New threats and technologies are giving rise to terms such as spectrum warfare that seek to blend electronic warfare, cyber warfare and other technological approaches to controlling the RF spectrum.
Chinese and Russian exploitation of cyberspace, however, is not solely limited to information warfare…
In 1991, the rapidity and perceived ease with which the United States demolished the Iraqi army shocked Russia and China. To counter the United States, other states began investing in information warfare capabilities — Electronic Warfare and Computer Network Operations — to try to retard the US ability to use cyberspace for military operations. These strategies mesh with existing usage of anti-access and area denial weapons and counter space capabilities, the employment of special operations and airborne units, and other similar low-cost/high-value tools. Unlike many in the US, Russia and China do not see cyber warfare tactics and operations as stand-alone strategic methods.
China’s information warfare theory and doctrine is well-known. Chinese strategists contemplate attacks on military and civilian infrastructure in concert with deception operations and conventional weapons. The Russians have developed a similar set of ideas and doctrine rooted around concepts of reflexive control, which employs integrated deception and cyber operations. Both states maintain military and intelligence structures for employing information warfare but also have a murky relationship with patriotic hackers and cyber criminals who engage in espionage and political subversion.
Chinese and Russian exploitation of cyberspace, however, is not solely limited to information warfare. Rather, both states have also attempted to “informatise” their own armed services. Informatisation in Chinese and Russian military doctrine should be understood as a structural integration of modern information technology with existing and future military platforms. Chinese military writings in particular portray “informatisation” as the digital equivalent of motorising land armies in the inter-war period.
Electronic Warfare and Computer Network Operations both target, in different ways, a military force’s ability to employ cyber power on the battlefield…
Other states and non-state actors pursue information warfare capabilities and means of exploiting cyberspace for powerful conventional weapons. North Korea and Iran are building up hacking and electronic warfare capabilities to counter the West and target their neighbours. North Korea has executed cyber-attacks against South Korean civilian targets, jammed air traffic communications and more recently attacked Sony Entertainment Company. Iran is believed to have carried out cyber attacks on the USA financial services and the Saudi oil facility using Shamoon virus and claims to have used Electronic Warfare to down an American spy drone. Non-state actors are engaging in what former Israeli Defense Forces commander Itai Brun called, “The Other Revolution in Military Affairs” using cyberspace as a medium for distributed operational command-and-control, communications, sensor networks and propaganda. The proliferation of precision-strike weapons predicted by many military analysts may add a kind of primitive non-state reconnaissance-strike complex to this mixture of cyber-enabled tactics and operations.
The Operational Environment (OE)
The Operational Environment (OE) has changed dramatically. Unprecedented levels of adverse activity in and through cyberspace threaten the integrity of nation’s critical infrastructure, financial systems, and elements of national power. These threats range from unwitting hackers to nation-states, each at various levels of competence. Collectively, the threats create a condition of perpetual turbulence without traditional end states or resolution.
The ever-increasing rate of technological advances and its wide proliferation make it increasingly difficult to achieve success across the military Full Spectrum Operations (FSO). The convergence of wired, wireless and optical technologies has led to the merging of computer and telecommunication networks; handheld computing devices continue to grow in number and capability. Next generation systems are beginning to emerge, forming a global, hybrid, and adaptive network that combines wired, wireless, optical, satellite communications, Supervisory Control And Data Acquisition (SCADA) and other systems. Soon networks will provide ubiquitous access to users and enable them to collaborate when needed in near real time. Consequently, the current vocabulary, including terms such as Computer Network Operations (CNO), Electronic Warfare (EW) and Information Operations (IO) will become increasingly inadequate.
Computer Network Operations (CNO) is one of the sword arms of the Information Warfare (IW)…
Full Spectrum Operations (FSO) will encompass three interrelated dimensions each with its own set of causal logic and requiring focused development of solutions:
- First dimension – The first dimension is the psychological contest of wills against implacable foes, warring factions, criminal groups and potential adversaries.
- Second dimension – The second dimension is strategic engagement and involves keeping friends at home, gaining allies abroad, and generating support or empathy for the mission in the area of operations.
- Third dimension – The third dimension is the cyber-electromagnetic contest. Trends in wired, wireless and optical technologies are setting conditions for the convergence of computer and telecommunication networks. This dimension focuses on gaining and maintaining an advantage in the converging mediums of cyberspace and the Electro-Magnetic Spectrum (EMS).
Computer Network Operations
Computer Network Operations (CNO) is one of the sword arms of the Information Warfare (IW) which is defined as, “actions taken to achieve ‘information superiority by adversely affecting the adversary’s information, information-based processes, information systems, and computer-based networks whilst simultaneously protecting one’s own information, information-based processes, information systems and computer-based networks.” The seven forms of IW mentioned in the Indian Army doctrine are Command and Control Warfare (C2W), Intelligence Based Warfare (IBW), Electronic Warfare (EW), Psychological Warfare, Cyber Warfare, Economic Information Warfare and Network Centric Warfare (NCW). Cyber warfare is conducted through CNO in the cyber space using cyber power.
Cyberspace is an operational space where humans and their organisations use the necessary technologies to create effects…
Cyberspace is defined (by the USA) as, “a domain characterised by the use of electronics (ICT and Media) and the Electro Magnetic Spectrum to store, modify and exchange data via networked systems and associated physical infrastructure.” Civilians, terrorists and the military operate in this cyberspace to conduct their business and/or operations.
Cyberspace is an operational space where humans and their organisations use the necessary technologies to create effects, whether solely in cyberspace or in and across the other operational domains and elements of power. It is an operational medium through which “strategic influence” is conducted. The fundamental condition of cyberspace is the blending of electronics and electro-magnetic energy.
Worldwide, people and in some cases, the governments are engaged in the exploitation of cyberspace for illegal activities such as espionage, theft of technology, financial frauds and so on. They have, accordingly, developed means and methods to carry out such activities by way of viruses, root kits, malware and so on. This evolving threat to society manifests in the ability to disrupt networks, systems and their functionality and their suitability for the conduct of asymmetric warfare by attacking Critical Information Infrastructure.
Cyber power is the use, the threatened use or effect by the knowledge of its potential use, of disruptive cyber attack capabilities by a nation state. Nations may project cyber power in a number of ways – in concert with kinetic operations, masked and with no clear link to the attacker, as part of complex military-diplomatic escalation, or in indirect manners to exert influence or advance national goals. CNOs are the instrument of application of cyber power in cyberspace. These, in concert with EW, the other sword arm of IW, are used primarily to disrupt, disable, degrade or deceive an enemy’s command and control and critical information infrastructure thereby crippling the enemy’s ability to react and make effective and timely decisions, while simultaneously protecting and preserving own Command and Control and critical information assets.
Electronic Warfare (EW)
EW is any action involving the use of the Electro-Magnetic Spectrum (EMS) or directed energy to control the spectrum, attack an enemy or impede enemy assaults via the spectrum. The purpose of EW is to deny the opponent the advantage of and ensure friendly unimpeded access to the EMS. EW can be applied from air, sea, land and space by manned and unmanned systems and can target humans, communications, radar or other assets radiating EM energy and using EMS.
Nations may project cyber power in a number of ways – in concert with kinetic operations, masked and with no clear link to the attacker…
Military operations in today’s digital battlefield are executed in an information environment increasingly complicated by the EMS. The EMS portion of the information environment is referred to as the Electro-Magnetic Environment (EME). The recognised need for armed forces to have unimpeded access to and use of the Electro-Magnetic Environment creates vulnerabilities and opportunities for EW in support of military operations. Within the information operations construct, EW is an element of information warfare; more specifically, it is an element of offensive and defensive counter-information activity.
As the sophistication of EW systems has increased, and EW receivers and transmitters have become software-defined Radio Frequency (RF) systems, EW techniques have evolved from brute force power-based electronic attack to more surgical electronic attack on targeted systems. The inclusion of cyberattack techniques in the tools available to the EW designer and planner is a natural extension of EW system capabilities.
Cyberspace operations, in conjunction with Electronic Warfare and Electro-Magnetic Spectrum operations are identified as one of the core competency areas critical to shaping the operational environment and winning decisively. Equally new is the concept of Cyber Electromagnetic Activities or CEMA that integrates and synchronizes cyberspace operations, Electronic Warfare (EW) and Spectrum Management Operations (SMO). The unprecedented challenges are to ensure continued access to a congested and contested electromagnetic environment, the explosive growth of spectrum dependent systems, the continued proliferation of wireless technology, and the increased use of advanced cyber capabilities in a dynamic and uncertain world.
The constituents of IW as propagated by West as indeed the definition of cyberspace elude to the integrated application of CNO and EW as offensive weapons, their dependence on EM spectrum and the consequent requirement of operating in the contested and congested EM space.
The purpose of EW is to deny the opponent the advantage of and ensure friendly unimpeded access to the EMS…
Integrated CNO and EW Strategy
The Chinese have adopted a formal IW strategy called Integrated Network Electronic Warfare (INEW) that consolidates the offensive mission for both Computer Network Attack (CNA) and Electronic Warfare (EW). The PLA sees CNO as critical to seize the initiative and achieve ‘electromagnetic dominance’ early in a conflict and as a force multiplier. PLA theorists have coined the term “Integrated Network Electronic Warfare” to outline the integrated use of EW, CNO and limited kinetic strikes against key command and control, communication and computers nodes to disrupt the enemy’s battlefield network information systems. The PLA, accordingly, has developed significant capabilities in all spheres of IW and is recognised as an emerging cyber power.
The Russians do not want to ape the West as far as definitions and concepts are concerned. The Russian military role in cyberspace is defined in the Russian Military Proto-doctrine and the Information Security doctrine.
The definition of the information war which the armed forces are called upon to deter and prevent is worth citing in full, as it illustrates the enduring holistic nature of the Russian perception of information warfare and cyber conflict as an integral part of it. Information war, according to the Russian Federation is, “a conflict between two or more states in information space with the aim of causing damage to information systems, processes and resources, critically important and other structures, subverting the political, economic and social systems, mass psychological work on the population to destabilise society and the state, and coercing the government to take decisions in the interests of the opposing side.”
Both Russia and China maintain military and intelligence structures for employing information warfare but also have a murky relationship with patriotic hackers and cyber criminals who engage in espionage and political subversion. Chinese and Russian exploitation of cyberspace, however, is not solely limited to information warfare. Rather, both states have also attempted to “informatise” their own armed services. Informatisation in Chinese and Russian military doctrines should be understood as a structural integration of modern information technology with existing and future military platforms. Central to these is the integration of CNO and EW for undertaking offensive IW operations.
Military operations in today’s digital battlefield are executed in an information environment increasingly complicated by the EMS…
Integrated application of CNO and EW is a very potent weapon of IW. The same is being highlighted in the following three case studies.
• Case Study 1: Capture of RQ 170 UAV, “The Beast of Kandahar”, A classic example of integrated EW and CNO.
In December 2011, Iran claimed the capture of the RQ170 Sentinel drone intact by an ‘electronic ambush’ engineered by Iranian EW specialists. They jammed the communication and data links and that forced the drone into auto pilot. At that stage, “the bird loses its brain”. The Iranians reconfigured the drone’s GPS coordinates and they used precise latitudinal and longitudinal data to force the drone to land on its own. In doing so, the Iranian team did not have to bother about cracking remote control signals and communications from a control centre in the US, and the RQ170 suffered only minimal damage. The drone was thus tricked to land in Iran thinking it was its base in Afghanistan.
Simon Tsipis, Cyber warfare expert
• Case Study 2: IW in Ukraine; Integrated application of EW, Cyber and Kinetic Warfare. The largest military cyber-attack was the attack implemented by the Russian Military Intelligence (GRU) on the armed forces of Ukraine,” as reported by the BBC. According to the law enforcement agencies of Ukraine, Russian cyber attacks collapsed the communication systems of almost all Ukrainian forces that were based in Crimea that could pose a danger to the invading Russian troops. Attacks of a lesser scale were directed at government websites, news and social networks. Russia managed to hit almost all Ukraine government websites and it was able to take control and to put on surveillance and monitoring all the Internet and telephone communications lines, before the invasion and occupation of Crimea by its military. Russian Special Forces managed to derail all important communications systems through direct physical impact on them by combined field and high-tech operations.
Presently, CNO and EW capabilities complement each other and produce exceptional effects when used jointly…
• Case Study 3: Hacker uses an Android to remotely attack and hijack an airplane.
The “Hack in the Box” security conference in Amsterdam in April 2013, had a very interesting presentation made by Hugo Teso, a security consultant in Germany on ‘Aircraft Hacking’. According to the abstract, “This presentation will be a practical demonstration on how to remotely attack and take full control of an aircraft, exposing some of the results of my three years research on the aviation security field. The attack performed followed the classical methodology, divided in discovery, information gathering, exploitation and post-exploitation phases. The complete attack was accomplished remotely, without needing physical access to the target aircraft at any time.” (A testing laboratory was used to attack virtual airplanes systems).
Here are a few important facts which emerged after a detailed study and analysis of aircraft monitoring and control systems. Automated Dependent Surveillance-Broadcast (ADS-B) has no security. It is unencrypted and unauthenticated. Earlier, a hacker was able to inject ghost planes into radar exploiting this vulnerability. The Aircraft Communications Addressing and Reporting System (ACARS) also has no security; it is used for exchanging text messages between aircraft and ground stations via radio (VHF) or satellite. The ACARS datalink allowed for ‘real-time data transmission’ and all communications between planes and airports are sent unencrypted. ACARS was used to exploit and break into the airplane’s onboard computer system and then upload the Flight Management System (FMS) data. FMS could be uploaded by software defined radio and ground service providers.
By taking advantage of two technologies (ADS-B and ACARS) for the discovery, information gathering and exploitation phases of the attack, and by creating an exploit framework (SIMON) and an Android app (PlaneSploit) that delivers attack messages to the aeroplanes’ Flight Management Systems (computer unit and control display unit), he demonstrated the terrifying ability to take complete control of aircraft by making virtual planes ‘dance to his tune’.
EW and CNO are the sword arms of the IW and are independent entities with specific capabilities and functions which reinforce each other…
There has also been a recent report in the media about a hacker who was able to take over the control of both Airbus and Boeing aircraft employing EW and CNO. Such possibilities will increase exponentially with the spread of Internet of Things (IoT).
EW and CNO are the sword arms of the IW and are independent entities with specific capabilities and functions which reinforce each other. These can be used both in stand-alone and in an integrated manner. While EW is well established and gaining primacy due to the importance of availability of EM spectrum, security and survivability of combat and logistic assets, CNO, in contrast, is still evolving and its application at the strategic, operational and tactical levels is yet to crystallise.
Presently, CNO and EW capabilities complement each other and produce exceptional effects when used jointly, more so along with the kinetic power. These also compete with each other particularly during pre-hostility period when stealth and attribution issues would favour application of CNO. On the other hand, EW encompasses electronics, the entire EM spectrum and EM space that include cyberspace. While both CNO and EW will grow exponentially, it is only a matter of time when CNO, EW and EM spectrum will merge into a single entity. Glimpses of this are very much visible.