Cyberwarfare
Cyberwarfare raises issues of growing national interest and concern.
Cyberwarfare can be used to describe various aspects of defending and attacking information and computer networks in cyberspace, as well as denying an adversary’s ability to do the same. Some major problems encountered with cyber attacks, in particular, are the difficulty in determining the origin and nature of the attack and in assessing the damage incurred.
A number of nations are incorporating cyberwarfare as a new part of their military doctrine. Some that have discussed the subject more openly include the United Kingdom, France, Germany, Russia, and China. Many of these are developing views toward the use of cyberwarfare that differ from those of the United States, and in some cases might represent national security threats.
Cyberterrorism is also an issue of growing national interest. Many believe terrorists plan to disrupt the Internet or critical infrastructures such as transportation, communications, or banking and finance. It does seem clear that terrorists use the Internet to conduct the business of terrorism, but on closer inspection, however, it is not clear how or whether terrorists could use violence through the Internet to achieve political objectives.
Although the U.S. government is striving to consolidate responsibility for and focus more attention on cyberwarfare issues, it is not clear how successful those efforts will be. Congress may choose to examine critically the policies, organization, and legal framework that guides executive ranch decisionmaking on issues of cyberwarfare.
GLOSSARY OF INFORMATION WARFARE TERMS
GLOSSARY
AES Advanced Encryption Standard. The United States encryption standard that replaced the older and weaker DES standard.
AFCA Air Force Communications Agency
AFCERT Air Force Computer Emergency Response Team
AFIWC Air Force Information Warfare Center
AHFID Allied High Frequency Interoperability Directory.
AIA Air Intelligence Agency at Kelly Air Force Base.
AIS Automated Information Systems.
ATM Asynchronous Transfer Mode.
C2 Command and Control: Command and control functions are performed through an arrangement of personnel, equipment, communications, facilities, and procedures employed by a commander in planning, directing, coordinating, and controlling forces and operations in the accomplishment of a mission.
C2W Command-and-control warfare. The integrated use of operations security, military deception, psychological operations, electronic warfare, and physical destruction, mutually supported by intelligence, to deny information to, influence, degrade, or destroy adversary command and control capabilities, while protecting friendly command and control capabilities against such actions. Command systems, rather than commanders, are the chief target, as in Persian Gulf War.
C3I Command, control, communications and intelligence.
C4 Command, Control, Communications, and computers.
C4I Command, Control, Communications, Computers, and Intelligence DT>C4ISR
Command, control, communications, computers, intelligence, surveillance, and reconnaissance.
CARNIVORE An FBI system to monitor email and other traffic through Internet service providers.
CCIPS Computer Crime and Intellectual Property Section (US Department of Justice)
CNA Computer Network Attack: Operations, via the datastream, to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves.
CNE Collateral Nature of Effects: Collateral effects are unintentional or incidental direct or indirect effects causing injury or damage to persons or objects.
COMSEC Communications Security.
COMINT Communications intelligence
Copernicus The code-name under which the Navy plans to reformulate its command and control structures in response to the realization that information is a weapon. Through Copernicus warfighters will get the information that they need to make tactical decisions. The architecture of Copernicus was designed by Vice Admiral Jerry O. Tuttle.
Cracking Illegally gaining entry to a computer or computer network in order to do harm.
CSCI Commercial Satellite Communications Initiative.
C-SIGINT Counter-signals intelligence
Cyberspace The global network of interconnected computers and communication systems.
Cyberwar A synonym for information warfare.
DARPADefense Advanced Research Project Agency
Data driven attack A form of attack that is encoded in innocuous seeming data which is executed by a user or other software to implement an attack. In the case of firewalls, a data driven attack is a concern since it may get through the firewall in data form and launch an attack against a system behind the firewall.
DBK Dominant battlefield knowledge.
Defense information infrastructure The worldwide shared or interconnected system of computers, communications, data, applications, security, people, training, and other support structures serving a nation's military's information needs.
DES Data Encryption Standard. The formerly popular algorithm for encrypting data. Now replaced by AES.
DIA Defense Intelligence Agency
DII See: Defense Information Infrastructure
DII COE Defense Information Infrastructure Common Operating Environment
DISA Defense Information Security Administration. Military organization charged with responsibility to provide information systems support to fighting units.
DISC4 Army, Director of Information Systems for Command, Control, Communications, and Computers
DISN Defense Information System Network
DNS Domain Name Service
DNS spoofing Assuming the DNS name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain.
DoD Department of Defense.
DoS Denial of Service. An electronic attack whose purpose is to prohibit an opponent the use of a program or an entire system.
Dumster diving Accessing an opponent's information by examining the contents of garbage pails and recycling bins.
ECCM Electronic Counter-Countermeasures. The use of any active of passive means to defeat hostile ECM.
ECHELON A multinational survellance network, centered at Sugar Grove, WV, that intercepts all forms of electronic communications.
van Eck monitoring
Monitoring the activity of a computer or other electronic equipment by detecting low levels of electromagnetic emissions from the device. Named after Dr. Wim van Eck who published on the topic in 1985.
ECM Electronic Countermeasures. The use of any active or passive system to elude, degrade or confuse hostile sensor/scanner suites and communications traffic.
EKMS Electronic Key Management System.
ELINT Electronic intelligence.
EMI Electromagnetic interference.
EMP Electromagnetic pulse. A pulse of electromagnetic energy capable of disrupting computers. Computer networks, and many forms of telecommunication equipment.
EMP/T Bomb A device to destroy electronic networks that is similar to a HERF Gun but many times more powerful.
EMSEC Emissions Security.
EPS Electronic Protection System.
ETAPWG DOD Information Assurance Education, Training, Awareness and Professionalization Working Group.
EW Electronic warfare.
Firewall A system or combination of systems that enforces a boundary between two or more networks, i.e., an electronic gate that limits access between networks in accordance with local security policy.
FISMA The Federal Information Security Management Act.
GCCS Global Command and Control System.
GCSS Global Combat Support System.
Global information environment A military term for cyberspace.
Hacker A person who either breaks into systems for which they have no authorization or intentionally overstep their bounds on systems for which they do have legitimate access, i.e., an unauthorized individual who attempts to penetrate information systems; to browse, steal, or modify data; deny access or service to others; or cause damage or harm in some other way. An alternative definition provided by a hacker in a white hat . . .a programmer who is an expert in computer security and administration. Hackers have exellent problem solving skills, and use them to get into computer systems with ease. True 'hackers' do not damage the information they find, for the only reason that they 'hack' into systems is for the challenge and 'thrill' they get from it. After 'hacking' into systems, they usually either tell the administrator, or do the security fix themselves and leave. Hackers are not limited to computer security and software, though. Hackers can be also people who modify or 'mod' computer hardware.
HERF High Energy Radio Frequency. As in HERF gun: a device that can disrupt the normal operation of digital equipment such as computers and navigational equipment by directing HERF emissions at them.
IASE Information Assurance Support Environment.
IBW Intelligence-based warfare.
IEW Intelligence and electronic warfare
IPMO INFOSEC Program Management Office.
Information Warfare Information warfare is the offensive and defensive use of information and information systems to deny, exploit, corrupt, or destroy, an adversary's information, information-based processes, information systems, and computer-based networks while protecting one's own. Such actions are designed to achieve advantages over military or business adversaries (Dr. Ivan Goldberg's definition)
INFOSEC Information Security: Protection of classified information that is stored on computers or transmitted by radio, telephone teletype, or any other means.
ISSO NSA Information Systems Security Organization.
IW/C2W Information warfare/command and control warfare.
J6 Joint Staff, Director for Command, Control, Communications, and Computers.
JC2WC Joint Command and Control Warfare Center.
JMIC Joint Military Intelligence College . . . located at Bolling Air Force Base close to Washington DC.
Logic bomb Unauthorized computer code, sometimes delivered by email, which, when executed, checks for particular conditions or particular states of the system which, when satisfied, triggers the perpetration of an unauthorized, usually destructive, act.
NACIC National Counterintelligence Center.
NAIC National Air Intelligence Center.
NIMA National Imagery and Mapping Agency.
NIPC National Infrastructure Protection Center.
NRO National Reconnaissance Office.
NSA National Security Agency. This agency is charged with the tasks of exploiting foreign electromagnetic signals and protecting the electronic information critical to U. S. national security.
OOTW Operations other than war.
OSINT Open Source Intelligence: Information of potential intelligence value that is available to the general public.
OSTPOffice of Science and Technology Policy.
PCCIP President's Commission on Critical Infrastructure Protection.
PCIPB President’s Critical Infrastructure Protection Board
Phreaking "Hacking" the public phone network.
PKI Public Key Infrastructure.
PSTN Public Switched Telecommunications Networks.
Psychological operations Planned psychological activities in peace and war directed to enemy, friendly, and neutral audiences in order to influence attitudes and behavior affecting the achievement of political and military objectives. They include strategic psychological activities, consolidation psychological operations and battlefield psychological activities.
PSYOPS See: Psychological operations.
RECRadio-electronic combat.
RMA Revolution in Military Affairs. The realization by the military that information, and information technologies must be considered as a weapon in achieving national objectives via military activity.
SIGINT The interception and analysis of electromagnetic signals. Also, Intelligence recovered from intercepted and decoded transmissions.
Spoofing Assuming the identity of another as in sending email under someone else's name.
TEMPEST Military code-name for activities related to van Eck monitoring, and technology to defend against such monitoring.
Trojan horse A seemingly harmless computer virus that turns out to be extremely destructive.
TST Time-Sensitive Target: A target which requires immediate response because it poses (or will soon pose) a clear and present danger to friendly forces or is a highly lucrative, fleeting target of opportunity.
USSID United States Signal Intelligence Directive
Virus A self-replicating program that is hidden in another piece of computer code, such as an email.
Worm A self-replicating destructive program that stands alone and spreads itself through computer networks.
No comments:
Post a Comment