Information operations · Information Warfare

Cyber only a small component of information operations, official says

By: Mark Pomerleau

While a major focus in the latest influence operation involving the 2016 election, cyber is only one small part of information warfare and information operations, according to some current and former officials.

Cyber was the vector used to extract the information, but how the stolen information is used “is not necessarily a cyber issue,” Christopher Painter, Coordinator for Cyber Issues at the State Department said during a panel discussion in April hosted by the Carnegie Endowment for International Peace.

Information warfare has happened for centuries, he added, and while cyber has been either an accelerant or an enabler for these types of activities, it is just a small part.

Director of the NSA Adm. Michael Rogers told Congress last month that the “biggest difference was cyber to gain access to and extract information,” as it related to massive influence campaign perpetrated by the Russians in the 2016 presidential election.

Similarly, Michael Chertoff, the second Homeland Security secretary, said during the same panel that this problem should be viewed through a counter-messaging lens.

However, the counter-messaging efforts, especially against ISIS and its former kinsmen al-Qaida , have been widely criticized as ineffective.

Chertoff warned against using terms such as “weaponization” of information and news as this becomes a slippery slope toward censorship. There are a lot people throwing around fake news and information operations that should be viewed through the lens of cybersecurity. “I think that would be a big mistake,” he said, adding that if cyber is used to repel fake news and information operations, the first two nations to sign up would be Russia and China as there might be content they don’t like they would argue is fake news. There are some people in the U.S. that think fake news is “stuff I don’t want to read about,” he said.
Others have suggested that cyber could be a means for repelling such information operations in light of the Russia’s meddling in the 2016 election.
A fundamental goal should be to knock down fake news, and cyber is a tool to knock down fake news and take down fake websites, James Miller, a member of the Defense Science Board and the former undersecretary of defense for policy, said during congressional testimony this year. Having a set of rules of engagements and polices associated with that could be valuable, he said, but offered no specifics in the way the government could or would evaluate what constitutes as fake news.
Painter said this issue has to be disaggregated and warned against getting to the point where the government is the arbiter of what’s truth and what’s not. Within this sphere, Painter said private companies have a lot of responsibility here not in deciding what’s truth, but ensuing bots aren’t pushing traffic and stories.
In terms of disaggregating this issue – as terms such as espionage, cyberattacks and information operations are being lumped together – Chertoff said these should be viewed as separate issues.
Espionage is the oldest thing around, he said, the only difference is the use of technology.
“I don’t think the reaction to espionage in cyberspace is dramatically different than traditional espionage”, he said. “Basically it’s on us to protect and preserve our secrets.”
This aspect has been a point of contention among members of Congress who believe the Chinese, widely attributed to perpetrating the hack of thousands of sensitive personnel from the Office of Personnel and Management, have gotten off unscathed for the massive breach.
“Well, there’s a lot of espionage, certainly collecting and exfiltrating information; obviously the Chinese come to mind. But in very much a contrast between the passive collection, the passive exfiltration as opposed to the actively purloining information and then using it for a political end — that’s the difference here,” former director of national intelligence James Clapper said of the alleged Russian influence operation against the U.S. election to Congress earlier this year prior to departing.
“If you’re conducting espionage, then if we’re going to punish — nation-states are going to punish each other for conducting espionage, which is the passive collection of information, that’s a pretty heavy policy call, which I don’t think any of us want to make,” he said. “When it’s an activist campaign as it was here, that’s a different proposition.”
Chertoff noted that things such as destructive attacks committed via cyber means should also be viewed under a separate and distinct lens from the information operations, which have been around since the beginning of time. Attack such as the one against Sony Pictures, the Ukrainian electric grid and Georgia’s command and control systems “are really just acts of violence,” he said and response should be similar to acts of violence in the physical world.
Chertoff also drew a distinction between the manipulation of data – a top threat from the view of many in the intelligence community that can be done through cyber means by intrusions into networks – and content or speech under the guise of information operations.
This is what malware is, he said of data manipulation. In some ways this is creating instructions for computers that’s changing the way it behaves. He used the example of a car, in which manipulating data could affect the control systems forcing it to do things the operator doesn’t want it to do. “I would not consider that to be information warfare and information operations,” he said. “That is attacking the integrity of data.”
To him, information is content that a human intakes and understands.