History of Cyberwar

Military-Industrial Espionage

The Office of the National Counterintelligence Executive warned of Internet activity by foreign intelligence entities back in 1997. BNA Daily Report for Executives, 6 January 1997, pg A15.

The CIA named countries thought in 1999 to be involved in industrial espionage or offensive information warfare, and noted that several had been providers of Y2K fixes to U.S. firms (Network World 13 Sep 1999 pg 10), see this table.

Early Viruses and Hacking

NATO revealed that the Anti-Smyser-1 virus infected systems at its Pristina, Kosovo facility early in 2000. Affected systems mailed copies of a nine-page classified document detailing NATO rules of engagement for land operations in Kosovo to "random Internet users' mailboxes" — SC Magazine, Aug 2000, pg 18. Well, I doubt they were really random, but instead were entries in someone's address list. Who put classified documents on Internet-connected PCs susceptible to viruses??

A group of hackers broke into U.S. Department of Defense computers in the fall of 1997. It was well-publicized, they claimed to have stolen GPS controlling software to sell to terrorists, but DOD said it was just some administrative data.

During the 1991 Persian Gulf War, a group in Eindhoven, Netherlands broke into computers at 34 U.S. military sites and stole information about troop movements, missile capabilities, etc. They offered it to the Iraqis, but they figured it had to be a hoax. London Telegraph, 23 Mar 97.

Early Government and Military Warnings

The DOD urged the naming of an "information czar" and an "information warfare" center within the U.S. intelligence community back in 1997. WSJ, 6 January 1997, pg B2.

Some people in DOD, or working for the defense/intel community, think future conflicts will be the domain of digital terrorists. Mafia-based states (like many in the ex-USSR), quasi-governmental organizations (IRA, ETA, HAMAS), or followers of warlords (Somalia, Chechnya, Myanmar) could launch highly disruptive attacks in which modern states would be at a disadvantage. AWST, 27 Apr 1998, 54-56.

As early as 1997:

• "The U.S. military's growing dependance on a closely linked web of computers is a 'recipe for a national security disaster'." Only one of 150 attacks against DOD computer systems is detected. NSA says more than 120 countries have or are developing computer attacks. AWST, 20 January 1997, pp 60-61.
• The director of the NSA warned (again) of threats of "cyber attacks" from foreign governments and quasi-governmental organizations. AWST, 10 Feb 1997, pg 20-21, plus a series of reports on CNN in March 1997.

The article, "Nation's 'Infosec Gaps' Given New Scrutiny Post-Sept 11", is quite realistic and practical as information warfare material goes, AWST, 28 Jan 2002, pg 59.

Offensive Information Warfare / Information Operations

The USAF formed the 609th Information Warfare Squadron in early 1996 — AWST, 29 April 1996, pg 52.

The USAF Information Warfare Team was formed at Rome AFB in 1996. Director of CIA John Deutch said, "We have evidence that a number of countries around the world are developing the doctrine, strategies, and tools to conduct information attacks." AWST, 12 Aug 1996, pg 65-66.

In 2007-2008 the USAF made all sorts of conflicting claims about what it was going to do. Looks like political turf battles...

• September 2007 — U.S. Air Force Cyber Command (AFCYBER) is set up, due to become fully operational in the autumn as part of the U.S. 8th Air Force. See the ZDnet article.
• 24 June 2008 — No, not based at Barksdale AFB, but spread across nine locations:
  • Barksdale AFB, LA, 36 billets
  • Scott AFB, IL, 69
  • Langley AFB, VA, 58
  • Lackland AFB, TX, 43, also the location of AF Information Operations Center and the 67th Network Warfare Wing
  • Tinker AFB, OK, 5
  • Davis-Monthan AFB, AZ, 20
  • Wright-Patterson AFB, OH, 13
  • Hanscom AFB, MA, 7
  • Griffiss ANGB (Rome Labs), NY, 2
  • Peterson AFB, CO, 7
• 11 February 2008 — "... the Cyber Command is dedicated to the proposition that the next war will be fought in the electromagnetic spectrum, and that computers are military weapons." General William Lord, Barksdale AFB, provisional chief of USAF Cyber Command. See the Wired story.
• 4 March 2008 — "Air Force Gen. Kevin Chilton, commander of U.S. Strategic Command, told lawmakers last week that his office is working with the Joint Task Force for Global Network Operations, the Joint Functional Component Command for Network Warfare and the Joint Staff to develop the National Military Strategy for Cyberspace Operations." See the Federal Computer Week story.
• 13 August 2008 — No, wait, no Cyber Command after all. Several governors had been trying to get it based in their states, but it seems to have died a victim of vagueness of mission. See the Wired story, or the Information Week story.
• 7 October 2008 — No, wait, there will a Cyber Command. "Top Air Force leadership has decided to pursue forming Cyber Command to defend Defense Department networks and to launch cyberattacks against foes after putting the project on hold in August." [....] "Last month, sources said the Pentagon decided that the U.S. Strategic Command in Omaha, Nebraska, should create and run a joint Cyber Command, a move that seemingly dashed any hopes the Air Force had to own Defense's cyber responsibilities." See the NextGov story.
• 7 November 2008 — No, wait, no USAF leadership: "For a while, there, the Air Force was selling itself as the only service that could lead the military through a cyber war. Now, the Pentagon chiefs have made it clear: They're not buying. All of the military services are going to have a role in fighting online. 'It rebuffs the Air Force grab for predominance in cyber operations,' a Pentagon official tells Inside Defense. Last fall, the Office of Secretary of Defense pushed back an even more intense effort by the Air Force to grab control of the military's unmanned air force." See the Wired story.
• 13 November 2008 — "The general in charge of the U.S. Air Force's cyberwarfare effort says plans for his unit have been scaled back because staff who would have been used to set up a cybercommand will be allocated to the service's new nuclear command instead. Air Force Cyber Command was to be established as a major command alongside the service's space, air-combat and other commands — last month. However, those plans were suspended over the summer after Defense Secretary Robert M. Gates fired the Air Force's civilian and military leaders because of lapses in the security of the nation's nuclear arsenal. Last month, plans for a full-fledged major command for cyberwarfare were scrapped." See the Washington Times story.
• 4 December 2008 — From Inside the Pentagon, 4 Dec 2008: "Defense Secretary Robert Gates has placed operational control over the entire range of military cyberspace activities in the hands of the Pentagon's premiere offensive cyberwarfare unit, according to a Nov. 12 memo obtained by InsideDefense.com.
  The move, effective immediately, puts the Ft. Meade, MD-based Joint Functional Component Command-Network Warfare in charge of the Joint Task Force-Global Network Operations. The Arlington, VA-based JTF-GNO is tasked with defending the military?s networks.
  Both organizations are part of U.S. Strategic Command. National Security Agency Director Army Lt. Gen. Keith Alexander is also the JFCC-NW commander. Similarly, the JTF-GNO chief serves as the director of the Defense Information Systems Agency."
• 22, 24 April 2009 — Plans are announced to create a new military command for Pentagon computer network defense and U.S. offensive capabilities, NSA Director to head this "Pentagon Cyber Command" and direct U.S. information operations.
  Story 1 and story 2 from the Wall Street Journal.
• Shortly thereafter — I gave up trying to keep this up to date. It has been a long series of excited announcements leading to nothing. A Cyber Command was formed, headquartered at the NSA's Fort Meade, but then it was announced just a day or two before it was become operational on 1 October 2010 that no, that wasn't going to happen after all. The Register reported: "Issues responsible for the delay include difficulties finding suitably qualified staff among America's uniformed legions, and also the fact that it isn't even clear what 'operational' means for a cyberforce."

What they call information warfare (IW) or information operations (IO) is out there, but good luck finding much in the open literature. Just a few brief mentions, like a few sentences in AWST 12 May 2003 pp 62-63. Also be aware that the U.S. Department of Defense uses "information operations" to mean offensive information warfare, including denial of service attacks against data and network connectivity, and more subtly, rendering data or network connectivity worthless by degrading the other side's confidence on it. But at the same time, the Central Intelligence Agency instead uses "information operations" to mean obtaining data statically stored on systems or transiting networks, in order to analyze it and obtain an understanding of the other side's plans.

More recently, see Digits of Doom, in AWST, 24 Sep 2007, pg 74, suggesting that the U.S. military had started attacking jihadist web sites in the preceding few months. The article mentions:

• USAF Cyberspace Command, including the 67th Network Warfare Wing
• US Army's 1st Information Operations Command and its Information Dominance Center
• Joint Functional Component Command for Network Warfare (JFCC-NW), a part of U.S. Strategic Command and a joint operation with the National Security Agency.
  "Some of its missions include disrupting and invading networks, mining computer bases for intelligence, manipulating data as an element of information warfare and monitoring enemy command-and-control systems."
• "Even with that resume, 'these aren't the only groups involved,' says a senior electronic attack specialist. 'Some are less obvious, but more capable.' In fact, the staff of Deputy Defense Secretary Gordon England has, for some time, been studying the use of deception operations against terrorist networks."

In other stories:

• AWST reported that IW/IO was successfully used by the USAF against Iraq during 1991 and against Yugoslavia during the Kosovo conflict of early 1999.
  • AWST, 26 Feb 2001, pp 52-53. "The first attack was limited to reading the e-mail of Iraqi commanders. But by the next conflict the tools were much more sophisticated. False messages and targets were injected into Yugoslavia's complex computer-integrated air defense system."
  • AWST, 12 April 1999, pp 24-26. "'We shut their eyes [radar] down through jamming,' [an Air Force official] said. 'Also, Air Combat Command has been conducting a lot of information warfare activity. By that I mean getting into their computer system and screwing it up. We're trying to use that capability. By getting into the microwave net, you can insert viruses and deceptive computer communications.'"
  • AWST, 23 Aug 1999, 31-32. That article describes attacks on radar and military messaging systems. There were other reports about U.S. attack on Yugoslav banks holding Slobodan Milosovic's deposits.
  • AWST, 30 Oct 2000, pp 67-68. EC-130H Compass Call systems intended to penetrate air defense computer systems, planting false messages and targets, did quite well as per a USAF/USN analysis. But the EC-138E Commando Solo TV/radio broadcast aircraft are of decreasing relevance now that direct-broadcast satellite TV systems are common throughout the world.
• AWST has had several articles, including series of articles in some issues:
  • There was an overview, several articles in the 19 Jan 1998 issue, pp 52-60.
  • A series of articles in late 1999: 8 Nov 1999, pp 81-83; 15 Nov 1999, pp 93-96; 15 Nov 1999, pp 102-103.
  • A series of articles in an issue concentrating on information warfare: 26 Feb 2001, pp 50-64.
  • In a discussion of the 1 Oct 2002 transition of U.S. Space Command into the new Strategic Command (StratCom), "Command officials are advocating StratCom be designated the IO integrator for regional info operations, providing a global perspective and coordinating with other government agencies." 14 Oct 2002, pg 63.
  • Also see AWST 4 Nov 2002 pg 30, and 25 Nov 2002 pg 58.
• Network World repeated some info found in AWST and elsewhere, v17, no47 (20 Nov 2000), pp 1, 16.
• The USAF Fact Sheet.
• The U.S. Air Force Information Operations Center.
• The U.S. Navy Naval Network Warfare Command.
• The USAF formed the 609th Information Warfare Squadron in early 1996, basing it at Shaw AFB, SC. AWST, 29 April 1996, pg 52; AWST, 3 Aug 1998, pg 23. A second squadron is being formed in California by the Air National Guard. AWST, 21 Sep 1998, pg 65.
• In July 1998, the U.S. DOD and intelligence community are interested, but at least as far as anyone is saying, ethical and operational problems remain. Could disinformation turn against us? Where is the line between "prepping the battlefield" and an act of war? What about peacetime uses? The Director of the CIA director said don't worry, "we're not asleep at the switch in this regard," and a Senate staff member on an oversight community says, "The Defense Department has next to nothing to say about this in an unclassified form." See the Washington Post, 8 July 1998, A1, A10, there may still be on-line copies at:
  • Washington Post article
  • DOD talk #1 on cyber defense.
  • DOD talk #2 on cyber defense.
  • Federal Computer Week had stories in 1998 and 1999.
• U.S. News had something 13 July 1998.
• Offensive information operations were part of an exercise in 1998, involving NSA, DISA, and the Air Intelligence Agency. AWST, 21 Sep 1998, pg 65.
• China and other countries were already doing it in 1998, according to the directors of the CIA and NSA. Information Week, 6 Jul 1998.
• The National Infrastructure Protection Center (NIPC) is intended to detect and analyze attacks. Housed within the FBI, staffed by FBI, CIA, NSA, Secret Service, DOT, and other agencies. Network World, 14 Sep 1998, pp 8,74.
• In July 2002 President Bush signed National Security Presidential Directive 16, ordering the government to develop rules for information warfare — establish when and how to attack enemy computer networks, select targets, define who should authorize and launch the attacks. Washington Post, 6 Feb 2003.
• In Feb 2003 the U.S. DOD Strategic Command Joint Task Force - Computer Network Operations (JTF-CNO) was being reororganized into two task forces. One for network defense, the other for computer network attack (CNA). Federal Computer World, 7 Feb 2003.
• Nonsense has happened in the past, and will continue. A 1991 InfoWorld magazine joke turned into an urban legend, reported seriously by U.S. News and World Report, regarding the NSA sending virus-laden printers to Iraq. Nonsense: http://www.vmyths.com/hmul/7/3/

"Network-Centric Warfare" — Terminology with a Convoluted History

Much depends on just what you mean by "network-centric warfare".

Initially (maybe 1996-2000) it seemed to be used recklessly, and was the domain of much wild speculation (science fiction analogies) and dangerous enthusiasm (controlling warships with Windows NT 4.0).

After maybe 2000 or so it seems to have really been working, but by then it really should have been called something more like "information-centric" or "communication-centric" warfare.

The point is the sharing of information and how that information is used, not just the fact that there's a networked graphical interface.

The Yorktown Failure — The Blue-Water Blue Screen of Death

In September 1997, the USS Yorktown, a Aegis-class missile cruiser, was left dead in the water for close to 3 hours because of a cascade of failures started by a Windows NT 4.0 application that didn't prevent a divide-by-zero error. There's a design error here — who made NT a vital part of a warship, and who designed an architecture that allowed the failure cascade? Google finds lots of discussion, ask for:
september 1997 yorktown windows
Also see the Military and Aerospace Electronics article: "Navy Postmortem Tries to Pinpoint What Went Wrong With the 'Smart Ship'", in Military and Aerospace Electronics, March 2001, pp 1,5.

Early enthusiasm for "Network-Centric Warfare"

"What is Information Warfare" is available from the Government Printing Office (by Martin C. Libicki, August 1995, National Defense University series, G.P.O. 1996-405-201:40005). Much enthusiasm and anecdotes, light on technical facts and realism. Note the section where he discusses William Gibson's science-fiction novels and the movie "TRON" as possible models! Well, it's out there, and some people may consider it important.

Two government references that look better are NIST Special Publication 800-12 and NIST Special Publication 800-14.

"Network-Centric Warfare", Vice Adm Arthur K. Cebrowski and John J. Garstka, U.S. Naval Institute Proceedings, Jan 1998, pp 28-35. At least for the USNI publications, this seems to be the article that kicked off the craze.

"IT-21 Intranet Provides Big 'Reachbacks'", Rear Adm Robert M. Nutwell, U.S. Naval Institute Proceedings, Jan 1998, pp 36-38. A pretty good overview.

"Moving the Navy Into the Information Age", Cmdr Michael S. Loescher, U.S. Naval Institute Proceedings, Jan 1999, pp 40-44. He seems to have watched way too much "Star Trek", as the article actually suggests working on "cloaking" and "shielding" as in that sci-fi TV show, plus "omniscience" and "telepathy".

"The Power of e-Sailors", Vice Adm James R. Fitzgerald, U.S. Naval Institute Proceedings, Jul 1999, pp 62-63. A decent overview, at the expense of yet another unneeded neologism...

Early Skepticism and Caution Regarding "Network-Centric Warfare"

"Beware of Geeks Bearing Gifts", Lt Cmdr Eric Johns, U.S. Naval Institute Proceedings, Apr 1998, pp 74-76.

"The Seven Deadly Sins of Network-Centric Warfare", Thomas P. M. Barnett, U.S. Naval Institute Proceedings, Jun 1999, pp 36-39.

"The Smart Ship is Not the Answer", U.S. Naval Institute Proceedings, Jun 1998, pp 61-64. "Using Windows NT, which is known to have some failure modes, on a warship is similar to hoping that luck will be in our favor."

"Network-Centric: Is It Worth the Risk?", Cmdr William K. Lescher, U.S. Naval Institute Proceedings, Jul 1999, pp 58-63.

A very useful and more recent overview of NCW in its broader and more mature sense is a series of articles in AWST, 27 Jan 2003, pp 37-59.