate a coordinated
cyber attack on multiple areas of Huntsville. The simulated attack is designed to see how the city and other
local facilities, such as Redstone Arsenal, would respond to such an attack.
Table of Contents
Army Cyber 2020
By Rita Boland, AFCEA blog, 8/25/11
The U.S Army Cyber Command/2nd Army has been in operation for less than a year, but already it is building
the cyber Army of 2020, with several clear-cut views on future operations. Lt. Gen. Rhett Hernandez, USA, the
commanding general, explained during LandWarNet that his organization coordinates the Army’s information
operations and serves as its cyber proponent. In addition to high-level activities, the command is growing its
subordinate cyber brigade which will serve as the operational arm of the Army’s cyber mission.
Over the past 10 months personnel at the command have celebrated several successes including starting to
develop a strategic plan for Army Cyber 2020. Gen. Hernandez explained that cyber already has a role in all
operations and that moving forward cyberspace must extend U.S. and allied mission-command capabilities
while denying the same to others. The future also will involve an increased emphasis on the tactical edge.
According to the general, by 2020 the Army must integrate full-spectrum cyber capabilities, ensure mission
command and achieve cyber domain operational freedom meaning the Army will operate in the cyber domain
with the same level of freedom it now has in the land domain. “The future battlefield will be as much defined
by cyber as it is enabled by its effects,” Gen. Hernandez said. Other necessary actions include operationalizing
cyber, growing Army capacity and capabilities, and recruiting, developing and maintaining cyber professionals.
The general outlined several actions necessary for the Army to grow capacity and capability including defining
the force structure and integrating cyber into institutional process. He outlined plans to create a world-class
cyber operations center that will replicate cyberthreats as well as establish cyber centers to support mission
control, defend the network and extend capabilities. “A key to success in this line of effort is adequate and
rigorous leadership development,” he said, later adding that, “People are the centerpiece in all we do.”
Army Cyber Command is looking at different ways to attract qualified warriors to obtain the human capital it
requires. This involves examining industry initiatives for recruitment and retention as well as leveraging talent
across the active-duty military, National Guard, Army Reserves, civilian personnel and contractors. In
addition, Gen. Hernandez referenced “green page” pilots. The efforts aim to create directories in which people
could enter their skill sets to find opportunities to use them in Army efforts. Leaders could employ the pages
to find qualified personnel to fill certain requirements. Initiated in other parts of the Army, Gen. Hernandez
said he would like to find ways to leverage the pages across Army cyber.
To help secure the cyber domain, Gen. Hernandez explained that the Army must go beyond 3G—gates, guns
and guards. Instead, the Army must protect networks in more robust ways. And though he has faced several
challenges involved with moving forward cyberoperations and bringing together organizations that only
recently came into existence he said is excited about what has been done and what is to come. “I never
thought we’d have the opportunity to be on the front end of a new domain,” he stated.
Table of Contents
10 Years Later: How We Won
By William McCants & William Rosenau, the Atlantic, 8 Sep 2011
The war against al-Qaeda is over, but continuing to fight terrorism will require understanding what we did that
worked - and what didn't
Ten years into our struggle against al-Qaeda, it's time to acknowledge that the "war" is over and recognize
that the United States and its international partners overreacted to the al-Qaeda threat. Terrorism, after all, is
designed to elicit such overreactions. But the confluence of the recent death of bin Laden, harsh new
economic realities, the democratic movements in the Middle East, and the ten-year anniversary of the
September 11 attacks provide an ideal time to take stock of what it actually takes to deal with the al-Qaeda
threat.
The Failure of Al-Qaeda
The immediate physical threat posed by al-Qaeda has diminished greatly over the past ten years. The
elimination of Osama bin Laden -- a long-overdue counterterrorism triumph -- and the relentless dismantling
of al-Qaeda's senior leadership in their Pakistani sanctuaries and redoubts are obvious but powerful signs of
Page 18
the enterprise's darkening prospects. The recent death of one of al-Qaeda's most capable and influential
senior leaders, Abu Abd al-Rahman Atiyyatallah, in an alleged U.S. drone attack in Pakistan, will only hasten
its leadership's collapse.
More important, al Qaeda has failed utterly in its efforts to achieve one of its paramount political objectives.
From the 19th century through the present day, terrorists and insurgents -- from transatlantic anarchists to
Fanonists of the tiers monde to Nepalese Maoists -- have spun insurrectionist fantasies of taking over. But the
Salafist-jihadists' worldwide Islamic uprising, against perceived enemies of the faith, never materialized. The
Muslim masses have refused to play their part in the al-Qaeda dramaturgy. The terrorism intended to
generate widespread rebellion has failed to arouse a global Muslim community. Most damningly, al-Qaeda has
been irrelevant to the popular uprisings sweeping the heartland of the Muslim world.
Rethinking How We Fight Terrorism
In recognizing al-Qaeda's failures and weaknesses, we should reevaluate the political, military, economic, and
other instruments the United States wields against terrorism. Three of these methods need particular scrutiny.
The first is social and economic development. It might be useful in dealing with large-scale insurgencies, but
development is unlikely to address the idiosyncratic motives of the small number of people who join terrorist
groups. It's true that addressing the "root causes" of terrorism sounds like a sensible, systemic course of
action, but few truly agree what those causes are -- nor is there anything like a consensus on what measures
are likely to prove most effective.
The second questionable tool is one used in part of a broader set of information operations: positive
messaging about the United States. There are excellent reasons to pursue public diplomacy, but countering
terrorism is not one of them. The young people who are vulnerable to al-Qaeda's recruitment pitches are likely
to be impervious to positive messages about the United States. In addition, linking public diplomacy with
counterterrorism risks alienating intended audiences, which can easily detect the fear and hidden agenda
lurking behind the friendly American smile. The United States needs to dissuade people from attacking its
citizens -- but those people do not need to like the United States in order to abandon violence.
The third tool to drop is the one with which we've had the least success: occupying the country from which a
terrorist group is attempting to recruit. There might be good reasons to invade and occupy a country, but
eliminating a terrorist group is not one of them. It only engenders new recruits for the terrorists' cause and it
provides them a fertile training ground. Moreover, it plays into al-Qaeda's openly professed strategy of
bleeding U.S. resources to force it to reduce its influence in the Middle East.
What Works in Counterterrorism
What's left in the counter-terrorist's toolkit? Most of the significant advances against al-Qaeda and its fellow
travelers over the last ten years have come as a consequence of intelligence gathering, good policing,
spreading the awful truth about al-Qaeda, and helping other governments do these same things. These are
not ancillary to counterterrorism but rather its essential components.
Violent operations against al-Qaeda have garnered most of the public's attention. But, in terms of preventing
terrorist attacks, the most powerful weapon has been decidedly unglamorous and much less visible: police
work informed by well-placed sources inside terrorist cells. Major plots in New York, London, Stockholm, and
other key urban centers have been foiled by police, often working in unison with intelligence services.
Assisting foreign police forces should be a major component of the U.S. counterterrorism repertoire -- but
such aid is limited by considerable restrictions from Congress and a lack of skilled police trainers able and
willing to work abroad.
Eliminating terrorist networks is not enough. They also have to be discredited among the audiences they seek
to influence. Although it is true that al-Qaeda has done much to discredit itself through its doctrinal and
operational excesses -- killing civilians, attacking places of worship, targeting fellows Muslims -- the U.S. and
its allies have done an excellent job of magnifying those excesses. Two effective techniques have been
releasing private correspondence between al-Qaeda's senior leaders, which is rarely flattering, and quietly
pointing the media to evidence that al-Qaeda does not represent the aspirations of the vast majority of
Muslims.
Not only has the U.S. become adept at using these tools, it has also been skillful in showing others how to use
them. For example, Indonesia, once a fertile ground for militant Islamist activity, is now a counterterrorism
success stories because of these efforts.
Given the considerable damage that "kinetic" military operations have reportedly done to al-Qaeda, military
and paramilitary force should obviously remain an important part of the counterterrorist arsenal. But it should
be reserved only for killing the most senior leaders and operatives in a terrorist organization -- those whose
Page 19
skills are most lethal and most difficult to replace -- and only when local security forces are unable or unwilling
to take appropriate action. This does not require occupying a country, but rather cultivating local allies and
spending money to develop intelligence networks.
The War is Over
There will inevitably one day be another large attack on American soil and the U.S. government will inevitably
overreact, That is the response terrorism is design to elicit and the United States, because its safety and
isolation make terrorism feel so horrifying, is particularly susceptible to such a response. But if Washington
can use this 10-year landmark to throw out the counterterrorism tools that haven't worked and to sharpen the
ones that do, the negative consequences of that overreaction will be minimal. If not, the United States will
have drawn the wrong lessons from the last ten years, obliging its terrorist enemies by repeating its worst
mistakes.
Table of Contents
Information Warfare: A Historical Approach
By Adam Elkus, CTO Vision, September 16, 2011
Information warfare is thought to be a product of what, broadly speaking, is considered the “information” era.
However, if we correctly understand what information war is, we can see that it stretches back to the dawn of
organized conflict itself.
Dorothy Denning defines information warfare (IW) as “operations that target or exploit information
resources.” Information resources consist of containers (information media that contain forms of data),
transporters (objects and communication systems that transport information from one location to another),
sensors (humans and machines that extract information objects and the environment), recorders (objects that
place information in containers), and processors (people and objects that manipulate information).
Information resources are important because they have value to people, and thus can be disabled, destroyed,
or manipulated to accomplish operational and strategic goals. Hence, it matters little if you destroy a
command and control center with a computer network operation or simply blow it to smithereens with a
terminally guided submunition. The effect is largely identical.
Using this definition, information warfare becomes less exotic and part of the general toolbox of the
commander. Military deception–one element of IW–has been crucial to the success of many large operations.
Operation Bagration, the Soviet destruction of the Wehrmarcht’s Army Group Center, was only successful after
a massive campaign of maskirovka designed to hoodwink the German military planners trying to forecast their
attack. The deception campaigns that preceded the Normandy invasion and the German invasion of Russia are
also well-known to military historians. Although military writers often reach back to Sun Tzu to look at Chinese
information warfare theory, some of the biggest influences on current People’s Liberation Army (PLA) is
actually the Chinese Civil War. The Beiping-Tianjin campaign, for example, is an example of the seamless
employment of psychological operations alongside large-scale maneuver and attrition warfare and looms large
in the PLA’s institutional memory.
Military deception also has been extensively utilized in antiquity by the Mongols and the various armies that
contested China to not only delay recognition of the point of the blow but also to fool the foe into exaggerating
the size of one’s force. Genghis Khan, in this sense, was an IW pioneer.
Khan was widely known for leading hordes of savage horsemen across Russia and into Europe. While not
totally unfounded, the Mongols’ image of total, barbaric domination was greatly enhanced by Khan’s use of
PSYOP, deception, OPSEC, and targeting his adversaries’ decision-making process. “Agents of influence” were
sent in advance of his armies to do face-to-face PSYOP, telling of brutality and large numbers in the Mongol
army. Khan also used deception to create the illusion of invincible numbers by using rapid troop maneuver,
making his army look larger than it really was. He had a network of horsemen called “arrow riders” to
communicate quickly with his commanders, and he targeted enemy messengers to prevent enemy
commanders from communicating with each other.
Actual employment of IW capabilities in modern war will not differ much from the means described here–the
capabilities in question will change, but the methods of degrading the opponent’s information, attempting to
bait them into the wrong decisions, targeting their C3I, practicing proper operations security, protecting one’s
own information, and trying to undermine enemy morale are basic and recurring elements of IW throughout
history. One can also consider Khan’s “arrow riders” as an ancient attempt at increasing “power to the edge.”
One caution, however. Information warfare has never been decisive in and of itself–it’s always increased the
strategic effectiveness of one’s own forces and decreased the effectiveness of the enemy. Strategic
information warfare–even in the Gulf Wars, which featured the wholesale destruction of enemy C3I–did not
Page 20
decide the campaign. Rather, ground and air forces operating as part of the AirLand Battle paradigm utilized
capabilities, tactics, and operational plans honed in many rotations at the National Training Center (NTC)
against the most fearsome Soviet imitation forces the military could provide. Although future wars will
certainly raise the importance of IW as more and more enemy information assets and systems can be
targeted, history suggests that a “cyber Pearl Harbor” will not in itself be decisive.
Table of Contents
Anti-Israel Turks Erroneously Hack Into Palestinian Sites
By Ben Zur-Laron, Y Net news, 19 Sep 2011
Turkish hackers attacked dozens of Israeli websites over the weekend, only to find out that the sites belonged
to Palestinians.
The confusion was caused due to the fact that the Palestinian sites, which have a .ps web suffix, use Israeli
web servers.
"The hackers left anti-Israel messages on 70 Palestinian sites," said Shai Blitzblau, the head of MaglanComputer Warfare and Network Intelligence Labs. "Most of them discovered it when it was already too late.
Only after they broke in and sabotaged the websites did they find out these were Palestinian sites."
The message, which featured an image of an Israeli soldier washing blood off of his hands, read: "Because
you voted on behalf of Israel on Blue (Mavi) Marmara report… We suspended this site. You will apologize
Netanyahu, you will apologize Israel."
The criminal incident comes amidst a deepening diplomatic crisis between Turkey and Israel. Turkey recently
expelled Israel's ambassador and downgraded diplomatic relations with Israel over Jerusalem's refusal to
apologize for the events of last year's Gaza flotilla in which nine Turkish citizens were killed.
The criminal incident comes amidst a deepening diplomatic crisis between Turkey and Israel. Turkey recently
expelled Israel's ambassador and downgraded diplomatic relations with Israel over Jerusalem's refusal to
apologize for the events of last year's Gaza flotilla in which nine Turkish citizens were killed.
In recent weeks, Turkish Prime Minister Recep Tayyip Erdogan has made a number of speeches in which he
expressed, among other things, the Turkish fleet's readiness to face Israel. On Sunday, Turkish Foreign
Minister Ahmet Davutoglu announced that Ankara had interfered with Israel's request to open a NATO office in
Brussels.
Turkish messages on Palestinian sites
Table of Contents
Page 21
China's Use of Cyber Warfare: Espionage Meets Strategic Deterrence
By Magnus Hjortdal, Centre for Military Studies, University of Copenhagen
This article presents three reasons for states to use cyber warfare and shows that cyberspace is—and will
continue to be—a decisive element in China's strategy to ascend in the international system. The three
reasons are: deterrence through infiltration of critical infrastructure; military technological espionage to gain
military knowledge; and industrial espionage to gain economic advantage. China has a greater interest in
using cyberspace offensively than other actors, such as the United States, since it has more to gain from
spying on and deterring the United States than the other way around. The article also documents China's
progress in cyber warfare and shows how it works as an extension of its traditional strategic thinking and the
current debate within the country. Several examples of cyber attacks traceable to China are also presented.
This includes cyber intrusions on a nuclear arms laboratory, attacks on defense ministries (including the Joint
Strike Fighter and an airbase) and the U.S. electric grid, as well as the current Google affair, which has proved
to be a small part of a broader attack that also targeted the U.S. Government. There are, however, certain
constraints that qualify the image of China as an aggressive actor in cyberspace. Some believe that China
itself is the victim of just as many attacks from other states. Furthermore, certain actors in the United States
and the West have an interest in overestimating China's capabilities in cyberspace in order to maintain their
budgets.
China's Use of Cyber
Warfare_ Espionage Meets Strategic Deterrenc[1].pdf
Table of Contents
7 Lessons: Surviving a Zero-Day Attack
By John Foley, InformationWeek, September 19, 2011
When Pacific Northwest National Laboratory detected a cyber attack--actually two of them--against its tech
infrastructure in July, the lab acted quickly to root out the exploits and secure its network. PNNL then did
something few other cyber attack victims have been willing to do. It decided to talk openly about what
happened.
The lab's CIO, Jerry Johnson, last week provided a detailed accounting of the cyber attacks. Speaking at the
IW500 Conference in Dana Point, Calif., Johnson described how intruders took advantage of a vulnerability in
one of the lab's public-facing web servers to plant a "drive-by" exploit on the PCs of site visitors, lab
employees among them. For weeks, the hackers then surreptitiously scouted PNNL's network from the
compromised workstations.
Simultaneously, a spear-phishing attack hit one of the lab's major business partners, with which it shared
network resources. This second group of hackers was able to obtain a privileged account and compromise a
root domain controller that was shared by the lab and its partner. When the intruders tried to recreate and
elevate account privileges, this action triggered an alarm, alerting the lab's cybersecurity team.
Within hours, the lab made the decision to disconnect its network in order to sever the hackers'
communications paths and contain any further damage. Over the July 4 weekend, while the rest of us were
grilling burgers, PNNL's security team conducted cyber forensics, reconstructed the domain controller, reimaged systems, and restored network services that had been taken off line.
Who was behind the attacks? That's one question CIO Johnson won't discuss. But it's worth noting that Dept.
of Energy facilities were reportedly targets in the series of cyber attacks known as Operation Shady RAT that
were carried out against more than 70 companies, defense contractors, and government agencies over the
past few years. Based on the available evidence, some experts have speculated that those attacks originated
in China.
At the IW500 conference, in a session titled "Anatomy of a Zero-Day Attack," Johnson was candid about how
the lab responded to the intrusions. He also shared the following list of lessons learned from the experience:
1. There's danger in multi-level security environments. The lab had a well-protected IT security perimeter,
but the attacks made it through anyway. An advocate of "defense in depth," Johnson is putting increased
emphasis on protecting the data itself.
Page 22
2. Purge legacy, minority technologies. The Web server in the first attack was based on a little-used
technology at the lab, Adobe ColdFusion. Such out-of-sight, out-of-mind technologies are inherently
vulnerable because they don't get the same degree of attention as an organization's primary platforms.
3. Monitor cybersecurity events 24 x 7. Advanced persistent threats like those that hit PNNL are just that-persistent--and require constant vigilance. Across federal government, agencies are investing in "continuous
monitoring," with a goal of obtaining a near real-time view into the status of computer system security.
4. Maintain a core forensics capability. If your network does get hacked, security teams must be able to
reconstruct events and assess the damages. What you learn can help prevent a relapse.
5. Include a senior project manager on your response team. Responding to a breach requires not only
attention to detail and carefully coordination, but an ability to engage top management at a moment's notice
and, if necessary, escalate decision making.
6. Be prepared to call for help, and don't wait. You may need to bring in security experts, business partners,
law enforcement, or other outsiders. At PNNL, Johnson alerted the public affairs office, in order to prepare for
the inevitable media inquiries.
7. Have an emergency communications continuity plan. When PNNL pulled the plug on its network, the
hackers lost their ability to inflict further damage. Unfortunately, the decision also meant that lab employees
lost network services, including email and voice mail. Be prepared for that eventuality by sharing cell phone
numbers and alternative email address in advance.
As Operation Shady RAT and a similar cyber attack on Google and other companies demonstrate, the risks are
complex and growing. Johnson agreed to talk about it as a way of helping other organizations bolster their
defenses. For that, he deserves a tremendous amount of credit. Secrecy is the norm in the wake of a cyber
attack, but openness will lead to better preparedness.
Table of Contents
Tactical Information Operations in Contemporary COIN Campaigns
By Thomas Elkjer Nissen, Dept. of Joint Operations, Royal Danish Defence College, Sep 2011
This paper examines how the modern information environment affects the operational environment in
contemporary COIN operations and how Information Operations (INFO OPS) fits into and supports these
operations at the tactical level. Furthermore the paper looks at the techniques and capabilities that can be
utilised for influence purposes in COIN, and not least all the things that lies behind the INFO OPS - specifically
training and education, leadership, intelligence and planning principles unique to the successful conduct of
Tactical INFO OPS in COIN.
Tactical information
operations in contemporary COIN campaigns.pdf
Table of Contents
The Taliban are winning Afghanistan's information war
By Frank Ledwidge, the Guardian, 14 September 2011
Over the last decade Nato has constantly found itself behind the curve in planning and executing what they
call "influence operations" – a combination of the use of propaganda ("psychological operations") and,
importantly, force to deliver its "message". For getting its media message across, it has relied on clunking
spokesmen whose pronouncements, particularly on casualties, are automatically assumed by Afghans to be
lies. Matters are not assisted by the fact that for much of the time western forces and their Afghan allies do
not seem entirely clear on their objectives.
Meanwhile the Taliban (or Islamic Emirate of Afghanistan, as they call themselves) are crystal clear as to their
desired end-state: foreigners out and a government under Islamic law. Despite the fact that much of their
media output is highly inaccurate – their website this morning claimed that they had killed "several dozen
foreign invaders and local puppets" – the Taliban are always first off the mark after every incident. This has
long been a source of huge frustration to senior officers, but a problem that Nato's media operations
bureaucracy seems incapable of putting right.
Tuesday's attacks in Kabul delivered a series of messages from the Taliban (if indeed it was the Taliban who
carried them out. Needless to say, they claimed them anyway.) First, they confirm what is already clear to
Page 23
most Afghans: no one is now convinced by Nato's claim that Afghan forces will be able to secure the country
within three years. Aside from the inability of the army or police to conduct the smallest operation without
foreign help, the desertion rate in the army is extremely high – at one point reaching 35% at the height of
harvest time this summer.
The police are even worse: their many checkpoints are regarded, like much of the rest of government, as
useless obstructions to everyday life. Afghan security forces' performance during the recent attacks in the
capital have not inspired confidence among Kabulis. Matters are not helped by the fact that yesterday's
attackers are thought to have entered the city dressed in burqas. Few if any of those police checkpoints have
women officers.
Second, the Taliban is pointing up the strategic irrelevance of the current operations in Helmand and the
south. The military historian and former US marine corps colonel Bing West describes these desultory battles
as "groundhog wars". Despite taking serious losses from what are effectively Nato special forces' death
squads, the Taliban is still in business.
In any event, the centre of gravity in this war is not the south, where the enemy is strong and has succeeded
in "fixing" US and other Nato forces to their bases and a few hamlets and towns. These forces include British
troops in Helmand who cling on to three of the province's 14 districts. The centre of gravity of this war is
Kabul itself and what it represents. We have found ourselves involved in national war, which has been
exhausting the country for over 30 years since the 1979 Soviet invasion. Both the west and the Taliban are
tired now and keen to move toward a resolution.
Which brings us to the key purpose of the attacks. In December, there is to be another try at a political
settlement in Bonn. The convenor of the last Bonn conference in 2001, Lakhdar Brahimi, has said that the
"original sin" in 2001 was not to give the Taliban a seat at the table. They may yet get it. This week the US
approved the opening of a Taliban office in Doha, and it is certain that talks will begin between the US and the
Taliban before the end of the year. This is a huge step forward, and the Islamic Emirate of Afghanistan, the
organisation we call the Taliban, or that part of it under the control of Mullah Omar, is determined to begin
them from a position of strength. Their operations in Kabul and elsewhere were intended to establish that
position. There is no doubt at all that there will be more like them.
Table of Contents
Arab Protesters and Social Media: Need For Engagement – Analysis
By James M. Dorsey, EurAsia Review, October 6, 2011
If there is one event or region that has highlighted the impact of technology and social media on
policymaking, social movements and protest, it is the Arab revolt that has been sweeping the Middle East and
North Africa since December last year. Many have dubbed the popular revolts in Egypt and Tunisia a
“Facebook revolution” because of the use by middle-class activists of social media in the build-up to the mass
anti-government protests that early this year toppled presidents Hosni Mubarak and Zine el Abedine Ben Ali.
Activists in Libya employed social media to organise peaceful protests in February against the regime of
Colonel Moammar Gaddafi before they mutated into a civil war.
Similarly, social media and mobile telephony have played a key role in Syria in circumventing news blackouts
and censorship to get news of the brutal crackdown by the government of President Bashar al Assad to the
outside world. They also figure in exacerbating sectarian tensions between the country’s Sunni Muslims and
Alawites, the minority sect to which Assad belongs.
Technology does not spark revolts
Yet, despite the perception of many, it is not technology that sparks revolts. No doubt, social media facilitate
and accelerate the speed and breadth of communication, and impact politics, social movements,
communications and the flow of news. But the answer to the question whether the Arab revolt would have
erupted without Facebook is a resounding yes. To dub the Arab revolt a Facebook revolution would require
revising explanations of past revolts such as the Islamic revolution in Iran and popular uprisings in the
Philippines and Indonesia.
To be sure, technology plays an important role in protests and revolts. In Iran in 1979, it was the cassette
tape that helped Ayatollah Khomeini to inspire millions to overthrow the Shah, at the time the most powerful
symbol of US influence in the region. In Tunisia, a mobile phone video of a young man setting himself on fire
in desperation, tapped into widespread discontent and last December brought thousands into the streets of
Tunis. Cassettes and mobile telephony are technologies that autocrats understand. Social media, however, is
a game changer. Pro-democracy activists understand social media and the opportunities they offer in ways
that autocratic Arab regimes find difficult, if not impossible, to grasp.
Page 24
Social media change the way communications and public affairs are managed, particularly in a crisis. That
requires a degree of sophistication that many but particularly autocratic governments often find difficult, if not
impossible, to marshal. In fact, employing that degree of sophistication would require a far-reaching revision
of the way most Arab autocrats do business. Syria is a case in point. The government’s approach to online
information warfare involved its Syrian Electronic Army hacking hundreds of opposition and international
websites, to assert that it was battling terrorists. According to NPR (National Public Radio) the websites
targeted included those of Newsweek, the US Treasury, and screen and television personalities.
Engagement replaces control
Perhaps what is most frustrating to Arab autocrats is the fact that the combination of mobile telephony, the
Internet and social media has rendered censorship futile and fundamentally rewritten the ground rules of
communications policies. Social media have turned the shaping of the narrative into something much more
complex, in which governments and institutions have to engage in ways they did not have to in the past.
For one, communication has become a two-way street. Shaping the narrative no longer means control, instead
it means engagement. That is an approach that in the best of circumstances is a difficult one, but particularly
for embattled autocrats, because it requires a mind shift that few autocrats can make.
Even the Western media had problems in adjusting to technological change. When newspapers shifted from
broadsheet to tabloid formats, not only did size change, so did the content, the story. Similarly, moving the
print edition of a newspaper on to the Internet proved to be an unworkable formula. It failed to recognise that
technology had replaced one-way communication with interactivity and changed the way news is consumed
and what an empowered public expects of news organisations.
As a result, governments and institutions, irrespective of the political environment they operate in, are being
forced to rethink their approach to communications. They have to pay greater attention to the way they
project themselves, their policies and the way they relate to the public in a new and increasingly complex
communications landscape. Technological change means that governments and institutions have to be more
attentive to public opinion because whether or not that opinion can be freely expressed social media enable it
to become part of the public domain.
Discontent will find its Outlet
The international community looked to the Arab street in the wake of 9/11 for change that would eradicate the
breeding ground of extremism. When the Arab street did not immediately revolt, government officials,
analysts and journalists wrote off the Arab street. Nonetheless, the widespread discontent continued to
simmer at the surface. It was palpable if one put one’s ear to the ground.
If the current Middle Eastern revolt and its embrace of technology teach anything, it is that where discontent
exists but cannot be expressed openly, it will be expressed elsewhere in what constitutes a truer reflection of
reality.
It is a reality enhanced by technology that Middle Eastern and North African autocrats ignore at their peril.
Table of Contents
Page 25