As the media environment continues to fragment in the future, engaging ever-diversifying platforms and channels will become more difficult for the military. But, as General Creighton Abrams reputedly once said, “If you don’t blow your own horn, someone will turn it into a funnel.” Under conditions of the current new media blitz, his possibly apocryphal words might be paraphrased to say, “If you don’t engage, someone else will fill the void.” Surrendering the information environment to the adversary is not a practical option. Therefore, the military must seriously consider where information and the new media lie in relationship to conventional warfighting functions. One thing seems sure: we must elevate information in doctrinal importance, and adequately fund and staff organizations dealing with information.
The “era of persistent conflict” that characterizes today’s operational environment is likely to endure for the foreseeable future, “with threats and opportunities ranging from regular and irregular wars in remote lands, to relief and reconstruction in crisis zones to sustained engagement in the global commons.”
Learning to Leverage New Media, The Israeli Defense Forces in Recent Conflicts (PDF), Lieutenant General William B. Caldwell IV, U.S. Army; Mr. Dennis M. Murphy; and Mr. Anton Menning
I believe the Wikileaks organization, with the recent release of diplomatic cables, represents a form of cyber attack against the United States of America. In that context, the information contained within the leaks, information classified and originally owned by the United States, is the weapon being used in the attack. I have long argued and I still believe the DoD treats information as a weapon and that viewpoint represents an Achilles heal of the DoD. Because information is treated as a weapon, the DoD often resorts to old doctrine when dealing with an information threat – and the tactics used to deal with the threat become remarkably predictable. I have been expecting an overreaction like this.
The Air Force is blocking computer access to The New York Times and other media sites that published sensitive diplomatic documents released by the Internet site WikiLeaks, a spokeswoman said Tuesday.
Air Force Maj. Toni Tones said more than 25 websites have been blocked and cannot be viewed by any Air Force computer. The ban does not apply to personal computers.
She said the action was taken by the 24th Air Force, which is commanded by Maj. Gen. Richard Webber and is responsible for cyberwarfare and computer security for the service. The move was approved by Air Force lawyers, she said.
The Army and Navy say they have not taken similar actions.
The United States Air Force has done a wonderful job here undermining the confidence of the American people regarding the ability of the USAF to be responsible cyberwarfare practitioners for our nation. Wikileaks is, among many things, an interesting study in cyberwarfare because it represents a direct information warfare campaign against the United States in the cyber domain with the intent of undermining the relationships between other nations and the United States, and it does this by undermining the trust required for good working diplomatic relationships. The 24th Air Force has undertaken a self-defeating approach that casually tosses away all lessons learned by fighting other online adversaries in those cyber domain information wars.
In the context of information being seen as a weapon by the DoD, and thus a threat to the DoD; it is hardly surprising that the first major public action taken in response to Wikileaks by the United States Air Forces elite cyber command is to build a big wall – after all, when you are under attack one is supposed to build a defense, right? The US Air Force cannot possibly be criticized enough for this action, because it goes against everything the DoD has supposedly learned about information warfare. In the quote that led this article, this portion sticks out.
“Surrendering the information environment to the adversary is not a practical option. [T]he military must seriously consider where information and the new media lie in relationship to conventional warfighting functions. One thing seems sure: we must elevate information in doctrinal importance, and adequately fund and staff organizations dealing with information.”
Whether the 24th Air Force realizes it or not, the DoD has functionally surrendered the information environment to the Wikileaks adversary because the DoD refuses to engage the adversary, and to compound the problem the results of a lack of engagement has predictably led to a great deal of vigilante justice.
The first serious infowar is now engaged. The field of battle is WikiLeaks. You are the troops.
I would argue it would be responsible for the Chairman of the U.S. Homeland Security and Governmental Affairs Committee to hold a hearing on the legality of hosting Wikileaks.org in the United States, and it would be within the roles and responsibilities of the Chairman to sponsor a bill that prevents US companies from hosting government classified information released by Wikileaks on private, commercial servers in the United States. That democratic process laid out by the Constitution towards developing law is what makes the United States great.
But instead of performing such a legal process, Senator Lieberman – who is the Chairman of the U.S. Homeland Security and Governmental Affairs Committee – pressured several US private companies and forced Amazon to drop Wikileaks.org in an intimidation action well outside the law. Any American who doesn’t have a serious problem with the actions of Senator Lieberman needs to give serious thought regarding the dangers of government officials leveraging their position of official authority to pressure private industries outside the limits of law under the constitution. What does it mean for our freedoms and representation in a democracy when the protections of those freedoms can be casually tossed aside in the name of political agenda and expediency? The action ultimately taken by Senator Lieberman is one of vigilante justice, which is ironically how one could describe many of the actions taken in the name of Wikileaks by both supporters and critics.
The Chairman of the U.S. Homeland Security and Governmental Affairs Committee would normally, in this case, be responsible for oversight on whether the United States government is being attacked and what the role the Department of Homeland Security would, or should, be in this situation. Wikileaks does not represent cyberwarfare by the definition I would use, rather information warfare leveraging cyberspace as the domain, but perhaps it is a form of cyberwarfare? I think many, like I, have wondered where the lines between DHS and US Cyber Command exist in the cyber defense of the United States, what constitutes an attack in cyberspace against the United States, whether information warfare can also be cyberwarfare, and what the role of government is in protecting private economic infrastructure like Visa, Mastercard, or Paypal when online vigilante’s organize to attack those services most Americans are dependent upon for commerce. Under better leadership, Wikileaks would represent a good reason for the Senate to debate and discuss towards a better understanding of these issues. Does anyone actually know what DHS is supposed to do in the many situations unfolding around the Wikileaks drama? The only thing we know for sure is that most Americans cannot answer these important questions, and to me that communication failure represents a failure in political leadership in dealing with the Wikileaks issue.
Does Wikileaks represent a form of cyber attack? Wikileaks is certainly a very interesting study of information warfare in the cyber domain that the United States government needs to be learning from instead of reacting to – or being influenced directly by so easily. I see strategy and tactics, and we are seeing the shadow spaces acting with vigilante justice in the absence of unified government leadership and command engaged with and informing the public. The governments response to Wikileaks has been to build a wall around itself, leaving the people outside the wall to marvel at what takes place inside the wall, and there has been a remarkable lack of engagement towards either Wikileaks or the American people.
As outsiders, we the people find ourselves in the same trenches as those who are operating as a vigilante. To understand what the vigilante’s not named Senator Lieberman have been doing so far, this PC Magazine article discusses the shaping operation by a vigilante that ultimately set up Wikileaks for a major strategic defeat.
When WikiLeaks released another collection of secret U.S. government documents this weekend the site came under attack from a hacker styled th3j35t3r (the jester). In announcing the hit, th3j35t3r tweeted “TANGO DOWN – for attempting to endanger the lives of our troops, ‘other assets’ & foreign relations”. A now-deleted tweet clarified that the WikiLeaks hit was a simple denial of service attack. F-Secure’s Chief Research Officer, Mikko Hypponen, had this to say about the attack.
“It was a weird case,” said Hypponen. “Everybody assumed it was some large-scale Distributed Denial of Service attack, but the guy himself says it’s not. It’s a protocol-based attack from a single source.” Hypponen explained that WikiLeaks recovered by changing its hosting providers. At the time of the attack they were hosted in France. Now they’re using two different servers hosted by Amazon’s cloud, one of which is physically in the United States.
Asked if this type of attack could take down any arbitrary site Hypponen said “We just don’t know. The guy isn’t giving any details. But over the past months he has been quite successful taking down pro-Jihad forums and such. When he claimed responsibility for WikiLeaks I believed him right away. He had both the know how and the motive.”
Based on my own research, it appears to me that th3j35t3r has a military background, probably a retired officer of a western nation between the age of 35-45. As he explains on his own blog, there was a strategy behind the tactics.
As you may know I normally target Jihadist sites, but recently turned my attentions to Wikileaks.
So what was I thinking?
Initially, hitting Wikileaks servers hosted by OWNI (France), PRQ (Sweden), and BAHNHOF with ease, had the desired outcome of ‘corralling’ the Wikileaks operation onto a US hosted platform that could resist XerXeS – Amazon EC2.
The WL perceived victory was short-lived as enough pressure was now building both politically and technically (by that I mean service providers were aware that WL was now a prime target and couldn’t risk their own operations by providing services to WL).
As predicted, providers to WL started dropping them – first EveryDNS, then Amazon, then Paypal and Mastercard soon followed. The service providers acted as a force-multiplier, leaving the Wikileaks name nowhere to go except rely on volunteer mirrors.
So the head of the snake is almost cut off. The Wikileaks name is something few people, as far as service providers, will deal with. Their supply chain is being cut off.
So, great they have 2000 voluntary mirrors! By the very nature of volunteers providing ‘mirrors’ causes WL to be highly unstable as they will be up and down and sporadic on a day-by-day basis.
I was sitting at my desk at work when Wikileaks.org moved to Amazon servers, and I remember distinctly the conversation that immediately followed among all of us IT nerds in the office. It was clear to all of us that if the US government was serious about Wikileaks being illegal, something would be done about US companies supporting Wikileaks. If all of us knew it the very second we learned that Wikileaks had been moved to a US server, I do not doubt that th3j35t3r knew it too.
The White Flag
In the vigilante justice demonstrated by th3j35t3r we see actions driving predictable reactions with an overall strategy driving tactics. th3j35t3r had no idea that Senator Lieberman would play the role of another vigilante in the unfolding drama, but I think every one watching understood that the US government wasn’t going to tolerate very long the idea that US companies would host Wikileaks.org while they were waging an information war against our government. While I am completely opposed to and very troubled by the actions of Senator Lieberman, I am not opposed to the result. It is both predictable and understandable if you believe there is an information war taking place between Wikileaks and the United States – in this case a form of information warfare that Wikileaks has acknowledged is taking place.
The approach th3j35t3r took to drive Wikileaks to the US demonstrated strategic success on the cyber battlefield. The result of the strategy has legitimately damaged the Wikileaks organization by undermining the organizations credibility with businesses like Paypal, Mastercard, and Visa – thus has seriously damaged the organizations fundraising capabilities. True, Wikileaks releasing classified cables while being hosted on US servers was certainly a self-defeating activity, but at the time the organization didn’t see it that way.
By the same theory though we must also ask ourselves whether Wikileaks has found similar strategic success with the 24th Air Force. If Wikileaks forces the 24th Air Force to reject information from 25 sources, including several of the top media sources in the world, we must legitimately ask whether the Wikileaks strategy to get major news sources on board with the release of the cables was the strategy that defeated the US Air Forces premier cyber command, because that action combined with a self-defeating reaction has led to the denial, or concession of, the cyber domain including the New York Times by the 24th Air Force.
To be completely honest, I believe Maj. Gen. Richard E. Webber surrendered and conceded cyberspace like the New York Times and other media outlets to Wikileaks, and I don’t think it is out of bounds at all to question the leadership of the 24th Air Force if during the first major information war – their first public action was to raise the white flag. At best, 24th Air Force has publicly demonstrated the DoD is a long way from understanding the strategies, tactics, and the battlefield involved when cyberspace is the medium for an information war campaign against the United States. At worst, the 24th Air Force has completely ignored or rejected all of the lessons learned over the last decade fighting an information war against the global jihad.
Either way, the DoD has not demonstrated the agility and flexibility necessary to give confidence in the ability of the United States to conduct information warfare in the cyber domain, because Wikileaks has forced our own lawyers to beat our soldiers, sailors, airmen, and Marines over the head by forcing the DoD to conform to the regulations driven by Section 793 and Section 1924, Title 18, United States Code. How is it possible that the American people have seen vigilante’s in the shadows and vigilante behavior among our own political leadership do more to date to address Wikileaks than any organized government effort? Unfortunately, the right answer is lawfare.
The US government is demonstrating a crisis in political leadership with an obvious inability to adapt when confronted with a complex information war in the cyber domain. I’d suggest our nations adversaries are learning quite a few lessons, including how predictable US action, inaction, and overreaction appears to be when certain pressures are applied.
The Department of Defense emphasizes information superiority, or information dominance depending upon slogan, and expects to defeat adversaries by being the smartest military with the right information while capable of being agile and flexible to leverage the information space and achieve an advantage. With that said, in this case the 24th Air Force has allowed the tactics of an adversary to broadly deny the organization access to information of several of the most credible news organizations in the western world. Under such conditions I believe it is a fair statement to suggest the 24th Air Force has been defeated by Wikileaks in this modern information war – even if the method of defeat was a self-defeating policy or surrender to the regulations found in lawfare.