As the media environment continues to fragment in the future, engaging ever-diversifying platforms and channels will become more difficult for the military. But, as General Creighton Abrams reputedly once said, “If you don’t blow your own horn, someone will turn it into a funnel.” Under conditions of the current new media blitz, his possibly apocryphal words might be paraphrased to say, “If you don’t engage, someone else will fill the void.” Surrendering the information environment to the adversary is not a practical option. Therefore, the military must seriously consider where information and the new media lie in relationship to conventional warfighting functions. One thing seems sure: we must elevate information in doctrinal importance, and adequately fund and staff organizations dealing with information.

The “era of persistent conflict” that characterizes today’s operational environment is likely to endure for the foreseeable future, “with threats and opportunities ranging from regular and irregular wars in remote lands, to relief and reconstruction in crisis zones to sustained engagement in the global commons.”

Learning to Leverage New Media, The Israeli Defense Forces in Recent Conflicts (PDF), Lieutenant General William B. Caldwell IV, U.S. Army; Mr. Dennis M. Murphy; and Mr. Anton Menning

I believe the Wikileaks organization, with the recent release of diplomatic cables, represents a form of cyber attack against the United States of America. In that context, the information contained within the leaks, information classified and originally owned by the United States, is the weapon being used in the attack. I have long argued and I still believe the DoD treats information as a weapon and that viewpoint represents an Achilles heal of the DoD. Because information is treated as a weapon, the DoD often resorts to old doctrine when dealing with an information threat – and the tactics used to deal with the threat become remarkably predictable. I have been expecting an overreaction like this.

The Air Force is blocking computer access to The New York Times and other media sites that published sensitive diplomatic documents released by the Internet site WikiLeaks, a spokeswoman said Tuesday.

Air Force Maj. Toni Tones said more than 25 websites have been blocked and cannot be viewed by any Air Force computer. The ban does not apply to personal computers.

She said the action was taken by the 24th Air Force, which is commanded by Maj. Gen. Richard Webber and is responsible for cyberwarfare and computer security for the service. The move was approved by Air Force lawyers, she said.

The Army and Navy say they have not taken similar actions.

The United States Air Force has done a wonderful job here undermining the confidence of the American people regarding the ability of the USAF to be responsible cyberwarfare practitioners for our nation. Wikileaks is, among many things, an interesting study in cyberwarfare because it represents a direct information warfare campaign against the United States in the cyber domain with the intent of undermining the relationships between other nations and the United States, and it does this by undermining the trust required for good working diplomatic relationships. The 24th Air Force has undertaken a self-defeating approach that casually tosses away all lessons learned by fighting other online adversaries in those cyber domain information wars.

In the context of information being seen as a weapon by the DoD, and thus a threat to the DoD; it is hardly surprising that the first major public action taken in response to Wikileaks by the United States Air Forces elite cyber command is to build a big wall – after all, when you are under attack one is supposed to build a defense, right? The US Air Force cannot possibly be criticized enough for this action, because it goes against everything the DoD has supposedly learned about information warfare. In the quote that led this article, this portion sticks out.

“Surrendering the information environment to the adversary is not a practical option. [T]he military must seriously consider where information and the new media lie in relationship to conventional warfighting functions. One thing seems sure: we must elevate information in doctrinal importance, and adequately fund and staff organizations dealing with information.”

Whether the 24th Air Force realizes it or not, the DoD has functionally surrendered the information environment to the Wikileaks adversary because the DoD refuses to engage the adversary, and to compound the problem the results of a lack of engagement has predictably led to a great deal of vigilante justice.

Vigilante Justice

The first serious infowar is now engaged. The field of battle is WikiLeaks. You are the troops.

Wikileaks Twitter Account

I would argue it would be responsible for the Chairman of the U.S. Homeland Security and Governmental Affairs Committee to hold a hearing on the legality of hosting in the United States, and it would be within the roles and responsibilities of the Chairman to sponsor a bill that prevents US companies from hosting government classified information released by Wikileaks on private, commercial servers in the United States. That democratic process laid out by the Constitution towards developing law is what makes the United States great.

But instead of performing such a legal process, Senator Lieberman – who is the Chairman of the U.S. Homeland Security and Governmental Affairs Committee – pressured several US private companies and forced Amazon to drop in an intimidation action well outside the law. Any American who doesn’t have a serious problem with the actions of Senator Lieberman needs to give serious thought regarding the dangers of government officials leveraging their position of official authority to pressure private industries outside the limits of law under the constitution. What does it mean for our freedoms and representation in a democracy when the protections of those freedoms can be casually tossed aside in the name of political agenda and expediency? The action ultimately taken by Senator Lieberman is one of vigilante justice, which is ironically how one could describe many of the actions taken in the name of Wikileaks by both supporters and critics.

The Chairman of the U.S. Homeland Security and Governmental Affairs Committee would normally, in this case, be responsible for oversight on whether the United States government is being attacked and what the role the Department of Homeland Security would, or should, be in this situation. Wikileaks does not represent cyberwarfare by the definition I would use, rather information warfare leveraging cyberspace as the domain, but perhaps it is a form of cyberwarfare? I think many, like I, have wondered where the lines between DHS and US Cyber Command exist in the cyber defense of the United States, what constitutes an attack in cyberspace against the United States, whether information warfare can also be cyberwarfare, and what the role of government is in protecting private economic infrastructure like Visa, Mastercard, or Paypal when online vigilante’s organize to attack those services most Americans are dependent upon for commerce. Under better leadership, Wikileaks would represent a good reason for the Senate to debate and discuss towards a better understanding of these issues. Does anyone actually know what DHS is supposed to do in the many situations unfolding around the Wikileaks drama? The only thing we know for sure is that most Americans cannot answer these important questions, and to me that communication failure represents a failure in political leadership in dealing with the Wikileaks issue.

Influence Warfare

Does Wikileaks represent a form of cyber attack? Wikileaks is certainly a very interesting study of information warfare in the cyber domain that the United States government needs to be learning from instead of reacting to – or being influenced directly by so easily. I see strategy and tactics, and we are seeing the shadow spaces acting with vigilante justice in the absence of unified government leadership and command engaged with and informing the public. The governments response to Wikileaks has been to build a wall around itself, leaving the people outside the wall to marvel at what takes place inside the wall, and there has been a remarkable lack of engagement towards either Wikileaks or the American people.

As outsiders, we the people find ourselves in the same trenches as those who are operating as a vigilante. To understand what the vigilante’s not named Senator Lieberman have been doing so far, this PC Magazine article discusses the shaping operation by a vigilante that ultimately set up Wikileaks for a major strategic defeat.

When WikiLeaks released another collection of secret U.S. government documents this weekend the site came under attack from a hacker styled th3j35t3r (the jester). In announcing the hit, th3j35t3r tweeted “TANGO DOWN – for attempting to endanger the lives of our troops, ‘other assets’ & foreign relations”. A now-deleted tweet clarified that the WikiLeaks hit was a simple denial of service attack. F-Secure’s Chief Research Officer, Mikko Hypponen, had this to say about the attack.

“It was a weird case,” said Hypponen. “Everybody assumed it was some large-scale Distributed Denial of Service attack, but the guy himself says it’s not. It’s a protocol-based attack from a single source.” Hypponen explained that WikiLeaks recovered by changing its hosting providers. At the time of the attack they were hosted in France. Now they’re using two different servers hosted by Amazon’s cloud, one of which is physically in the United States.

Asked if this type of attack could take down any arbitrary site Hypponen said “We just don’t know. The guy isn’t giving any details. But over the past months he has been quite successful taking down pro-Jihad forums and such. When he claimed responsibility for WikiLeaks I believed him right away. He had both the know how and the motive.”

Based on my own research, it appears to me that th3j35t3r has a military background, probably a retired officer of a western nation between the age of 35-45. As he explains on his own blog, there was a strategy behind the tactics.

As you may know I normally target Jihadist sites, but recently turned my attentions to Wikileaks.

So what was I thinking?

Initially, hitting Wikileaks servers hosted by OWNI (France), PRQ (Sweden), and BAHNHOF with ease, had the desired outcome of ‘corralling’ the Wikileaks operation onto a US hosted platform that could resist XerXeS – Amazon EC2.

The WL perceived victory was short-lived as enough pressure was now building both politically and technically (by that I mean service providers were aware that WL was now a prime target and couldn’t risk their own operations by providing services to WL).

As predicted, providers to WL started dropping them – first EveryDNS, then Amazon, then Paypal and Mastercard soon followed. The service providers acted as a force-multiplier, leaving the Wikileaks name nowhere to go except rely on volunteer mirrors.

So the head of the snake is almost cut off. The Wikileaks name is something few people, as far as service providers, will deal with. Their supply chain is being cut off.

So, great they have 2000 voluntary mirrors! By the very nature of volunteers providing ‘mirrors’ causes WL to be highly unstable as they will be up and down and sporadic on a day-by-day basis.

I was sitting at my desk at work when moved to Amazon servers, and I remember distinctly the conversation that immediately followed among all of us IT nerds in the office. It was clear to all of us that if the US government was serious about Wikileaks being illegal, something would be done about US companies supporting Wikileaks. If all of us knew it the very second we learned that Wikileaks had been moved to a US server, I do not doubt that th3j35t3r knew it too.

The White Flag

In the vigilante justice demonstrated by th3j35t3r we see actions driving predictable reactions with an overall strategy driving tactics. th3j35t3r had no idea that Senator Lieberman would play the role of another vigilante in the unfolding drama, but I think every one watching understood that the US government wasn’t going to tolerate very long the idea that US companies would host while they were waging an information war against our government. While I am completely opposed to and very troubled by the actions of Senator Lieberman, I am not opposed to the result. It is both predictable and understandable if you believe there is an information war taking place between Wikileaks and the United States – in this case a form of information warfare that Wikileaks has acknowledged is taking place.

The approach th3j35t3r took to drive Wikileaks to the US demonstrated strategic success on the cyber battlefield. The result of the strategy has legitimately damaged the Wikileaks organization by undermining the organizations credibility with businesses like Paypal, Mastercard, and Visa – thus has seriously damaged the organizations fundraising capabilities. True, Wikileaks releasing classified cables while being hosted on US servers was certainly a self-defeating activity, but at the time the organization didn’t see it that way.

By the same theory though we must also ask ourselves whether Wikileaks has found similar strategic success with the 24th Air Force. If Wikileaks forces the 24th Air Force to reject information from 25 sources, including several of the top media sources in the world, we must legitimately ask whether the Wikileaks strategy to get major news sources on board with the release of the cables was the strategy that defeated the US Air Forces premier cyber command, because that action combined with a self-defeating reaction has led to the denial, or concession of, the cyber domain including the New York Times by the 24th Air Force.

To be completely honest, I believe Maj. Gen. Richard E. Webber surrendered and conceded cyberspace like the New York Times and other media outlets to Wikileaks, and I don’t think it is out of bounds at all to question the leadership of the 24th Air Force if during the first major information war – their first public action was to raise the white flag. At best, 24th Air Force has publicly demonstrated the DoD is a long way from understanding the strategies, tactics, and the battlefield involved when cyberspace is the medium for an information war campaign against the United States. At worst, the 24th Air Force has completely ignored or rejected all of the lessons learned over the last decade fighting an information war against the global jihad.

Either way, the DoD has not demonstrated the agility and flexibility necessary to give confidence in the ability of the United States to conduct information warfare in the cyber domain, because Wikileaks has forced our own lawyers to beat our soldiers, sailors, airmen, and Marines over the head by forcing the DoD to conform to the regulations driven by Section 793 and Section 1924, Title 18, United States Code. How is it possible that the American people have seen vigilante’s in the shadows and vigilante behavior among our own political leadership do more to date to address Wikileaks than any organized government effort? Unfortunately, the right answer is lawfare.

The US government is demonstrating a crisis in political leadership with an obvious inability to adapt when confronted with a complex information war in the cyber domain. I’d suggest our nations adversaries are learning quite a few lessons, including how predictable US action, inaction, and overreaction appears to be when certain pressures are applied.

The Department of Defense emphasizes information superiority, or information dominance depending upon slogan, and expects to defeat adversaries by being the smartest military with the right information while capable of being agile and flexible to leverage the information space and achieve an advantage. With that said, in this case the 24th Air Force has allowed the tactics of an adversary to broadly deny the organization access to information of several of the most credible news organizations in the western world. Under such conditions I believe it is a fair statement to suggest the 24th Air Force has been defeated by Wikileaks in this modern information war – even if the method of defeat was a self-defeating policy or surrender to the regulations found in lawfare.

Posted by galrahn in Air Force, Cyber

You can leave a response, or trackback from your own site.

  • Initially, hitting Wikileaks servers hosted by OWNI (France), PRQ (Sweden), and BAHNHOF with ease, had the desired outcome of ‘corralling’ the Wikileaks operation onto a US hosted platform that could resist XerXeS – Amazon EC2.

    They’re still up at Bahnhof and OVH (not OWNI – typo). Your man is deluding himself. If anything, hammering Amazon (if the DDOS activity, rather than their working towards the government, was responsible) had the opposite effect and both a) catalysed the creation of mirror sites and b) motivated them to keep their equipment out of US jurisdiction.

  • Gordon Quickstad

    This post seems written by Julian Assange. Or perhaps the writer is suggesting the “leaking” of dis-information as a return barrage? On another point, if those in the armed services can’t be denied internet access (and they can’t), I can imagine that a handful of well placed servicemen could coordinate the clandestine divulging of top secret information and render our defense forces impotent.

  • Rob

    “I believe the Wikileaks organization, with the recent release of diplomatic cables, represents a form of cyber attack against the United States of America.”

    Who attacked America? The person with access to confidential information who decided to release that information, or the publisher?

    If it is the latter, shouldn’t we retroactively throw a few Washington Post journalists, among others, in jail?

    I’m not saying Wikileaks is good, or even trying to be good. But we do have law for a reason.

    I think the part that is scaring people is the ‘de-centralization’, if you will, of the news industry. It was much easier to have a handle on what has been leaked when there were only a few dozen (if that) mass market publishers in the country.

    We should not fear the realities of the era of information, we should adapt to it. We live in a world with a potential 7 billion publishers. We should be looking inward to better control leaks at the source.

  • Paul

    What I find the most interesting about this whole bruhaha is that while I find the gentleman in question to be a bit of a narcissist in his pursuit of the “truth” the larger question is out there.

    Who gave him all of this information? He doesn’t work for go’ts so he has sources all over the world whether they be disgruntled employees, people with an axe to grind or out and out traitors. Shouldn’t they also be hunted down and prosecuted?

  • Is there a real danger of disgruntling more government employees leading to a flood of leaks?
    Perhaps the cyber war should have concentrated on the real issue.
    Renditions, Torture, torture by proxy all undermine the American sense of values. Surely addressing those rogue agencies would go a long way to lessening the predictable response of the US citizens.
    While we all know the US is feverishly attempting to suppress the leaks and perhaps particularly the objective is to prevent the now multiple ‘bank’ leaks, this will fail.
    Better to go back to the real American values, fix the problem. The US has lost the high moral ground and no serving S personnel should ever hand people over to known torturers or do it themselves. The US government will not protect you and your families names from being plastered onto an internet shame list mirrored for all time.
    The other action would be to report such actions to your superiors, and if not advised of further action, their superiors, failing that wikileaks.

    Stand up for America and stop those who would seek to reduce your standing to that of the CIA and the black ops squads. All of whom are being identified as we speak – by loyal, patriotic law-abiding US servicemen.
    Ask yourself if your fathers fought for the right to torture.
    My family fought alongside 4 generations of US soldiers, I am the last generation of my nation to do so if this play out the way those usurping US values prevail.
    Your sworn duty is to uphold the US constitution and protect the US, do the right thing.

  • Grandpa Bluewater

    Wikileaks has declared (info)war on the USA?!

    May they fare as well as Noriega.

    Mr. Proctor’s statement is interesting. Attempting recruitment of U.S. military personnel into a conspiracy for providing aid and comfort to the enemy, using open threat and insult. That’ll work.

    As for the rest, one may advise against excessive zeal, but…
    “Nothing can stop the US Air Force!”

  • Lowly USN Retired

    The problem at hand is simple casualty control for the agency(s) responsible for Wikileakgate: articulately and quickly identify the symptoms and indications of Wikileakgate, control the Wikileakgate, determine the cause of the leak, parts required to repair, accomplish the repairs and implement lessons learned so this will never happen again.

    All responsible for these leaks are the same traitorous sludge scum as the J.A. Walker, Jr. clan and J. Whitworth traitor’s who were a blight in the United States Navy for seventeen years. The Wikileakers, saboteurs and traitors responsible must receive the same accommodations as; belay same accommodations as, these traitor’s must be tried and hung for their crimes against the United States so they will act as a deterrent for those who would conspire, plot or engage in future leaks of sensitive documents and information harmful to the Security of the United States of America.

    The trial and the hanging should be broadcast world wide on a pay for view basis to assist in recovering the cost of apprehending and bringing these “perpetraitor’s” to justice.

  • jon spencer

    Is reading the paper version of the NY Times blocked while on duty?

  • YN2(SW) H. Lucien Gauthier III

    Part of the challenge in devloping SOPs for information or cyber conflicts are illustrated by how you interchanged the two terms of ‘information’ and ‘cyber’. Are they the same thing? Is one an attack on infrastructure and the other an attack on a governments information capital? The two need to be clearly understood before any sound tactics or understanding of the battlefield can be gained.

    The 24th should never have banned the NYT. That was stupid. The same thing happened to us in AFG when the first leaks came out. We were banned from reading any part of the cables released. All this demonstrates is frustration on the part of leadership. It’s sad.

    In reality, all we need to do is demonstrate the moral ambiguity of those support wikileaks, and Anonymous. XKCD did a pretty good job of that in a sinlge cartoon the other day.

    A rationally minded person understands that every entity has a need for secrets, from the individual to the large organization. With that angle alone we can win. Our Government just needs to learn how to do public diplomacy domestically and internationally much, much better.

    You’re right. In terms of Information War, the DOD shouldn’t have much to do, especially when most of the information leaked is from DOS. This needs to be handled as espionage (as that is where it started) and a debate concerning the proper relationship between US citizens and their government.

  • Great article showing how “the Emperor has no clothes…” In the submarine force we were taught to look for the root cause when investigating any kind of incident, mistake or system failure. In this case, that of the Wikileaks situation overall, a significant contributing root cause is over-classification.

    Looking back to July, how many of those 77,000 documents REALLY needed to be classified? According to Pentagon and/or White House press conferences, apparently very few. Within days of the release an official spokesman stated (paraphasing): “We’ve examined the documents and they have little or no impact on national security.” That would have been an ideal time for one of the reporters to break out Joint Pub 1 (Dictionary of Terms) or some other reference and recite the definitions of Confidential, Secret and Top Secret. Then following up with the question, “Why were they still classified?”

    Coining a new term – Classified Unclassified Documents (CUD) – were some of the CUD embarrassing? Perhaps… But our laws and regulations do not allow for the government – or the military – to keep information from the public merely because it may embarrass someone.

    If 90% of those documents were already out they would have been released over time and mostly been a non-issue.

    The adage “if everything’s important than nothing is” comes to mind in this situation.

    Disclaimer: The opinions expressed above are my own. They do not represent the denizens of our Solar System, the Earth, the United Nations, the USA, the Department of Defense, the U.S. Army, the members of the Birch Run High School Class of 1983, my friends and relatives nor any of my neighbors in Kansas.

  • I don’t know, get over yourself? We are becoming what England and France were against the Ottoman Empire and we still say Wikileaks was about us?

  • I know my last comment didn’t make much sense, and perhaps this one as well, but it seems to me the author has made the correct assumption that the 24th Air oriented themselves to a disadvantage in the environment they observed.

    However, I think US military, strategically, is not positioning itself correctly. I think this has mostly to do with USA’s inability to see the environment clearly, because of the complexity of the information coming in. And now, because of Wikileaks, there is the added complexity in the information going out as well.

    When your I/O gets that complex the system fails; this is just basic computer science. By labeling Wikileaks as a cyber attack just added to the complexity and hid the true environment from the US military’s observation.

    Wikileaks should have been labeled a Non State Actor to the US military’s position as an incumbent/insurgency force of the WWW.

    Normally, the US military would be either forming a coalition, consensus, or consultant relationship with Wikileaks, depending on the diplomacy, and letting Wikileaks be destroy by other force than the US military, depending on its position.

    A cyber warfare division is helpful in defense and offence, but is useless in changing or identifying the environment that the US military observes. By creating a cyber warfare division, you are already conceding the environment to your enemies through association. In other words, you are letting your enemy name the folder (warfare) in the computer (environment)that you are writing (fighting) the file (war) for. Whose computer is it anyways; USA, EU, China? One thing I do know, it is not some NSA’s computer. The NSA is only a part of the environment (computer) we Observe.

  • Derrick

    Personally, I see the Wikileaks issue as a propaganda war, and more suited for the FBI, because the information leaked was leaked illegally by an US government employee.

    To me, cyber warfare involves attacks against enemy information systems or defending US government information systems from hacks, DoS attacks, etc…

  • MadMax

    “Sticks and stones may break my bones, but words will never hurt me.” An oft quoted, yet incorrect, children’s rhyme. I disagree that information is not a weapon; at times it is mightier than the sword. While information can be as destructive as any physical weapon, that does not mean all information is equally devastating. Nuclear weapons are stored under much tighter security than M-4s, which, in turn, are locked up more heavily than combat knives. One major problem the Air Force has is failing to understand this spectrum. As a result, all information must be treated like nuclear weapons and must not be trusted to the common Soldier or Airman.

    The ham-handed reaction to WikiLeaks by 24th Air Force comes from its genesis in the nuclear world—the world of deterrence and defense—not not the combat world. Until the Air Force (and DoD) understand both the dangers and limits of information as a weapon, they will have neither the flexibility to use it appropriately nor the strategic vision to craft effective offensive or defensive information policies.