As it happens more and more often, I find myself writing an article to answer the curiosity of friends. This time the question comes in the middle of a chat about the propaganda operations carried out by both sides in the recent war we are experiencing in Europe.
The question you post to me and which I will try to answer is the following: "How does cyber affect the information warfare plan?".
Honestly, the answer is not easy but I'm sure we can find an answer, if not complete, at least satisfactory.
I begin by saying that information warfare is not a modern day feature. It has always existed!
What partly characterizes today's information war is the speed of exchange and above all of consumption of information and the various usable tools, children of our technological development.
But as usual, let's proceed step by step and try to understand what we are talking about.
What is meant by information or information warfare?
Let us try to understand this by referring to the NATO doctrine:
"Information warfare is an operation conducted in order to gain an information advantage over the opponent. It consists in controlling one's own information space, protecting access to one's own information, while acquiring and using the opponent's information, destroying their information systems and disrupting the information flow. Information warfare is not a new phenomenon, yet it contains innovative elements as the effect of technological development, which results in information being disseminated faster and on a larger scale. "
For NATO it is clear that:
- information warfare is a (military) operation that aims to gain the information advantage over the opponent;
- consists in the control and protection of one's own information space;
- it takes place with the acquisition of the adversary's information, the destruction of information systems, the interruption of information flows.
Reading one of the definitions allows us to better frame the question but we are still a long way from understanding what the relationships are between cyber e information warfare.
To understand this, it is necessary to better specify what we mean by cyber warfare and to do so I use a government source, the definition recognized by the state of Australia:
"The use of computer technology to disrupt the activities of a state or organization, especially the deliberate disruption, manipulation or destruction of information systems for strategic, political or military purposes."
So, in summary, by cyber warfare we mean the use of information technologies for:
- disrupting the activities of a state or organization;
- manipulate or destroy information systems;
- for strategic, political or military purpose.
Having made a minimum of clarity on the basic concepts of infowar and cyberwar, aware of the necessary simplifications due to partial and not always common definitions, we can now try to find an answer to the initial question, which I propose again for clarity:
How does cyber affect information warfare?
If we consider that most of today's information systems (information processing systems) are based on the use of information technologies, it is easy to understand that the influence of cyber on information warfare is considerable.
Information systems are designed to manage and process information, to facilitate its analysis, visualization and thus support decisions at different levels, political, military strategic, economic strategic and so on. This information must be processed by guaranteeing:
- confidentiality, must be accessible only to those authorized to handle them;
- integrity, must be maintained over time as they were created and all changes must be recorded;
- availability, must be available for use.
Furthermore, there are two further characteristics that are associated with any data or information, which in today's world cannot be taken for granted:
- authenticity, allows you to say with reasonable certainty who is the owner or who produced the data or information;
- non-repudiation, that is, whoever generates a message cannot deny having done so.
It is clear that any successful attack carried out against confidentiality, integrity, availability, authenticity and non-repudiation of information at any time in the information life cycle, conducted through the use of computer systems, is worthy of our consideration but does not respond. exhaustively to our question.
What still remains to be considered?
First, let's try to think about how information technologies have transformed the world and society.
Once the information was shared through discussion in the squares, in the living rooms, in private circles and came mainly from newspapers, official bodies that conveyed only a certain type of information, more or less controlled by states or organizations.
Today the sharing tool has become the social networks on duty and the information is modified and retransmitted potentially by anyone with internet access. For a time it was even thought that these new technologies could make society more "democratic", whatever the meaning attributed to the term.
The development of information technologies now allows the collection of data and information, their analysis and the production of new information in real time. This means having very powerful weapons available in the event of an info war, this is because it is possible to carry out operations in real time in the information space:
- check the information and determine which ones deserve to be disseminated and which don't, through constant monitoring of social networks and influencers;
- enter false but credible information in the information circuit of interest in support of the dominant thesis;
- discrediting dissenting voices, for example by passing off their authors as conspiracy theorists or by mocking them and forcing them to withdraw from the information space;
- delete information that over time is no longer useful or worse is harmful to the pre-established story.
These activities are fully part of information warfare and can be conducted (and they are!) Both towards the external information space (therefore towards the adversaries) and towards the internal information space (to reduce discussion or influence public opinion).
To summarize, cyberspace affects the information domain essentially:
- allowing to reach the opponent through computer or communication systems;
- allowing you to attack the computer systems (or platforms that use them) of the opponent;
- allowing access to the opponent's data and information and modify, delete or make them unavailable;
- allowing the control of the own information space
- influencing the opponent's information space by entering incorrect information for various reasons.
Then you may be wondering: how do i know i am the victim of a disinformation campaign?
There is no rule, but this is a topic for another story!
(As always thanks to friends of SICYNT extension who helped me to make the article simple and interesting with their precious suggestions)
To learn more:
Image: Information Warfare Offensive (auth0.com)