[INFOCON] - Another View of the Myths of the Gulf War
(As it looks it is more likely that there will be a sequel to the 91 Gulf War ('The Return of the Bushes'). I thought the article below might be of interest to some infocon readers. I would also recommend to have a look at the 'Lessons of Modern War Volume IV' which contains a brilliant 1000 page Analysis of the 91 Gulf War (for example Chapter 4 looks at C4I BM and Chapter 5 looks at Intelligence and Net Assessment) WEN). Published Aerospace Power Journal - Fall 2001 DISTRIBUTION A: Approved for public release; distribution is unlimited. Another View of the Myths of the Gulf War Lt Col Martin Wojtysiak, USAF Editorial Abstract: Colonel Wojtysiak revisits one of the more provocative articles published by APJ in recent years, Dr. Grant Hammonds "Myths of the Gulf War: Some Lessons Not to Learn" (Fall 1998). He evaluates Hammonds 10 Gulf War "myths," discusses accuracies and inaccuracies, and concentrates on lessons learned. Since the Gulf War involved a first-rate air campaign, perhaps Dr. Hammonds myths should be considered truths with asterisks. I am sorry to think that you do not get a mans most effective criticism until you provoke him. Severe truth is expressed with some bitterness. Henry David Thoreau As an active duty officer and Gulf War veteran, I found it sometimes difficult to discern between the criticism and provocation in Dr. Grant Hammonds "Myths of the Gulf War: Some Lessons Not to Learn," which appeared in the fall 1998 edition of Airpower Journal.1 "Myths" takes a recently all-too-familiar tone toward those who ballyhoo the successes of the Gulf War, particularly those of the much-heralded air campaign. Since Carl Builders The Icarus Syndrome was published in 1995, it has become fashionable within military intellectual circles to characterize airmen and airpower enthusiasts as overly enamored with their own high-altitude grandeur. The academic community portrays airmen as smitten by technology and incapable of learning the true lessons of the past, as they are blinded by the glimmer of their often-serendipitous successes. Perhaps these characterizations were justified after debacles such as the "high risk low reward" World War II daylight bombing raids over Germany or the misdirected and benign Rolling Thunder campaign over Vietnam. These campaigns were long, drawn-out affairs with confusing objectives and questionable successes. But Operation Desert Storm was different and invigorating. In fact, the original name of the air campaign, "Instant Thunder," was intended to parody, and thus distance itself from, Rolling Thunder. This was a truly successful air war that paralyzed, incapacitated, and demoralized the enemy from the first sorties to the last on day 38leaving only 100 hours of "mop-up" duty for the ground forces. The air campaign assured victory and effectively fulfilled Gen Billy Mitchells promise that, "If the matter ever came to fighting an overseas enemy, airpower could decisively attack the enemys vital centers without first defeating his armies or navies. Attacks on such vital targets would render war so decisive and quick that the total suffering would be less than otherwise."2 It was our Air Forces finest moment, but it was more than a first-rate air campaignit was also a remarkable war. Strategically speaking, the Gulf War stifled the greatest threat to Middle East stability in the last 25 yearsIraqi president Saddam Hussein. Iraqs barbarous invasion of Kuwait in 1990 exposed Saddam as exceedingly ambitious and violent, as well as a potentially permanent threat to the region. It seemed that his army had hardly rested from a brutal eight-year war with Iran when it invaded Iraqs small, relatively defenseless neighbor and, perhaps inadvertently, seemed to threaten another in Saudi Arabia. The coalition of 38 countries, flying over 50,000 combat sorties in seven months and taking nearly 87,000 Iraqi prisoners of war, left Saddam isolated and his military reduced to virtual impotence outside of its own borders. Admittedly, he survived, but the Gulf War left Saddam Hussein in a strategic box from which there is no escape. Indeed, it seems that every now and then Saddam tests the limits of his box, only to be crushed back again by Operations Northern and Southern Watch. The Gulf War was not perfect by military standards. The United States did make clear strategic and tactical errors during the campaign. Dr. Hammond, as well as others, makes solid arguments when he discusses the blundered war-termination process, the fruitless "Scud Hunt,"3 and the intelligence miscues that resulted in a targeting process that sometimes lacked strategic effect. There are important lessons to be learned from our failures in the Gulf, but we must also recognize and learn from our successes. Dr. Hammond unfairly portrays the Gulf War as fraught with failures by occasionally exaggerating claims and offering his conclusions in lieu of arguments. His article crosse
[INFOCON] - (OCIPEP) DAILY BRIEF Number: DOB02-165 Date: 15October 2002
DAILY BRIEF Number: DOB02-165 Date: 15 October 2002 http://www.ocipep.gc.ca/DOB/DOB02-165_e.html NEWS Cleanup continues after ships collide A collision between two cargo ships near Montreal prompted an overnight shutdown of the St. Lawrence Seaway. A Canadian bulk carrier vessel collided with a Dutch-registered heavy lift cargo ship just east of the Mercier Bridge in Montreal. Emergency work crews have removed about 100 litres of oil that spilled from one of the ships. Although both ships experienced extensive damage, no serious injuries were reported. The Seaway was reopened early Sunday morning. (Source: montreal.cbc.ca, 13 October 2002) Click here for the source article Comment: Verifications made with the Canadian Coast Guard (CCG) on October 14 revealed that the Dutch ship remained tied down in the port of Montreal for inspection. The Canadian vessel was allowed to leave Montreal. According to a CCG official, verification of the environment showed no signs of pollutants in the river or on the banks. Train derailment in New Brunswick: Sulfuric acid leak A train derailment that occurred last Friday morning, 30 kilometres southwest of Bathurst, resulted in the shutdown of the VIA Rail train corridor, Bathurst-Moncton. The derailment involved 21 freight cars of the N.B. East Coast Railway, some of which contained sulfuric acid and sodium chloride. Although some of the product leaked, there was no immediate danger to populated areas or the environment. It was anticipated that repairs would be completed by Monday or Tuesday. (Source www.canoe.ca, 13 October 2002) Click here for the source article IN BRIEF Bali explosions kill tourists: Link to terrorism Indonesian Defence Minister Matori Abdul Djalil has stated that the explosions that claimed the lives of more than 180 people last Saturday is linked to al-Qaeda. Three Canadian citizens were injured and one is presumed dead. The Department of Foreign Affairs has issued an advisory, urging people to avoid vacationing in Indonesia until further notice. (Source: cbc.ca, 15 October 2002) Click here for the source article Comment: There are media reports that a statement reputed to be issued by Osama bin Laden himself yesterday praises this most recent terrorist attack, as well as the recent activities in Yemen and Kuwait, and warns of more to come. To access the DFAIT travel advisory for Indonesia go to: http://www.voyage.gc.ca/destinations/menu_e.htm West Nile virus - Update Health officials in Brockville, Ontario, suspect that a local woman, who has recently taken ill, may have been infected with the West Nile virus. If the analysis is positive, the woman will be the first confirmed case of the West Nile virus in the area. (Source: cbc.ca, 11 October 2002) Click here for the source article U.S. exercise tests government's response to terrorist threats A two-day exercise involving high-level government officials will be held at Andrews Air Force Base, beginning October 17. The exercise will test the U.S. government's response efforts, should they be faced with several credible terrorist threats targeting American energy facilities. (Source: wired.com, 14 October 2002) Click here for the source article Segments of U.S. private sector urged to increase role in security The Council on Competitiveness, a Washington, D.C. think tank, gained the endorsement of several prominent U.S. CEOs (including those from Merck, AT&T and Cisco, as well as public sector leaders and academics) for a "call to action" regarding security for the U.S. private sector. The document proposes that improvements in security necessary to address vulnerability gaps in privately-controlled critical infrastructures can simultaneously improve productivity. (Source: compete.org, 11 October 2002) Click here for the source article CYBER UPDATES See: What's New for the latest Alerts, Advisories and Information Products Threats There are no updates to report at this time. Vulnerabilities SecurityFocus reports on a locally exploitable privilege escalation vulnerability in MS Windows 2000 NetDDE. No known patch is available at this time. http://online.securityfocus.com/bid/5927/discussion/ SecurityFocus reports on a remotely exploitable cross-site scripting vulnerability in MS Content Management Server 2001. No known patch is available at this time. http://online.securityfocus.com/bid/5922/discussion/ SecurityFocus reports on a remotely exploitable denial-of-service vulnerability in IBM AIX 4.3.3 and 5.1. View the "Solution" tab for workaround information. http://online.securityfocus.com/bid/5925/discussion/ Additional vulnerabilities were reported in the following products: SurfControl SuperScout e-mail filter vulnerabilities. (SecurityFocus) http://online.securityfocus.com/bid/5929/discussion/ http://online.securityfocus.com/bid/5928/discussion/ http://online.securityfocus.com/bid/5931/discussion/ http://online.securityfocus.com/bid/5930/discussion/ Authoria HR S
[INFOCON] - USAF: Cyber warriors protect Air Force computernetwork
... "Three years ago, we had close to 10,000 Air Force computers that were compromised with viruses. That was about the time the Melissa virus came out. It was a very bad situation," Kaufman said. "In 2001, we had fewer than 700 Air Force computers compromised by viruses and the number is down even more in 2002." ... Cyber warriors protect Air Force computer network by Staff Sgt. C. Todd Lopez Air Force Print News 10/10/02 - WASHINGTON -- Air Force computer systems around the globe are kept safe from viruses and unauthorized users by a dedicated group of computer network defenders. Because the Air Force computer network is a weapons system and is under constant attack by viruses and illegal entry attempts by adversaries, defending that weapons system has become an ongoing war, said the director of operations for the 33rd Information Operations Squadron, home of the Air Force Computer Emergency Response Team at Lackland Air Force Base, Texas. "We believe we are on the front lines of the cyber war every day," said Lt. Col. Rob Kaufman. "Our crews are well-trained, motivated and committed to stopping network intrusions and viruses." AFCERT has strong allies in its fight to protect the global Air Force computer network, he said. "In this fight, we are not alone," Kaufman said. "Fellow computer network defenders at major command network operations and security centers and base-level network control centers are in the fight with us. Together we are able to fight off malicious hackers that range from the nuisance 'script kiddies' to the professional hackers." Kaufman and other cyber warriors use an arsenal of software and hardware to defend the Air Force computer network. "We have a sensor out there at every single one of our bases and even some non-Air Force bases," Kaufman said. "That is our primary defensive mechanism." Computer experts at Lackland's Air Force Information Warfare Center developed the current sensor platform, which has been acknowledged as a "one-of-a-kind" capability second to none. The sensors scan network traffic for virus signatures -- telltale strings of ones and zeros that indicate the presence of malicious logic. When they find such a string, AFCERT moves quickly to let everybody know about it. "What we will do is put out advisories to the field so they will understand what an exploit or vulnerability can do to a computer and what mitigating steps they can take to protect themselves," Kaufman said. "If the threat is very bad and we think it is a system-wide type of threat, we will release a time compliance network order, which directs field units on what steps to take to protect themselves." AFCERT monitors the network traffic for some 500,000 Air Force computers, he said. Those machines generate around 10 billion network events each year, including e-mail messages, Web page views, telnet sessions and other network traffic. That opportunity allows AFCERT to be the first to come in contact with a lot of potential viruses. "We can actually get viruses 'in the wild,' tear them down and see what they do," Kaufman said. "We reverse engineer the viruses and, based on what we see in those viruses, we are able to build alert strings for our sensor so we can get an indication or warning when a new virus comes out. It also allows us to develop countermeasures for those viruses." In addition, countermeasure engineers at the Air Force Information Warfare Center help develop more robust and long-term solutions against the emerging threats, he said. Those countermeasures and alert strings are not just sent to local bases. Sometimes they are sent to commercial anti-virus software developers so they can be added to the global database of computer viruses. In this way, Kaufman said, results of AFCERT's work reach beyond the Air Force. "There is a community of interest out there that will feed information to commercial vendors, and we have specifically fed them information that they have not seen elsewhere," he said. "We have identified technical threats and have passed them off to commercial vendors so they can protect the nation." Although more than 100 individuals at AFCERT work in conjunction with major command NOSCs, base-level NCC personnel, the Air Force Information Warfare Center, and the Air Force Office of Special Investigations to secure Air Force computer systems worldwide, Kaufman said the computer user is still the key to network defense. "Air Force computer users can help by using strong passwords and by ensuring their anti-virus software is current on both their work machines and home machines," Kaufman said. "They should only open attachments they are expecting and ensure new systems are properly configured and patched to the latest revision levels." AFCERT's efforts to defend the Air Force network are proving successful, he added. "Three years ago, we had close to 10,000 Air Force computers that were compromised with viruses. That was about the time
[INFOCON] - News 10/15/02
_ London, Tuesday, October 15, 2002 _ INFOCON News _ IWS - The Information Warfare Site http://www.iwar.org.uk _ - To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body - _ [News Index] [1] Bluetooth may leave PDAs wide open [2] Security tops list of reasons not to deploy Web Services [3] Former FBI chief takes on encryption [4] Outlook Express flaw helps hackers [5] Terror Czar: The War Is Digital [6] Task force urges distributed intelligence [7] Sendmail downloads hit by random hack [8] How to hack people [9] (HS) Tough decisions [10] US Copyright Office wakes up to flaws in anti-hacking law [11] China clamps down on Net cafes - again [12] FBI to build forensics center in Silicon Valley [13] Bush advisor: Cybercrime costs us billions [14] Linux firewalls: IT Manager's top picks [15] Mozilla's 'Code of Silence' Isn't [16] Lawmakers focus on security-related technology issues [17] House committee votes to create E-gov administrator _ News _ [1] Bluetooth may leave PDAs wide open 15:26 Thursday 10th October 2002 Peter Judge RSA 2002: If you have Bluetooth, make sure security is enabled, or others might snoop your contacts or even make calls from your phone Bluetooth-enabled phones and PDAs may have a gaping security gap, which could allow other people to read data such as personal contacts and appointments, and even make phone calls using the owner's identity. Some of these devices are shipped with the security features in Bluetooth disabled, allowing other Bluetooth devices access, according to RSA Security. "I have stood at the RSA booth in conferences, with my phone paging for other devices, and watched other people's devices show up," said Magnus Nystrom, technical director of RSA Security. Many devices simply allowed access without demanding a "pairing" code, said Nystrom, and would have allowed him to examine the personal data of passers-by, or even to make calls with their phones. http://news.zdnet.co.uk/story/0,,t460-s2123677,00.html http://www.theregister.co.uk/content/55/27572.html http://www.washingtonpost.com/wp-dyn/articles/A11227-2002Oct11.html [2] Security tops list of reasons not to deploy Web Services By ComputerWire Posted: 11/10/2002 at 08:54 GMT End-to-end security of web services forms the most significant barrier to implementation by organizations, but this is not expected to hinder future development. A biannual survey of North American developers by Evans Data found 24% of respondents list security concerns as the number one reason for not rolling out web services - a growth of five percentage points since Evans previous survey, conduced in March. http://www.theregister.co.uk/content/55/27560.html [3] Former FBI chief takes on encryption 11:43 Tuesday 15th October 2002 Declan McCullugh, CNET News.com Louis Freeh may have lost his battle against allowing encryption when he was at the FBI, but he is continuing the fight now he's left the federal agency When Louis Freeh ran the FBI, he loved nothing more than launching into a heartfelt rant against the dangers of encryption technology. In dozens of hearings and public speeches, the FBI director would urge Congress to limit encryption products, such as Web browsers and email scrambling utilities, that did not include backdoors for government surveillance. http://news.zdnet.co.uk/story/0,,t269-s2123893,00.html [4] Outlook Express flaw helps hackers Oops, we did it again. Again... Microsoft has warned Outlook Express users that a software flaw could allow an online vandal to control their computers. A critical vulnerability in the email reader could allow an attacker to send a specially formatted message that would crash the software and potentially take control