Ebook: Cyberwar-Netwar

The NATO Advanced Research Workshop “Cyberwar-Netwar: Security in the Information Age”, held in Lisbon in November 2003, was co-directed by Lt.-General António Eduardo Mateus da Silva, President of EuroDefense, Portugal and Professor Alexander Dodonov, Institute for Information Recording, Ukraine. Unfortunately Professor Dodonov was unable to participate in the workshop and his function as co-director was taken over by Professor Serge Azarov, Director of Government and International Relations at LuckyNet, Ukraine.

In God we trust, all the rest we monitor…

Organisational, social and individual performances are becoming ever more dependent on information and information technology and, as such, it is crucial to find security approaches that follow simultaneously technology dependence and the value of its use.

The extraordinary growth of production, treatment, diffusion and circulation of information is the most immediate reflex of the technological dependence, in particular from computers and from the Internet. In spite of being a fairly recent technology, the Internet is already present on a global scale. Its growth has been astonishing. Today, information managed using internet technology (public as well as private) has an extremely important operational impact and therefore the analysis of information security questions in the Internet is of paramount importance. Nevertheless, these security issues do not relate solely to the Internet. For every organisation, from an international financial system to a military organisation, the dependability questions regarding the management and treatment of information using information systems and Internet technology are quite similar.

Today the Internet is entering a new stage which will have a much stronger impact on the daily lives of all kinds of organisations. The next communication paradigm offers an improved access to mobility information, offering people and all organisations that deal with mobile devices the ability to access information whenever and wherever necessary. We really are at the edge of a new technological revolution, based on the ubiquity of information through the use of mobile devices and telecommunications. Furthermore, historical tendencies lead us to believe that the impact both on people and on organisations of this technological wave will be both faster and more powerful than any previous one.

To the individual, information ubiquity results in the necessity to have immediate access to information. The strategic tactic and operational impact in organisations will therefore be incomparably deeper than in previous organisational management change using technology such as total quality management or business process re-engineering.

Mobility turns ubiquitous and real-time information more abundant and available than ever before. In order to fully benefit from these properties and avoid misinterpreting more information, organisations have to learn how to transform information into knowledge. The operational security questions regarding information are even bolder in case of organisational knowledge as the latter becomes available through the use of information technology and making use of the new fundamental property of mobility in real-time. In particular, the operational Armed Forces effectiveness is increasingly dependent on its information systems. This is clear in the case of C412STARWP-Command, Control Communications, Computing Information, Intelligence, Surveillance, Targeting and Reconnaissance Weapons System. The critical nature of these systems and the absolute necessity to prevail over the adversary demand total trustworthiness, opportunity and safety in real-time.

As such, in the context of increasing dependency on the new technological wave which is building an information, communication and knowledge society, it is crucial to find new organisational security approaches. In this regard, in our workshop, we sought to analyse and discuss the following questions:

Part I: Around the World in 80 milliseconds – Which evolution can we foresee for information and communication technology and what will be its value impact at the individual, social and organisational levels?

Part II: Operational Security of Ubiquitous Information – What will be the appropriate operational security approaches for ubiquitous real-time information and how do we deal with increasing information value dependability?

Part III: Strategic Knowledge Security – How can organisations learn in this new context and what kind of security measures apply for the production and availability of strategic knowledge?

The participants represented the academic world and practical research, involving also the administrative, business and military communities. This broad spectrum of theoretical and practical insight ensured a most fruitful and comprehensive discussion during the sessions and during the private debate between the participants.

Having only two main papers per day proved to be a success as it gave the full possibility for the most thorough discussion and space and time for an in-depth debate pointing to future thinking and investigation.

It was the general feeling among the participants that this workshop should not stand alone but should be followed by additional conferences inside the general issues of security in a broad sense in the information age. Suggestions of more permanent cooperation were put forward.

The co-directors would like to thank the NATO Science Committee for funding the Advanced Research Workshop. Above all, thanks go to all the participants for their contribution to this workshop.

The Editors wish to thank Liz Cowan for her assistance in preparing this book.

Fernando Duarte Carvalho, Eduardo Mateus da Silva

This paper is devoted to the problem of a multifold conception of cyberwar and the necessity for specifying this conception through tool-oriented attributes, i.e., technological terms. In this connection, the development of the conception of cyberwar is investigated by means of an S-figurative curve and an analysis of some modern cyberwar-oriented technologies. In conclusion, the conception of a ‘latent cyberwar’ is offered, as a ‘deterrence mission’.

Digital Signatures is an important technology that allows documents and transactions to be signed and sealed electronically in a way that preserves the data integrity of the document and provides absolute proof of the identity of the signer. This technology facilitates the transition to complete paperless environments and has been adopted by most legal systems around the world. But Digital Signature systems present a serious practical problem when trying to deploy them for wide use. This problem is centred on the question of how to handle the digital signature keys for a large community of users. This presentation examines the problem of key management for Digital Signature systems and suggests a solution, named CoSign, which automatically centrally manages all the keys and certificates throughout their lifecycle. With such a solution the use of Digital Signatures becomes simple for administrators to deploy, easy for users to use, and therefore practical to implement in the real world.

Any discussion of Cyberwar must include an attempt to define what we mean by cyber-terrorism and how much of a threat it really is, today and in the future.

Internet and IT devices are being used for business and entertainment more frequently. The Internet has become a vital part of social fabric. Threats to the Internet and other complex commercial networks are solid and growing. Globalization and the need for interoperability complicates the security of IT networks and the Internet. Cyber threats have an important potential damage capacity. Proactive security methodologies are needed to protect valuable information. In accordance with this situation, our purpose is to examine the current trends in network security and to propose a roadmap for protecting information from cyber threats. The roadmap consists of three phases: Analysis, Design and Operation

The cost of information handling is becoming astonishingly low. lnformation and communication technology will undoubtedly continue to make information ever more abundant to people and organizations. White-collar growth rates clearly reveal the importance of information as the main organizational transaction content, more than just transaction support. Consequently, our lives depend more on information than ever before and this dependence relies on information and communication technology. After the telephone, the Internet and the mobile phone revolutions, we are entering a new and more important evolutionary phase: information ubiquity based on mobile communications, both voice and data. To every individual, information ubiquity will result in the necessity to have immediate access to information. We assume, quite confidently, that the mobile communications bandwidth will continue to grow and that mobile devices will also evolve according to our wildest expectations. We also assume that people and organizations will be able to access information whenever and wherever necessary. The extraordinary growth of production, treatment, diffusion and circulation of information creates, therefore, a main technological dependence, in particular from computers and from the Internet. Because the organizational, social and individual performance is becoming more dependent on information and information technology, it is crucial to find security approaches that follow simultaneously technology dependence and the value of its use. Besides, the critical nature of information and the absolute necessity to prevail, demands total trustworthiness, opportunity, and safety in real-time. In order to deal with the increasing information value dependability, we propose an operational security approach for ubiquitous real-time information based on information value.

Rapid advances in information and communication technology have opened the way to a huge amount of information for operational exploitation. But it is well known that an increase in available data does not imply a consistent increase of useful information needed for decisions. The transformation of collected data into knowledge is a complex process strongly dependent on the capability of analysis and the availability of technological tools. As the events of September 11 clearly demonstrated, the lack of ability for processing data into useful information severely limits the intelligence outputs and the knowledge needed for operational capability and responsiveness. Taking advantage of experience in business intelligence techniques developed for business purposes, the management of strategic information and the intelligence support to operations can be strongly improved. In this analysis requirements and constraints for collecting, archiving and processing data are identified. These in particular are stressed, as the accuracy of data is a key factor to a positive increase of information value at different stages of the process and finally to knowledge. Accuracy requirements are the first bridge to the missing link between intelligence and security tools. Security can provide integrity of data and minimize the injection of disinformation into the process and the poisoning of query results. Synergically, intelligence technology can strengthen the bridge to security providing tools for a proactive management of security services and an improved resilience to attacks.

This paper on the protection of State information resources in information and telecommunication systems is devoted to the concept of construction and maintenance of the functioning of an infrastructure of protection of State information resources in information and telecommunication systems. This includes the legal basis activity in the frame of State information resources protection in information and telecommunication systems; the necessity of a State security centre existing as the main element of infrastructure of information security in Ukraine; the concept of construction and maintenance of the functioning of an infrastructure of protection of State information resources in information and telecommunication systems; and the interaction of State security centre and executive bodies in the frame of protection of State information resources in information and telecommunication systems.