Cyberwarfare

Cyberwarfare raises issues of growing national interest and concern.

Cyberwarfare can be used to describe various aspects of defending and attacking information and computer networks in cyberspace, as well as denying an adversary’s ability to do the same. Some major problems encountered with cyber attacks, in particular, are the difficulty in determining the origin and nature of the attack and in assessing the damage incurred.

A number of nations are incorporating cyberwarfare as a new part of their military doctrine. Some that have discussed the subject more openly include the United Kingdom, France, Germany, Russia, and China. Many of these are developing views toward the use of cyberwarfare that differ from those of the United States, and in some cases might represent national security threats.

Cyberterrorism is also an issue of growing national interest. Many believe terrorists plan to disrupt the Internet or critical infrastructures such as transportation, communications, or banking and finance. It does seem clear that terrorists use the Internet to conduct the business of terrorism, but on closer inspection, however, it is not clear how or whether terrorists could use violence through the Internet to achieve political objectives.

Although the U.S. government is striving to consolidate responsibility for and focus more attention on cyberwarfare issues, it is not clear how successful those efforts will be. Congress may choose to examine critically the policies, organization, and legal framework that guides executive ranch decisionmaking on issues of cyberwarfare.

Tuesday, September 29, 2009

The fog of (cyber) war


Cybermilitias, black hat hackers and other non-nation-state bad guys blur the lines on the
virtual battlefield.

Don Tennant

Analysts and strategists gathered at the Cyber Warfare 2009 conference in London last
January were grappling with some thorny problems associated with the cyberaggression
threat. One that proved particularly vexing was the matter of exactly what constitutes
cyberwarfare under international law. There's no global agreement on the definitions of
cyberwarfare or cyberterrorism, so how does a nation conform to the rule of law if it's
compelled to respond to a cyberattack?
Back in the U.S. trenches, drawing up a legal battle plan is indeed proving to be
extraordinarily complex. Those definitions are especially elusive when you consider that
no one can even be sure who the potential combatants are.
"There is some real work that needs to be done, not only in the U.S., but globally, to think
about what is a use of force or an act of war in cyberspace," says Paul Kurtz, a partner at
Good Harbor Consulting LLC in Arlington, Va., and a former senior director for critical
infrastructure protection on the White House's Homeland Security Council.
The need to establish global norms about what is acceptable behavior in cyberspace, he
says, is complicated by the fact that "the weapons are not just in the hands of nationstates.
They're essentially in everybody's hands."
Steven Chabinsky
"Laws of war would forbid targeting purely civilian infrastructure," adds Steven
Chabinsky, senior cyberadvisor to the director of national intelligence. "But terrorists, of
course, don't limit themselves by the Geneva Conventions."
Time, effort and expertise
Further fogging up the battlefield is the fact that it's nearly impossible to identify all of
the potential targets. It is possible to conduct a threat assessment, however, and there
appears to be general consensus in the cyberdefense community that the biggest threat in
terms of scale is presented by nation-states.
"Cyberattacks which seek to manipulate [an adversary's] critical infrastructures would
take more time, effort and expertise than mere data theft," says Kenneth Geers, U.S.
representative to the Cooperative Cyber Defense Centre of Excellence in Tallinn,
Estonia. "But computer network defenders should understand that time, effort and
expertise are resources that militaries and foreign intelligence services often have in
abundance."
Analysts and former intelligence officials, including Kurtz, say that, not surprisingly,
China and Russia top the list of countries with highly developed cyberwarfare
capabilities. Kurtz also named Iran and North Korea as countries with known
cyberwarfare aspirations.
While Chabinsky declined to be specific because of concerns about compromising
intelligence-gathering methods, he affirmed that the U.S. has identified "a number of
sophisticated nation-state actors who we believe have the capability to bring down
portions of our critical infrastructure." Fortunately, he added, "we don't think they have
the intent to do so, [since] our country would respond accordingly, and not necessarily
symmetrically through cyber means."
On the other hand, Kurtz notes, governments "would have more resources at their
disposal in order to disguise or bury the true source of an attack." But, he says, "It would
be a grave mistake to believe that a small, well-funded cell could not inflict very serious
damage on the information infrastructure supporting the U.S. and the global economy."
Resources and motive
Chabinsky notes that deterring or responding to cyberwarfare threats from other countries
is more in the comfort zone of national governments. "There's a lot more to worry about
should the same computer network attack capabilities exist in the hands of irrational or
otherwise unrestrained criminals or terrorists," he says.
Intelligence officials and analysts agree that so far, there's little direct threat of a
cyberattack by organized terrorist groups. "Nonstate actors such as al-Qaeda probably do
not possess the infrastructure or expertise to attempt a cyberattack that would rival the
shock value of using bullets and explosives," Geers says.
But these officials and analysts recognize that terrorist groups have the resources and
motive to fund such activity by others.
Although terrorists may not be capable of attacking our critical infrastructure themselves,
"it's less clear whether they could find a hired gun to do so," Chabinsky says. "Obviously,
terrorist groups have the intent to harm us, are aware of the potential impact of a
successful cyberattack and would find the ability to attack us from a distance quite
appealing."
According to Chabinsky, some potential "hired guns" are in an extraordinarily effective
position to cause trouble. That position is within the walls of corporate America.
"I think the primary cyber-risk to our critical infrastructure is from disgruntled employees
who have insider knowledge and access," Chabinsky says. "Insider threats can take
advantage of the most serious vulnerabilities; in fact, they can create them. Could they
sell their capabilities to a terrorist group? Certainly."
Criminal element
To make matters worse, it's not only terrorist groups that are equipped to pose this sort of
threat. In fact, they may not even be the most ominous nongovernmental source of
potential cyberdamage.
Mike Theis
"I would say that currently, organized criminal activity provides a more pervasive and
damaging threat than organized terrorists," says Mike Theis, who until recently served as
chief of cyber counterintelligence at the National Reconnaissance Office (NRO), an
agency of the U.S. Department of Defense.
That could change at any time, Theis says.
While the motives of organized terrorists and organized criminals differ, their profitgenerating
tactics are largely the same. Terrorists use cybercrime to fund their ideologyinspired
activities, and criminals do it for the sake of profit itself (see sidebar, next page).
Theis cites the infamous Russian Business Network as an example of the cybercriminals
highest on the most-wanted list, but he pointed out that it would be difficult to name any
organized crime syndicate that's not heavily engaged in electronic crime.
"Traditional organized crime has now moved to cyberspace to commit, support and
enhance their crimes," says Ira Winkler, founder and president of Internet Security
Advisors Group. These crime syndicates are "performing intelligence and
counterintelligence collection of their own to see what governments are doing to stop
their efforts."
Moreover, Winkler says, drug cartels, organized crime gangs and terrorist organizations
are joining forces to combat the U.S. military and law enforcement agencies. "Possibly
most important is that Russian crime gangs are heavily involved with the Taliban and al-
Qaeda in the distribution of the poppy crops they grow," he says. "They are interested in
stopping any coalition efforts to slow down the poppy distribution."
According to Chabinsky, cybercriminals have increased the scope and sophistication of
their activities beyond those of all but a few nation-states. "There's big money to be had
over the Internet, and organized crime is spending a lot of time and money to enhance
their tradecraft," he says. "Organized cybercrime concerns me not just because of the
money being stolen, but because cybercriminals are gaining the capacity to harm our
critical infrastructure and could be motivated to do so as part of an extortion scheme."
Adding to the complexity of the problem are questions about the preparedness of other
countries to combat the threat.
Cyberweapons
According to former NRO official Mike Theis, terrorists and criminals pose similar
threats with respect to illicit profit generation. The following are some examples of
activity these groups might aim to perpetrate:
• Theft of personal information that could be used for sale to the highest bidder or
on an information exchange.
• Theft of trade secrets, intellectual property or superior business processes. "It
could be something as simple as your customer list, but there is usually a lot more
of value than that," Theis says.
• Cyberhostage taking. If the contents of your entire hard drive were remotely
encrypted by a hacker, would you pay $100 to get the decryption key? Would
10,000 people like you do the same?
• Cyberblackmailing. How much would you pay to prevent your
family/customers/competitors/regulators from knowing something that was found
on your computer?
• Cyberslaving. The perpetrator installs a back door or "loader" on your machine
and sells it to the highest bidder. It would allow the buyer to install any type of
software on that machine without being detected. "The last I heard, the average
price was still about $1 per machine," Theis says. "It's not uncommon to see
machines purchased in blocks of 10,000 or more in order to launch a denial-ofservice
attack."
"So basically," Theis says, "anything that can be done in the world of brick and mortar
has some type of a cyber equivalent."
"There is reason to consider whether some nation-states lack the ability to control
organized crime within their borders, lack the resources to control criminals who
victimize people and businesses outside their borders, or suffer from corruption in which
government officials are complicit in lucrative criminal schemes," Chabinsky says.
The hacker myth
Another complicating factor is that these criminal elements are anything but cohesive
units with consistent objectives.
"One of the things that's very tricky about cyberspace is you can have criminal
organizations easily morph with hacker organizations, and you may have a cell within
that that may have a different purpose or objective than the criminal organization," Kurtz
explains. "This comes down to the essence of what makes the cybertradecraft so
complex. It's only a keystroke difference between getting inside someone's system and
shutting it down."
Indeed, the role that hackers play on the cyberwarfare stage is widely underestimated. "I
think that a big myth is that cybercrime is still about a 15-year-old kid doing Web
defacements," Chabinsky says.
In truth, the hacker element is gaining influence worldwide, and that influence is being
targeted by governments. In China, hacker groups have traditionally been motivated by
national pride, says Carl Setzer, an associate partner at Dallas-based iSight Partners Inc.,
a security research firm that monitors hacking communities in China .
The government has done a good job of channeling that pride toward its own ends, even
if government officials don't issue direct orders to hacker groups, Setzer says. Still, iSight
Partners says it has found evidence of direct interaction between large Chinese hacker
groups and the government, a relationship Setzer characterizes as "indirect control."
According to Winkler, China has a problem it has to acknowledge. "They have the
Internet so filtered that even if [cybercrime] is not supported by the Chinese government,
given the hold they have on their Internet connections, they can't claim clean hands," he
says. "For them to say, 'We aren't noticing attack traffic' is absurd."
Plausible deniability
Of course, the Chinese government is hardly alone in its aim to manipulate the role of
hackers. Theis says cyberconflicts anywhere in the world that are attributed to the efforts
of "patriotic hackers" tend to be the stuff of myth. Usually, he says, they're the "wellthought-
out efforts of nation-states with well-developed strategies and resources."
Although Theis has no doubt that patriotic hackers participate in cyberconflicts, he's
convinced that far more is ascribed to them than real-world conditions would sensibly
allow.
"To be truly effective on anything other than the smallest of scales takes strategic
planning, resourcing and practiced execution to ensure activities are focused at the right
place and time to be a force multiplier, and not wasted on the overkill of nonessential
targets or activities," Theis says. "It seems ludicrous that countries that have stated their
understanding of the importance of cyberconflict dominance and have dedicated
resources to that effort would not use them in a decisive way, but [instead] would depend
on patriotic hackers to just happen to get it right and just at the right time."
Still, governments have every reason to want to strain the limits of credibility, Theis says.
"It's a nice myth to perpetuate if you're trying to maintain plausible deniability."
Jeremy Kirk and Sumner Lemon of the IDG News Service contributed to this story.
Next: A short history of hacks, worms and cyberterror
Related Links
• Internet Warfare: Are we focusing on the wrong things?
• The fog of (cyber) war
• A short history of hacks, worms and cyberterror
• Software: The eternal battlefield in the unending cyberwars
• The grid: The new ground zero in Internet warfare
• Russia's cyber blockade of Georgia worked. Could it happen here?
• Cyberwar's first casualty: your privacy
• The Internet is down. What does that really mean?

Cyber Warfare’s threat to Critical National Infrastructure

Cyber Warfare
Written By Jeffrey Bernstein
Published April 2009 in MIS-ASIA Recently, news concerning the ongoing security compromise of the North American power grid via various breaches of computing infrastructure was distributed throughout news and media outlets worldwide. While not a new problem by any means, the issue warrants attention from the international public, commercial and government sector audiences. The electronic computing environments that make up a country’s infrastructure are often taken for granted. However, a disruption to only a single live production computer system can create cascading consequences across multiple sectors. For example, a computer breach that disrupts the distribution of electrical power across a region could lead to the forced shutdown of networked communications and controls within the transportation sector. Air traffic, road traffic and rail transportation might become affected as a direct result. By extension, subsequent disruption of emergency services would also occur. Recent highly publicised cyber attacks on the republics of Estonia, Lithuania and Georgia are representative of the growing problem at hand. Because each country has a unique environment, cyber attacks will yield varying consequences from nation to nation. Georgia, for instance, was a relative latecomer to adopt Internet technologies. Because of this, the country’s population of fewer than five million saw little effect beyond service denial to many of its government Web sites. Cyber attacks have far less impact on a country such as Georgia than they might on more Internet-dependent places such as Taiwan, South Korea, Singapore or the United States where vital services including government, transportation, power and banking depend on the Internet. These increasingly frequent, sophisticated and targeted international cyber incidents involving denial of service, espionage, propaganda and information theft are driving governments to develop effective tactical and strategic cyber-warfare capabilities. While government military forces have been traditionally more equipped for warfare involving guns, tanks and missiles, almost all now recognise the need to adopt strategies to support success in this new electronic theatre of operations. Most countries, of course, deny that their cyber capabilities are involved with any of the higher-profile international cyber security events that we read about in the press almost daily. Regardless of the truth in these denials, the anonymous nature of the Internet provides plausible deniability for attack sources. Mission statement In the Americas, the current mission statement of the United States Air Force is to ‘Fly, Fight and Win...in Air, Space and Cyberspace’. Similarly, in Eastern Asia, The People’s Liberation Army (PLA) reportedly continues to mature its integrated network electronic warfare and space/counter-space capabilities. China and the US are only two of the countries included in the rapidly expanding list of nations now racing to assemble arsenals of cyber-weaponry. In fact, it is well-documented and commonly accepted by the international security community that more than 140 countries are actively
developing cyber-espionage and warfare capabilities. The common thinking for all is to facilitate increased superiority over an adversary. When it comes to the modern-day battleground, ‘bits and bytes’ now accompany the ‘bullets and bombs’ that have historically powered warfare. As multinational cyber arsenals continue to mature, international concerns over operational cyber ‘espionage’ and ‘warfare’ grow. Perhaps most vulnerable to attack are the critical infrastructure and key resources that operate within any particular country. Critical infrastructure resources support the crucial services that generally serve as the supporting foundation for any society. Cyber security protection With the majority of global vital infrastructure operated by the commercial sectors, the issue of cyber security protection is weighing heavily on both industry and government. For example, in the US, 80 per cent of critical infrastructure is owned and operated by the commercial sectors. Some critical infrastructure elements are so essential that their destruction, disruption or exploitation could have a debilitating impact on a country’s national security or economic well-being. While critical infrastructure categorisation varies from country to country, it usually includes some combination of the following sectors from industry and government; • Government services • Law enforcement, fire and emergency response • Banking and financial services • Transportation • Power including electricity, oil and gas • Public works including water and drainage • Internet, media and telecommunications • Agriculture and food supply • Health Many countries also categorise prominent public places, national monuments and high-profile events as critical infrastructure. Power and utility sectors One specific area of concern is in the power and utility sectors where Supervisory Control and Data Acquisition (SCADA) industrial control systems monitor, coordinate and control process. Within the enterprise, information technology systems typically have a lifecycle of five years or less allowing for enhancements designed to mitigate the latest known security threats. By comparison, many mission critical SCADA control systems have been in production for 15 years and sometimes longer. Unfortunately, many of these systems were originally architected with little to no concern for security. Because of this, Internet-exposed SCADA-based systems and the organisations that operate them remain highly vulnerable to Internet-borne threat. A recent article from the North America-based Council on Foreign Relations quoted a well-known economist as having estimated that a shutdown of electrical power to any sizeable region for more than 10 days would stop more than 70 per cent of all economic activity in that region. Given the
costs involved to finance a traditional military attack, is it any surprise that cyber-warfare strategies are gaining attention? Perhaps the most unique aspect of cyber-warfare is its ability to be launched from anywhere in the world. Computers that are physically located in foreign countries may also be compromised and used as a launch platform for attack making identification of any initial attack source extremely difficult. Cyber-attacks are inexpensive, easy to deliver and leave few fingerprints. Therefore, they will continue to remain a component of modern-day warfare. While countries around the world are in the process of integrating offensive and defensive cyber capabilities into their overall military strategies, the responsibility to protect high-value critical infrastructure targets will remain a significant challenge. Because of this, government and industry need to collaborate to develop protection strategies that carefully consider how a cyber war or attack could affect society and world economies.

Battlespace

Downside to the "Twitter Revolution

Dissent
Volume 56, Number 4, Fall 2009
Among the unpleasant surprises that awaited Barack Obama's administration during the post-election turmoil in Iran, the unexpected role of the Internet must have been most rankling. A few government wonks might have expected Iranians to rebel, but who could predict they would do so using Silicon Valley's favorite toys? Team Obama, never shy to tout its mastery of all things digital, was caught off guard and, at least for a moment or two, appeared ill-informed about the heady developments in Iranian cyberspace. Speaking a few days after the protests began, Secretary of State Hillary Clinton confessed that she wouldn't know "a Twitter from a tweeter, but apparently, it's very important"—referring to Twitter, a popular mix between a blogging service and a social network that enables its users to exchange brief messages of up to 140 characters in length.
http://muse.jhu.edu/login?uri=/journals/dissent/v056/56.4.morozov.pdf

GLOSSARY OF INFORMATION WARFARE TERMS

GLOSSARY

AES
Advanced Encryption Standard. The United States encryption standard that replaced the older and weaker DES standard.

AFCA
Air Force Communications Agency

AFCERT
Air Force Computer Emergency Response Team

AFIWC
Air Force Information Warfare Center

AHFID
Allied High Frequency Interoperability Directory.

AIA
Air Intelligence Agency at Kelly Air Force Base.

AIS
Automated Information Systems.

ATM
Asynchronous Transfer Mode.

C2
Command and Control: Command and control functions are performed through an arrangement of personnel, equipment, communications, facilities, and procedures employed by a commander in planning, directing, coordinating, and controlling forces and operations in the accomplishment of a mission.

C2W
Command-and-control warfare. The integrated use of operations security, military deception, psychological operations, electronic warfare, and physical destruction, mutually supported by intelligence, to deny information to, influence, degrade, or destroy adversary command and control capabilities, while protecting friendly command and control capabilities against such actions. Command systems, rather than commanders, are the chief target, as in Persian Gulf War.

C3I
Command, control, communications and intelligence.

C4
Command, Control, Communications, and computers.

C4I
Command, Control, Communications, Computers, and Intelligence

DT>C4ISR

Command, control, communications, computers, intelligence, surveillance, and reconnaissance.

CARNIVORE
An FBI system to monitor email and other traffic through Internet service providers.

CCIPS
Computer Crime and Intellectual Property Section (US Department of Justice)

CNA
Computer Network Attack: Operations, via the datastream, to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves.

CNE
Collateral Nature of Effects: Collateral effects are unintentional or incidental direct or indirect effects causing injury or damage to persons or objects.

COMSEC
Communications Security.

COMINT
Communications intelligence

Copernicus
The code-name under which the Navy plans to reformulate its command and control structures in response to the realization that information is a weapon. Through Copernicus warfighters will get the information that they need to make tactical decisions. The architecture of Copernicus was designed by Vice Admiral Jerry O. Tuttle.

Cracking
Illegally gaining entry to a computer or computer network in order to do harm.

CSCI
Commercial Satellite Communications Initiative.

C-SIGINT
Counter-signals intelligence


Cyberspace
The global network of interconnected computers and communication systems.

Cyberwar
A synonym for information warfare.

DARPA
Defense Advanced Research Project Agency

Data driven attack
A form of attack that is encoded in innocuous seeming data which is executed by a user or other software to implement an attack. In the case of firewalls, a data driven attack is a concern since it may get through the firewall in data form and launch an attack against a system behind the firewall.

DBK
Dominant battlefield knowledge.

Defense information infrastructure
The worldwide shared or interconnected system of computers, communications, data, applications, security, people, training, and other support structures serving a nation's military's information needs.

DES
Data Encryption Standard. The formerly popular algorithm for encrypting data. Now replaced by AES.

DIA
Defense Intelligence Agency

DII
See: Defense Information Infrastructure


DII COE
Defense Information Infrastructure Common Operating Environment

DISA
Defense Information Security Administration. Military organization charged with responsibility to provide information systems support to fighting units.

DISC4
Army, Director of Information Systems for Command, Control, Communications, and Computers

DISN
Defense Information System Network

DNS
Domain Name Service

DNS spoofing
Assuming the DNS name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain.

DoD
Department of Defense.

DoS
Denial of Service. An electronic attack whose purpose is to prohibit an opponent the use of a program or an entire system.

Dumster diving
Accessing an opponent's information by examining the contents of garbage pails and recycling bins.

ECCM
Electronic Counter-Countermeasures. The use of any active of passive means to defeat hostile ECM.

ECHELON
A multinational survellance network, centered at Sugar Grove, WV, that intercepts all forms of electronic communications.

van Eck monitoring

Monitoring the activity of a computer or other electronic equipment by detecting low levels of electromagnetic emissions from the device. Named after Dr. Wim van Eck who published on the topic in 1985.

ECM
Electronic Countermeasures. The use of any active or passive system to elude, degrade or confuse hostile sensor/scanner suites and communications traffic.


EKMS
Electronic Key Management System.

ELINT
Electronic intelligence.

EMI
Electromagnetic interference.

EMP
Electromagnetic pulse. A pulse of electromagnetic energy capable of disrupting computers. Computer networks, and many forms of telecommunication equipment.

EMP/T Bomb
A device to destroy electronic networks that is similar to a HERF Gun but many times more powerful.

EMSEC
Emissions Security.

EPS
Electronic Protection System.

ETAPWG
DOD Information Assurance Education, Training, Awareness and Professionalization Working Group.

EW
Electronic warfare.

Firewall
A system or combination of systems that enforces a boundary between two or more networks, i.e., an electronic gate that limits access between networks in accordance with local security policy.

FISMA
The Federal Information Security Management Act.

GCCS
Global Command and Control System.

GCSS
Global Combat Support System.

Global information environment
A military term for cyberspace.

Hacker
A person who either breaks into systems for which they have no authorization or intentionally overstep their bounds on systems for which they do have legitimate access, i.e., an unauthorized individual who attempts to penetrate information systems; to browse, steal, or modify data; deny access or service to others; or cause damage or harm in some other way.

An alternative definition provided by a hacker in a white hat . . .a programmer who is an expert in computer security and administration. Hackers have exellent problem solving skills, and use them to get into computer systems with ease. True 'hackers' do not damage the information they find, for the only reason that they 'hack' into systems is for the challenge and 'thrill' they get from it. After 'hacking' into systems, they usually either tell the administrator, or do the security fix themselves and leave. Hackers are not limited to computer security and software, though. Hackers can be also people who modify or 'mod' computer hardware.

HERF
High Energy Radio Frequency. As in HERF gun: a device that can disrupt the normal operation of digital equipment such as computers and navigational equipment by directing HERF emissions at them.

IASE
Information Assurance Support Environment.

IBW
Intelligence-based warfare.

IEW
Intelligence and electronic warfare

IPMO
INFOSEC Program Management Office.

Information Warfare
Information warfare is the offensive and defensive use of information and information systems to deny, exploit, corrupt, or destroy, an adversary's information, information-based processes, information systems, and computer-based networks while protecting one's own. Such actions are designed to achieve advantages over military or business adversaries (Dr. Ivan Goldberg's definition)

INFOSEC
Information Security: Protection of classified information that is stored on computers or transmitted by radio, telephone teletype, or any other means.

ISSO
NSA Information Systems Security Organization.

IW/C2W
Information warfare/command and control warfare.

J6
Joint Staff, Director for Command, Control, Communications, and Computers.

JC2WC
Joint Command and Control Warfare Center.

JMIC
Joint Military Intelligence College . . . located at Bolling Air Force Base close to Washington DC.

Logic bomb
Unauthorized computer code, sometimes delivered by email, which, when executed, checks for particular conditions or particular states of the system which, when satisfied, triggers the perpetration of an unauthorized, usually destructive, act.

NACIC
National Counterintelligence Center.

NAIC
National Air Intelligence Center.

NIMA
National Imagery and Mapping Agency.

NIPC
National Infrastructure Protection Center.

NRO
National Reconnaissance Office.

NSA
National Security Agency. This agency is charged with the tasks of exploiting foreign electromagnetic signals and protecting the electronic information critical to U. S. national security.

OOTW
Operations other than war.

OSINT
Open Source Intelligence: Information of potential intelligence value that is available to the general public.

OSTP
Office of Science and Technology Policy.

PCCIP
President's Commission on Critical Infrastructure Protection.

PCIPB
President’s Critical Infrastructure Protection Board

Phreaking
"Hacking" the public phone network.

PKI
Public Key Infrastructure.

PSTN
Public Switched Telecommunications Networks.

Psychological operations
Planned psychological activities in peace and war directed to enemy, friendly, and neutral audiences in order to influence attitudes and behavior affecting the achievement of political and military objectives. They include strategic psychological activities, consolidation psychological operations and battlefield psychological activities.

PSYOPS
See: Psychological operations.

REC
Radio-electronic combat.

RMA
Revolution in Military Affairs. The realization by the military that information, and information technologies must be considered as a weapon in achieving national objectives via military activity.

SIGINT
The interception and analysis of electromagnetic signals. Also, Intelligence recovered from intercepted and decoded transmissions.

Spoofing
Assuming the identity of another as in sending email under someone else's name.

TEMPEST
Military code-name for activities related to van Eck monitoring, and technology to defend against such monitoring.

Trojan horse
A seemingly harmless computer virus that turns out to be extremely destructive.

TST
Time-Sensitive Target: A target which requires immediate response because it poses (or will soon pose) a clear and present danger to friendly forces or is a highly lucrative, fleeting target of opportunity.

USSID
United States Signal Intelligence Directive

Virus
A self-replicating program that is hidden in another piece of computer code, such as an email.

Worm
A self-replicating destructive program that stands alone and spreads itself through computer networks.