|
Much depends on just what you mean by "network-centric warfare".
Initially (maybe 1996-2000) it seemed to be used recklessly, and was the domain of much wild speculation (science fiction analogies) and dangerous enthusiasm (controlling warships with Windows NT).
After maybe 2000 or so it seems to have really been working, but by then it really should have been called something more like "information-centric" or "communication-centric" warfare.
The point is the sharing of information and how that information is used, not just the fact that there's a networked graphical interface.
In September 1997, the USS Yorktown,
a Aegis-class missile cruiser,
was left dead in the water for close to 3 hours
because of a cascade of failures started by
a Windows NT application that didn't prevent
a divide-by-zero error.
There's a design error here — who made NT
a vital part of a warship, and who designed an
architecture that allowed the failure cascade?
Google
finds lots of discussion, ask for:
september 1997 yorktown windows
Also see the Military and Aerospace Electronics
article:
"Navy Postmortem Tries to Pinpoint What
Went Wrong With the 'Smart Ship'",
in
Military and Aerospace Electronics,
March 2001, pp 1,5.
"What is Information Warfare" is available from the Government Printing Office (by Martin C. Libicki, August 1995, National Defense University series, G.P.O. 1996-405-201:40005). Much enthusiasm and anecdotes, light on technical facts and realism. Note the section where he discusses William Gibson's science-fiction novels and the movie "TRON" as possible models! Well, it's out there, and some people may consider it important.
Two government references that look better are NIST Special Publication 800-12 and NIST Special Publication 800-14.
"Network-Centric Warfare", Vice Adm Arthur K. Cebrowski and John J. Garstka, U.S. Naval Institute Proceedings, Jan 1998, pp 28-35. At least for the USNI publications, this seems to be the article that kicked off the craze.
"IT-21 Intranet Provides Big 'Reachbacks'", Rear Adm Robert M. Nutwell, U.S. Naval Institute Proceedings, Jan 1998, pp 36-38. A pretty good overview.
"Moving the Navy Into the Information Age", Cmdr Michael S. Loescher, U.S. Naval Institute Proceedings, Jan 1999, pp 40-44. He seems to have watched way too much "Star Trek", as the article actually suggests working on "cloaking" and "shielding" as in that sci-fi TV show, plus "omniscience" and "telepathy".
"The Power of e-Sailors", Vice Adm James R. Fitzgerald, U.S. Naval Institute Proceedings, Jul 1999, pp 62-63. A decent overview, at the expense of yet another unneeded neologism...
"Beware of Geeks Bearing Gifts", Lt Cmdr Eric Johns, U.S. Naval Institute Proceedings, Apr 1998, pp 74-76.
"The Seven Deadly Sins of Network-Centric Warfare", Thomas P. M. Barnett, U.S. Naval Institute Proceedings, Jun 1999, pp 36-39.
"The Smart Ship is Not the Answer", U.S. Naval Institute Proceedings, Jun 1998, pp 61-64. "Using Windows NT, which is known to have some failure modes, on a warship is similar to hoping that luck will be in our favor."
"Network-Centric: Is It Worth the Risk?", Cmdr William K. Lescher, U.S. Naval Institute Proceedings, Jul 1999, pp 58-63.
A very useful and more recent overview of NCW in its broader and more mature sense is a series of articles in AWST, 27 Jan 2003, pp 37-59.
The RAND Corporation wrote what looks like a good analysis of cyberwar for the U.S. Air Force. http://www.rand.org/pubs/monographs/2009/RAND_MG877.pdf
During the NATO attacks on Serbia in the spring of 1999, including the accidental bombing of the Chinese embassy, there were retaliatory attacks against NATO's public web server (instigated from Belgrade) and against a number of U.S. government sites, including Dept of Interior, Dept of Energy, the National Park Service (!), and the U.S. embassy in China (instigated from Beijing and from groups supporting the Beijing government).
There were also attacks against U.S. and NATO systems from China. Federal Computer Week, 1 Sep 1999, http://www.fcw.com/print/5_169/news/68382-1.html
April-May 2001 — A US Navy EP3 intelligence gathering aircraft landed on Hainan Island after a mid-air collision with a Chinese fighter, leading to scattered attacks using "Kill USA" and "China Killer" programs. [New Scientist, 23 Feb 2008 pp 24-25]
October 2007 — The US Department of Homeland Security's U.S. Immigration and Customs Enforcement agency reported that it had launched more than 540 investigations into illegal exports of controlled U.S. technology to China since 2000. http://www.orlandosentinel.com/news/nationworld/orl-shuttlespy1208feb12,0,4004944.story
January 2008 — The USAF said, "China has been positively identified as a source of campaign-style cyber attacks on Department of Defense systems." http://www.afa.org/magazine/jan2008/0108dogs.asp
January 2008 — The USAF said papers in Chinese military journals and textbooks discuss ideas for war against the US in a confrontation over Taiwan, including communication jamming and computer malware: http://www.airforcetimes.com/news/2008/01/airforce_china_strategy_080121/
February 2008 — The Australian government announced that Chinese hackers were launching targeted attacks to gather information from sensitive military secrets to the prices Australian companies will seek for resources such as coal. http://www.theage.com.au/news/national/chinese-waging-online-spy-war/2008/02/09/1202234232007.html
11 February 2008 — US officials arrested a former Boeing engineer on charges of stealing trade secrets from the space-shuttle program, Delta IV rocket and other projects and sending them to agents of the Chinese government. http://www.orlandosentinel.com/news/nationworld/orl-shuttlespy1208feb12,0,4004944.story
12 February 2008 — Washington Times story on Chinese espionage: http://washingtontimes.com/article/20080212/COMMENTARY/556045574/1012
15 February 2008 — Washington Post story on Chinese espionage: http://www.washingtonpost.com/wp-dyn/content/article/2008/02/14/AR2008021403550.html
3 March 2008 —
The US Defense Department said that attacks in 2007 against
computer networks operated by governments and commercial
institutions around the world "appear" to have originated
within China.
http://www.defenselink.mil/pubs/pdfs/China_Military_Report_08.pdf
http://www.uscc.gov/annual_report/2008/report_to_congress.pdf
http://www.govexec.com/dailyfed/1207/120407bb1.htm
http://www.govexec.com/story_page.cfm?articleid=39438
http://www.govexec.com/story_page.cfm?articleid=39466
http://www.fcw.com/online/news/151837-1.html
24 March 2008 — Tibet protest groups have been targeted for attack with hostile e-mail attachments sent from Chinese servers. http://www.bbc.co.uk/blogs/technology/2008/03/tibet_the_cyber_wars.html
25 March 2008 — "A Chinese-born engineer convicted of conspiring to pass U.S. military secrets to the People's Republic of China was sentenced Monday to 24 years and five months in federal prison." http://www.informationweek.com/news/showArticle.jhtml?articleID=206905727
10 April 2008 — Business Week runs a cover story "The New E-spionage". Summary: many prolific sources based in PRC launch spear-phishing attacks on government workers and contractors. The To: and From: fields look relevant, content is relevant. Message has spyware attachment that will capture keystrokes and harvest data files, sending product back to PRC. Plus capability for remote access of the system. BYZANTINE FOOTHOLD has been a US project to detect, track, and disarm intrusions on critical government networks. "Poison Ivy" was the name given to PRC code by commercial infosec companies. http://www.businessweek.com/magazine/content/08_16/b4080032218430.htm
6 May 2008 — "Over the past one and a half years, officials said, China has mounted almost daily attacks on Indian computer networks, both government and private, showing its intent and capability." http://timesofindia.indiatimes.com/China_mounts_cyber_attacks_on_Indian_sites/articleshow/3010288.cms
20 Nov 2008 — A U.S. Congressional advisory committee releases a report warning that Chinese attacks on civilian, government, and military networks are rising. Click here for the report, or see the article in Information Week.
18 Apr 2009 — Newsweek magazine reports on "Ghostnet".
Some calm thinking on the Chinese hacking threat — See Bruce Schneier's essay pointing out that the truth is a lot more complicated. Much is from patriotic Chinese citizens, plus a lot of automated attacks run on compromised systems that just happen to be located in China. http://dsc.discovery.com/technology/my-take/computer-hackers-china.html
April 2007 —
The "Bronze Soldier" statue was moved from central Tallinn
to a military cemetery.
To Estonians, the statue was a symbol of almost 50 years
of Soviet occupation.
To Russia and to Estonians of Russian descent (about 25%
of population of 1,300,000) the move was an insult to the
memory of soldiers who fought the Nazis in WWII.
There was street violence 26-28 April.
http://news.smh.com.au/estonia-convicts-first-cyberwar-hacker-prosecutors/20080124-1nro.html
9 May 2007 — Government web sites lost external connectivity due to a massive DDOS atack. Many of the attacking hosts were in Russia, some belonged to the Russian government, but official government involvement, support, or even awareness couldn't really be gauged.
24 Jan 2008 —
Dmitri Galushkevich, an ethnic Russian, was convicted Jan 2008
for his involvement.
Fined 17,500 kroons (1120 Euros, 1620 US$) for his part
in attack against website of Reform Party of
Prime Minister Andrus Ansip, one of many DDOS attacks
on Estonian government and businesses.
http://news.smh.com.au/estonia-convicts-first-cyberwar-hacker-prosecutors/20080124-1nro.html
2 April 2008 —
"Almost a year after falling victim to a "cyber-war" blamed on Russian
hackers, the Baltic state of Estonia is now piloting NATO's efforts to
ward off future online attacks on alliance members. After this week's
NATO's summit in Romania, Estonia and seven other alliance partners
will set up the "Cyber Defence Centre of Excellence" in Tallinn
next month. The United States, Germany, Italy, Spain and Estonia's
fellow ex-communist NATO member states Latvia, Lithuania and Slovakia
will spearhead the project."
http://news.theage.com.au/estonia-to-drill-natos-future-cyberwar-defenders/20080402-234p.html
11 March 2009 —
The pro-Kremlin youth group
Наши,
or Nashi,
meaning Ours,
claimed responsibility for making the attack
on behalf of the Kremlin:
http://blog.wired.com/defense/2009/03/pro-kremlin-gro.html
http://www.theregister.co.uk/2009/03/11/russian_admits_estonian_ddos/
27 May 2009 — The Finnish military announced plans to establish "a cyberwar unit charged with protecting government data communications". It sounds more like pure defense and threat monitoring, made to sound more exciting with the buzzword "cyberwar"....
August 2008 — Russian military forces move into Georgia, citing requests for help from ethnic Russian communities in Georgian breakaway regions of South Ossetia and elsewhere. At the same time, DDOS attacks orchestrated out of Russia blocked access to Georgian government web sites. I don't know everyone's feeling on this, but if armored vehicles are rolling down the street in front of my home, and I see combat aircraft overhead and hear incoming artillery rounds, my inability to look at the Georgian equivalent of whitehouse.gov is going to be of relatively little concern...
This seemed to be another case of "Russian patriotic citizens rise up" and do the attack on their own, where the government does not direct them but neither does it stop them or even disapprove.
October-November 2008 — Major news organizations start seriously questioning the accepted view of the military action is nothing but Russian aggression and Georgian self-defense, as Georgian targeting of civilians and other details come to light:
See the "Russian Cyberwar on Georgia" report for lots of details on the military action, the Internet attacks, and the coverage: http://hostexploit.com/
September 2009 — Aviation Week and Space Technology ran an article (14 Sep 14 2009 pp 54-55) titled: "Cyberwar is Official" and subtitled: "Network attack, digital time boms and information exploitation are now combat standards", quoting an analysis from the U.S. Cyber Consequences Unit (US-CCU), "only parts of which are available to the public". The article describes US-CCU as "an independent organization that does cyber-forensics and analysis for private organizations and government, including the National Security Agency and CIA." It's a non-profit research group with some affiliation to the Tufts University law school, the domain is registered to a guy in Vermont with an AOL e-mail address:
% whois usccu.us Domain Name: USCCU.US Domain ID: D7129910-US [....] Registrar URL (registration services): whois.schlund.de Domain Status: ok Registrant ID: SPAG-33246501 Registrant Name: Scott Borg Registrant Address1: PO BOX 1390 Registrant City: NORWICH Registrant State/Province: VT Registrant Postal Code: 05055 Registrant Country: United States Registrant Country Code: US Registrant Phone Number: +1.8026493849 Registrant Email: scottborg@aol.com
September 2000 — Israeli hackers launch DDOS and deface Hezbollah and Palestinian National Authority's websites. Palestinian authorities respond with call for a "cyber holy war", Israeli government and financial website attacked. [New Scientist, 23 Feb 2008 pp 24-25]
September 2007 — Israeli air strike on suspected nuclear facility in northern Syria reportedly aided by cyber-attack against Syrian radar air defenses. "Non-stealth Israeli fighters slip in and out of Syrian airspace virtually undetected." Yes, but I doubt that Syrian air defense systems were on publicly routable networks.... [New Scientist, 23 Feb 2008 pp 24-25]
In January 2009 a "russian cybermilitia" launched a distributed denial of service attack against the two biggest Internet service providers in Kyrgyzstan, largely cutting the country off the Internet. A few days later, Kyrgyzstan announced that the U.S. military would have to vacate Manas Air Base. Apparently the DDOS attack was part of the Russian pressure. Click here to see the story at computerworld.com.
November 2008 — The websites of al-Anba' al-Ikhbari and Sahara Media, two news agencies in Maurtiania, are taken down in DDOS attacks. This is after the August 6 military coup replacing the democratically elected president, Sidi Mohamed Ould Cheikh Abdallahi, with a military junta. "Sahara Media has accused "national and foreign parties" of aiming to muzzle the site. Al-Anba', for its part, was far more specific in assigning blame. It said "some parties in the military regime in Nouakchott" are responsible or the sabotage." http://www.menassat.com/?q=en/news-articles/5134-cyber-warfare-comes-mauritania
February 2008 — "Russian agents in Norway have reached levels as high as during the Cold War, warns the Norwegian Police Security Service (PST). Many other countries also have spies in Norway, climbing to a record number following a quiet period during the 1990s. [PST chief] Holme said unnamed sources indicate that Russian espionage activity is at an "all-time high", and other countries have also stepped up their activities in Norway. Russia and other countries are said to be interested in Norway because of its strategic geographical position and its offshore technological expertise." http://www.aftenposten.no/english/local/article2244756.ece
According to The Daily NK, a South Korean publication focused on the north, North Korea's Moranbong University, directly managed by the Operations Department of the Workers' Party, is that countries leader in technical developments in computer warfare. Moranbong is said to have been founded in 1997 to train experts in data processing, cryptanalysis, hacking, and other skills, along with martial arts and shooting. It's a five-year university that only selects 30 freshmen per year, each of which is made a military first lieutenant. Moranbong is supposed to have taken the place of Mirim University. Moranbong is in Jung district, just across from the Number 3 Government Building housing the United Front Department, Liason Department, and Operations Department. The article has a dateline of 13 July 2009, Shenyang, China, presumably where they contacted their North Korean source by telephone. http://www.dailynk.com/english/read.php?cataId=nk01500&num=5161
4 July 2009 —
Distributed Denial-of-Service (DDOS) attacks against
U.S. government servers including
whitehouse.gov
and
treasury.gov
on the U.S. national holiday, the same day that
North Korea launches a series of medium-range missiles,
are blamed on North Korea.
7 July 2009 —
The same DDOS attacks move to South Korean servers,
including the
Ministry of Defense
and the presidential
Blue House,
increasing the baseless theorizing that North Korea
must be behind it.
8 July 2009 —
Widespread coverage in Wired magazine
and elsewhere
reports that the DDOS seems to have been run by
a sloppy hacker using five-year-old worm code:
http://www.wired.com/threatlevel/2009/07/mydoom/
10 July 2009 —
Typically clueless U.S. legislator
Peter Hoekstra, of Michigan,
insists that the U.S. should conduct a
"show of force or strength"
against North Korea for its supposed role:
http://www.wired.com/threatlevel/2009/07/show-of-force/
Lesson:
Many legislators are idiots.
See
Bruce Schneier's calm analysis
that this is nothing new, just "kids playing politics":
http://minnesota.publicradio.org/display/web/2009/07/10/schneier/
NACIC, the National Counter-Intelligence Executive (http://www.ncix.gov/), has warned of Internet activity by foreign intelligence entities. BNA Daily Report for Executives, 6 January 1997, pg A15.
The CIA named countries thought to be involved in industrial espionage or offensive information warfare, and noted that several had been providers of Y2K fixes to U.S. firms (Network World 13 Sep 1999 pg 10):
| Country | Industrial Espionage | Offensive IW initiative | Major US Y2K fix provider |
| Bulgaria | No | Yes | Limited |
| People's Republic of China | Yes | Yes | No |
| Cuba | Yes | Limited | No |
| France | Yes | Yes | No |
| India | Yes | Yes | Yes |
| Iraq | Yes | Yes | No |
| Ireland | No | No | Yes |
| Israel | Yes | Likely | Yes |
| Japan | No | Yes | Likely |
| Pakistan | No | No | Yes |
| Philippines | No | No | Yes |
| Russia | No | Yes | Yes |
| South Korea | No | Yes | Yes |
NATO revealed that the Anti-Smyser-1 virus infected systems at its Pristina, Kosovo facility early in 2000. Affected systems mailed copies of a nine-page classified document detailing NATO rules of engagement for land operations in Kosovo to "random Internet users' mailboxes" — SC Magazine, Aug 2000, pg 18. Well, I doubt they were really random, but instead were entries in someone's address list. Who put classified documents on Internet-connected PCs susceptible to viruses??
A group of hackers broke into U.S. Department of Defense computers in the fall of 1997. It was well-publicized, they claimed to have stolen GPS controlling software to sell to terrorists, but DOD said it was just some administrative data.
During the 1991 Persian Gulf War, a group in Eindhoven, Netherlands broke into computers at 34 U.S. military sites and stole information about troop movements, missile capabilities, etc. They offered it to the Iraqis, but they figured it had to be a hoax. London Telegraph, 23 Mar 97.
The DOD urged the naming of an "information czar" and an "information warfare" center within the U.S. intelligence community back in 1997. WSJ, 6 January 1997, pg B2.
Some people in DOD, or working for the defense/intel community, think future conflicts will be the domain of digital terrorists. Mafia-based states (like many in the ex-USSR), quasi-governmental organizations (IRA, ETA, HAMAS), or followers of warlords (Somalia, Chechnya, Myanmar) could launch highly disruptive attacks in which modern states would be at a disadvantage. AWST, 27 Apr 1998, 54-56.
As early as 1997:
The article, "Nation's 'Infosec Gaps' Given New Scrutiny Post-Sept 11", is quite realistic and practical as information warfare material goes, AWST, 28 Jan 2002, pg 59.
The USAF formed the 609th Information Warfare Squadron in early 1996 — AWST, 29 April 1996, pg 52.
The USAF Information Warfare Team was formed at Rome AFB in 1996. Director of CIA John Deutch said, "We have evidence that a number of countries around the world are developing the doctrine, strategies, and tools to conduct information attacks." AWST, 12 Aug 1996, pg 65-66.
In 2007-2008 the USAF made all sorts of conflicting claims about what it was going to do. Looks like political turf battles...
What they call information warfare (IW) or information operations (IO) is out there, but good luck finding much in the open literature. Just a few brief mentions, like a few sentences in AWST 12 May 2003 pp 62-63. Also be aware that the U.S. Department of Defense uses "information operations" to mean offensive information warfare, including denial of service attacks against data and network connectivity, and more subtly, rendering data or network connectivity worthless by degrading the other side's confidence on it. But at the same time, the Central Intelligence Agency instead uses "information operations" to mean obtaining data statically stored on systems or transiting networks, in order to analyze it and obtain an understanding of the other side's plans.
More recently, see Digits of Doom, in AWST, 24 Sep 2007, pg 74, suggesting that the U.S. military had started attacking jihadist web sites in the preceding few months. The article mentions:
In other stories:
|
|
|
|||||||||
|
|||||||||
|
| © Bob Cromwell Aug 2010. Created with /bin/vi and ImageMagick, hosted on OpenBSD with Apache. Root password available here, privacy policy here. |
