Information Operations, Electronic Warfare, and Cyberwar: Capabilities and Related Policy Issues

^Pr^ep^ar^{ed f}^o^r^M^e^m^b^ers^an^d^Com^mⁱ^t^t^ees^of^C^ong^r^e^ss

This report describes the emerging areas of information operations, electronic warfare, and
cyberwar in the context of U.S. national security. It also suggests related policy issues of potential
interest to Congress.
For military planners, the control of information is critical to military success, and
communications networks and computers are of vital operational importance. The use of
technology to both control and disrupt the flow of information has been generally referred to by
several names: information warfare, electronic warfare, cyberwar, netwar, and Information
Operations (IO). Currently, IO activities are grouped by the Department of Defense (DOD) into
five core capabilities: (1) Psychological Operations, (2) Military Deception, (3) Operational
Security, (4) Computer Network Operations, and (5) Electronic Warfare.
Current U.S. military doctrine for IO now places increased emphasis on Psychological
Operations, Computer Network Operations, and Electronic Warfare, which includes use of non-
kinetic electromagnetic pulse (EMP) weapons, and non-lethal weapons for crowd control.
However, as high technology is increasingly incorporated into military functions, the boundaries
between all five IO core capabilities are becoming blurred. DOD also acknowledges the existence
of a cyber domain, which is similar to air, land, and sea. This new domain is the realm where
military functions occur that involve manipulation of the electromagnetic spectrum.
This report will be updated to accommodate significant changes.

Introduc tion ..................................................................................................................................... 1
Backgr ound ............................................................................................................................... 1
Defini ti ons .................................................................................................................... ................... 2
Infor mation .................................................................................................................... ............ 2
DOD Information Operations...................................................................................................2
DOD Information Operations Core Capabilities.............................................................................3
Psychological Operations (PSYOP)..........................................................................................3
Military Deception (MILDEC).................................................................................................4
Operational Security (OPSEC).................................................................................................4
Computer Network Operations (CNO).....................................................................................4
Computer Network Defense (CND)...................................................................................5
Computer Network Exploitation (CNE).............................................................................5
Computer Network Attack (CNA)......................................................................................6
Electronic Warfare (EW)...........................................................................................................6
Domination of the Electromagnetic Spectrum....................................................................7
Electromagnetic Non-Kinetic Weapons..............................................................................7
New U.S.A.F. Cyber Command......................................................................................................8
Joint Command Structure for Cyberwarfare...................................................................................9
DOD and the U.S. Critical Infrastructure........................................................................................9
Information Operations by Adversaries.........................................................................................10
Attribution for Cyberattack: Estonia, April 2007...........................................................................11
Law and Proportionality for Information Operations.....................................................................11
Cyberwarrior Education................................................................................................................12
Policy Issues..................................................................................................................................13
Current Legislation........................................................................................................................14
Author Contact Information..........................................................................................................14

Control of information has always been part of military operations, and the U.S. Strategic
Command views information operations as a core military competency, with new emphasis on (1)
use of electromagnetic energy, (2) cyber operations, and (3) use of psychological operations to
manipulate an adversary’s perceptions. Department of Defense (DOD) officials now consider ¹
cyberspace to be a domain for warfare, similar to air, space, land, and sea.
Each service has organizations with Information Operations (IO) and Electronic Warfare (EW)
responsibilities: (1) the Naval Network Warfare Command (NETWARCOM) is the Navy’s central
operational authority for space, information technology requirements, network and information ²
operations in support of naval forces afloat and ashore; (2) the Army Reserve Information
Operations Command has responsibility for conducting information operations, the U.S. Army IO
Proponent is responsible for developing requirements for IO doctrine and training, and the Army ³
Intelligence and Electronic Warfare Directorate provides testing services for Electronic Warfare;
and finally, (3) the Air Force has created a new Cyber Command with responsibility for its
portion of cyberwarfare, electronic warfare, and protection of U.S. critical infrastructure networks ⁴
that support telecommunications systems, utilities, and transportation.
The DOD views information itself as both a weapon and a target in warfare. In particular,
Psychological Operations (PSYOP) provides DOD with the ability to rapidly disseminate
persuasive information to directly influence the decision making of diverse audiences, and is seen
as a means for deterring aggression, and important for undermining the leadership and popular ⁵
support for terrorist organizations.
However, a 2006 report by the Rand Corporation describes how IO can also affect audiences
outside of the intended target, stating,
^{... i}ⁿ^con^tⁱⁿ^g^eⁿ^cⁱ^e^sⁱⁿ^v^o^l^vⁱⁿ^g^an^oppon^en^t^,ⁱⁿ^f^o^r^m^atⁱ^oⁿ^operatⁱ^oⁿ^s^pl^annⁱ^ng^an^{d ex}^ec^u^tⁱ^oⁿ
^sho^u^l^dⁱⁿ^c^l^ud^e^no^nc^o^m^b^a^t^a^nt^c^o^nsi^d^e^r^a^tⁱ^o^{ns t}^h^a^t^ma^{y ha}^veⁿ^o^t^hiⁿ^g^t^o^d^o^wⁱ^t^h^a^f^fe^c^tⁱⁿ^g^t^h^e
^en^e^m^y^’^{s acti}^v^it^{ies o}^r^d^e^f^eⁿ^dⁱⁿ^g^f^r^ieⁿ^d^l^y^f^o^r^{ce cap}^ab^{ilities. I}ⁿ^to^d^a^y^’^{s co}ⁿ^f^lic^{t en}^vⁱ^r^oⁿ^m^eⁿ^t
^th^{e i}^m^p^{act o}^fⁱⁿ^f^o^r^m^atioⁿ^o^p^e^r^a^tioⁿ^s^{is seld}^o^m^li^m^ited^to^t^w^o^o^p^p^o^sⁱⁿ^g^sid^e^{s. Seco}ⁿ^d^an^d

¹^Jasoⁿ^M^a^,^“Iⁿ^f^o^r^matⁱ^oⁿ^Op^eratⁱ^oⁿ^s^T^o^P^l^ay^{a M}^a^j^o^{r Ro}^l^eⁱⁿ^Det^e^rren^{ce P}^o^st^u^r^e,^”^Iⁿ^side^Mⁱ^ssile^De^fe^nse^,^Dece^m^b^er
^{10, 20}⁰³^ht^tp:/^/w^w^w^.ins^ide^d^e^f^eⁿ^se^.c^om^/^s^e^c^u^r^e^/de^f^eⁿ^s^e^_doc^num^.a^sp?^f⁼^d^ef^eⁿ^s^e^_2002^.a^s^k^&^doc^num^=MI^SSI^L^E^-⁹^-²^5-⁴^.
^T^{odd L}^ope^z^,^Air^Fo^{rce L}^e^ad^{ers to}^Discu^{ss n}^e^{w ‘Cyb}^{er Co}^mm^aⁿ^d^’^{, A}ⁱ^{r Forc}^e^N^e^w^s^{, N}^o^v^e^m^b^e^r^{5, 2}⁰⁰⁶^,
^http:^//w^w^w^.8a^f^.ac^c^.^af^.^m^il/ne^w^s^/^s^t^or^y^_print.a^s^p?^s^t^ory^I^D⁼¹²³⁰³¹⁹⁸^8.
²^Na^v^a^{l Ne}^t^w^ork^W^a^r^f^a^r^e^Co^m^m^a^nd,^htt^p^://w^ww^.ne^t^w^a^rc^o^m^.na^v^y^.^m^il/.
³^Unⁱ^t^e^d^S^t^at^{es A}^r^my^In^f^o^r^m^atⁱ^oⁿ^Op^eratⁱ^oⁿ^s^P^r^o^p^oⁿ^eⁿ^t^,^A^p^ri^l²⁰⁰⁷^,^h^t^t^p^:^/^/^u^s^acac.^ar^my^.^mⁱ^l^/^CA^C/^u^s^ai^o^p^.^asp.^Jam^e^{s E}^.
^Mc^Conv^ille^{, U.}^{S. A}^r^m^y^Inf^o^r^m^a^t^{ion O}^p^e^r^a^tions:^Co^nc^e^p^{t a}ⁿ^{d Ex}^e^c^u^tio^{n, Mi}^lita^ry^Inte^llig^eⁿ^c^e^P^r^of^e^ssina^{l Bulle}^tin^,
^http:^//w^w^w^.f^a^s^.or^g^/ir^p/a^g^eⁿ^cy^/^a^r^m^y^/^mⁱ^pb/19^97-^1/^m^c^c^onv^l.htm^.^U^.^{S. A}^r^m^y^T^e^s^t^a^{nd Ev}^a^l^ua^tion^C^o^m^m^a^nd,
^http:^//w^w^w^.a^te^c^.^a^r^m^y^.^m^il/^O^T^C^%^5C^w^ho_ie^w^td_is^.^h^t^m^.
⁴^P^e^t^e^{r Bu}^xb^au^m^,^Aⁱ^{r F}^o^{rce E}^x^p^l^{ores t}^h^{e Next}^F^r^oⁿ^tⁱ^e^r,^Go^vern^m^ent^Co^mpu^t^{er News}^{, Fe}^br^ua^r^y^{19, 2}⁰⁰⁷^,
^http:^//www^.g^cⁿ^.c^o^m^/print/²⁶^_⁰⁴^/⁴³¹⁵³^-1.^h^tm^l.
⁵^{DOD Inf}^o^rm^a^{tion Ope}^r^a^tⁱ^{ons R}^o^a^d^m^a^{p, Oc}^tobe^{r 30,}²⁰⁰⁴^,^p.^{3. T}^h^{is d}^o^c^u^m^e^{nt w}^a^{s de}^c^l^a^ssi^fⁱ^e^d^Ja^nua^ry²⁰⁰⁶^{, a}ⁿ^d
^obtaⁱ^ne^{d t}^h^r^o^ug^{h FO}^I^A^by^the^N^a^tiona^l^Se^c^u^r^ity^A^r^c^h^iv^e^a^t^G^e^or^g^e^W^a^s^h^ing^t^{on U}ⁿ^iv^e^r^sⁱ^t^y^{, http:}^//w^w^w^.^g^w^u^.e^du/
^~ns^a^r^c^hiv^/^N^S^A^E^B^B^/^N^S^A^E^B^B^177/^inf^o_ops^_r^oa^dm^a^p^.pdf^.

^hⁱ^gh^er^-^o^rder^ef^f^ects^w^{ill m}^o^s^t^lik^el^y^inf^l^u^eⁿ^ce^{all parties}ⁱⁿ^o^ppos^ition^,ⁱ^m^{pact v}^a^riou^s^aⁿ^d
^v^a^ri^{ed n}^oⁿ^c^o^m^bat^aⁿ^t^g^r^ou^ps^{, a}ⁿ^{d be i}ⁿ^t^e^rpret^e^{d i}ⁿ^di^ff^eren^t^w^a^y^s^b^y^m^e^m^b^er^s^{of t}^h^e^m^e^di^a⁶
^an^{d au}^dien^ce^s^w^o^rld^w^ide.
Thus, new technologies for military IO also create new national security policy issues, including
(1) consideration of psychological operations used to affect friendly nations or domestic
audiences; and (2) possible accusations against the U.S. of war crimes if offensive military
computer operations or electronic warfare tools severely disrupt critical civilian computer
systems, or the systems of non-combatant nations.
Because of the new communications technologies and the growth of the Internet, EW and IO
have taken on new importance. Insurgents use cell phones and other electronic devices to
detonate roadside bombs, and afterwards transmit video images of successful attacks against U.S.
troops for broadcast on the local news or the Internet to influence public opinion about the future
outcome of the War. In some cases, populations may have these video broadcasts or local TV
news stories in their native language as their only source of information. DOD is seeking methods
to counter these actions where violence may be seen as secondary to the use and manipulation of
information.
This report describes DOD capabilities for conducting military information operations, and gives
an overview of related policy issues.

Information is a resource created from two things: phenomena (data) that are observed, plus the
instructions (systems) required to analyze and interpret the data to give it meaning. The value of
information is enhanced by technology, such as networks and computer databases, which enables
the military to (1) create a higher level of shared awareness, (2) better synchronize command,
control, and intelligence, and (3) translate information superiority into combat power.
The current DOD term for military information warfare is “Information Operations” (IO). DOD
information operations are actions taken during time of crisis or conflict to affect adversary
information, while defending one’s own information systems, to achieve or promote specific ⁷
objectives. The focus of IO is on disrupting or influencing an adversary’s decision-making
processes.

⁶^Ru^{ssell G}^l^enⁿ^,^H^e^av^y^M^a^tte^r^:^U^r^ban^O^p^e^r^ati^ons^’^D^e^ns^ity^of^C^h^a^l^l^e^nge^s^{, R}^a^nd^Mo^nog^r^a^p^h^R^e^p^o^r^t^,^T^u^rⁿ^ing^D^e^ns^ity
^{to A}^d^v^a^nta^g^e^:^C⁴^I^S^R^a^{nd I}ⁿ^f^o^r^m^a^{tion O}^p^e^r^a^tions^a^s^Ex^a^m^ple^s^{, C}^h^{. 4,}^p.²⁵^{, h}^ttp:^//w^w^w^.r^a^nd.or^g^/^pu^bs^/
^m^onog^r^a^ph_r^e^p^or^ts^/^M^R¹²^39/^MR¹²³^9.c^h^4.^pdf^.
⁷^From^the^{DOD Dictio}ⁿ^a^{ry o}^f^M^ilita^{ry a}ⁿ^d^Asso^cia^t^ed^Terms^{, J}^a^nu^a^r^y²⁰⁰³^{, h}^ttp:^//w^w^w^.dtic^.m^il/^doc^tr^ine^/^je^l/dod^dic^t^/
^da^ta^/i/^inde^x^.^htm^l^.

An IO attack may take many forms, for example: (1) to slow adversary computers, the software
may be disrupted by transmitting a virus or other malicious code; (2) to disable sophisticated
adversary weapons, the computer circuitry may be overheated with directed high energy pulses;
and (3) to misdirect enemy sensors, powerful signals may be broadcast to create false images.
Other methods for IO attack may include psychological operations such as initiating TV and radio
broadcasts to influence the opinions and actions of a target audience, or seizing control of
network communications to disrupt an adversary’s unity of command.
Computer Network Defense (CND) is the term used to describe activities that are designed to
protect U.S. forces against IO attack from adversaries. Part of CND is information assurance (IA),
which requires close attention to procedures for what is traditionally called computer and
information security.
DOD places new emphasis on the importance of dominating the entire electromagnetic spectrum
with methods for computer network attack and electronic warfare. DOD also emphasizes that
because networks are increasingly the operational center of gravity for warfighting, the U.S. ⁸
military must be prepared to “fight the net”. Because the recently declassified source document
containing this phrase has some lines blacked out, it is not clear if “...net” means the Internet. If
so, then this phrase may be a recognition by DOD that Psychological Operations, including public
affairs work and public diplomacy, must be employed in new ways to counter the skillful use of
the Internet and the global news media by U.S. adversaries.

DOD identifies five core capabilities for conduct of information operations; (1) Psychological
Operations, (2) Military Deception, (3) Operations Security, (4) Computer Network Operations,
and (5) Electronic Warfare. These capabilities are interdependent, and increasingly are integrated
to achieve desired effects.
DOD defines PSYOP as planned operations to convey selected information to targeted foreign
audiences to influence their emotions, motives, objective reasoning, and ultimately the behavior ⁹
of foreign governments, organizations, groups, and individuals. For example, during the
Operation Iraqi Freedom (OIF), broadcast messages were sent from Air Force EC-130E aircraft,
and from Navy ships operating in the Persian Gulf, along with a barrage of e-mail, faxes, and cell
phone calls to numerous Iraqi leaders encouraging them to abandon support for Saddam Hussein.
At the same time, the civilian Al Jazeera news network, based in Qatar, beams its messages to
well over 35 million viewers in the Middle East, and is considered by many to be a “market
competitor” for U.S. PSYOP. Terrorist groups can also use the Internet to quickly place their own
messages before an international audience. Some observers have stated that the U.S. will continue

⁸^{DOD In}^f^o^rmatioⁿ^Op^erati^oⁿ^s^R^o^ad^m^a^p^,^Octo^b^e^{r 3}⁰^,²⁰⁰³^,^p^.⁶^-⁷^,^h^ttp^:^//www^.^g^w^u^.^e^d^u^/^~ⁿ^sarchⁱ^v/^NS^A^E^BB/
^N^S^A^E^B^B^177/^inf^o_ops^_r^oa^dm^a^p^.^pdf^.
⁹^{DOD Dictio}ⁿ^a^{ry o}^f^M^ilit^a^r^{y Terms}^{, http}^://w^ww^.dtic^.^m^il/doc^trine^/^je^l/do^ddic^t/.

to lose ground in the global media wars until it develops a coordinated strategic communications ¹⁰
strategy to counter competitive civilian news media, such as Al Jazeera.
Partly in response to this observation, DOD now emphases that PSYOP must be improved and
focused against potential adversary decision making, sometimes well in advance of times of
conflict. Products created for PSYOP must be based on in-depth knowledge of the audience’s
decision-making processes. Using this knowledge, the PSYOPS products then must be produced ¹¹
rapidly, and disseminated directly to targeted audiences throughout the area of operations.
DOD policy prohibits the use of PSYOP for targeting American audiences. However, while
military PSYOP products are intended for foreign targeted audiences, DOD also acknowledges
that the global media may pick up some of these targeted messages, and replay them back to the
U.S. domestic audience. Therefore, a sharp distinction between foreign and domestic audiences ¹²
cannot be maintained.
Deception guides an enemy into making mistakes by presenting false information, images, or
statements. MILDEC is defined as actions executed to deliberately mislead adversary military
decision makers with regard to friendly military capabilities, thereby causing the adversary to
take (or fail to take) specific actions that will contribute to the success of the friendly military
operation.
As an example of deception during Operation Iraqi Freedom (OIF), the U.S. Navy deployed the
Tactical Air Launched Decoy system to divert Iraqi air defenses away from real combat aircraft.
OPSEC is defined as a process of identifying information that is critical to friendly operations and
which could enable adversaries to attack operational vulnerabilities. For example, during OIF,
U.S. forces were warned to remove certain information from DOD public websites, so that Iraqi
forces could not exploit sensitive but unclassified information.
CNO includes the capability to: (1) attack and disrupt enemy computer networks; (2) defend our
own military information systems; and (3) exploit enemy computer networks through intelligence
collection, usually done through use of computer code and computer applications. The Joint
Information Operations Warfare Command (JIOWC) and the Joint Functional Component
Command for Network Warfare (JFCCNW) are responsible for the evolving mission of Computer

¹⁰^Aⁱ^{r Fo}^rce,^O^p^e^r^atio^{n I}^r^a^qⁱ^Fr^e^e^dom^Iⁿ^f^o^r^m^ati^{on O}^p^e^r^ati^ons^Le^s^s^o^ns^Le^ar^ne^d:^Fir^s^t^L^ook^,^A^F^C2^IS^RC/CX^{, J}^u^ly²³^,
²⁰⁰^{3, htt}^p^://w^ww^.inside^d^e^f^eⁿ^se^.c^om^/^s^e^c^u^re^/da^t^a^_^e^x^tra^/^pdf^3/dp^lus2⁰⁰⁴^_2⁶⁵^.p^df^.
¹¹^{DOD In}^f^o^rmatioⁿ^Op^erati^oⁿ^s^R^o^ad^m^a^p^,^Octo^b^e^{r 3}⁰^,²⁰⁰³^{, p}^.⁶^,^h^t^tp^://w^ww^.^g^w^u^.ed^u^/^~ⁿ^sarchⁱ^v^/^NSA^E^BB/
^N^S^A^E^B^B^177/^inf^o_ops^_r^oa^dm^a^p^.^pdf^.
¹²^{DOD In}^f^o^rmatioⁿ^Op^erati^oⁿ^s^R^o^ad^m^a^p^,^Octo^b^e^{r 3}⁰^,²⁰⁰³^{, p}^.²⁶^,^h^ttp^://w^ww^.g^w^u^.ed^u^/^~ⁿ^sarchⁱ^v^/^NS^A^E^BB/
^N^S^A^E^B^B^177/^inf^o_ops^_r^oa^dm^a^p^.^pdf^.

Network Attack.¹³ The exact capabilities of the JIOWC and JFCCNW are highly classified, and
DOD officials have reportedly never admitted to launching a cyber attack against an enemy,
however many computer security officials believe the organization can destroy networks and
penetrate enemy computers to steal or manipulate data, and take down enemy command-and-
control systems. They also believe that the organization consists of personnel from the CIA,
National Security Agency, FBI, the four military branches, and civilians and military ¹⁴
representatives from allied nations.
CND is defined as defensive measures to protect information, computers, and networks from
disruption or destruction. CND includes actions taken to monitor, detect, and respond to
unauthorized computer activity. Responses to IO attack against U.S. forces may include use of
passive information assurance tools, such as firewalls or data encryption, or may include more
intrusive actions, such as monitoring adversary computers to determine their capabilities before
they can attempt an IO attack against U.S. forces.
Some DOD officials believes that CND may lack sufficient policy and legal analysis for guiding
appropriate responses to intrusions or attacks on DOD networks. Therefore, DOD has
recommended that a legal review be conducted to determine what level of intrusion or data
manipulation constitutes an attack. The distinction is necessary in order to clarify whether an
action should be called an attack or an intelligence collection operation, and which aggressive
actions can be appropriately taken in self-defense. This legal review should also determine if
appropriate authorities permit U.S. forces to retaliate through manipulation of unwitting third
party computer hosts. And finally, DOD has recommended structuring a legal regime that applies
separately to domestic and to foreign sources of computer attack against DOD or the U.S. critical. ¹⁵
infrastructure.
CNE is an area of IO that is not yet clearly defined within DOD. Before a crisis develops, DOD
seeks to prepare the IO battlespace through intelligence, surveillance, and reconnaissance, and
through extensive planning activities. This involves intelligence collection, that in the case of IO,
is usually performed through network tools that penetrate adversary systems to gain information
about system vulnerabilities, or to make unauthorized copies of important files. Tools used for
CNE are similar to those used for computer attack, but configured for intelligence collection
rather than system disruption.

¹³^Jo^hn^L^a^sker,^U.S^.^M^ilita^{ry’s Elit}^{e Ha}^{cker Crew}^{, W}ⁱ^re^{d Ne}^{ws, A}^p^r^{il 1}⁸^,²⁰^05,^htt^p^://w^ww^.^w^ire^d^.c^om^/ⁿ^e^w^s/^priv^a^c^y^/
^0,1⁸⁴⁸^,6⁷²²³^,0^0.h^t^m^l^{, U}^.^{S. Str}^a^t^e^gⁱ^c^C^o^m^m^a^{nd Fa}^c^t^File^ht^tp:/^/w^w^w^.s^tr^a^t^c^o^m^.^m^il/^f^a^c^t^_s^he^e^t^s^/^f^a^c^t^_jtf^_g^no.^htm^l^a^nd
^http:^//www^.stra^t^c^o^m^.^m^il/fa^c^t^_she^e^t^s/f^a^c^t^_jioc^.^htm^l^.
¹⁴^Jo^hn^L^a^sker,^U.S^.^M^ilita^{ry’s Elit}^{e Ha}^{cker Crew}^,^A^p^{ril 18}^{, 2}⁰⁰⁵^,^Wⁱ^re^{d Ne}^w^s^{, http://w}^ww^.^w^ire^d^.c^om^/ⁿ^e^w^s/^priv^a^c^y^/
^0,6⁷²^23-^0.h^t^m^l^?^t^w⁼^w^n_s^tor^y^_pag^e^_pr^e^v^2.
¹⁵^{DOD In}^f^o^rmatioⁿ^Op^erati^oⁿ^s^R^o^ad^m^a^p^,^Octo^b^e^{r 3}⁰^,²⁰⁰³^{, p}^.⁵²^.^h^ttp^://w^ww^.g^w^u^.ed^u^/^~ⁿ^sarchⁱ^v^/^NS^A^E^BB/
^N^S^A^E^B^B^177/^inf^o_ops^_r^oa^dm^a^p^.^pdf^.

CNA is defined as effects intended to disrupt or destroy information resident in computers and
computer networks. As a distinguishing feature, CNA normally relies on a data stream used as a
weapon to execute an attack. For example, sending a digital signal stream through a network to
instruct a controller to shut off the power flow is CNA, while sending a high voltage surge
through the electrical power cable to short out the power supply is considered Electronic Warfare
(However, a digital stream of computer code or a pulse of electromagnetic power can both be
used to also create false images in adversary computers).
During Operation Iraqi Freedom, U.S. and coalition forces reportedly did not execute any
computer network attacks against Iraqi systems. Even though comprehensive IO plans were
prepared in advance, DOD officials stated that top-level approval for several CNA missions was ¹⁶
not granted until it was too late to carry them out to achieve war objectives. U.S. officials may
have rejected launching a planned cyber attack against Iraqi financial computers because Iraq’s
banking network is connected to a financial communications network also located in Europe.
Consequently, according to Pentagon sources, an information operations attack directed at Iraq
might also have brought down banks and ATM machines located in parts of Europe as well. Such
global network interconnections, plus close network links between Iraqi military computer
systems and the civilian infrastructure, reportedly frustrated attempts by U.S. forces to design a ¹⁷
cyber attack that would be limited to military targets only in Iraq.
In a meeting held in January 2003, at the Massachusetts Institute of Technology, White House
officials sought input from experts outside government on guidelines for use of cyber-warfare.
Officials have stated they are proceeding cautiously, since a cyberattack could have serious ¹⁸
cascading effects, perhaps causing major disruption to networked civilian systems. In February
2003, the Bush Administration announced national-level guidance for determining when and how
the United States would launch computer network attacks against foreign adversary computer
systems. The classified guidance, known as National Security Presidential Directive 16, is
intended to clarify circumstances under which a disabling computer attack would be justified, and
who has authority to launch such an attack.
EW is defined by DOD as any military action involving the direction or control of
electromagnetic spectrum energy to deceive or attack the enemy. High power electromagnetic
energy can be used as a tool to overload or disrupt the electrical circuitry of almost any ¹⁹
equipment that uses transistors, micro-circuits, or metal wiring. Directed energy weapons
amplify, or disrupt, the power of an electromagnetic field by projecting enough energy to
overheat and permanently damage circuitry, or jam, overpower, and misdirect the processing in
computerized systems. The Electronic Warfare Division of the Army Asymmetric Warfare Office

¹⁶^Elaⁱ^ne^G^r^os^s^m^aⁿ^{, “}^O^f^f^ic^ia^ls^{: Spac}^e^,^Iⁿ^f^o^T^a^r^g^e^t^s^La^r^g^e^l^y^C^obble^d^Oⁿ^-^T^he^-^F^ly^f^o^r^I^r^a^q,”^Iⁿ^sⁱ^de^t^h^e^Pe^nta^g^oⁿ^{, Ma}^y
^{29, 20}⁰³^.
¹⁷^C^h^a^r^le^s^Sm^{ith, “}^U^{.S. I}ⁿ^f^o^r^m^a^tio^{n W}^a^r^rⁱ^or^s^W^r^e^s^tle^w^{ith N}^e^w^W^e^a^pons^,”^NewsM^a^x.co^m^,^M^a^r^c^{h 13,}²⁰⁰³
^http:^//w^w^w^.ne^w^sm^ax^.c^o^m^/a^r^c^hive^s^/^a^r^tic^le^s^/²⁰^03/^3/^12/¹³⁴⁷^12.s^h^t^m^l.
¹⁸^Brad^l^e^y^G^r^ah^a^m^,^“Bu^s^h^Ord^e^{rs G}^uⁱ^d^elⁱⁿ^{es f}^o^{r Cy}^b^e^r-^W^a^r^f^are,^”^Wa^shⁱⁿ^gt^on^Po^st^{, Fe}^br^ua^r^y^{7, 2}⁰^03,^Se^c^tio^{n A}^,^p.^1.
¹⁹^C^R^S^R^e^por^{t R}^L³²⁵⁴⁴^,^Hig^h^A^ltit^ude^Ele^c^t^rom^a^gⁿ^e^tic^Pulse⁽^H^EM^{P) an}^{d Hi}^gh^Powe^{r M}ⁱ^c^r^owav^e⁽^H^PM^{) De}^vⁱ^c^e^s:
^T^h^rea^t^Assessmen^ts^{, by}^C^l^ay^W^ilson.

has responsibility for creating electronic warfare policy, and for supporting development of new
electromagnetic spectrum concepts that can be translated into equipment and weapons.
DOD now emphasizes maximum control of the entire electromagnetic spectrum, including the
capability to disrupt all current and future communication systems, sensors, and weapons
systems. This may include: (1) navigation warfare, including methods for offensive space
operations where global positioning satellites may be disrupted; or, (2) methods to control
adversary radio systems; and, (3) methods to place false images onto radar systems, block
directed energy weapons, and misdirect unmanned aerial vehicles (UAVs) or robots operated by ²⁰
adversaries.
For example, recent military IO testing examined the capability to secretly enter an enemy
computer network and monitor what their radar systems could detect. Further experiments tested ²¹
the capability to take over enemy computers and manipulate their radar to show false images.
Non-kinetic weapons emit directed electromagnetic energy that, in short pulses, may permanently
disable enemy computer circuitry. For example, an electromagnetic non-kinetic weapon mounted
in an aircraft, or on the ground, might disable an approaching enemy missile by directing a High
Power Microwave (HPM) beam that burns out the circuitry, or that sends a false telemetry signal ²²
to misdirect the targeting computer. Also, at reduced power, electromagnetic non-kinetic
weapons can also be used as a non-lethal method for crowd control.
The Active Denial System (ADS), developed by the Air Force, is a vehicle-mounted nonlethal,
counter-personnel directed energy weapon. Currently, most non-lethal weapons for crowd control,
such as bean-bag rounds, utilize kinetic energy. However, the ADS projects a focused beam of
millimeter energy waves to induce an intolerable burning sensation on an adversary’s skin,
repelling the individual without causing injury. Proponents say the ADS is safe and effective at
ranges between 50 and 1,600 feet. The nonlethal capabilities of the ADS are designed to protect ²³
the innocent, minimize fatalities, and limit collateral damage.
The Pentagon reportedly has requested immediate deployment of at least 8 ADS devices to Iraq to
assist Marines in guarding posts, countering insurgent snipers and protecting convoys. The ADS
system would be the first operationally deployed directed-energy weapon for counter-personnel ²⁴
missions.

²⁰^{DOD In}^f^o^rmatioⁿ^Op^erati^oⁿ^s^R^o^ad^m^a^p^,^Octo^b^e^{r 3}⁰^,²⁰⁰³^{, p}^.⁶¹^.^h^ttp^://w^ww^.g^w^u^.ed^u^/^~ⁿ^sarchⁱ^v^/^NS^A^E^BB/
^N^S^A^E^B^B^177/^inf^o_ops^_r^oa^dm^a^p^.^pdf^.
²¹^T^h^e^s^e^pr^og^r^a^m^s^w^e^r^e^ca^lle^{d Sute}^r^{1 a}ⁿ^{d S}^u^te^r²^,^aⁿ^{d w}^e^r^e^te^s^t^e^d^dur^ing^J^oⁱⁿ^{t Ex}^pe^diti^ona^r^y^For^c^e^s^Ex^pe^rⁱ^m^e^nts^he^ld
^a^t^Ne^{llis A}ⁱ^{r Forc}^e^Ba^se^{in 20}⁰⁰^a^nd²⁰^02.^Da^vⁱ^{d Fu}^lg^hum^{, “}^S^ne^a^k^A^tta^c^k^,”^A^vⁱ^a^tⁱ^o^{n Week}^&^Spac^e^Te^c^hnol^ogy^,^J^une
^28,²⁰⁰⁴^{, p}^.³⁴^.
²²^Davi^d^F^u^l^ghu^m^,^“Sⁿ^eak^A^t^t^ack,^”^A^vⁱ^a^tⁱ^oⁿ^Week^&^S^p^a^{ce T}^ech^no^l^o^g^y^{, J}^une²⁸^,²⁰⁰⁴^{, p}^.³⁴^.
²³^A^c^tⁱ^v^{e Den}ⁱ^al^S^y^st^e^m^,^F^act^S^h^eet^,^Aⁱ^{r F}^o^{rce Research}^L^a^b^,^Offⁱ^ce^o^f^P^u^b^lⁱ^c^Aff^aⁱ^r^s,^Ki^rt^l^aⁿ^d^Aⁱ^{r F}^o^{rce Base,}
^http:^//www^.de^.^a^f^rl.a^f^.^m^il/^F^act^sh^eet^s/^Actⁱ^v^eD^enⁱ^a^l^.^p^d^f^.
²⁴^J^a^s^{on S}^h^e^r^m^a^n,^Pe^ntag^{on C}^onsⁱ^d^e^r^ing^Seⁿ^dⁱⁿ^{g N}^o^n-^Le^t^hal^Ray^G^{un t}^o^I^r^a^q^{, I}ⁿ^sⁱ^de^D^e^f^e^ns^e^,^Ma^r^c^{h 2,}²⁰⁰⁷^.

The Air Force is not laying claim to the cyber domain, but their new mission statement indicates
they are building a force to operate in that domain. Secretary of the Air Force Michael W. Wynne
recently stated that the new mission of the U.S. Air Force is to “fly and fight in air, space, and
cyberspace.” For the Air Force, this means that military action in cyberspace now includes
defending against malicious activity on the Internet, and anywhere across the entire
electromagnetic spectrum (including the energy spectrum bands for radio, microwaves, infrared, ²⁵
X-ray, and all other options for directed energy), where national security is threatened. Secretary
Wynne stated that cyberwarfare flows naturally from the Air Force’s traditional missions, such as
downloading data from platforms in space, and that U.S. capabilities should be expanded to also ^th
enable the shut down of enemy electronic networks. Consequently, the 8 Air Force,
headquartered at Barksdale Air Force Base, La., has been designated as the operational Cyber
Command, responsible for organizing, training, and equipping the Air Force for cyberspace ²⁶
operations. The new Cyber Command will draw on resources from all Air Force commands to
gather needed expert capabilities.
Air Force officials, led by the Air Force Chief of Staff Gen. Michael Mosley, met at the Pentagon
in a “cyberwarfare-themed summit” during November 2006, to make plans for the new Air Force ²⁷
Cyber Command. General Elder stated that the planning session will include an assessment of ²⁸
cyberwarfare requirements to defend the nation.
Homeland security reportedly will also be a large part of the Cyber Command’s new
responsibility, including protection of telecommunications systems, utilities, and transportation.
Several issues to be considered may include: (1) what kind of educational skills, technical skills,
and training are needed for staff at the Cyber Command; and (2), what kind of career path can be
offered to those in the Air Force who want to participate in defending the new cyber domain.
In addition, the Air Force Materiel Command will review the research now ongoing at the 8^th Air
Force headquarters to identify which work should receive funding as part of the new ²⁹
cyberwarfare function. Some examples of systems or projects that could be affected by the
cyber command mission include (1) the Airborne Laser System at Edwards AFB, (2) the Active
Denial System at Moody AFB, (3) the Joint Surveillance Target Attack Radar System at Robins
AFB, and (4) efforts to protect against damage to computer systems due to electromagnetic pulse
attack.
Officials at the 8^th Air Force report that as of January 2007, the new U.S.A.F. cyber command has ³⁰
not yet been officially activated, and the final command structure has not been determined.

²⁵^J^o^hⁿ^B^e^nne^t^t^aⁿ^d^C^a^r^l^o^Mu^noz^,^U^S^{AF Se}^ts^U^p^Fir^s^t^C^y^be^r^s^pac^e^C^o^m^m^aⁿ^d^{, M}^ilita^ry^.c^o^m^{, Nov}^e^m^b^e^r^4,²⁰⁰⁶^,
^http:^//www^.^m^ilita^r^y^.c^o^m^/^f^e^a^t^ure^s^/0,1⁵²⁴⁰^,1¹⁸³⁵^4,0⁰^.^h^tm^l.
²⁶^T^{odd L}^ope^z^,⁸^th^Air^Fo^{rce to}^b^eco^{me New Cyb}^e^{r Co}^mmaⁿ^d^,^Aⁱ^{r F}^o^rc^e^Lⁱ^nk^{, Nov}^e^m^b^e^r^{3, 2}⁰⁰⁶^,^htt^p^://w^ww^.^a^f^.^m^il/
^ne^w^s^/^s^tor^y^.a^s^p^?^s^tor^y^I^D⁼¹²³⁰³⁰⁵^{05. D}^a^v^e^A^h^e^a^r^n,^{Air Fo}^{rce Fo}^r^m^{s Cyb}^e^rsp^a^{ce Un}^it^,^Def^eⁿ^s^{e Dai}^l^y^,^No^ve^m^b^{er 3}^,
²⁰⁰^6.
²⁷^Coⁿ^t^act^f^o^{r Dr.}^L^aⁿⁱ^Kass,^Di^rect^o^r^o^f^Aⁱ^{r F}^o^{rce Cy}^b^e^rsp^a^c^e^T^a^sk^F^o^rce,^an^{d S}^p^eci^al^A^ssi^st^an^t^t^o^G^eⁿ^e^ral^Mⁱ^ch^ael
^Mos^e^le^y^,^is^thr^oug^h^Ma^{j. G}^a^r^y^C^onn^{, G}^a^r^y^.C^onn@^peⁿ^t^a^g^on.a^f^.m^il^{, 70}^3-⁶⁹^7-³¹⁴³^.
²⁸^P^e^r^s^ona^{l c}^o^m^m^unic^a^{tion w}^{ith A}ⁱ^r^For^c^e^Public^A^f^f^a^ir^s^Of^fⁱ^c^e^,^J^aⁿ^u^a^r^y^{26, 20}⁰⁷^.
²⁹^He^a^d^Qua^r^te^{rs a}^t^W^r^ig^{ht P}^a^tte^rs^oⁿ^A^F^{B, 93}^7-5^22-³²⁵²^{, h}^ttp:/^/www^.^w^pa^f^b^.a^f^.^m^il/.
³⁰^P^e^rsona^{l c}^o^m^m^unic^a^tion,^Pub^lic^Aff^a^{irs O}^f^fⁱ^c^e^a^t^the⁸^th^Aⁱ^{r F}^o^rce,^w^hⁱ^c^h^can^b^e^reach^ed^at³¹⁸^-⁴⁵⁶^-21⁴⁵^,
⁽^c^onti^nue^d.^..)

Initially, the new organization will operate on an equal footing with other numbered Air Force
headquarters. However, eventually the new organization will become a major command that will
stand alongside the Air Force Space Command and the Air Combat Command. Precise future
command relationships are still being decided in the ongoing planning effort, and more details ³¹
will be forthcoming.

Currently, the U.S. Strategic Command (USSTRATCOM), which is a unified combatant
command for U.S. strategic forces, controls military information operations, space command,
strategic warning and intelligence assessments, global strategic operations planning, and also has ³²
overall responsibility for Computer Network Operations (CNO).
Beneath USSTRATCOM are several Joint Functional Component Commands (JFCCs): (1) space
and global strike integration; (2) intelligence, surveillance and reconnaissance; (3) network ³³
warfare; (4) integrated missile defense; and (5) combating weapons of mass destruction.
The JFCC-Network Warfare (JFCC-NW), and the JFCC-Space & Global Strike (JFCC-SGS)
have responsibility for overall DOD cyber security, while the Joint Task Force-Global Network
Operations (JTF-GNO) and the Joint information Operations Warfare Center (JIOWC) both have ³⁴
direct responsibility for defense against cyber attack. The JTF-GNO defends the DOD Global
Information Grid, while the JIOWC assists combatant commands with an integrated approach to
information operations. These include operations security, psychological operations, military
deception, and electronic warfare. The JIOWC also coordinates network operations and network
warfare with the JTF-GNO and with JFCC-NW.

DOD officials have noted that because 80 percent of U.S. commerce goes through the Internet, ³⁵
DOD systems must develop a capability to adequately protect them. Currently, to assist
commercially-owned telecommunications networks, communications satellite systems, and other
civilian critical infrastructure systems, DOD contracts with Carnegie Mellon’s Software
Engineering Institute to operate the Computer Emergency Response Team (CERT-CC), while
DHS in partnership with private industry operates a parallel organization called US-CERT. Both
organizations monitor trends in malicious code and cyber crime, send out alerts about threats to
computer systems, and provide guidance for recovery after an attack.

^(...c^on^tin^ue^d)
^http:^//www^.8a^f^.a^c^c^.^a^f^.^m^il.
³¹^P^e^r^s^ona^{l c}^o^m^m^unic^a^{tion w}^{ith A}ⁱ^r^For^c^e^Public^A^f^f^a^ir^s^Of^fⁱ^c^e^,^J^aⁿ^u^a^r^y^{26, 20}⁰⁷^.
³²^T^h^{e P}^u^b^lⁱ^c^A^f^f^aⁱ^r^{s O}^f^fⁱ^ce^f^o^{r t}^h^{e A}ⁱ^{r F}^o^{rce at}^t^h^e^P^eⁿ^t^agoⁿ^can^b^e^coⁿ^t^act^ed^at⁷⁰³^-⁵⁷¹^-²⁷⁷⁶^.
³³^Unite^d^Sta^t^e^Stra^te^gⁱ^c^Com^m^a^{nd, July}²⁰⁰^6,^htt^p^://w^ww^.str^a^t^c^o^m^.^m^il/^org^a^niz^a^tion-fⁿ^c^_^c^o^m^p^.htm^l.
³⁴^C^l^a^r^k^A^.^Mur^doc^k^e^t^a^l^{., B}^e^y^ond^G^o^ldw^a^te^r^-^Nⁱ^c^hols^:^U^.^S.^G^o^v^e^rⁿ^m^e^{nt a}^{nd D}^e^f^e^ns^e^R^e^f^o^r^m^f^o^r^a^Ne^w^Str^a^tegⁱ^c
^Er^a^,^P^h^a^s^e^{2 R}^e^por^t^,^J^u^ly²⁰⁰^{5, C}^e^nte^r^f^o^r^Str^a^te^gⁱ^c^a^{nd I}ⁿ^te^rⁿ^a^tioⁿ^a^{l Stu}^d^ie^s^,^p.¹^28,^ht^tp:/^/w^w^w^.ndu.e^d^u^/^lI^br^a^r^y^/^doc^s^/
^B^e^y^ondG^oldw^a^t^e^r^Nⁱ^c^hols^P^ha^s^e^2R^e^por^t.^pdf^.
³⁵^Jo^hn^Do^y^l^e,^Air^For^c^e^To^Ele^v^a^t^e^Stat^us^O^f^C^y^be^r^s^p^ac^e^C^o^m^m^aⁿ^d^,^A^e^ro^sp^{ace Dai}^l^y^{& De}^f^eⁿ^s^{e R}^e^p^o^r^t^,^M^a^rch²²^,
²⁰⁰^7.

The low cost of entry (for example, a laptop connected to the Internet), and the ability to operate
anonymously, are factors that makes cyberspace attractive to adversaries who know they cannot
challenge the United States in a symmetrical contest. Potential adversaries, such as China, Russia,
Cuba, Iran, Iraq, Libya, North Korea, and several non-state terrorist groups are reportedly
developing capabilities to attack or degrade U.S. civilian and military networks. “Moonlight
Maze” and “Titan Rain” are examples of successful attacks against non-classified military ³⁶
systems which DOD officials claim were directed by other governments.
According to the Defense Department’s annual report to Congress on China’s military prowess, ³⁷
the Chinese military is enhancing its information operations capabilities. The report finds that
China is placing specific emphasis on the ability to perform information operations designed to ³⁸
weaken an enemy force’s command and control systems.
Terrorist groups also use wireless electronics to detonate roadside bombs (Improvised Explosive
Devices). They also use the Internet to transmit financial transactions, and use free Global
Positioning System (GPS) signals and commercial satellite video and images to direct their ³⁹
ground attacks against U.S. and coalition troops.
Reportedly, only a small portion of the Iraqi populace watch and listen to the current government
run television and radio news broadcasts, with the majority preferring instead to support the
foreign satellite news stations such as Al-Jazeera and Al-Arabiya. Observers say that most Arabs
believe that U.S. sponsored news broadcasts are managed too closely by the coalition powers and
do not objectively present the news. When the Iraqi Governing Council (IGC) prohibited Al-
Jazeera and Al-Arabiya from covering all IGC events during a short period in early 2004, this
action reportedly gave many Iraqi people the impression that the Coalition Provisional Authority ⁴⁰
(CPA) was manipulating their information.
Some observers have also stated that terrorist groups, through use of the Internet, are now
challenging the monopoly over mass communications that both state-owned and commercial
media have long exercised. A strategy of the terrorists is to propagate their messages quickly and
repeat them until they have saturated cyberspace. Internet messages by terrorist groups have
become increasingly sophisticated through use of a cadre of Internet specialists who operate

³⁶^Elin^or^A^b^r^e^u,^E^pⁱ^c^cyb^era^t^t^a^{ck revea}^l^s^cra^{cks i}ⁿ^U.^S^.^d^e^f^eⁿ^s^e^{, CN}^N.c^o^m^,^Ma^y^{10, 2}⁰⁰¹^,^http^://a^rc^hⁱ^v^e^s.c^nn.c^o^m^/
²⁰⁰^1/^T^E^C^H^/ⁱ^nte^r^ne^t/^05/^10/^3.y^e^a^r^.cy^b^e^r^a^tta^c^k^.idg^{/. D}^e^c^l^aⁿ^Mc^C^u^lla^g^h^,^F^e^d^s^Sa^{y F}ⁱ^d^e^l^{Is Ha}^{cker T}^h^rea^t^,
^Wⁱ^re^dNe^w^s.c^o^m^,^Fe^brua^ry^{9, 200}^{1, h}^ttp:^//www^.^w^ire^d^.c^om^/ⁿ^e^w^s/^p^o^litic^s/^0,1²⁸³^,4¹⁷⁰⁰^,0^0.htm^l^{. Sta}^f^f^,^Cy^be^rattac^k
^c^ould^r^e^s^u^{lt i}ⁿ^m^ilit^ar^y^r^e^s^pons^e^,^USAT^oda^y^,^Fe^brua^ry^{14, 2}⁰⁰²^,^h^ttp://w^ww^.usa^toda^y^.^c^o^m^/^te^c^h^/ne^w^s/²⁰⁰^2/^02/^14/
^c^y^b^e^rterro^ris^m^.h^tm^.
³⁷^Se^e^the^FY²⁰⁰⁴^Re^p^o^{rt t}^o^C^ong^r^e^s^s^on^P^RC^Milita^ry^Pow^e^{r, http:/}^/w^w^w^.def^eⁿ^s^e^link^.^m^il/pubs^/^d²⁰⁰⁴⁰⁵²⁸^PRC.p^d^f^.
³⁸^Johⁿ^Be^nne^t^t^{, “}^C^om^mⁱ^{ssion: U.S}^.^Sh^oul^d^Push^Be^ijing^t^o^u^p^P^r^e^s^s^u^re^on^Nort^{h Kore}^a^,^”^Iⁿ^sⁱ^de^t^h^e^P^e^ntag^on^{, J}^u^ne
^{17, 20}⁰⁴^.
³⁹^Danⁱ^{el Helm}^er,^The^Poor^M^a^n’^s^FBC^B2:^R^U^Re^a^d^y⁴^the^3G^C^e^lf^one^?^,^A^r^m^o^r^,^N^o^v^e^m^b^e^r^/D^e^c^e^m^b^e^r²⁰⁰^6,^p.^7.
⁴⁰^Ma^j.^P^a^tric^k^Ma^c^k^in,^Iⁿ^for^m^a^tio^{n O}^p^e^r^ati^ons^an^{d t}^h^e^G^l^o^bal^W^a^r^on^Te^r^r^o^r^:^The^J^o^int^For^c^e^C^o^m^m^ande^r^’^s^Fi^ght
^f^o^{r Hea}^r^t^s^an^{d Mi}ⁿ^d^sⁱⁿ^th^{e 21}^st^C^e^ntur^y^{, Joi}ⁿ^t^Milita^ry^Ope^r^a^tion^s^De^pa^rtm^e^{nt, Na}^v^a^{l W}^a^{r Colle}^g^e^{, Se}^pte^m^be^{r 2,}
²⁰⁰^{4, p. 14}^.

computer servers worldwide. Other observers have also stated that al-Qaeda now relies on a ⁴¹
Global Islamic Media Unit to assist with its public outreach efforts.

A persistent problem after a computer network attack is accurate and timely identification of the
attacker. This uncertainty may affect decisions about how and against whom, or even whether, to
retaliate.
On April 27, 2007, officials in Estonia moved a Soviet-era war memorial commemorating an
unknown Russian who died fighting the Nazis. The move stirred emotions, and soon incited
rioting by ethnic Russians, and the blockading of the Estonian Embassy in Moscow. The event
also marked the beginning of a series of large and sustained Distributed Denial-Of-Service
(DDOS) attacks launched against several Estonian national websites, including government ⁴²
ministries and the prime minister’s Reform Party. The attacks were described as crippling,
owing to the limited IT resources of Estonia.
Initially, the Russian government was blamed by Estonian officials for the cyberattacks, but it is
unclear whether the attacks are sanctioned or initiated by the Russian government. NATO sent
computer security experts to Estonia to help protect government systems against continued
attacks, and to help recover from the attacks.
However, some analysts later concluded that the cyber attacks targeting Estonia were not a
concerted attack, but instead were the product spontaneous anger from a loose federation of
separate attackers. Technical data showed that sources of the attack were worldwide rather than
concentrated in a few locations. The computer code that caused the DDOS attack was posted and
shared in many Russian language chat rooms, where the moving of the statue was a very
emotional topic for discussion. These analysts state that although various Estonian government
agencies were taken offline, there was no apparent attempt to target national critical infrastructure
other than internet resources, and no extortion demands were made. Their analysis concluded that ⁴³
there was no Russian government connection to the attacks against Estonia.

The new Air Force Cyber Command reportedly will follow the law of Armed Conflict, meaning a
response taken after receiving an electronic or cyber attack will be scaled in proportion to the ⁴⁴
attack received, and distinctions will be maintained between combatants and civilians. However,

⁴¹^J^a^c^que^ly^{n S.}^P^o^r^t^h,^T^e^rro^{rists Use Cyb}^e^rsp^a^{ce a}^s^Impo^rtaⁿ^{t Co}^m^m^uⁿⁱ^ca^tⁱ^on^{s T}^o^o^l^,^U^.^{S. D}^e^pa^r^t^m^e^{nt of}^Sta^t^e^,
^U^S^Iⁿ^f^o^.Sta^te^.G^ov^{, Ma}^y^{5, 200}^6,^http:^//usⁱ^nf^o.s^t^a^t^e^.^g^o^v^/is^/A^r^c^hiv^e^/²⁰⁰^6/^Ma^y^/^08-⁴²⁹⁴¹⁸^.^h^tm^l.
⁴²^R^obe^r^t^Va^m^o^sⁱ^,^C^y^be^r^a^tt^ac^k^{in E}^s^toni^a—w^h^{at i}^t^r^e^ally^m^e^aⁿ^s^{, C}ⁿ^e^t^N^e^w^s^.c^o^m^{, May}^29,²⁰^07,^ht^tp://^ne^w^s^.c^o^m^.c^o^m^/
^C^y^be^r^a^tta^c^k⁺ⁱⁿ⁺^Es^tonia^-^w^h^a^t⁺^it+^r^e^a^l^l^y^+m^e^aⁿ^s^/²⁰^08-⁷³⁴⁹^_3-⁶¹⁸⁶⁷⁵^1.^htm^l^.
⁴³^E^s^t^oⁿⁱ^an^DDo^S—^{a f}ⁱⁿ^a^l^aⁿ^a^l^ysi^s^,^He^ise^Se^c^u^rity^{, http://w}^ww^.heⁱ^s^e^-se^c^u^rit^y^.c^o.uk^/ne^w^s/^prin^t/⁹⁰⁴⁶¹^.
⁴⁴^T^h^e^L^a^w^o^f^A^r^m^e^{d Conf}^lic^{t (L}^O^A^{C) is a}^pa^{rt of}^public^inte^rna^t^ioⁿ^a^{l la}^w^tha^t^re^g^u^la^te^{s the}^c^ond^uc^t^of^a^r^m^e^d
^hos^tili^tie^s^be^tw^e^eⁿ^na^tions^,^aⁿ^d^is^inteⁿ^d^e^d^t^o^prote^c^t^cⁱ^v^ilia^ns^,^the^w^ounde^d,^sⁱ^c^k^{, a}^{nd s}^h^ipw^r^e^c^k^e^d^{. L}^O^A^C^traⁱ^ning^f^o^r
^{U.S. m}^ilita^r^y^{is a}^tre^a^t^y^oblig^a^tion^f^o^{r the}^Unite^{d Sta}^t^e^s^u^nde^r^provⁱ^s^ions^of^the¹⁹⁴⁹^G^e^ne^v^a^Conv^eⁿ^tions.^A^l^{so, un}^de^r
^{18 U.}^{S. C}^ode²⁴^41,^w^a^{r c}^rⁱ^m^e^s^c^o^m^m^itte^{d by}^{or a}^g^aⁱ^nst^Am^e^r^ic^aⁿ^{s m}^a^y^vⁱ^ola^t^e^{U.S. c}^r^im^ina^l^la^w^.^Ja^m^e^{s Ba}^k^e^r,^Wh^en
^L^a^{wyers A}^d^vi^{se P}^r^esi^d^en^t^sⁱⁿ^Wartⁱ^m^e,^N^a^v^a^{l Wa}^{r Colle}^g^e^Re^vⁱ^e^w^{, W}ⁱ^nte^r²⁰⁰²^,^V^o^l^.^L^V^{, N}^o^.^{1. T}^e^rry^Kⁱ^s^s^{, e}^d^{., L}^a^w
⁽^c^onti^nue^d.^..)

protection against attack through cyberspace is a new task for the military, and the offensive tools
and other capabilities used by DOD to stage retaliatory strikes against enemy systems are highly
classified. Experience has shown that a reactive defense is not very effective against increasingly
powerful and rapid malicious cyber attacks, or against other malicious activity using the
electromagnetic spectrum. A more effective defense against these attacks is to incorporate
predictive, active, and pre-emptive measures that allow DOD defenders to prevent, deflect, or
minimize the efforts of the attacker.

As more U.S. military systems become computerized and linked to networks, there is a growing ⁴⁵
need for qualified Electronic Warfare operators. Each year, DOD conducts a Cyber Defense
Exercise, where teams of students from the nation’s military academies advance their cyber skills
in practice competition where they deliberately hack into test networks, and also protect these test
networks against intrusions by other teams. However, DOD must attract, train, and retain skilled
information technology professionals beyond those enrolled in the military academies.
In an attempt to solve this problem, the Air Force Research Laboratory (AFRL) Cyber Operations
Branch offers a 10-week summer program each year for university students, consisting of
intensive studies in cyber security. The Advanced Course in Engineering (ACE) Cyber Security
Boot Camp has been held at Rome, NY for the past 4 years, and involves between 40 and 60
student applicants from Air Force and Army pre-commissioning programs, some National
Science Foundation Cyber Corps Fellows, and some civilian college students. For 2006, the
theme was “Cybercraft”, described as a non-kinetic weapon platform that seeks dominance in
cyberspace, corresponding to the new mission of the Air Force to ‘fly and fight in air, space, and
cyberspace’, according to program director Dr. Kamal Jabbour. Students study legal and policy
issues, cryptography, computer network defense and attack, steganography, and analysis of
malicious code. ACE students also spend an average of three days per week in internships at the
Air Force Research Laboratory, or with local industry partners, and participate in officer
development activities. The faculty for ACE is drawn from Syracuse University, West Point, and
Norwich University.
DHS and the National Science Foundation (NSF) have recognized the ACE program as an official
internship program for Federal Cyber Service Scholarship for Service (SFS) program. The SFS
program seeks to increase the number of skilled students entering the fields of information
assurance and cyber security by funding universities to award 2-year scholarships in cyber
security. Graduates are then required to work for a federal agency for two years. Recent ACE
graduates are now working at the Air Force Office of Special Investigations, the AFRL, and the
NSA.
Also, as a result of ACE summer program success with college students, in September 2006,
Syracuse University developed a special cyber security course to be offered in 12 high schools in

^(...c^on^tin^ue^d)
^of^A^r^m^e^{d Conf}^lic^{t, A}ⁱ^{r Univ}^e^r^sity^Lⁱ^bra^r^y^,^Ma^xwe^{ll A}^F^B,^Ja^{n 200}^{5, h}^ttp:^//www^.a^u.a^f^.^m^il/^a^u^/a^ul/^b^ib^s/loa^c^o^ts.htm^{. Josh}
^Ro^gⁱⁿ^,^Air^Fo^{rce to}^Crea^{te Cyb}^e^{r Co}^mmaⁿ^d^,^FC^W^.^C^O^{M, N}^o^v^e^m^b^e^r^13,²⁰⁰⁶^{, h}^ttp:^//w^w^w^.f^cw^.c^o^m^/^a^r^tic^le⁹⁶⁷^91-^11-
^13-^06-^P^r^int&^prⁱⁿ^tL^a^y^out.
⁴⁵^P^a^tie^nc^e^W^a^it,^Ar^m^y^Shor^e^s^{up E}^M^s^p^e^c^t^r^u^m^s^k^ills^{, G}^o^v^e^rn^m^e^{nt Com}^pute^r^N^e^w^s^{, Ma}^rc^{h 19}^{, 2}⁰⁰⁷^.

New Your State. Currently, Syracuse University offers 29 introductory cyber security courses in
148 high schools throughout New York, New Jersey, Maine, Massachusetts, and Michigan. High
school students who successfully complete the cyber security courses can receive Syracuse
college credits in computer science and engineering.

Potential oversight issues for Congress may include the following areas.
Could provocative actions, for example, intelligence gathering by the U.S. military that involves
using intrusive cyber or electronic warfare tools to monitor enemy system activity, or copy
important data files, be challenged by other nations as a violation of the law of Armed Conflict?
Exploratory intrusions by U.S. military computers to gather intelligence may provoke other
strong or unexpected responses from some countries or extremist groups that are targeted for
monitoring by DOD.
Several questions also may arise when considering a retaliatory cyber or electronic warfare
counterstrike: (1) if the attacker is a civilian, should the attack be considered a law enforcement
problem rather than a military matter?; (2) if a U.S. military cyberattack against a foreign
government also disables civilian infrastructure, can it be legally justified?; or (3) how can the
military be certain that a targeted foreign computer system has not been innocently set up to
appear as an attacker by another third party attacker?
Some observers have stated that success in future conflicts will depend less on the will of
governments, and more on the perceptions of populations, and that perception control will be ⁴⁶
achieved and opinions shaped by the warring group that best exploits the global media. As a
result of the increasingly sophisticated use of networks by terrorist groups and the potentially
strong influence of messages carried by the global media, does DOD now view the Internet and
the mainstream media as a possible threat to the success of U.S. military missions? How strongly
will U.S. military PSYOP be used to manipulate public opinion, or reduce opposition to
unpopular decisions in the future?
Another emerging issue may be whether DOD is legislatively authorized to engage in PSYOP ⁴⁷
that may also affect domestic audiences. DOD Joint Publication 3-13, released February 2006,
provides current doctrine for U.S. military Information Operations, and explains the importance ⁴⁸
of achieving information superiority. However, the DOD Information Operations Roadmap,
published October 2003, states that PSYOP messages intended for foreign audiences increasingly
are consumed by the U.S. domestic audience, usually because they can be re-broadcast through
the global media. The Roadmap document states that, “...the distinction between foreign and
domestic audiences becomes more a question of USG (U.S. Government) intent rather than ⁴⁹
information dissemination practices (by DOD).” This may be interpreted to mean that DOD has

⁴⁶^M^a^j^.^G^eⁿ^.^Ro^b^e^rt^S^cal^{es (Ret}^),^C^l^aus^e^w^itz^an^{d W}^o^r^l^d^W^a^r^I^V^{, A}^r^m^e^{d For}^c^e^s^J^our^na^{l, J}^u^ly²⁰⁰⁶^{, p}^.^19.
⁴⁷^P^s^y^c^holog^ic^a^l^O^p^e^r^a^tions^a^r^e^a^u^t^horiz^e^d^f^o^{r t}^h^e^m^ilita^r^y^unde^{r T}^itl^e^{10, U}^S^{C, S}^ubt^itle^A^,^P^a^{rt I, C}^h^a^p^te^{r 6,}^Se^c^tioⁿ
¹⁶⁷^.
⁴⁸^{DOD Joint}^Pu^blic^a^tio^{n 3-}¹³^{, Inf}^o^rm^a^ti^{on Ope}^r^a^tio^{ns, Fe}^br^ua^ry^{13, 20}⁰⁶^{, h}^ttp:^//www^.dtic^.m^il/^doc^triⁿ^e^/je^l/^ne^w^_pubs/
^j^p^3_¹³^.^p^d^f^.
⁴⁹^{DOD In}^f^o^rmatioⁿ^Op^erati^oⁿ^s^R^o^ad^m^a^p^,^Octo^b^e^{r 3}⁰^,²⁰⁰³^{, p}^.²⁶^.^h^ttp^://w^ww^.g^w^u^.ed^u^/^~ⁿ^sarchⁱ^v^/^NS^A^E^BB/
⁽^c^onti^nue^d.^..)

no control over who consumes PSYOP messages once they are re-transmitted by commercial
media.

H.R. 1585, the National Defense Authorization Act for Fiscal Year 2008, would require the
Secretary of Defense to conduct a `quadrennial roles and missions review’ for the Department of
Defense, which will also include cyber operations. This bill was passed by House on 5/17/2007,
and received in the Senate on 6/4/2007.
H.Rept. 110-146, on H.R. 1585, by the Committee on Armed Services. This report states that
within 180 days after enactment of the National Defense Authorization Act for 2008, the
Secretary of Defense must submit a report to congressional defense committees, with the
following requirements:

1. Review legal authorities to ensure effective cyberspace operations.

2. Review DOD’s policies for information sharing and risk management for cyberspace
operations.

3. Provide an overview of DOD’s cyberspace organization, strategy, and programs.

4. Assess operational challenges, including the impact of the military’s reliance on
commercial communications infrastructure.
5. Recommend ways to improve DOD’s ability to coordinate cyberspace operations with
law enforcement, intelligence communities, the commercial sector, and with international
allies. The recommendations shall include consideration of the establishment of a single
joint organization for cyberspace operations.

6. Provide an overview of training and educational requirements.

7. Provide an overview of funding for cyberspace operations.

^Cla^y^Wⁱ^l^s^oⁿ
^Sp^{ecialist i}ⁿ^Militar^y^Iⁿ^f^o^r^m^at^ioⁿ^T^echⁿ^o^lo^g^y
^c^wⁱ^l^s^on@^crs^.^l^o^c.g^o^v^,^7-⁸⁷⁴⁸

^(...c^on^tin^ue^d)
^N^S^A^E^B^B^177/^inf^o_ops^_r^oa^dm^a^p^.^pdf^.