WIXLIB

Martin C. Libicki3those who see the United States as having supremacyin handling information while its former supremacy inthe industrial arts seems to be diminishing.Coming to grips with information warfare,however, is like the effort of the blind men to discoverthe nature of the elephant: the one who touched its legcalled it a tree, another who touched its tail called it arope, and so on. Manifestations of information warfareare similarly perceived. Although some parts of thewhole are closely related in form and function (e.g.,electronic warfare and command-and-control warfare),taken together all the respectably held definitions of theelephant suggest there is little that is not informationwarfare.Is a good definition possible? Does having onematter? Perhaps there is no elephant, only trees andropes that aspire to become one. Clarifying the issuesis more than academic quibbling. First, as themetaphor suggests, sloppy thinking promotes falsesynecdoche. One aspect of information warfare,perhaps championed by a single constituency, assumesthe role of the entire concept, thus becoming grosslyinflated in importance. Second, too broad a definitionmakes it impossible to discover any commonconceptual thread other than the obvious (thatinformation warfare involves information and warfare),where a tighter definition might reveal one. Third, theslippery inference derived from loose aggregationpoints to the conclusion that the United States can and

4WHAT IS INFORMATION WARFARE?must seek the dominance in information warfare itcurrently enjoys in air warfare, as if these arenas werecomparable.Thomas Rona, an early proponent of informationwarfare, offered the following definition:The strategic, operation, and tacticallevel competitions across the spectrumof peace, crisis, crisis escalation,conflict, war, war termination, andreconstitution/restoration,wagedbetween competitors, adversaries orenemies using information means toachieve their objectives.This definition is broad, too broad: one way oranother, it subsumes most human activity. In a relatedview, information war exists to ensure that one's ownpicture of a conflict is more correct than that held bythe other side. This perspective is useful butincomplete. All viewpoints are incorrect, because datacannot be incorporated without a conceptual structureto hang them on. Yet even the best structures areabstractions of a complex world. Whether thestructures are biased in important and harmful ortrivial and harmless ways is what matters.The Joint Staff has faced great difficulty inassigning precise responsibilities even for militaryforms of information warfare (nonmilitary forms, for

Martin C. Libicki5instance, include the defense of national financialsystems against hackers). Command-and-controlwarfare (C2W) is assigned to J-3 (the operationsdirectorate) within the Joint Chiefs of Staff. Designingcommand-and-control systems for security andprotection is as clearly the province of J-6 (the C4directorate).2 Forms of information warfare thatinvolve establishing and maintaining systems ofbattlefield intelligence, reconnaissance, andsurveillance naturally fall under J-2 (the intelligencedirectorate). Finally, because most of the interestingissues of information warfare presume that theinformation architecture of the future will be differentfrom that of the present, information architecturewould be associated with long-term planning, whichsits in J-5 (the strategic policy and plans directorate).This essay attempts to sort out definitions ofinformation warfare.3 The first part reviews sevenplausibly distinct forms of information warfare, eachidentified by one or another expert as a definingexample of information warfare. Each is examined byasking what does it do, in what sense is it war, whatdoes it owe to silicon technologies, and how well can2Late in 1994, the two directorates negotiated a formal division of labor. Howwell that division holds up as the roles and missions of information warfarecome up for decision remains to be seen.'Readers are also pointed to Julie Ryan, "Offensive Information War," apaper presented to the Naval Studies Board of the National Research Council(Washington, DC), 8 Sept. 1993.

6WHAT IS INFORMATION WARFARE?the United States, compared with others, wage it?Although information warfare is often regarded asnew, some forms of it are newer than others. Somehave been enabled by and others altered by informationtechnology, while still others have only marginallybeen affected by it.The second part of this essay searches forunderlying themes. Do the forms of informationwarfare cohere well enough so that as a whole they canbe assigned to information warriors in the sense thatnaval warfare is assigned to the Navy? To what extentare traditional concepts, such as "dominance,"applicable to information warfare? Are thereunderlying principles, grasping and, ultimately,mastery of which may provide a conceptual frameworkfor effective prosecution of information warfare?Indeed, is information warfare truly warfare?A caveat: Those who search for an ideal definitionshould look elsewhere. The typology used here isintended to subdivide a large field into tractableparts—information warfare may better be considered amosaic of forms, rather than one particular form.

2Seven Forms in Search of aFunctionSeven forms of information warfare vie for theposition of central metaphor: command-and-controlwarfare (C2W), intelligence-based warfare (IBW),electronic warfare (EW), psychological warfare(PSYW), hacker warfare, economic informationwarfare (EIW), and cyberwarfare.4As Anne Wells Branscomb has pointed out, "invirtually all societies, control of and access toinformation became instruments of power, so much sothat information came to be bought, sold, and barteredby those who recognized its value."5 Branscomb couldhave added, stolen and protected as well. This essayexamines information warfare as the struggle over"Seminal works plural on information warfare include: George Stein,"Information War-Cyberwar-Netwar," Air War College, 1993, and JohnArquilla and David Ronfeldt, "Cyberwar Is Coming!" Comparative Strategy,12 (1993), 141-165. The definitions used there differ from those used here.Netwar for those authors is akin to psychological warfare against both nationalwill and national culture; cyberWar is command-and-control warfare, whichbroadly includes psychological operations against opposing commanders. Thetitle used by Arquilla and Ronfeldt suggests that cyberwar lies directly in thefuture, yet Genghis Khan's use of psychological warfare gets a tenth of thearticle as does the North Vietnam's use. Coming, as such, must perforceinclude Came.5Anne Wells Branscomb, Who Owns Information? From Privacy to PublicAccess (N.Y.: Basic Books, 1994), 1.

8WHAT IS INFORMATION WARFARE?information processes rather than the efforts made toacquire information. Although the information systemsrequired to manage logistics are substantial, they enterinto information warfare only if and when an opponenttargets the logistics information system to degrade it;similarly, weather collection systems enter informationwarfare only if they are subject to attack. By contrast,IBW systems are part of information warfare becausethey are used to read a target that would avoid beingread and that often has ways (e.g., cover, concealment,and deception) to distort readings at the source.The critical aspects of information warfare areinformation denial (or distortion) and its counterpartprotection. C2, EW, hacker war, and informationblockade clearly fit into this definition. IBW may beincluded, insofar as attacks on the instruments andintegrity of collection systems become important toconventional operations. Psychological warfare also isabout denial, in the sense that elevating one perceptionusually subjugates its opposite (e.g., a nation is eitherfriendly or hostile). Cyberwarfare fits, too, as a grabbag in which warfare and information are jumbled.

3 Command-and-Control WarfareThe following is taken from a core Department ofDefense (DoD) dictum on C2W and informationwarfare:C2W [Command-and control-warfare] is themilitary strategy that implements InformationWarfare (DoD Directive TS-3600.1,21 December1992, "Information Warfare") on the battlefieldand integrates physical destruction. Its objective isto decapitate the enemy's command structure fromits body of command forces.6Defined in this way, U.S. forces demonstrated masteryof information warfare in the Gulf by destroying many6MOP-30, which is currently being revised, slices and dices informationwarfare out to operational units. Limited to military operations, it covers, "theintegrated use of operations security, military deception, psychologicaloperations, electronic warfare, and physical destruction, mutually supported byintelligence, to deny information to, influence, degrade or destroy adversaryC2 capabilities while protecting friendly C2 capabilities against suchactions"(2).Mapped on the schema used here, MOP-30 covers C2W, theanticommunications aspect of EW, defensive IBW, and unit-level psychologicaloperations: "these [PSYOP] forces used in C2W are, in most cases, the sameforces used to conduct other aspects of warfare, and unless they represent someunique capability, will move in the same flow as the units to which they areorganic" (20).

10WHAT IS INFORMATION WARFARE?physical manifestations of Iraq's command-and-controlstructure. These operations have frequently beenpointed to as the reason the bulk of the Iraqi forceswere ineffectual when U.S. ground forces came rollingthrough.7Decapitation can be accomplished by a blow to thehead or by severing the neck, each thrust serving adifferent tactical and strategic purpose.Antihead. Gunning for the commander's head isan old aspect of warfare. Examples abound, from theancient practice of seizing the enemy's king to thedeath of Admiral Nelson, shot by a shipboard sniper,the employment of sharpshooters against opposinggenerals during the Civil War, the downing of AdmiralYamamoto's plane in World War II, strategic nucleartargeting theory, and attempts to find Saddam Husseinduring the Gulf War or Mohammed Aideed inSomalia. What is new is that the commander'saccessibility keeps shifting. Command effectivenessused to require commanders to oversee and thusremain near the range of combat. In World War Iwireline communications enabled commanders tooperate beyond the range of enemy arms. Later, theairplane and missile returned the commanders to thetarget zone.7An extended period of material deprivation coupled with continuous carpetbombing prior to the ground offensive has also been cited.

MartinC. Libicki11More important than the commander's physicallocation is the transformation from the commander tothe command center. Today's command centers areidentifiable by copious, visible communications andcomputational gear (and the associated electromagneticemissions), the physical movement of paper and otherofficial supplies, plus enough comings and goings ofall sorts to differentiate these centers from other venuesof military business.An attack on a command center, particularly iftimed correctly, can prove disruptive to operationseven without hitting a high-ranking enemy commander.Despite the known disadvantages of single-pointvulnerabilities, most commerce in messages tends tocirculate within very small spaces. Fusing data anddistributing them to harmonize everyone's situationalawareness requires either a central set of ganglia or amajor redesign of legacy systems. Determining thelocation of a command center permits juicy targets tocome within gunsight—an opportunity rarely passedup. Correctly timed attacks can disrupt and distractoperations beyond the immediate effect of destruction.Iron bombs are not the only way to attackcommand centers. Systems can be disabled by cuttingoff their power, introducing enough electromagneticinterference to make them unreliable, or by importingcomputer viruses, yet none of these means is foolproofor cost-effective compared with iron bombs on target.Most soft-kill weapons require knowing the location of

12WHAT IS INFORMATION WARFARE?the target. Although some of them have a largereffective radius than conventional munitions, thedifference is limited and finding before firing remainsequally essential.How long will command centers remain visible?Bunkering can protect headquarters, but at the cost ofmobility (and newly perfected penetrating ordnancerequires deep and comparatively immobile bunkers).Control of the signature of the command center may bea better strategy. Computers can be shrunk to thedesktop, emissions of communications gear masked byelectronic clutter (both deliberate and ambient) oroffloaded through multiply redundant cables or line-ofsight relays away from headquarters, and paper willyield to the paperless, perhaps optical, society(someday). Networks can generally be decentralized.8Comings and goings and congregations that createvaluable targets can be reduced throughvideoconferencing and whiteboarding.9 Power suppliescan be supplemented by bunkered generators or, moreingeniously, by relying on dispersed photovoltaiccollectors for electricity (which should be scattered sotheir presence will not reveal the command center).Physical (weak) and virtual (strong) decentralization are different: physicaldecentralization retains a centralized information architecture but protects thesystem by dispersing and replicating memory and processing; virtualdecentralization makes subunits capable of operating on their own but usescoordination with the center to strengthen the quality of their decisions."Whiteboarding is a network application that permits what is put on oneperson's screen to come up on another's.

Martin C. Libicki13These means can keep command centersindistinguishable from any other inhabited space.Failing this result, the degree to which an enemy ishurt by being struck will depend on backuparchitectures (e.g., which nodes supply whatinformation, what information is vital for battlefielddecisions).Dispersion will take time; reconfiguration coststime and money and increases the difficulty ofcommand. Proponents may need real-lifedemonstrations, rather than theoretical arguments, toconvince commanders that dispersion is needed andthat a given level of dispersion will suffice againstattack. But the transformation will eventually happeneverywhere. How soon militaries in other countrieswill make the shift will depend on technologicalsophistication, the degree to which current commandcenters feel vulnerable, the extent to which authority isvested in personal contact or in ostentatious displays ofsilicon, as well as miscellaneous cultural factors. In thelong run, war planners would be foolish to base theirstrategy on the assumption that the enemy's commandcenters can be disabled.Antineck. Modern militaries have been knit byelectronic communications since the mid-nineteenthcentury and by radioelectronic communications sincethe 1920s. Cut these communications and commandand-control is disabled, which, again, is old in

14WHAT IS INFORMATION WARFARE?warfare.10 What is new is the size of thecommunications load in the information age. Airdefense systems, for instance, work better whenintegrated across facilities than when each facilityworks independently. The extent to which operationsdepend on the flow determines whether efforts to cutcommunications are worthwhile.Cutting communication links requires knowinghow the other side communicates. If its architecture iswritten in wire, the nodes (e.g., the AT&T building indowntown Baghdad) are easily identified and disabled.Like command centers, communications systems canbe crippled by attacks on generators, substations, andfuel supply pipelines (e.g., gas lines into powerplants), such as U.S. forces made in the Gulf. If thearchitecture is electromagnetic, often the key nodes arevisible (e.g., microwave towers). If satellites are usedfor transmission and signalling, then communicationlines can be jammed, deafened, or killed.The impact of attacks depends on how far theother side has progressed from the mainframe era. Acommunications grid composed of many smallelements rather than a few large ones radiates less andcasts smaller shadows over the landscape; it offers Part of the Southern strategy in the Civil War was to conduct raids againstrailroads and telegraph lines used by Union forces; by 1864, nearly half theUnion strength was devoted to occupation duties and protecting its lines ofcommunication.

Martin C. Libicki15greater redundancy and confounds the enemy'stargeting problems.Redundancy is an attribute of both developed andless developed states. By the end of the Gulf Warallied forces had more (if less important) C2 targetsleft to attack than at the start, despite the numberdestroyed. The Iraqis, as it turned out, had manycommunications systems, more perhaps than even theywere aware of, from radio systems that Western oilcontractors had left in place to rural telephone systemsthat routed around major cities.Deliberate redundancy, of course, is moreefficient than accidental. Systems that replicatemessage traffic multiply the likelihood of a messagegetting through in highly degraded conditions, even ifredundancy reduces the system's overall capacity.Additional robustness can be protected by newtechnologies such as spread-spectrum (to guard againstburst errors in heavy jamming environments) andsophisticated error-correction techniques (e.g., trelliscoding). A strategy of redundancy still leaves themanagement problem of distinguishing vital bit flowsfrom merely useful ones. Bureaucratic, rather thantechnological, factors may determine the vulnerabilityof any data-passing system.To what effect? The potential influence of C2W onthe outcome of conflict is predicated on thearchitecture of command relationships among the

16WHAT IS INFORMATION WARFARE?attacked. Iraq imitated its Soviet mentor, in part forpolitical reasons (Iraqi society rules throughconvictions, rather than conviction); Cutting orthinning the links between head and body could easilybe predicted to immobilize the body. Front-line troopswere sitting ducks for U.S. air and ground attack andshowed little creative response.Clearly, a rigid opponent like Iraq is only one endof a long continuum of possibilities. Other societiesmay allow local commanders more autonomy.Although the North Vietnamese also werehierarchically organized, their operatives were capableof long periods of untethered operations. An attack oncentral authority could conceivably release fieldcommanders to demonstrate an initiative that wouldmore than compen

Sep 08, 1993 · (iii) electronic warfare (radio-electronic or cryptographic techniques), (iv) psychological warfare (in which information is used to change the minds of friends, neutrals, and foes), (v) "hacker" warfare (in which computer systems are attacked), (vi) economic information warfare