F E A T U R E S    Issue 2.09 - September 1996

Information Warrior

By Ben Venzke

Winn Schwartau: With the wealth of the nation embedded in our electronic infrastructure, we need to be ready to fight cyberwars.



Information warfare extends beyond the physical world and strikes at one of the most valuable resources today. It could be a teenage hacker shutting down the nation's phone system or a foreign government dropping magnetic bombs, but the purpose is the same: destabilise a country by destroying its information infrastructure.

While the myriad of possible attacks are easy to imagine, how law enforcement and the military should respond remains controversial. One of the loudest and most provocative voices to emerge in the debate is that of Winn Schwartau, a 44-year-old rock producer turned computer security expert. His book, Information Warfare: Chaos on the Electronic Superhighway, was the first nonclassified work to take a close look at the subject - and it has helped define the field.

Schwartau's struggle to open people's eyes to the importance of information warfare is not without critics. Many claim IW is just another buzzword or hyped-up threat meant to justify new military expenditures in the post-cold war period.

Adamant that the threat is real, Schwartau is working on three new books and a film about IW.

Wired: How do you respond to people who don't believe information warfare is a real threat?

Schwartau: I hope they don't become victims. It's not just a bunch of hype. Let's go back and look at what was happening 20 years ago. Were there hackers? Well, maybe a few university guys who played games with each other. Now look at the curve: a couple of hackers in the 1980s, and then came the Net and connectivity. One thing led to another, and suddenly hackers are a real problem. The same thing occurred with computer viruses, and the same thing will occur with information warfare.

I remember back in 1990, 1991 when I first started talking about magnetic weapon systems, which I firmly believe are the nuclear weapons of the information age. People laughed me off the stage. They said, "That stuff isn't for real. It's crazy." But I've seen these weapons work. The military's got a huge assortment of them and the capability is going to be distributed throughout the world at various levels. Most people are not going to have the gigawatt, terawatt systems but you can do an awful lot of damage with a home-brew 100-megawatt weapon.

What about the claim that since IW is invisible it will never have the impact of a bomb?

IW does not have the immediate emotional impact of lots of dead bodies lying on the streets of London, New York or Oklahoma City. That's true. However, say I wage an IW attack against a series of US domestic air carriers where I don't use a conventional bomb but an electromagnetic bomb, which sufficiently interferes with the avionics of the plane to cause it to crash. Just ask pilots what they have seen and experienced when passengers use electronic equipment they shouldn't. That is terror. Or, what if people can't get their money from ATMs because the network has been destroyed? You'll see a lot of very unhappy people. In this case, the negative effects reach all the way down to a highly distributed population, not just a very targeted localised one as with a bomb.

How should the US defend itself against these types of electronic attacks?

The biggest problem I see from the US standpoint is, "What do you do if a well-motivated and well-financed bad guy decides to come after the US?" Traditionally, the FBI is supposed to take care of these kinds of threats. My concern is that with severe information warfare, the FBI and domestic services do not have the capability or the responsive strategies and tactics needed to react.

So the military should be in charge?

The problem is Posse Comitatus, which is an act passed in 1878. It basically says the military cannot operate within the US. What we need to do is come to a new type of understanding, a new type of agreement where we have a centralised offensive and defensive capability. We need to have ways to deploy that domestically without upsetting the population. We don't have that model yet.

Should all of the military services be involved in preparing for information warfare?

We are going to need a fourth service, what some people have called a cyberforce. The army handles the land, the navy handles the water - we need a force to handle cyberspace. There was a lot of legitimate debate when the Air Force split off from the Army, and I think we're going to see a similar debate about IW. But, ultimately, I think it needs to be an independent force, where the capabilities can be distributed as needed.

Why aren't we seeing more debate about how to respond to IW?

The NSA understands what the offensive capabilities of IW weapons are and has kept that classified. In order to mount an adequate national defensive posture, industry and government need to understand the threats in very clear terms.

What worries you most when you look at the US's preparation for IW?

There are two things. One is people's dismissal of IW as a real threat. That's arrogance and apathy. Number two is our political inability to arrive at a national policy recognising that information and information systems are a national security asset worthy of protection.

The national information infrastructure is built upon 1) the power grid, 2) the communications networks, 3) the transportation system and 4) electronic financial transport. Take away any portion of one, and it affects the others immediately. Take away pieces of two or more, and we will see the beginnings of a catastrophe.

The US is built upon a US$7 trillion economic engine, only $300 billion of which is in cash, and less than 40% of which is even transacted within the US. The wealth of this nation is embedded in our electronic infrastructure, and I merely maintain we should defend it appropriately.

Ben Venzke is publisher of the Intelligence Watch Report.