Information Operations (United States)
Information Operations is a category of direct and indirect support operations for the United States Military. By definition in Joint Publication 3-13, "IO are described as the integrated employment of electronic warfare, computer network operations, psychological operations, military deception, and operations security, in concert with specified supporting and related capabilities, to influence, disrupt, corrupt or usurp adversarial human and automated decision making while protecting our own." Information Operations are actions taken to affect adversary information and information systems while defending one's own information and information systems.
At a workshop of experts at RAND in October of 2019, the U.S. Deputy Secretary of Defense Mick Mulroy officially rolled out the Irregular Warfare Annex and said it was a critical component of the U.S. 2018 National Defense Strategy. He explained that irregular warfare included counter-insurgency, counter-terrorism, unconventional warfare, foreign internal defense, sabotage and subversion, as well as stabilization and information operations, among other areas. He continued, that IW was perceived as primarily the CT effort used to fight violent extremist organizations as that has been the focus since 2001, but it should be applied to all areas of military competition. These include rogue states and priority state actors, such as Russia and China, as deemed by the United States and United Kingdom.
Information Operations (IO)
Electronic Warfare (EW)
- Electronic warfare refers to any action involving the use of the electromagnetic spectrum or directed energy to control the spectrum, attack an enemy, or impede enemy assaults via the spectrum. The purpose of electronic warfare is to deny the opponent the advantage of, and ensure friendly unimpeded access to, the EM spectrum. EW can be applied from air, sea, land, and space by manned and unmanned systems, and can target communication, radar, or other services. EW includes three major subdivisions: Electronic Attack, Electronic Protection, and Electronic warfare Support.
- EW as an IO Core Capability. EW contributes to the success of IO by using offensive and defensive tactics and techniques in a variety of combinations to shape, disrupt, and exploit adversarial use of the EM spectrum while protecting friendly freedom of action in that spectrum. Expanding reliance on the EM spectrum for informational purposes increases both the potential and the challenges of EW in IO. The increasing prevalence of wireless telephone and computer usage extends both the utility and threat of EW, offering opportunities to exploit an adversary's electronic vulnerabilities and a requirement to identify and protect our own from similar exploitation. As the use of the EM spectrum has become universal in military operations, so has EW become involved in all aspects of IO. All of the core, supporting, and related IO capabilities either directly use EW or indirectly benefit from EW. In order to coordinate and deconflict EW, and more broadly all military usage of the EM spectrum, an electronic warfare coordination cell should be established by the JFC to reside with the component commander most appropriate to the operation. In addition, all joint operations require a joint restricted frequency list. This list specifies protected, guarded, and taboo frequencies that should not normally be disrupted without prior coordination and planning, either because of friendly use or friendly exploitation. This is maintained and promulgated by the communications system directorate of a joint staff in coordination with J-3 and the joint commander's electronic warfare staff.
- Domination of the Electromagnetic Spectrum. DOD now emphasizes maximum control of the entire electromagnetic spectrum, including the capability to disrupt all current and future communication systems, sensors, and weapons systems. This may include: navigation warfare, including methods for offensive space operations where global positioning satellites may be disrupted; or, methods to control adversary radio systems; and, methods to place false images onto radar systems, block directed energy weapons, and misdirect unmanned aerial vehicles or robots operated by adversaries.
Computer Network Operations (CNO)
- CNO as an IO Core Capability. The increasing reliance of unsophisticated militaries and terrorist groups on computers and computer networks to pass information to C2 forces reinforces the importance of CNO in IO plans and activities. As the capability of computers and the range of their employment broadens, new vulnerabilities and opportunities will continue to develop. This offers both opportunities to attack and exploit an adversary's computer system weaknesses and a requirement to identify and protect our own from similar attack or exploitation.
- Computer network attack. Actions are taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves. Also called CNA. Computer network defense. Actions are taken through the use of computer networks to protect, monitor, analyze, detect and respond to unauthorized activity within the Department of Defense information systems and computer networks. Also called CND.
Psychological Operations (PSYOP)
- PSYOP as an IO Core Capability. PSYOP has a central role in the achievement of IO objectives in support of the JFC. In today's information environment even PSYOP conducted at the tactical level can have strategic effects. Therefore, PSYOP has an approval process that must be understood and the necessity for timely decisions is fundamental to effective PSYOP and IO. This is particularly important in the early stages of an operation given the time it takes to develop, design, produce, distribute, disseminate, and evaluate PSYOP products and actions. All PSYOP are conducted under the authority of interagency-coordinated and OSD approved PSYOP programs. The PSYOP program approval process at the national level requires time for sufficient coordination and resolution of issues; hence, JFCs should begin PSYOP planning as early as possible to ensure the execution of PSYOP in support of operations. A JFC must have an approved PSYOP program, execution authority, and delegation of product approval authority before PSYOP execution can begin. JFCs should request PSYOP planners immediately during the initial crisis stages to ensure the JFC has plenty of lead time to obtain the proper authority to execute PSYOP. PSYOP assets may be of particular value to the JFC in pre-/post-combat operations when other means of influence are restrained or not authorized. PSYOP must be coordinated with CI, MILDEC, and OPSEC to ensure deconfliction and control, CI operations are not compromised, and that all capabilities within IO are coordinated to achieve the objectives established in planning. There must be close cooperation and coordination between PSYOP and PA staffs in order to maintain credibility with their respective audiences, which is the purpose of the IO cell. PSYOP efforts are most effective when personnel with a thorough understanding of the language and culture of the TA are included in the review of PSYOP materials and messages. As the information environment evolves, the dissemination of PSYOP products is expanding from traditional print and broadcast to more sophisticated use of the Internet, facsimile messaging, text messaging, and other emerging media. The effectiveness of PSYOP is enhanced by the synchronization and coordination of the core, supporting, and related capabilities of IO; particularly public affairs, MILDEC, CNO, civil-military operations, and EW.
- Psychological operations are planned operations to convey selected information and indicators to foreign audiences to influence their emotions, motives, objective reasoning, and ultimately the behavior of foreign governments, organizations, groups, and individuals.
- 4th Psychological Operations Group
Military Deception (MILDEC)
- MILDEC is described as being those actions executed to deliberately mislead adversary decision makers as to friendly military capabilities, intentions, and operations, thereby causing the adversary to take specific actions that will contribute to the accomplishment of the friendly forces’ mission. MILDEC and OPSEC are complementary activities — MILDEC seeks to encourage incorrect analysis, causing the adversary to arrive at specific false deductions, while OPSEC seeks to deny real information to an adversary, and prevent correct deduction of friendly plans. To be effective, a MILDEC operation must be susceptible to adversary collection systems and "seen" as credible to the enemy commander and staff. A plausible approach to MILDEC planning is to employ a friendly course of action that can be executed by friendly forces and that adversary intelligence can verify. However, MILDEC planners must not fall into the trap of ascribing to the adversary particular attitudes, values, and reactions that "mirror image" likely friendly actions in the same situation, i.e., assuming that the adversary will respond or act in a particular manner based on how we would respond. There are always competing priorities for the resources required for deception and the resources required for the real operation. For this reason, the deception plan should be developed concurrently with the real plan, starting with the commander's and staff's initial estimate, to ensure proper resourcing of both. To encourage incorrect analysis by the adversary, it is usually more efficient and effective to provide a false purpose for real activity than to create false activity. OPSEC of the deception plan is at least as important as OPSEC of the real plan, since compromise of the deception may expose the real plan. This requirement for close hold planning while ensuring detailed coordination is the greatest challenge to MILDEC planners. On joint staffs, MILDEC planning and oversight responsibility is normally organized as a staff deception element in the operations directorate of a joint staff.
- MILDEC as an IO Core Capability. MILDEC is fundamental to successful IO. It exploits the adversary's information systems, processes, and capabilities. MILDEC relies upon understanding how the adversary commander and supporting staff think and plan and how both use information management to support their efforts. This requires a high degree of coordination with all elements of friendly forces’ activities in the information environment as well as with physical activities. Each of the core, supporting, and related capabilities has a part to play in the development of successful MILDEC and in maintaining its credibility over time. While PA should not be involved in the provision of false information, it must be aware of the intent and purpose of MILDEC in order not to inadvertently compromise it.
- A message targeted to exploit a fissure between a key member of the adversary's leadership who has a contentious relationship with another key decision maker is an example. That message could cause internal strife resulting in the adversary foregoing an intended course of action and adopting a position more favorable to our interests.
- http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA470825&Location=U2&doc=GetTRDoc.pdf
Operations Security (OPSEC)
- OPSEC as an IO Core Capability. OPSEC denies the adversary the information needed to correctly assess friendly capabilities and intentions. In particular, OPSEC complements MILDEC by denying an adversary information required to both assess a real plan and to disprove a deception plan. For those IO capabilities that exploit new opportunities and vulnerabilities, such as EW and CNO, OPSEC is essential to ensure friendly capabilities are not compromised. The process of identifying essential elements of friendly information and taking measures to mask them from disclosure to adversaries is only one part of a defense-in-depth approach to securing friendly information. To be effective, other types of security must complement OPSEC. Examples of other types of security include physical security, IA programs, computer network defense, and personnel programs that screen personnel and limit authorized access.
- What occurs, often, is that data is either leaked, stolen, or hacked online and the enemy has access to and can decipher what that information may say. This is especially true for defensive operational security. US servicemen and servicewomen may have Facebook, multiple blogs, or upload photos, which can lead to the enemy knowing troop movements and locations. With this information, setting up ambush and wreaking havoc on US and support personnel becomes much easier. Geo-tagging features of cellular phones especially, may cause this type of breach in OPSEC.
Equipment methods and tactics
EW
EC-130
The EC-130E Airborne Battlefield Command and Control Center was based on a basic C-130E platform and provided tactical airborne command post capabilities to air commanders and ground commanders in low air threat environments. This EC-130E ABCCC has since been retired.The EC-130E Commando Solo was an earlier version of a U.S. Air Force and Air National Guard psychological operations aircraft. This aircraft also employed a C-130E airframe, but was modified by using the mission electronic equipment from the retired EC-121S Coronet Solo aircraft. This airframe served during the first Gulf War, the second Gulf War and in Operation Enduring Freedom. The EC-130E was eventually replaced by the EC-130J Commando Solo and was retired in 2006.
The EC-130J Commando Solo is a modified C-130J Hercules used to conduct psychological operations and civil affairs broadcast missions in the standard AM, FM, HF, TV, and military communications bands. Missions are flown at the maximum altitudes possible to ensure optimum propagation patterns. The EC-130J flies during either day or night scenarios with equal success, and is air-refuelable. A typical mission consists of a single-ship orbit which is offset from the desired target audience. The targets may be either military or civilian personnel. The Commando Solo is operated exclusively by the Air National Guard, specifically the 193d Special Operations Wing, a unit of the Pennsylvania Air National Guard operationally gained by the Air Force Special Operations Command. The 193 AOW is based at the Harrisburg Air National Guard Base at Harrisburg International Airport in Middletown, Pennsylvania.
The U.S. Navy's EC-130Q Hercules TACAMO aircraft was a land-based naval aviation platform that served as a SIOP strategic communications link aircraft for the U.S. Navy's Fleet Ballistic Missile submarine force and as a backup communications link for the USAF manned strategic bomber and intercontinental ballistic missile forces. To ensure survivability, TACAMO operated as a solo platform, well away from and not interacting with other major naval forces such as sea-based aircraft carrier strike groups and their carrier air wings or land-based maritime patrol aircraft Operated by Fleet Air Reconnaissance Squadron THREE and Fleet Air Reconnaissance Squadron FOUR, the EC-130Q was eventually replaced by the U.S. Navy's current TACAMO platform, the Boeing 707-based E-6 Mercury.
Computer network operations
Stuxnet
is a computer worm discovered in June 2010. It initially spreads via Microsoft Windows, and targets Siemens industrial software and equipment. While it is not the first time that hackers have targeted industrial systems, it is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller rootkit.In May 2011, the PBS program Need To Know cited a statement by Gary Samore, White House Coordinator for Arms Control and Weapons of Mass Destruction, in which he said, "we're glad they are having trouble with their centrifuge machine and that we – the US and its allies – are doing everything we can to make sure that we complicate matters for them", offering "winking acknowledgement" of US involvement in Stuxnet. According to the British Daily Telegraph, a showreel that was played at a retirement party for the head of the Israel Defense Forces, Gabi Ashkenazi, included references to Stuxnet as one of his operational successes as the IDF chief of staff.
Suter
is a military computer program developed by BAE Systems that attacks computer networks and communications systems belonging to an enemy. Development of the program has been managed by Big Safari, a secret unit of the United States Air Force. It is specialised to interfere with the computers of integrated air defence systems. Suter was integrated into US unmanned aircraft by L-3 Communications.Three generations of Suter have been developed. Suter 1 allows its operators to monitor what enemy radar operators can see. Suter 2 lets them take control of the enemy's networks and direct their sensors. Suter 3, tested in Summer 2006, enables the invasion of links to time-critical targets such as battlefield ballistic missile launchers or mobile surface-to-air missile launchers.
The program has been tested with aircraft such as the EC-130, RC-135, and F-16CJ. It has been used in Iraq and Afghanistan since 2006.
U.S. Air Force officials have speculated that a technology similar to Suter was used by the Israeli Air Force to thwart Syrian radars and sneak into their airspace undetected in Operation Orchard on 6 September 2007. The evasion of air defence radar was otherwise unlikely because the F-15s and F-16s used by the IAF were not equipped with stealth technology.
PSYOP
B (SOMS-B)
- Special Operation Media Systems - B
broadcast system. Like the EC-130C/J it can broadcast on AM, FM, SW and VHF television frequencies. The SOMS-B also has the capability to produce programming or radio and television broadcasts
Other/Integrated
Radio
Radio Free Afghanistan
Radio Free Afghanistan is the Afghan branch of Radio Free Europe / Radio Liberty's broadcast services. It broadcasts 12 hours daily as part of a 24-hour stream of programming in conjunction with Voice of America. RFA first aired in Afghanistan from 1985 to 1993 and was re-launched in January 2002. RFA produces a variety of cultural, political, and informational programs that are transmitted to listeners via shortwave, satellite and AM and FM signals provided by the International Broadcasting Bureau. RFA's mission is "to promote and sustain democratic values and institutions in Afghanistan by disseminating news, factual information and ideas".Radio in a Box
Radio is the dominant information tool to reach wide audiences in isolated, mountainous regions. The US military has deployed RIABs throughout Afghanistan in order to communicate with the residents. Due to a 70 percent illiteracy rate and lack of education in Afghanistan, radio is a vital communications tool used to broadcast information where radio ownership exceeds 80 percent. The United States military operates approximately 100 RIABs and hire local Afghan DJs in Afghanistan to broadcast information and host call-in shows. The United States Army employed RIAB systems to broadcast anti-Taliban and anti-Al Qaeda messages and countered Taliban propaganda by pushing onto Taliban frequencies in Paktia Province. One advantage of employing RIAB systems is the ability to broadcast vital information immediately to a large audience in the event of a crisis. One Afghan DJ has 50,000 listeners. Nawa District Governor Abdul Manaf uses the local RIAB station to conduct weekly call-in shows and believes the RIAB system is one of his best communication tools to inform a large audience. In Afghanistan's Paktika province, which has a literacy rate of two percent, an estimated 92 percent of the residents listen to the radio every day. Radio programs transmitted using RIAB systems provide beneficial information to Afghan farmers in remote areas. In the isolated, mountainous Wazi Kwah district of Paktika Province, a RIAB system supplies the only source of outside news. Afghan National Army commanders use the RIAB to communicate to villagers and elders and provide thoughts to the community. Afghans can use information distributed by the United States military such as how to react to an approaching military convoy or purpose or use of U.S.-sponsored agriculture programs. For general news, Afghans can also use other information outlets such as the BBC or VOA because RIAB systems are controlled by the US military. Special Operations first employed RIAB systems in Afghanistan in 2005 which improved their ability to supply information to and communicate with the local population in their areas of operation.Terrorists (IO from US Perspective)
"Terrorists are adept at integrating their physical acts of violence with IO. They make audio and video recordings of the incidents for distribution over the Internet and on television. Their violence becomes theater, staged for its psychological impact, and replayed over and over again in the media as IO."- "Terrorists employ all the IO capabilities of U.S. military doctrine, including the five core capabilities of PSYOP, military deception, EW, CNO, and OPSEC, and the supporting and related capabilities. They use IO to support both offensive operations and defensive operations. They use IO strategically in support of broad objectives. While terrorists do not speak and write of “IO,” they demonstrate an understanding of the value and methods of IO capabilities. Terrorists appear to be particularly adept at PSYOP, PA, counterpropaganda, and certain forms of OPSEC and deception, driven by their desire to simultaneously reach desired audiences and hide from their enemies. They recognize the value of various media, including the Internet, and exploit it to support their cause. Terrorists and their supporters have a CNO capability, with CNA manifesting itself as “electronic jihad” rather than as acts of terror."
Computer network operations
The same can be said for CNE, which is about penetrating computer networks before actually attacking them. Gaining access to specific networks is seen to be as part of the CNA process for terrorists.
As for CND, terrorists are aware of keeping data secure and websites running because they use the Internet. Hamas and Hizballaha have had to defend their websites from Israeli hackers who in the past have defaced them. The methods they use include access controls, encryption, authentication, firewalls, intrusion detection, anti-viral tools, audits, security management, and security awareness and training.
- "The Taliban have in recent months waged an intensifying information war with NATO forces in the country, distributing anti-government messages on mobile phone networks and using Twitter to claim largely improbable successes as most foreign combat troops look to leave the country by 2014. A day rarely passes without a Taliban spokesman using Twitter to claim the destruction of numerous NATO armoured vehicles and the deaths of scores of Western or Afghan security forces, with NATO quickly countering in its own Twitter feeds. The Taliban also employ a sophisticated network of spokesmen to distribute messages and even have their own mobile radio broadcast service, which frequently moves location to avoid the threat of retaliatory airstrikes by NATO warplanes."
- * The Taliban HAVE to rely on CNO and integrate it into their IO campaign as it is the most cost-effective method of disrupting Western forces. This is a prime example of how CNO is used in conjunction with PSYOP to achieve their objectives.
Steganography
File:Avatar for terrorist.png|right|thumb|An example showing how terrorists may use forum avatars to send hidden messages. This avatar contains the message "Boss said that we should blow up the bridge at midnight." encrypted with using "växjö" as password.
Rumors about terrorists using steganography started first in the daily newspaper USA Today on 5 February 2001 in two articles titled "Terrorist instructions hidden online" and "Terror groups hide behind Web encryption". In July the same year, an article was titled even more precisely: "Militants wire Web with links to jihad". A citation from the article: "Lately, al-Qaeda operatives have been sending hundreds of encrypted messages that have been hidden in files on digital photographs on the auction site eBay.com". Other media worldwide cited these rumors many times, especially after the terrorist attack of 9/11, without ever showing proof. The Italian newspaper Corriere della Sera reported that an Al Qaeda cell which had been captured at the Via Quaranta mosque in Milan had pornographic images on their computers, and that these images had been used to hide secret messages. The USA Today articles were written by veteran foreign correspondent Jack Kelley, who in 2004 was fired after allegations emerged that he had fabricated stories and sources.
In October 2001, The New York Times published an article claiming that al-Qaeda had used steganography to encode messages into images, and then transported these via e-mail and possibly via USENET to prepare and execute the 11 September 2001 terrorist attack. The Federal Plan for Cyber Security and Information Assurance Research and Development, published in April 2006 makes the following statements:
- "...immediate concerns also include the use of cyberspace for covert communications, particularly by terrorists but also by foreign intelligence services; espionage against sensitive but poorly defended data in government and industry systems; subversion by insiders, including vendors and contractors; criminal activity, primarily involving fraud and theft of financial or identity information, by hackers and organized crime groups..."
- "International interest in R&D for steganography technologies and their commercialization and application has exploded in recent years. These technologies pose a potential threat to national security. Because steganography secretly embeds additional, and nearly undetectable, information content in digital products, the potential for covert dissemination of malicious software, mobile code, or information is great."
- "The threat posed by steganography has been documented in numerous intelligence reports."
By early 2002, a Cranfield University MSc thesis developed the first practical implementation of an online real-time Counter Terrorist Steganography Search Engine. This was designed to detect the most likely image steganography in transit and thereby provide UK Ministry of Defence Intelligence Staff a realistic approach to "narrowing the field", suggesting that interception capacity was never the difficulty but rather prioritising the target media.
Military deception
A police search of a British, al-Qaeda member's home, uncovered what is now called "The al-Qaeda Training Manual", a techniques instruction book on deception, forgery, "blending in", hiding places, and the use of covers to blend into the terrorist area of operation. The philosophy the MILDEC is for the concealment of activities rather than misleading adversaries.PSYOP
Terrorist PSYOP differs from American PSYOP in one two major areas. First, US PSYOP targets foreign adversaries and information is coordinated with many other agencies and screened before it is published. Second, while PSYOP by US and coalition forces is "designed to bring an end to violence and save lives, terrorist PSYOP is frequently directed toward promoting violence and threatening civilian populations with death and destruction. Suicide bombers are portrayed as martyrs rather than killers of innocent people."The Internet is the main resource to spread propaganda with al-Aqaeda and other terrorist groups. "According to Bruce Hoffman, before it was taken down, al-Qaeda's website Alneda.com emphasized three themes: 1)the West is implacably hostile to Islam, 2) the only way to address this threat and the only language the West understands is the logic of violence, and 3) jihad is the only option"
Terrorists also like to use the Internet to recruit and persuade children to their cause. As Dorothy Denning has found, "Children are being taught to hate Jews and Westerners, and to take up arms against them ".
OPSEC
All terrorists practice a high level of OPSEC since their need to be secret is how they can be successful. Whether it is the al-Qaeda training manual, online magazines targeted for the world, or the training of youth in Jihad camps, OPSEC is one of the first priorities for terrorists.Secure communications are big as well. The 11 September hijackers, for example, accessed anonymous Hotmail and Yahoo! accounts from computers at Kinko's and at a public library. Messages are also coded. Three weeks before the attacks, Mohamed Atta reportedly received a coded email message that read: "The semester begins in three more weeks. We've obtained 19 confirmations for studies in the faculty of law, the faculty of urban planning, the faculty of fine arts, and the faculty of engineering." The faculties referred to the four targets.
The list of methods goes on and on and is very similar to the methods used in organized crime around the world.
Criticism
- "In , the most important targets of influence are not enemy commanders, but individuals and groups, both local and international, whose cooperation is vital to the mission’s success. Granted, joint and Army IO doctrine publications do not ignore these targets – PSYOP and counterpropaganda can be designed to influence them. But it is notable that the activities most directly aimed at influencing local and international audiences – functions such as public affairs, civil affairs, CMOs, and defense support to public diplomacy – are treated only as ‘related activities’ in IO doctrine, if they are mentioned at all"
- "There must be a fundamental change of culture in how ISAF approaches operations. StratCom should not be a separate Line of Operation, but rather an integral and fully embedded part of policy development, planning processes, and the execution of operations. Analyzing and maximizing StratCom effects must be central to the formulation of schemes of maneuver and during the execution of operations. In order to affect this paradigm shift, ISAF HQ must synchronize all stratCom stakeholders. Implicit in this change of culture is the clear recognition that modern strategic communication is about credible dialogue, not a monologue where we design our systems and resources to deliver messages to target audiences in the most effective manner. This is now a population centric campaign and no effort should be spared to ensure that the Afghan people are part of the conversation. Receiving, understanding, and amending behavior as a result of messages received from audiences can be an effective method of gaining genuine trust and credibility. This would improve the likelihood of the population accepting ISAF messages and changing their behavior as a result."