information warfare

Information Warfare, IW or iwar is the use of electronic communications technology to achieve military objectives by infiltrating, disrupting, creating or subverting communications and communications systems / signal infrastructure. These objectives can be very narrowly defined, as in battlefield situations, or broadly defined, as when civilians are attacked via terrorism.

When actual loss of life is intended or likely, it might be reasonable to use the otherwise questionable term cyberterror. It is never valid to use this term when describing activities that simply make computers not work, if those computers are not themselves actively sustaining human lives, or if "attackers" do not know that they are.


IW is closely related to military deception, psychological warfare, espionage and propaganda. When directed very narrowly at military enemy command and control systems, it is called command and control warfare. However, the broadest definition of information warfare is now very widely used.

According to a survey of Chinese work in this field, Shen Weiguang defined it broadly as two sides in a "pitched battle against one another in the political, economic, cultural, scientific, social, and technological fields..." or "...narrowly as the confrontation of warring parties in the field of information... is to attain the objective of “forcing enemy troops to surrender without a fight” through the use of information superiority." He believed "that IW’s essence is the sum of information capabilities capable of breaking the enemy’s will to resist by attacking his cognitive understanding and convictions causing the enemy to give up all resistance and terminate the war. The main tasks of IW are disrupting the enemy’s cognitive system and trust system." Not just technologies.

Wang Baocun also believes strongly in the union of IW and cognitive processes, and emphasizes:
  • perception structure as “all things that an individual or a group considers correct or true, regardless of whether these things that are considered correct or true have been obtained through perception or belief.” Perception structures are defined as composed of perception systems, those “systems which are established and operated in order to understand or observe verifiable phenomena by turning such phenomena into perceptible realities and subsequently to make decisions or take action on the basis of intuitive understanding of such realities.”
  • Belief systems "guide testable empirical information and such information and consciousness that cannot be tested or are hard to test", e.g. hermaneutic reasonableness.
  • Cognitive processes are those studied in psychology - cognitive science studies their influence on decision on an individual scale, cognitive politics in the large.

Wang also seeks Sun Tzu's “subduing the enemy without battle,” which is "a tactic requiring superior military strength, full preparedness, destroying the enemy’s strategy, and cultivating, conducting and fostering discipline. The goal is to “force the enemy side to regard their goal as our goal,” to “force the opponent to give up the will to resist and end the confrontation and stop fighting by attacking an enemy’s perception and belief via information energy.” If perceptions are attacked correctly, morale drops and with it control, the main ingredient in IW."

To enable this, Boucon in 1997 "covered the forms, nature, levels, distinctions, features and principles of IW", i.e.
  • forms of IW: peacetime, crisis and wartime;
  • differentiating offensive and defensive operations;
  • scale as national, strategic, theater, and tactical;
  • other distinctions: command and control, intelligence, electronic, psychological, cyberspace, hackers, virtual, economic, strategy and precision.

By comparison to conventional warfare, IW has more complexity, more limited goals, short duration, less damage, larger battle space and less troop density, more transparency, and is characterized by the intense struggle for information superiority, increased integration, increased demand on command, new aspects of massing forces, and the fact that effective strength may not be the main target. His principles include: "decapitation, blinding, transparency, quick response, and survival."

By contrast to this "hot" military conception of IW, the peacetime IW used now in the Troll Age mirrors its use in the Cold War: A RAND Corporation document claimed that "an IW victory will very likely be determined by which side can mobilize the most computer experts and part-time fans. That will be a real People’s War" extending Mao Zedong's doctrine. Qi Jianguo later advocated that "the PLA establish an authoritative, centralized and united network People’s War organizational organ. It would control information operations and networking activities, and allow for the conduct of mobilization exercises and education on People’s War on the net." Several institutes now do exactly this in China.

The remainder of this article will deal with "hot" IW such as hacking. Other articles on deep framing, rhetoric, propaganda, trolling are recommended as preparation before reading the reaminder of this one.

Chinese Doctrine

"Jiefangjun Bao, the Chinese Armed Forces newspaper, maintains that it is necessary to formulate rules and regulations regarding mobilization and preparation for “modern People’s War” as well as information gathering and processing, online offensives and defenses, network technology research and exchanges, and so on in order to provide the norms for the orderly preparation and building of a “network People’s War.” Major exercises have been conducted in Hubei, Fujan and other provinces, to "explore how civil networks can be used in wartime and how networks can be used for rapid mobilization in order to improve the quality and efficiency of national defense mobilization work. A second mission was to recruit technical soldiers and scientific and technological equipment from the national defense mobilization database. An additional task was to establish wartime command organs, and to formulate various preliminary plans. During the exercise, networks of the command center and the member units of the city’s national defense mobilization committee were linked to transmit audio and video information to each other. Cable TV and computer networks were integrated and put to use."

Chinese military doctrine is often assumed to adapt the Russian military doctrines, but may be better adapted already to iwar for cultural reasons: The "36 Stratagems emphasized deception as a military art that can achieve military objectives. In the information age, which is characterized by anonymous attacks and uncertainty (for example, the origin of viruses or the existence of back doors in programs, making anyone feel vulnerable), the stratagem just might be revitalized as a tactic. It should be easier to deceive or inflict perception management injuries (“guidance injuries” in Chinese) as a result. The information age is developing into the age of anonymous persuaders.", i.e. anonymous trolls - just one example of usefulness of trolling.

The Doctrine:trolls employ has a more specific name: "Knowledge warfare refers to a battle of competing brains (decision-makers on both sides of a confrontation) that process seemingly endless streams of information (the IW connection) and regurgitates the information in intelligible, useable form giving one side an advantage."

Some terms are "found only in Chinese writings" including "military soft science31 ; information frontier, information alliance, information factory, information police, and informationized army32; deceptive, occupation/hindrance, contamination, blocking, and guidance injuries33; negative entropy, information volume, information quality34; information invasion, information deterrence, information protection troops35; and informationized war and information assault.36". This is far more extensive a vocabulary than any US, UK, or Russian source uses, but, it may express a lack of precision as much as a mature doctrine, or more likely, both at once.

"Electronics, computer, and information engineering experts are as likely to become the genuine heroes of a new People’s War much like the warrior class of the past, some believe.12 Perhaps this focus explains why, in addition to economic factors, China is willing to reduce its army--China can “keep up” with other countries by utilizing a multitude of information engineers and citizens with laptops instead of just soldiers. China clearly has the people to conduct “take home battle,” a reference to battle conducted with laptops at home that allow thousands of citizens to hack foreign computer systems when needed. China has a number of superior software writers and much untapped potential in the information field. As one author stated, if one or two per cent of any population has an IQ over 139, as studies predict, then China must have tens of millions of people in this category. The problem is how to find more information space and equipment for all of these people.13"

Shen Weiguang wrote that combatants can be soldiers or a teenager, whoever possesses the weapon called a computer. The whole of society will replace traditional battlefields, and different classes and social groups will take part in political activities of their own country or any country, in Shen’s view. He advocated developing information protection troops, composed of scientists, police, soldiers, and other experts versed in IW, to safeguard the security of the national information boundary, and to launch counterattacks against an information invasion by other countries. 14 The goal of Chinese doctrine is to unify the concept of People’s War with the concept of victory through information.15" Exactly as RAND said.

There seems to be extraordinary consensus on this point.

information as a weapon

This may be because there are too many MMRPG players, or too many anonymous trolls, or just so many examples of the competitive nature of the civilian information economy: "Electrons lie at the heart of not only IW but also the worldwide economic boom associated with stock markets and e-commerce. The characteristics of information (global reach, speed of light transmission, nonlinear effects, inexhaustibility, multiple access, etc.) control the material and energy of warfare in a way that nuclear weapons cannot. IW attempts to beat the enemy in terms of promptness, correctness, and sustainability, and electrons are capable of reaching out and touching someone a long way away. It thus makes complete sense to put a significant effort into developing an information-based capability in both the civilian and military sense." - from a review of Chinese IW capabilities.

testing of the theories

There is also evidence of practical testing of the theory:
"Recent reports of hacker attacks on U.S. labs indicate that China is moving from theory to practice in security matters as well. The Washington Times reported on 3 August 2000 that hackers suspected of working for a Chinese government institute broke into a Los Alamos computer system and took large amounts of sensitive but unclassified information. Los Alamos spokesman Jim Danneskiold stated that “an enormous amount of Chinese activity hitting our green, open sites” occurs continuously."

"Targets of Chinese IW include information sources, channels, and destinations, and C4I and electronic warfare assets. First attack objectives, some note, will be the computer networking system linking political, economic and military installations of a country as well as society in general; and the ability to control decision-making to hinder coordinated actions. This requires that both cognitive and information systems are hit."

Rumours that Chinese military trolls patroll wikipedia and pro-Taiwan blogs have been persistent, although never verified. The fact that several thousand Chinese military employees monitor public web services, and the Great Firewall of China constructed by Microsoft and other companies, are, however, matters of record.

net force

"Some Chinese theorists have recommended organizing network special warfare detachments and computer experts to form a shock brigade of “network warriors” to accomplish this task. They will look for critical nodes and control centers on networks, and sabotage them." This is called a net force in some sources:

"The net force would protect net sovereignty and engage in net warfare, a technology and knowledge-intensive type of warfare. Net technology would include scanning technology to break codes, steal data, and take recovery (anti-follow-up) actions. It would include superior offensive technology capable of launching attacks and countermeasures on the net, including information-paralyzing software, information-blocking software, and information-deception software. It would include masquerade technology capable of stealing authority from the network by assuming a false identity. And it would include defensive technology that can ward off attacks, serve as an electronic gate to prevent internal leaks, and block arbitrary actions much like an electronic policeman."

A trollherd could be said to be managing a loosely organized or anarchized net force, stretching a point.


Some US sources use the simpler terminology:
  1. information dominance = your enemy's secrets are known to you
  2. information defense = your own secrets can be reliably kept
  3. information offense = you can cause the enemy to believe or act as you wish: rumours will be believed, lies accepted

These are phases, so that first one establishes dominance, as in, ability to enter enemy systems with impunity, as the Chinese enter US labs. Then, one can keep secrets, and exclude enemy penetation, as in the Great Firewall. Only once these are established can any offensive troll action that attempts to modify enemy beliefs succeed, as any attempt to verify or validate what the trolls say is intercepted or prevented by the defenses and dominance.

At this level, one would require equivalent concepts to a "frontier" or "border", an "alliance" or trusted exchange, a "factory" for information, "police" to watch for sporadic violations or an "army" to watch for information invasion, a number of military and medical type terms to describe what is going on, e.g. "guidance injury", some theory of entropy, volume, quality, deterrence and "protection" and "assault" as they apply to information:

Whether this industrially-inspired mechanistic paradigm really applies to cognitive and trust systems is unclear, but if it does not, then, new terms will be needed such as the trollish verbs. Whichever doctrine wins out, some extension to the list of process terms seems likely.

Sources and Resources



Canadian Association for Security & Intelligence Studies (CASIS)

Canadian Communications Security Establishment (CCSE)
Commissioner's Site

Canadian Forces Intelligence Branch Association (CFIBA)
Intelligence Notebook

The Canadian Intelligence Community: Control and Accountability

Canadian Security and Intelligence Community (CSIC)
or local .pdf format

Canadian Security Intelligence Review Committee (SIRC)

Canadian Security Intelligence Service (CSIS)

Canadian Security Intelligence Service (CSIS) Public Reports (several annual reports available)

United States

Air Force Intelligence Agency (AFI)

Army Intelligence Center and Fort Huachuca (AIC)

Central Intelligence Agency (CIA)

Defense Intelligence Agency (DIA)

Directorate of Intelligence (DI)

Department of State Bureau of Intelligence and Research

Federal Bureau of Investigation (FBI)

Marine Corps Intelligence (MCI)

National Geospatial Intelligence Agency (formerly known as NIMA)

National Intelligence Council (NIC)

National Reconnaissance Office (NRO)

National Security Agency (NSA)

Office of Intelligence Policy and Review

Office of Naval Intelligence (ONI)

United States Department of Justice


Australian Defence Intelligence Organisation (ADIO)

Australian Defence Signals Directorate (ADSD)

Australian Inspector-General of Intelligence and Security (IGIS)

Australian Secret Intelligence Service (ASIS)

Australian Security Intelligence Organisation (ASIO)

Australian Office of National Assessments (ONA)

Parliamentary Joint Committee on the ASIO, ASIS, and DSD

British Foreign and Commonwealth Office (BFCO)

British Security Service (MI-5)

Dutch General Intelligence and Security Service (AIVD) (Algemene Inlichtingen- en Veiligheidsdienst, formerly BVD)
www.minbzk.nl/contents/pages/00018493/JV2002is.pdf (local .pdf format)
Annual Report, 1998 (BVD), 2001 (BVD), 2002

Intelligence Stratégique - unofficial site in French (IS)

German Bundesamt fuer Verfassungsschutz/ Counterintel (BfV)

German Bundesnachrichtendienst (BND)

German Militärischer Abschirmdienst (MAD)

Hungarian National Security Office (NSO)

Italian Intelligence and Democratic Security Service (SISDe)

Jordanian General Intelligence Department (GID)

New Zealand Government Communications Security Bureau (GCSB)

Polish Foreign Intelligence Agency (AW)
www.aw.gov.pl/ (also in English)

Polish Internal Security Agency (ABW)

Portuguese Security and Information Service (SIS)

Russian Language Site on Intelligence; some pages in English (AGENTURA)

Russian Intelligence (FSB)

Russian Foreign Intelligence (SVR)

South Korean Intelligence — unofficial (ANSP)

Spanish Intelligence (CESID)

Swedish Intelligence and Security Directorate (SISD)

Turkish National Intelligence Organization (MIT)

United Kingdom National Intelligence Machinery (NIM)

United Kingdom Government Communications Headquarters (GCHQ)

United Kingdom Communications-Electronics Security Group (CESG)

2600 - The Hacker Quarterly
2600 is a small magazine devoted to hacking and phreaking. Though it has experienced some financial difficulty over the past few months it has managed to keep producing issues. This is a good resource for new exploits and general hacker "scene" information. Check out the live broadcast of their radio show.

AntiOnline is an excellent resource for the latest news in hacking and computer security. Large file archives and the I/O E-Zine make AntiOnline a must read for anyone interested computer security and keeping up with the hacker scene.

Canadian Computer Emergency Response Team (CanCERT)
This is the centre responsible for the collection and distribution of information related to networked computer threats, vulnerabilities, incidents and incident response for Canadian government, business and academic organizations.

Cryptography - Industry Canada
A good place to start if your curious about what exactly cryptography is. Includes the Government of Canada's Policy Framework Document on Cryptography and is soliciting opinions from business, industry and the general public on the formation of policy.

Defense Information Systems Agency (DISA)
The Defense Information Systems Agency. Their customer is the warfighter. Good information on Global Command and Control and Information Security.

Communications Security Establishment Commissioner
This site describes the mandate and functions of this Office, along with documents describing its activities. Major roles include reviewing activities of the Communications Security Establishment (CSE) for compliance, review any complaints about the lawfulness of CSE activities.

Office of Critical Infrastructure Protection and Emergency Preparedness (OCIPEP)
This is a great place to learn about what Canada defines as it's critical infrastructure including; energy and utilities, communication services, transportation and safety and government sectors. Here you will also find information on how the Office will develop a comprehensive approach to protecting Canada's critical infrastructure.

The mother of all Information Warfare sites. Winn Schwartau's InfoWarCon is a good site for keeping tabs on the emergence of Information Warfare and Information Security as an emergent security concern. An excellent source for research, information and other links. Well worth a visit.

Information Warfare Research Centre
A resource of the Terrorism Research Centre, this site provides access to current research from the centre itself as well as links to other Information Warfare Centres and resources.

Legal,Privacy & Security Issues in Electronic Commerce
Resources from the University of New Brunswick's Saint John Ward Chipman Library. A good starting point for a wide range of issues from encryption to electronic crime.

Open Source Solutions (OSS Net)
The public information source for budding spooks. A good place to visit when you looking for a primer in intelligence and information sourcing. Includes access to papers, an Intelligence E-Mall, and other information and intelligence links.

RCMP Technical Security Branch
The Royal Canadian Mounted Police Technical Security Branch (ITSB) is part of the Technical Operations Directorate and is responsible for, among other things, developing, approving, and issuing particular technical documents on information technology security, and advising on their application.

Secure Networks
The makers of Ballista, one of the premier Network Security Auditing tools. Secure Networks is an excellent resource for security alerts and technical papers on network intrusion, denial of service and other network security concerns. Free download of the evaluation version of Ballista - well worth it.

Security Focus
Is a vendor-neutral site that provides the security community with access to comprehensive, timely, and accurate security information at no charge.

UK National Infrastructure Security Coordination Centre (NISCC)
Here you can find information on how the Centre is set up to co-ordinate and develop existing work within Government departments and agencies and organisations in the private sector to defend the CNI against electronic attack

US Computer Emergency Responce Team (CERT)
Is a center of Internet security expertise.

US Federal Computer Incident Response Centre (FedCIRC)
This site provides information on the federal civilian government's trusted focal point for computer security incident reporting, providing assistance with incident prevention and response.