http://www.strategypage.com//fyeo/howtomakewar/default.asp?target=HTIW.HTM
INFORMATION WARFARE: The Underground Military Email Network December 30, 2004: The rotation of new units to Iraq and Afghanistan has resulted in a not-unexpected development. The replacement troops get in touch, informally, via the Internet, with the people already there and discuss details of what the new guys can expect. Now this sort of thing has gone on, at a much slower pace, since World War II. Until the Internet came along, the units waiting to go overseas, would either send some people ahead to get an idea of what to expect, or some people already over there would come back and provide details. There were also various reports sent back from the front. Mostly general stuff, somewhat useful. But it's all changed now. People in the armed forces were quick to catch on to the Internet. After all, the Internet was created with Department of Defense money. But it was at the troop level that things got really interesting. The U.S. military is spread all over the planet, and troops are always eager to get an idea of what it's like in various places they might end up. This includes not only actual places, but units and ships. This curiosity has reached life-and-death proportions when it comes to going to Iraq or Afghanistan. So as soon as the soldiers find out they are headed overseas to replace a particular unit, they get in touch with people they are going to replace. And they talk shop. This is all unofficial communication, and it makes the security people nervous. The troops generally use non-military email accounts. It's an open secret that .mil email accounts gets run through a security filter before anything is delivered. While the troops are aware of the importance of OPSEC (operational security, what they do, how they do it and so on), these emails often get into more detail then they ought to. Normally, this is not a problem. For all the talk of how "unsecure" email is, the vulnerability is more theoretical than practical. Where there have been obvious problems is on public bulletin boards and chat rooms. There have been a few incidents of troops unthinkingly revealing dangerous information, usually about tactics, security at bases or intelligence matters. The few times this has been found out by commanders, nastygrams were sent to the offenders commanding officer. Apparently there have been no court martials over this so far. After all, the troops are acting in good faith, and most of the communication remains via email. Troops are warned to stay out of public venues with these discussions. And the discussions are is getting results. Soldiers and marines arrive with detailed knowledge of what they are getting into. Security and intelligence officers arrive with an ulcer. December 29, 2004: The U.S. Air Force has always seen itself as a high-tech and innovative operation. So it was with some dismay that they viewed the success of the U.S. Army's online game (to help snag new recruits) roll out two years ago. The "Americas Army" game inspired the air force to do one of their own; "USAF: Air Dominance." While the name of the game evokes what the air force sees of itself (controlling the air with high tech warplanes), the game is more practical. Sure, you can fly the hot new F-22 fighter in the game, but you can also fly a Predator UAV, or a C-17 transport. These latter two aircraft are doing far more for national defense these days than the F-22. Moreover, the air force doesn't need much help in the recruiting department. At the moment, the air force is laying off people. Over 90 percent of the people in the air force are in support jobs, and never get near an aircraft during working hours. But the air force wisely decided to not include office work or guard duty in their new game. The air force only spent $250,000 and three months to develop their new game, while the army spent over $5 million and several years to create America's Army. December 23, 2004: The information revolution is being led, not by the Internet (with about 700 million users worldwide), but by cell phones (1.5 billion worldwide.) China is one of the more striking examples of how this works. With over 300 million cell phone users, China is finding that the Internet is easier to control than all those cell phone users. About a quarter of the population has cell phones and they are nearly everywhere. People see something, they immediately start calling people. Rumors were always a problem in communist nations, but the cell phone allows rumors, and real information the government would rather keep to itself, to travel nation wide in minutes. China's Stalinist neighbor, North Korea, is being invaded by Chinese cell phones (many held illegally by North Koreans), and posing a very real threat to government control of the media. Actually, "controlling" the Internet is more a matter of limiting some information to users. This is much more difficult with telephones. China is known to be interested in software and technology that can be used to monitor large numbers of telephone messages, looking for anti-government material. There is also a limit, in terms of cost, to how many individual phones you can tap. The explosion in Internet and cell phone use in China, where two decades any phone service was an easily controlled luxury, has done more to introduce democracy than anything else. Government officials must pay attention to public opinion, because government misbehavior or incompetence can no longer be covered up. And when something does happen, most of the population will know about it quickly. And if the people are not happy with government actions, they now have the means to quickly mobilize protests. The government knows this, and has been reforming itself into a more efficient, and democratic, creature as a result. December 20, 2004: U.S. Department of Defense computer networks were hacked 294 times in 2003, after 54,488 known attempts. This year, it looks like there will be 68,000 attempts. In 2003, for every thousand attempts, 5.4 succeeded. Assuming security was improved somewhat this year, it still looks like as many as 300 successful intrusions this year. The Department of Defense won't say how successful any of these penetrations was. But from intrusions that were reported, and knowledge of how American military networks are set up, most, or all, of these intrusions were on unclassified networks. The most valuable data is in computers that are not connected to the Internet. The military has noted that 90 percent of these attacks could have been easily deflected if users practiced better security. In other words, the biggest vulnerability is the operators and administrators, not the systems themselves. Nevertheless, there is a sense of anxiety and urgency at Strategic Command, which is responsible for military networks, as well as Information War (attacking enemy networks, as well as defending out own). So a new organization has been set up; Joint Task Force-Global Network Operations. This outfit will consist of people from the Army Space and Missile Defense Command; the Air Force, the Naval Network Warfare Command and the Marines. The new task force will try to better coordinate American military activities to defend their networks. The military has the same problems civilian Internet users have; constantly evolving software. Every time new software is introduced, there are new flaws, and many of these flaws enable hackers to more easily penetrate networks. Moreover, many network attacks are not detected, nor are some penetrations. It's another case of what you don't know is likely to hurt you the most. The military also has a problem competing with civilian users for skilled network administrators and technicians. Military pay scales cannot compete. Looming over all this is the possibility of a massive surprise attack on American military networks. It's never happened, but it could. Because of that, no one is sure of what it will take to prevent such an attack, or even carry one out. December 17, 2004: The FBI is responsible for going after criminals that operate via the Internet. The problem is that, for decades, the FBI had been way behind when it came to computer technology. In the last few years, the FBI has tried to catch up. A major problem the FBI has since encountered is hiring technically competent people. First, the FBI is a pretty straight-laced organization, not the sort of environment that appeals to cutting edge computer techies. This puts off a lot of good people the FBI would like to have. Another problem is money. The FBI employees are paid according to civil service pay scales. This system makes it difficult to hire hot-shot computer experts at market wages. The FBI solution initially was to hire whoever they could get, and then train them. This included a lot of on-the-job training. The problem with this approach was that when these FBI employees got really expert, they noted that they could make a lot more money using their new skills in a non-government job. The FBI responded to this by creating working relationships with companies that had the highly paid Internet experts. Not quite the same as hiring expensive consultants, but it gave the FBI access to top notch computer skills when they needed it most. Internet security companies, in particular, liked the working relationship with the FBI, because these outfits tracked a lot of computer crime. In turn, the FBI had access to a lot more detail on computer crime, and people who had better skills and tools for hunting down the cybercrooks. This is not the way the FBI normally likes to operate. At first, the FBI tried to create and maintain a database of online crime. But they didn't have the people, or other resources, to handle it. However, they discovered that commercial Internet security firms were already doing this, and found that these commercial databases were good enough. Working this much with commercial firms is new for the FBI. However, with all the rapidly changing computer technology, and Internet crime techniques, this is the only way the feds can cope. The cooperation with commercial firms also makes it easier to get other government agencies to work together. To take on Internet crime, the FBI has to include the Postal Service, the Federal Trade Commission, as well as a number of other federal, state, local and foreign law enforcement organizations in partnerships. It's a whole new way of operating for the FBI. ------------------------ Yahoo! Groups Sponsor --------------------~--> Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar. Now with Pop-Up Blocker. Get it for free! http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/TySplB/TM --------------------------------------------------------------------~-> -------------------------- Want to discuss this topic? Head on over to our discussion list, [EMAIL PROTECTED] -------------------------- Brooks Isoldi, editor [EMAIL PROTECTED] http://www.intellnet.org Post message: osint@yahoogroups.com Subscribe: [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] *** FAIR USE NOTICE. This message contains copyrighted material whose use has not been specifically authorized by the copyright owner. OSINT, as a part of The Intelligence Network, is making it available without profit to OSINT YahooGroups members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of intelligence and law enforcement organizations, their activities, methods, techniques, human rights, civil liberties, social justice and other intelligence related issues, for non-profit research and educational purposes only. We believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/osint/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/