IW-D

SECTION 5

HOW SHOULD WE DEFEND?

5.1 PROCEDURES, PROCESSES AND MECHANISMS

Exhibit 5- l depicts the essential procedures, processes, and mechanisms for IW-D. They are based on the defensive information warfare implementation model developed by the Information Assurance Division of the Joint Staff J6. An essential step in preparing an information warfare defense is the identification of critical national information functions and the information, information services, and infrastructures upon which these functions depend.

The first order of business is to deter information warfare attacks. This deterrence must include a national will as expressed in law and conduct, a declaratory policy on consequences of an information warfare attack against the United States, and an indication of the resiliency of the information infrastructure to survive an attack.

The most immediate need is to provide some form of protection. This protection might include physically isolating information, providing some form of access control and authentication of personnel performing critical functions or accessing information, or encryption of the information. As time permits, the information infrastructure supporting critical functions should be designed for utility, resiliency, repairability, and security. An equally important function is to verify through independent assessments that the design is being followed, that protective measures are being implemented where appropriate, and that the information warfare (defense) readiness posture is as reported.

As suggested in the Task Force observations, the importance of intelligence support to information warfare (defense) cannot be overemphasized. This support must include strategic indications and warning of potential information warfare attack, timely and accurate threat assessments, and current intelligence support in the event of an information warfare attack.

The essence of tactical warning is monitoring, detection of incidents, and reporting of the incidents. Monitoring and detection of infrastructure disruptions, intrusions, and attacks are also an integral part of the information warfare (defense) process. Providing an effective monitoring and detection capability will require some policy initiatives, some legal clarification, and an ambitious research and development program, all of which will be addressed later in the report. All intrusions and incidents should be reported so that patterns of activity can be established to aid in strategic indications and warning. The FCC requirement to report telephone outages of specified duration affecting more than a specified number of customers serves as a model in this regard.

It is probable that the telecommunications infrastructure will be subject to some form of attack. We should have some capability to limit the damage that results and to restore the infrastructure. Little research has been devoted to the basic procedures necessary to contain "battle" damage, let alone to the tools which might provide some automated form of damage control. Restoration of the infrastructure assumes some capability to repair the damage and the availability of resources such as personnel, standby services contracts, and the like.

Finally, information warfare (defense) should include some form of attack assessment to aid in determining the impact of an attack on critical functions and in determining the appropriate response to an attack.

A key point not reflected in the exhibit is that this process must be a distributed process. The basic functions of monitoring, detection, damage control, and restoration must begin at the lowest possible operating level. Reports of the activity must be passed to regional and DoD-level organizations to establish patterns of activity and for assistance as needed in damage control and restoration.

5.2 STRATEGY

We will use the following strategy to achieve this capability for the Defense Information Infrastructure:

• Address infrastructure, not just system or network, protection. The design of systems and networks is generally based on efficiency considerations. Infrastructure protection must be based on effectiveness considerations.

• Manage DII risk. It is impossible to pay the cost of avoiding risk to the DII. Protection of the DII must be based on both effectiveness and efficiency considerations.

• Protect information commensurate with its intended use. In certain circumstances, unclassified but sensitive information (weather and terrain data) may have more tactical significance than classified information (e.g., outdated intelligence estimates).

• Integrate policy, technical, operational, and personnel aspects. Each of these aspects is treated separately for the various communications, information, and security disciplines. They must be integrated for both efficiency and effectiveness.

• Use Service/Agency core competencies. All ongoing relevant activities must be reviewed to preclude reinventing the wheel.

• Build on current programs and initiatives. Use the ongoing information security activities and programs and those of related security disciplines as the foundation for achieving an IW-D capability.

• Emphasize solutions to the traditional weak link--the person. Nearly all espionage convictions are based on an inside threat. IW-D activities must address this issue head on.

• Harmonize IW-D, OIW, INFOSEC, and intelligence support functions. These closely related functions are based on many common technologies and processes and must be mutually supporting.

• Harmonize activities to protect the NII, the GII, and the DII. Work toward a consistent approach and economies of scale in protecting these highly interconnected infrastructures.

• Conduct vigorous interagency coordination. The rapidly evolving and highly complex DII requires proactive measures to preclude duplication of effort and contradictory goals.

[End Section 5.0]

[Go to Section 6.0]