Information Warfare in 2015

Revolutionary changes are under way in warfare, at least in part stemming from changes in information systems and their associated capabilities. In assess­ing the impact of those changes on military organiza­tions and operations, much of the discussion has re­volved around command and control, communications, computers, and electronic warfare. This focus on the tan­gible and familiar made some sense; nevertheless, it is also clear that what is now being called “information war­fare” includes elements that transcend computers, com­munications, and electronic warfare. These broader as­pects of information warfare have far-reaching implications for military strategy and policy.

Ambiguity

Information warfare (IW) seems to lend itself to ambi­guity, including the issue of deciding that a war has begun in the first place. It is not at all clear that infor­mation-warfare steps by a potential adversary would be readily detectable; the “How do you know you are at war?” question may be quite difficult to answer. This is partic­ularly true in the case of such IW elements as computer attacks, deception operations, and conditioning using what used to be called propaganda. The rapid growth of inter­connections—already manifest in communications and banking—presents more opportunities to do grievous harm, quickly and with little or no warning, with a minimal sig­nature. In many cases, even when some suspect activity is detected, it may be very difficult to trace the origins of an IW attack, to discern connections between seem­ingly random actions, or to convince policymakers that the detected activity was done with hostile intent. Ac­cordingly, the indications and warning associated with the outset of warfare will have to change.

Information warfare in 2015 also portends a very dif­ferent set of potential responses by the United States, if a possible adversary should be detected acting in a hos­tile or potentially hostile fashion. IW measures that the United States could take at the outset of such crises might require quite different rules of engagement than have been contemplated up to now. This is both good news and bad news. The good news is that there may be many new tools available, short of lethal attacks, to signal to an adversary that warfare with the United States might be a bad idea. The bad news is again the inherent ambiguity in some in­formation warfare methods—it might be hard to signal clear intentions or even to ensure that a signal is perceived at all. In any case, much thought is required to examine threats and the threat-detection process, requirements for intelligence, and new rules of engagement.

Changing Vulnerabilities and Organizations

Countering an adversary’s command and control always has been a feature of warfare, but in the continental United States we have not been particularly vulnerable to such measures. One clear implication of warfare in 2015 is that almost any enemy will try to degrade the U.S. informa­tion system. The United States must be prepared for that eventuality. Paradoxically, although the technology of in­formation systems is becoming ever more capable and so­phisticated, this does not guarantee security; in fact, it may make it harder to secure the U.S. information infrastruc­ture from attacks.

There are a host of reasons why this is true—one of which is that information warfare generates problems at the national security level (rather than at a single-service or Department of Defense level). Such problems will not be solved by creating a new organization within the armed forces; they reach beyond the armed forces to include the entire regional security infrastructure. As this infra­structure grows and elaborates, its reach expands beyond the control of any single entity and any single nation, and it opens access points at myriad places. The 1994 military organizational structure is likely to be ill-suited to man­age the complexities of information warfare in 2015.

Another deficiency is the lack of a coherent approach to offensive and defensive considerations for informa­tion warfare—except at the operational or tactical level. Nowhere in our system do we bring together and integrate these considerations, nor is there a single locus for re­quirements generation and claimancy in the acquisition process for information warfare.

The Defense Information Systems Agency has been ac­tively pursuing “information assurance” as a part of their charter to take in hand all information-system responsi­bilities for DoD, but this is not an operational command. The Chairman of the Joint Chiefs has designated the J-3 (operations) and J-6 (command, control, communications, and computers) organizations as the loci, respectively, of offensive and defensive IW planning, but this does not provide a single focus for wartime command, either.

Much of the discussion of open or distributed archi­tectures and “information pull” approaches to supporting operations implies that we can approach planning and ex­ecution with a view that the communications pipes will be available and that there will be little to concern oper­ators in the overall architecture or in the nature and char­acteristics of those pipes. In at least two regards—ad­dressing potential vulnerabilities during planning and adjusting organization concepts for effective IW war fight­ing—operators may require more hands-on familiarity with the ways we knit together our commands in order for them to execute our strategy effectively.

There are two simple examples of the problems we can anticipate if such operational information awareness is not an element of the force. One is logistics information sys­tems, which tend to be both elaborate and critical to suc­cessful military operations and yet generally subject to less stringent security measures than other military infor­mation systems. This is not just an issue of cryptologic security, although that is one area in which logistics com­munications lag behind their operational counterparts. The system could be cryptologically secure but still quite vulnerable; an enemy could introduce significant disrup­tion by merely denying us information—by interfering with logistics transmission links—or by introducing ran­dom errors into the system. An operational commander unaware of the details of his logistics communications is unaware of significant potential IW vulnerabilities.

A second example, affecting the approach to organiz­ing for combat, is the presence of automated systems on the battlefield—systems likely to be considerably more widespread in 2015. The commander who knows his human systems, but who does not understand his auto­mated systems, will be vulnerable to surprise, possibly to defeat. Knowing the automated systems entails under­standing the rules under which these systems are pro­grammed—the software will be (and is now) part of the command-and-control system.

There are already many autonomous systems available to the commander, including unmanned aerial and un­dersea vehicles, smart mines, Tomahawk cruise missiles, and other guided weapons. The integration of battlefield robots also may pose a potential IW vulnerability.

Organizing for Operations

In dealing with the information revolution, the armed forces seem to be “polishing the stove pipes,” i.e., work­ing to improve performance elements within the current organizational structure, rather than coming to grips with the implications of systems and capabilities that do not fit within that structure. This is a fundamental issue. The mil­itary has viewed information services (traditionally, in­telligence and communications) as supporting inputs to the actual warfare functions of fire, maneuver, and strike.

But information warfare might not always be a sup­porting function; in some future campaigns, it might take a leading role. This makes it both increasingly important and challenging to get the organizational issue right. By 2015, the requirements of the battlefield will be such that traditional hierarchical command-and-control arrange­ments may be obsolete. The trend toward decentralization is already well established. Efforts to work the time lines of sensor-to-shooter linkages are pressing such require­ments on the Navy. Information technology is making dis­tributed systems commonplace, and (as one observer re­marked) “virtual organizations” are growing like cultures on a Petrie dish. The speed of action and adaptation of such new organizational entities suggests some strengths that the military would be wise to examine.

Modeling

It is apparent that such changes are already under way. Their impact on military systems, organizations, and op­erational concepts, however, is just beginning to be ap­preciated—and projecting the course and outcome of such impact for 2015 is a major challenge. One approach in­volves using models, simulations, and war gaming to ex­amine the changes, with an eye toward identifying the character and extent of the influence information warfare will have on future battlefields. In fact, one aspect of the use of information systems in warfare involves employ­ing simulation much more extensively for everything from individual training to supporting large-scale exercises and mission planning.

Large-scale, interactive simulations that incorporate widely distributed, actual and semi-automated joint forces, such as those planned for Simulation Network/Distributed Interactive Simulation (SIMNET/DIS), are being designed and procured today. These and other simulation capabil­ities are and will be used to support training, mission plan­ning and practice, and operational planning. In view of the critical part these systems will play in the future U.S. military, it is important to note that practically none of them address operational or strategic level vulnerabilities of U.S. forces to information attacks; nor do they allow more than the tactical-level play of information warfare (in reality, just end-game electronic warfare).

Moreover, the basic measures of effectiveness and al­gorithms upon which these simulations are based do not address most (if any) of the aspects of information war­fare at any level—there are simply no measures for judg­ing warfare outcomes from information-warfare inputs. Although some attention has been paid to offensive in­formation actions (mostly at a tactical level or in support of targeting), information-warfare attacks against U.S. forces in such simulations primarily are just assumed away, and no useful measures of the relative combat value of in­telligence, communications, deception, or other informa­tion-warfare applications exists in any simulation, model, or game.

At the same time, we are seeing trends that presage a rapid increase in the attention paid to information warfare as a key element of future U.S. military practice, a rapid growth in simulation and gaming dependency for U.S. forces, and a growing deployment of information systems across all warfare areas in the field and in the fleet. In many cases, this infrastructure extends well beyond the Department of Defense, as operating forces increasingly use leased commercial communications and commercial imagery, inter alia, in support of their requirements. Many of the communications routes are obscured to the user: he does not know where his communications may be routed, going out or coming in. In many ways, this transparency is also true of the measures of effectiveness and assumptions built into the simulations and games being widely used in DoD—off-the-shelf models that have been designed for other purposes are used or become the basis for new models, without explicit attention to the under­lying assumptions that were part of the design process many years ago.

In any case, the new attention to information warfare means that these models and their assumptions require a detailed reexamination. At best, they may be incomplete; more likely, they are unable to take into account the key determinants of future war­fare outcomes—and thus simulations and games using these models will be mis­leading or wrong.

Targeting ... Us

The changes under way m warfare also fundamen­tally change the target for enemy exploitation. If we change our logistics infra­structure to use transponders on every container of mate­rial we ship (a step planned by the Army Material Com­mand to improve logistics visibility and reduce handling), a sentient enemy will look for ways to activate the transponders to provide targeting of logistics nodes. Ad­versaries in 2015 will develop measures to take advantage of newly perceived vulnerabilities. Systems such as Aegis, airborne warning and control, joint surveillance and tar­get attack radar (JSTARS), space communications, com­puters, and the associated networks, are not only strengths of the new military, they are also new targets.

As this new system of systems grows, its vulnerabili­ties must be identified so we can adjust and maintain our military effectiveness. Presence of the “nodes” in the con­tinental United States no longer implies invulnerability. A teenager with a modem and phone line can now ac­cess U.S. targets in an instant—and so can a smart ad­versary. Unfortunately, modeling of these new targets, of new ways to attack them, and particularly of their inter­actions and networks is not part of most simulations.

Gaming

The situation in gaming is, if possible, even worse. Gaming of information warfare has only just begun. There is no automated gaming system that includes any of the major elements of information warfare in any fidelity.

Where addressed at all, it has been done off-line, with human experts—usually experts in electronic warfare, space systems, or communications. When games have in­troduced any disruption of the sort possible with a con­certed information-warfare attack, they quickly have come to a halt. Rather than analyzing whether the disruption might truly reflect a potential wartime outcome, such re­sults have been banished from games as being disruptive of game play and an interference with higher objectives of the game. Their occurrence, if allowed at all, is treated off-line. This is as true for Navy gaming as it is for gam­ing in the other services.

As information-warfare concepts and the associated sys­tems and techniques move into the U.S. force structure, gaming should change to reflect the new approach and new threats. For as we change, so will our adversaries. This will require a dedicated effort to develop new mea­sures, models, scenarios, gaming techniques, and games.

Sensible projections of future force effects on the battlefield cannot be done without this fundamental underpinning. In short, modeling the impact of in­formation warfare always has been difficult and there­fore has not been done. And now the target is being changed rapidly by the geo­metric growth of military and commercial informa­tion systems and the spread of those capabilities across the globe. We must work out what information war­fare gaming should look like and think through the many issues that such gaming poses for modeling.

The Challenge

Information warfare is a key element of a potential rev­olution in military affairs and may become a crucial de­terminant of warfare outcomes; the U.S. Navy will have to come to grips with the intelligence, policy, conceptual, organizational, and modeling issues it presents. They are at least as important as the technological changes that are rapidly altering the military battlefield. Today, infor­mation technology is spreading worldwide; by 2015, many states may have technologies comparable to those in the United States. Achieving revolutionary effects depends upon developing the concepts and organizations to take full advantage of the technology. By 2015 someone else might get these elements right. The imperative for the United States and the U.S. Navy is to get there first.

A former naval intelligence officer, Mr. Kraus is a senior analyst in the Strategic Assessment Center of Science Applications International Corporation. He has extensive background in military and naval opera­tional and intelligence analysis and comparative analysis, technology as­sessment, scenario development, war-gaming design, and the use of gam­ing to support analysis. He currently leads a multiyear study for the Office of the Secretary of Defense, focused on information warfare.