Information warfare (IW) is a novel and poorly understood threat to the international community, which may be used more commonly as a foreign policy tool in the future. By identifying the key components of modern IW, this paper seeks to formulate policy recommendations for how best to deal with this new threat. The general overview of the topic that this paper provides contributes to current efforts to develop strategies to counter IW operations around the world.
The goal of this paper is to break down the components of modern IW and provide policy recommendations for domestic and international governance on the issue. These recommendations will be based in part of historical initiatives to counter IW and existing literature on cyber governance. Central to the framework used to analyze the cases of Russian and North Korean IW operations are the seven defining features of “strategic” IW established by a 1996 RAND Corporation report, modified to incorporate the importance of cyberspace to cases of IW in the modern day.
Modern IW presents a new, multifaceted threat to states. Because of the value of IW as a tool by weaker states to counter stronger ones and the weakness of existing legal and normative frameworks, use of IW can be expected to be increasingly common. States can take action to promote international governance on the issue and develop policy frameworks for protecting themselves against IW.
IW has historically been a very tricky tactic to define and identify. By analyzing IW’s basic features, this paper provides a framework for breaking down IW into its component parts, which reveals valuable policy implications. Preventative efforts against IW can help restore trust to global information networks and lower the risk of conflict.
Formal scholarship on modern IW and related subjects is lacking in comparison with higher visibility threats. Increased awareness of this issue, especially amongst civilian leaders, can augment global efforts to counter IW.
Emerald Publishing Limited
Copyright © 2019, Emerald Publishing Limited
What is information warfare (IW)? The dictionary definition of IW is the “tactical and strategic use of information to gain an advantage” (What Is Information Warfare?, no date). Starting off as a purely military tactic, IW has dramatically evolved over time. Today, IW is a unique foreign policy tool that threatens states in ways never seen before in history.
IW’s uniqueness is easily seen in the multitude of tactics used by Russian agents in the 2016 election, which included leaking of important emails, usage of troll farms and even direct probing of voter registration databases (Diamond, 2016; McFadden, 2018). Wide use of cyber operations, intervention in the domestic affairs of a one state by another and the lack of legal precedents that could inform prosecutory efforts combined to sow confusion and fear because Russian president Vladimir Putin publicly denied all allegations of election interference (Abramson, 2017).
The definitional and legal challenges surrounding IW, as well as the lack of public knowledge of the tactic, creates an especially concerning risk in the information era, and an especially worthy subject for future research. After introducing an analytical framework used to break IW down into its defining features, this paper will analyze multiple aspects of modern IW in three main parts. Section 1 will consider the historical evolution of IW throughout history, focusing on twentieth century and post-Cold War examples. Section 3 will examine the underlying factors contributing to the rise of IW as a policy tool. Finally, Section 4 will offer recommendations as to how states can counter IW through international governance and domestic policy.
2. Methodology and literature review
Over the past decade, cases of IW have been well documented in public news sources (Abramson, 2017; Badshah, 2018; Braw, 2018; Byers, 2017; Farrell, 2017; Galeotti, 2014, 2017; Kang, 2018; Keeley, 2018; Miller et al., 2017; Pifer, 2016; Singer, 2018). However, contemporary research is lacking when it comes to defining and analyzing the unique threat of modern IW. Given the novelty of the issue and the severe implications it has on the global security environment, modern IW should be examined to identify its core features as well as causes and effects.
This paper develops a qualitative framework to provide a means of defining and identifying modern IW. One document central to this framework is a 1996 RAND Corporation report, which outlines some key features of modern IW, as well as a possible domestic policies to counter the threat (Molander et al., 1996). A modified version of the RAND framework, which includes the newfound centrality of cyberspace to IW operations, provides the basis for this paper’s analytical framework. By identifying the eight key features of modern IW – which are low entry cost, blurred traditional boundaries, expanded role for perception management, a new strategic intelligence challenge, formidable tactical warning and attack assessment problems, difficulty of building and sustaining coalitions, vulnerability of domestic and civilian resources and increasing centrality of operations in cyberspace – this analytical framework can be used to break down contemporary cases of IW into their individual components.
This paper uses a case study approach to examine the complexity of modern IW operations. In particular, the extensive media and academic coverage of the Russian and North Korean cases make them worthy candidates for research. This paper’s approach focuses on using the aforementioned analytical framework to examine media and academic sources covering Russian IW operations in Europe and North Korean IW operations against South Korea to determine the eight defining features of modern IW for both cases. By analyzing these eight features, this paper identifies the underlying factors contributing to the use of IW as a foreign policy tool. In turn, these underlying factors are used to suggest policy that can be taken by states to mitigate the threat.
Existing futures and cybersecurity research will be referenced to support these policy recommendations. Some predictions about possible developments in in the tactic, including possible attempts to counter IW, have been outlined in Jerome C. Glenn’s Future Mind, which, despite having been written at the end of the Cold War, lays out possible foreign policy frameworks for states looking to protect themselves against IW (Glenn, 1989, pp. 193-209). In addition, there is a wide variety of existing scholarship concerning one central aspect of modern IW – cyber operations. Because sophisticated cyberattacks and social media influence campaigns can be essential elements of a modern IW operation, Joseph S. Nye Jr.’s work on cyber governance and deterrence has proven especially valuable in developing domestic and international frameworks to mitigate the threat (Nye, 2017, 2018).
3. Analytical framework
Most generally, IW is the “tactical and strategic use of information to gain an advantage” (What Is Information Warfare?, no date). This definition by itself is unsatisfactory when attempting to distinguish modern IW from historical examples of IW because anything from strategic bombing campaigns to recruiting scientists can fit under this definition. This does not help when trying to formulate effective policy, and for the sake of specificity, the working definition of “modern information warfare” identified at the end of this section will only deal with strategies that rely on manipulation of information systems.
It is necessary to highlight some unique features of modern IW. RAND Corporation formulated a “turn-of-the-century” scenario of a conflict between Iran and the USA (including the latter’s allies), involving a threat against Saudi Arabia to study “strategic” IW and how policymakers would react to IW attacks (Molander et al., 1996, pp. 5-9). This particular study recognized some key features of IW that are useful for creating a working definition of modern IW. RAND’s seven defining features of “strategic” IW are listed below:
Low entry cost: Unlike traditional weapon technologies, development of information-based techniques does not require sizable financial resources or state sponsorship. Information systems expertise and access to important networks may be the only prerequisites.
Blurred traditional boundaries: Traditional distinctions – public versus private interests and war-like versus criminal behavior – and geographic boundaries, such as those between nations as historically defined, are complicated by the growing interaction within the information infrastructure.
Expanded role for perception management: New information-based techniques may substantially increase the power of deception and of image-manipulation activities, thus dramatically complicating government efforts to build political support for security-related initiatives.
A new strategic intelligence challenge: Poorly understood strategic IW vulnerabilities and targets diminish the effectiveness of classical intelligence collection and analysis methods. A new field of analysis focused on strategic IW may have to be developed.
Formidable tactical warning and attack assessment problems: There is currently no adequate tactical warning system for distinguishing between strategic IW attacks and other kinds of cyberspace activities, including espionage or accidents.
Difficulty of building and sustaining coalitions: Reliance on coalitions is likely to increase the vulnerabilities of the security postures of all the partners to strategic IW attacks, thus giving opponents a disproportionate strategic advantage.
Vulnerability of the US homeland: Information-based techniques render geographical distance irrelevant; targets in the continental USA are just as vulnerable as in-theater targets. Given the increased reliance of the US economy and society on a high-performance networked information infrastructure, a new set of lucrative strategic targets presents itself to potential IW-armed opponents (Molander et al., 1996, p. xiv).
Central to each of these seven features is the presence of cyber operations, which immensely complicates efforts to deal with modern IW. Singer and Brooking note that, when it comes to distributing malicious information on social media, “anyone can do it” so long as they have access to a device that can connect to the internet (Singer and Brooking, 2018). Instantaneous direct communication around the world blur traditional boundaries between civilian and military, domestic and foreign as destabilizing propaganda could be sent by anyone to anywhere (Singer and Brooking, 2018). This allows a multitude of state and nonstate actors to manipulate information distributed to key actors or groups, thus making perceptions unreliable (Molander et al., 1996, pp. 22-24). At the same time, persistent issues in identifying cyberattackers and understanding their intentions make it difficult to collect reliable intelligence using existing methods (McKenzie, 2017, pp. 7-11). Similarly, attribution issues and the inherent complexity of cyber networks make advance warning extremely difficult (Molander et al., 1996, pp. 26-28). Uncertainties in intelligence, along with the “weak link” issue in collective attempts to act against IW, make sustaining international coalitions difficult (Molander et al., 1996, pp. 28-30). Attribution issues regarding, widespread infrastructure connectivity with, and insignificance of distance on cyberspace combine to make the domestic affairs of the US – and most countries with significant populations of “netizens” – especially vulnerable to information warfare (Molander et al., 1996, pp. 30-33).
After the creation of the RAND report, however, cyberspace has become a much more integral part to information warfare campaigns. The individual events that made up the RAND exercise by and large saw cyberspace as a platform for operations that target the military strategic capabilities of an enemy, including cyberattacks, espionage and propaganda broadcasts (Molander et al., 1996, Appendix C). However, IW campaigns in recent years have begun to use broader influence campaigns to influence the “minds and spirits” of civic populations (Singer and Brooking, 2018). In the case of the 2016 US election, 87 million Americans unknowingly had their data taken and used to create targeted advertisements in support of the Trump campaign (Badshah, 2018) and Russian-made advertisements reached 126 million Americans, according to Facebook (Byers, 2017). As social media networks continue to grow, more data can be collected about more individuals, allowing more sophisticated IW campaigns to affect more people. Social media algorithms allow targeted messages of the sort that are used in modern influence campaigns have never been more logistically feasible nor have they been more effective at spreading inflammatory information to as large of an audience (Singer and Brooking, 2018). The goal of such social media campaigns, unlike the IW cases in the RAND report, are no longer strategic destruction, but rather psychological influence to realize “the political objective of a war without firing a shot” (Singer and Brooking, 2018). This development gives cyberspace a newfound importance in IW because it no longer has to be a means of facilitating military ends, but the potential cause of the military end in itself.
In the modern day, it would be necessary to include cyber operations as a separate and important part of modern IW. Thus, the eight defining features of modern IW are as follows:
low entry cost;
blurred traditional boundaries;
expanded role for perception management;
a new strategic intelligence challenge;
formidable tactical warning and attack assessment problems;
difficulty of building and sustaining coalitions;
vulnerability of domestic and civilian resources; and
increasing centrality of operations in cyberspace.
The sections that follow will demonstrate how these features manifest in modern-day examples of IW. The eight features will be referred to by their numbers throughout this study.
4. Research results
4.1 Historical and contemporary cases
IW relies on the manipulation of information to prompt one actor to operate in the interests of another. As such, IW has historically been an integral part of conventional warfare, illustrated by Sun Tzu’s famous assertion that “all warfare is deception” (Mackey, 2014). However, much of IW for much of history comprised one military deceiving another to gain an upper hand on the battlefield. Notable examples include psychological tactics practiced by Mongol armies to overwhelm numerically superior foes (Zambri, 2018), and British deception tactics to force Fort Detroit’s surrender during the Battle of 1812 (“Battle of Detroit,” 2018). In both cases, one military was able to convince another to act in the former’s interest.
IW matured during the Cold War as a foreign policy tool to achieve military ends that did not rely on traditional military apparatus. In the 1980s, two incidents of Soviet submarines violating Swedish territory occurred, one in which a submarine ran aground and another in which the Swedish navy pursuing a suspected Soviet vessel found submarine tracks off the coast of Stockholm. Despite clear proof of violations, according to Swedish defense analyst Joakim von Braun, the USSR issued “a real smorgasbord [sic] of rumors and disinformation” (Braw, 2018). According to Swedish Naval Commodore Nils-Ove Jansson, Soviet-manufactured:
[…] alternative explanations created doubt among the Swedish public and led to a situation where many Swedes thought [the Swedish Navy was] making up the submarine hunts in order to get more money (Braw, 2018).
These included notions that the submarine that ran aground did so because the crew “lost their bearings” and that the submarine that left tracks on the seabed was actually a NATO vessel (Braw, 2018).
These incidents, relying on a combination of public broadcasts and official statements, use many of the features of modern IW. From the context, one can assume that this particular Soviet disinformation campaign’s end goal was some combination of covering up errors in naval operations, sowing distrust in Swedish civil society and promoting an environment of information confusion in which the USSR could conduct more covert operations. The fact that a wide variety of conflicting narratives and disinformation were released indicates an attempt to mislead a wider society rather than only military and intelligence organizations; thus, traditional boundaries are blurred (feature 2) and perceptions are altered (feature 3). The clandestine nature of Soviet operations in the case of the submarine that left seabed tracks make it difficult to collect reliable intelligence (feature 4) and warn against attacks (feature 5). Finally, alternative narratives given by the Soviet navy, such as the assertion that one of the submarines discovered was actually a NATO ship, influenced domestic Swedish politics (feature 7) and made it more difficult for Sweden to know which regional partners to trust (feature 6). While cyberspace is understandably not involved in this case, the “smorgasbord [sic] of rumors and disinformation” still allowed “anyone a bit critical to the official Swedish story [to] find a story that fitted their convictions,” simulating modern day targeted advertising on social media in spreading propagandic narratives to a large population (Braw, 2018). Nevertheless, the lack of cyber connectivity in this case meant that, unlike the RAND exercise, the IW attack still required state sponsorship, or the perception thereof, so entry barriers were still relatively high; thus, there was a diplomatic standoff “between Stockholm and Moscow about what to do about the sub and its crew” (Molander et al., 1996, p. xiv; Braw, 2018).
Moving into the twentieth century, IW attacks became even more sophisticated, using a full suite of operations in the physical and cyber world that attack multiple aspects of an adversary’s information and physical infrastructure. Russia’s actions in Ukraine demonstrate just how sophisticated and effective modern IW can be. Mark Galeotti provided an effective summary of the events that unfolded:
If we take Ukraine as the example, the GRU (military intelligence), supported by regular military units, took point over Crimea. In eastern Ukraine, the Federal Security Service (FSB), which had thoroughly penetrated the Ukrainian security apparatus, encouraged defections and monitored Kyiv’s plans. The Interior Ministry (MVD) used its contacts with its Ukrainian counterparts to identify potential agents and sources. The military has been used to rattle sabres loudly on the border – and may be used more aggressively yet – while the GRU not only handled the flow of volunteers and materiel into the east but probably marshalled the Vostok Battalion, arguably the toughest unit in the Donbas. Moreover, Russian media and diplomatic sources have kept up an incessant campaign to characterise the “Banderite” government in Kyiv as illegitimate and brutal, while even cyberspace is not immune because “patriotic hackers” attack Ukrainian banks and government websites. The essence of this non-linear war is, as Gerasimov says, that the war is everywhere (Galeotti, 2014).
While physical military combat is undoubtedly taking place in Ukraine, IW is as integral of a part of the conflict as the actual fighting. There is no doubt that Russia used all eight aspects of modern IW to collect valuable intelligence and foment internal turmoil in Ukraine:
Low entry cost: While official figures on how much a “patriotic hacker” is worth to the Russian government is understandably lacking, cybersecurity experts have concluded that “many Russian hackers, including those engaged in cybercrime, are politically motivated and patriotic” (Farrell, 2017). Because the Russian government does not have to train or “arm” such cybercriminals and may not even have to pay them if their independent actions happen to be in Russian interests, the average lifetime cost of a “patriotic hacker” is probably much cheaper than a military unit that can inflict the same amount of damage.
Blurred traditional boundaries: Galeotti mentions “an incessant campaign to characterise the ‘Banderite’ government in Kyiv as illegitimate and brutal.” These direct attacks on the legitimacy of a civilian political institution indicate that both civilian and military assets are on the front line when it comes to information conflict.
Expanded role for perception management: In addition to infiltration of Ukrainian security organizations, uniformed soldiers wearing no national insignia appeared in Crimea and any inquiry about their origin were met with denial (Pifer, 2016). Adding to the confusion is Russia’s continued assertion that there are no Russian troops in Eastern Ukraine, only “volunteers” and local militias (Pifer, 2016). Over the course of the conflict, Ukrainian security operatives would have trouble knowing who to trust and who is the enemy.
A new strategic intelligence challenge: With infiltration of domestic security and intelligence organizations, Russia impeded Ukrainian intelligence gathering. Extensive use of intelligence operations to obfuscate the transfer of Russian troops and equipment made it difficult for Ukraine or its partners in the West to collect reliable intelligence.
Formidable tactical warning and attack assessment problems: There were no signs that Ukraine knew Russia had infiltrated its intelligence infrastructure prior to the conflict and was willing or able to do anything about it. The information attack began long before a single shot was fired.
Difficulty of building and sustaining coalitions: Russia used disinformation and plausible deniability tactics to ensure that no potential ally of Ukraine has cause to intervene. Though NATO has pledged to assist Ukrainian defenses through the Comprehensive Assistance Package (CAP) for Ukraine, much of this support involves funding and information sharing, and not military support.
Vulnerability of domestic and civilian resources: As mentioned above, Ukrainian political and economic institutions were hardly secure from verbal and cyber-attacks from Russia.
Heavy involvement of operations in cyberspace: Internet was an important medium for social and conventional media attacks on the Ukrainian Government, public denials of Russian involvement and cyberattacks on Ukrainian infrastructure.
Another noteworthy series of cases come from North Korea’s application of IW against South Korea and the USA. Despite popular perceptions of the Democratic People’s Republic of Korea (DPRK) as a technologically backward state, a 2016 report titled “Operation Blockbuster” indicated that North Korea has a wide variety of cyber capabilities, including:
[…] distributed denial of service (DDoS) malware, keyloggers, remote access Trojans (RATs), and even a peer-to-peer (P2P) malware that allows operators to establish a common program base and remote administration across all infected machine (Pinkston, 2016, p. 64).
Attacks carried out using these tools have included robbery of military secrets, shutdowns of vital infrastructure and DDoS attacks against American and South Korean websites (Pinkston, 2016, p. 69). In addition to these “hard” cyber capabilities, the DPRK has considerable ability to conduct influence operations. These include about 160 foreign-hosted websites, as well as social media accounts on platforms such as YouTube and Twitter (Pinkston, 2016, p. 65).
Despite the closed nature of North Korean society, its cyber operatives have the ability to launch disproportionately effective IW operations. In October 2016, one such campaign was launched with the apparent purpose of preventing former UN Secretary General Ban Ki-moon from winning the South Korean presidency and establishing a conservative government more hostile to North Korea (Kang, 2018). The DPRK, through its media outlets, dramatically increased critical reports of Ban (Kang, 2018). Taking advantage of deep-rooted national sentiments, North Korea issued propaganda depicting him as a puppet of Japan, including “an image of Ban paying a deep bow to the Japanese Emperor” (Kang, 2018). Once again, the eight features of IW are demonstrated:
North Korea, which is extremely poor relative to South Korea, was able to successfully attack a much richer and technologically advanced state using its scarce resources.
A civilian leader was the victim of an IW operation conducted over cyber platforms traditionally dominated by civilian usage.
DPRK influenced operations that did not focus on “fake news;” rather, existing information, such as the picture of Ban bowing to the Japanese Emperor, was manipulated to stoke public resentment.
According to the head of the Korea Institute of Liberal Democracy, “South Korea is still heavily exposed to North Korea’s propaganda activities, but it is not prepared to tackle it” (Kang, 2018). Reliable intelligence remains elusive when it comes to influence campaigns.
Tae-jun Kang writes that “In South Korea, not many even know North Korea is operating such propaganda websites, and people often consume and share content provided by the North without realizing” (Kang, 2018). Therefore, few realized that they were active participants in a malicious influence campaign until it was too late.
Domestically, Ban and his supporters would have found it difficult to gain allies when they were perceived to be under the Japanese influence. Internationally, plausible deniability of attackers in social media campaigns make it unlikely that allies would be able to find credible justification for assisting South Korea (McKenzie, 2017, pp. 7-11).
Inflammatory propaganda was injected into the heart of South Korean information infrastructure and domestic political processes faced possible disruption.
The entire operation was conducted entirely over cyberspace. Compared to past North Korean influence campaigns, which relied on radio and television, this particular operation was able to reach far more people and more effectively influence their beliefs (Pinkston, 2016, p. 65).
The Russian and North Korean cases have resulted in dramatically different outcomes. After all, the former resulted in an ongoing conflict that has claimed thousands of lives, while the latter possibly assisted in the election of a more liberal president. However, in examining the individual components of both operations, commonalities with great implications for policy could be identified.
4.2 Underlying factors
As discussed in previous sections, IW is not a new phenomenon but has taken a much unique form in the modern day due in large part to cyber operations. Changes in the international political structure have also encouraged some states to rely on IW as an important foreign policy tool. In the example of Russia, the fall of the Soviet bloc did not end geopolitical competition with Western adversaries but reduced the resources Russia had to do so (Galeotti, 2017). Militarily, Russia “lacks credible power projection capacities,” compared to the hundreds of international military bases operated by the USA; economically, it has “a GDP little more than Italy’s and is dangerously dependent on gas and oil exports,” compared to the larger and diversified economies of North America and Europe; diplomatically, it finds allies only among “marginalized dictatorships such as Venezuela and Syria,” while being opposed by a strong coalition of NATO countries and their allies (Galeotti, 2017). In this context, the Russian Federation developed a new form of warfare, termed “hybrid warfare” or the so-called “Gerasimov Doctrine,” which integrates modern IW with economic pressure and traditional military force (Galeotti, 2014). Using IW is one of the most efficient ways Russia can allocate scarce geopolitical resources, allowing it to “punch above its weight” (Galeotti, 2017).
A similar story plays out with North Korea. The “Hermit Kingdom,” because of isolation from the international system and economic poverty, has fallen behind South Korea in terms of developing high-quality conventional military capabilities by opting instead to invest in asymmetrical strategies such as nuclear deterrence and cyberwarfare (Hackett, 2018). North Korea is also becoming increasingly isolated, as China, North Korea’s only ally, is expressing its frustration with Pyongyang’s inaction on denuclearization “by refusing coal shipments […] talking about cutting off oil shipments[…] and arresting some people involved in smuggling” (Pomeranz, 2018). In this context, IW’s low entry cost proved extremely useful for the DPRK. Despite most citizens have extremely limited internet access, North Korea was able to establish a robust education system to train computer scientists and establish military and science institutions employing thousands of researchers and cyber operatives (Pinkston, 2016, pp. 66-68). As mentioned earlier, this cyberwarfare infrastructure allowed North Korea to conduct sustained and impactful attacks against countries with far greater capabilities, indicating the cost efficiency of using IW in place of traditional military tactics.
However, more powerful states, either because of the historical lack of necessity or comparative advantage in developing military, economic and diplomatic strength have not utilized such sustained IW tactics. After the end of the Cold War, US IW operations have been largely limited to supporting physical military operations through broadcasts and electronic warfare. These include radio broadcasts during the 1991 Gulf War to encourage Iraqi soldiers to defect and broadcasts prior to the 1994 Haiti intervention stating that American troops were there to restore democracy (Singer, 2018). However, during other conflicts, such as the 1998 Kosovo war or the 1994 Rwandan genocide, similar strategies were not used, indicating that use of IW is not consistently a component of US foreign policy. While the USA has greater economic resources to create IW infrastructures similar to those of Russia or North Korea, widespread acknowledgement that the USA could be vulnerable to IW campaigns did not exist prior to Russian employment of IW tactics during the 2016 election (Diamond, 2016; McFadden, 2018). As IW operations featuring all eight features of this paper’s Analytical Framework was not possible prior to the 1990s, states that have traditionally enjoyed high positions in the international political structure – such as the USA and its allies – did not have cause to worry about sophisticated attacks on their information infrastructure. Furthermore, because these states have achieved and sustained high positions in the international political structure through pre-information era strategies, they did not have as exigent of a need to adopt IW capabilities as states for whom IW was the only way to maximize the effectiveness of inferior resources.
The attractiveness of IW as a foreign policy tool of weaker or more isolated states is also reflected through its basic features. Low entry costs (1) mean that states do not have to construct a modern military-industrial complex to compete with greater powers. As in the case of North Korea, advanced cyber training of a relatively small segment of the population would be sufficient to create a formidable cyber threat. Blurring of traditional boundaries (2) allow weaker states to ignore traditional norms of war and attack information and social institutions where it would impact the stronger state the most. Intelligence and tactical warning problems (4 and 5) enable the weaker state to strike when least expected and hide under a veil of plausible deniability to prevent retaliation. Finally, difficulty of building and sustaining coalitions (6) allows more isolated states to prevent multilateral action against attempts to undermine a stronger state or disrupt an opposing coalition to further one’s regional interests.
IW, in addition to existing as one of the few ways a weaker state can challenge a much stronger one, persists in the international system because of a variety of legal and normative factors. Existing legal frameworks are hopelessly inept when dealing with online influence campaigns. When it comes to the USA, as cybersecurity researcher Dr. Herb Lin points out, modern IW usually takes place through:
[…] practices and activities that have been entirely legal under US law and [uses] information technology products and services in exactly the way they were designed to be used –to spread uncensored information rapidly to selected groups of people (Lin and Rosenzweig, 2018).
Modern information channels, especially when users can mask their identity, are comparatively undefended in most liberal democracies because of commitments to rule of law and free speech. While the Foreign Agents Registration Act (FARA) provides a framework for dealing with foreign propaganda efforts (United States Department of Justice, 2018) and propaganda is defined under the Supreme Court case Meese v. Keene (1987), cyberspace enables foreign agents to manipulate the information that US citizens receive from outside federal jurisdiction, often anonymously.
Domestically, features of IW make it difficult to develop legal frameworks for prosecuting offenders. Blurring of traditional boundaries (2) and attribution issues inherent with increasing operations in cyberspace (8) make it difficult for states to know where attacks are coming from, and how best to exercise jurisdiction to protect themselves from IW. Difficulty of managing perceptions (3), strategic intelligence challenges (4) and tactical warning problems (5) present formidable challenges to policymakers and voters when it comes to defining and implementing policies dealing with IW,. Thus, it made it even more difficult to create appropriate domestic prosecutory frameworks for dealing with IW. The lack of domestic prosecutory frameworks makes it easier for aggressors to use IW operations without a credible threat of a credible retaliation.
However, when it comes to international governance, there is still great potential in managing IW because states can build off existing norms for kinetic warfare and take advantage of increasing calls for governance in cyberspace. The legal frameworks states have regarding armed conflict are mostly international norms and agreements. If one armed group wants to increase the legitimacy of their actions in the eyes of the international community and mitigate the risk of humanitarian intervention, key international norms must be followed in all conflicts that involve a military in some capacity (International Committee of the Red Cross, 2010). Recognizing the rising importance of cyber threats, states are also calling for the adoption of cyber norms to limit cyber conflict. The United Nations Group of Governmental experts, in 2015, proposed a set of cyber norms that were later endorsed by the G20 (Nye, 2018). Moreover, the NGO Global Commission on Stability in Cyberspace and the Chinese government have proposed norms to protect the “public core” – which includes “routing, the domain name system, certificates of trust, and critical infrastructure” – and give states sovereign rights to manage online content (Nye, 2018). Because of the importance of cyber operations to modern IW, both state and nongovernmental organizations looking to limit the prevalence of IW can work alongside groups looking to promote cyber norms to adopt norms regarding IW.
The combination of these two factors – usefulness of IW as a policy tool by weaker states and weakness of existing normative and legal frameworks regarding IW – mean that IW would likely become a more popular policy tool as states realize that IW is a cheap and effective means to pursue national goals that is unlikely to face organized retaliation. Thus, without developing norms and policies to counter IW on a global scale, the international community can reasonably expect IW to be more commonly used, thus directly threatening the security of states who have previously thought themselves safe from attacks by lesser powers and undermining the stability of global information infrastructure.
4.3 Policy implications
The attractiveness of IW as a policy tool by smaller states, in addition to the weak domestic prosecutory frameworks for managing it, help make IW a prevalent threat in the modern security environment. However, as IW evolves, so too can the frameworks designed to counter it. Both internationally and domestically, important actions are required to manage IW by disrupting causes of its defining features.
4.3.1 Implications for international governance.
There is a definite incentive for states to create norms and institutions that manage the threat on an international scale. Modern IW has by now affected a number of important Western nations, including the USA, Sweden and the Baltic States. In addition, the rich interconnections between states now mean that disruptions to information networks or domestic unrest in one country can easily affect matters across international borders. Thus, it is important for many well-connected and diplomatically resourceful states to push for negotiations on securing international information networks (IIN) or the combination of all physical and virtual telecommunications infrastructure around the world. This can lead to international agreement on respecting international information networks as a global commons, and not a theater for state domination. The end result may be a version of the United Nations Convention on the Law of the Sea for transnational information networks, supported by a legal apparatus that can enforce international agreements regarding information infrastructure.
Recognizing the rapid evolution of information technologies over the past few decades, one important policy that may facilitate the development of norms around information warfare is the development of a UN General Assembly (GA) committee to manage IIN. The United Nations is an institution that has the power to deal with “peace and security” and “governance” issues; it has historically been a forum where states can express their views and establish norms as the find “areas of agreement and solve problems together” (United Nations, 2018). So, there is potential in using this institution to manage IW. This committee could have a mission similar to the Disarmament and International Security Committee, whose mission is to deal with “disarmament, global challenges and threats to peace that affect the international community and [seek] out solutions to the challenges in the international security regime” (General Assembly of the United Nations, 2018). Similarly, an “Information Infrastructure Management Committee” can deal with “safe development of information infrastructure, global challenges and threats to the security of information infrastructure, and seek out solutions to the threat of information warfare.” Such a committee can allow states discuss potential weaknesses to information infrastructure in an international forum, thus giving the issue more international recognition. Having more states recognize the threat of IW and discuss common ways IW manifests itself will reduce the challenges of managing perceptions because states would be better able to identify whether or not they are under attack by publically examining past examples of IW and creating defined international norms on the issue. Images and narratives could still be manipulated; however, if methods of manipulation become well known and identified by the international community, they would become less effective as states would be better able to identify whether or not they are subject to such manipulation. Finally, by publicly identifying manipulation tactics, the costs of using IW effectively would also be driven up substantially because the increased demand for rapid innovation of IW tactics to keep up with the exposure of such tactics would ensure that only the richest states – ones that have little incentive, as discussed earlier, to develop the infrastructure necessary to be able to launch sustained IW campaigns – have the resources to use IW as an effective policy tool. Thus, driving up the cost of IW mitigates the threat of attacks from illiberal or nonstate actors.
In addition to international identification of IW tactics, establishing concrete norms, through this proposed GA committee or otherwise, would also weaken the effectiveness of IW. Multilateral agreement on what states can and cannot do to or over IIN would allow clear boundaries in information conflict to be defined. For example, it would be possible for states to declare social media networks off-limits to influence campaigns, which would offer greater protections to domestic civilian information infrastructure. Defined norms for what counts as IW, what IW can manifest as and which actions against or over IIN are permissible can facilitate the creation of a prosecutory framework against nonconforming states.
4.3.2 Implications for domestic policies.
While international governance can make huge strides to mitigate the threat of IW, there are also many domestic policies states can adopt to more effectively counter IW. As discussed earlier, it would be extremely difficult for states to comprehensively deal with IW through prosecutory frameworks. However, be it working with the private sector, actively identifying and managing disinformation or developing effective deterrent capabilities, governments can still do a lot in the domestic sphere to counter information warfare.
Some states’ domestic policies may also have a disproportionate effect on international governance. In particular, the USA is home to many of the world’s most influential internet companies such as Google, Facebook and Twitter. As shown above, the US government has a set of legal frameworks to deal with traditional cybersecurity threats, including prevention measures in the form of minimum cybersecurity requirements on firms and prosecutory frameworks for dealing with cybercriminals. The US Government also uses classified cybersecurity briefings to encourage companies to better secure their data (Harris, 2014, p. 180). If the USA acknowledges IW as a legitimate threat in cyberspace to critical information infrastructure, it might be able to continue with its present cybersecurity policy while encouraging companies to deal with issues such as fake news and targeted disinformation campaigns by developing new cybersecurity regulations and more comprehensive security briefings. As many of these companies manage large transnational information networks, a more developed domestic US policy for modern IW might cause a cascading effect in which disinformation campaigns become less effective on a global scale.
Public awareness campaigns regarding data privacy and changes in investor behavior might also encourage corporations to pay more attention to securing information networks without the application of political pressure. Targeted advertisements can only be created through extensive research of the group the advertisement wants to target and that requires the gathering of large amounts of data; hence, Cambridge Analytica used the data of 87 million Americans to create targeted advertisements (Badshah, 2018). US investors are clearly concerned about the possibility of regulations cutting into the value of tech companies; otherwise, Facebook would not have lead a 2 per cent drop in tech stocks following the Cambridge Analytica scandal (Shen, 2018). If investors were even more concerned about data privacy, tech companies would then be more incentivised to secure its data from potential acquisition by the perpetrators of modern IW to minimize the risk of future selloffs. Social media companies can make advertising algorithms less favorable to inflammatory content, lower the effectiveness of targeted advertising campaigns and reduce the incentive for data leaks. Corporate responsibility when it comes to securing data and making algorithms less conducive to mass targeted IW campaigns can greatly diminish the effectiveness of IW campaigns in cyberspace.
Countries that have historically had to deal with IW on a regular basis can inform ways countries can actively manage of disinformation. The Swedish and Baltic cases are examples of successful countermeasures to modern IW. Both cases relied on actively countering IW by staying true to an agreed-upon set of facts. Sverker Göranson, Sweden’s chief of defense until 2015, asserts that, while “there’s no point in entering a communications war with the Russians,” one must “use every opportunity to prove the opposite of what they’re alleging” and “always show a united front” (Braw, 2018). Just as modern IW relies on a barrage of disinformation to change the beliefs and attitudes of a target, a defender against modern IW must also rely on mass use of information and facts to counter disinformation. In the Baltics, Estonia launched a Russian-language public broadcasting channel [along with] blogs and counter-propaganda websites to combat pro-Moscow news that dominate the former Soviet states (Keeley, 2018). Similar to Sweden, Estonia countered disinformation with factual information and made use of cyber operations to quickly spread counter-propaganda to its citizens. In both cases, statements by prominent government officials, counter-narrative media broadcasts and extensive fact checking worked to great effect in countering information warfare.
In addition to working with corporations and adopting active defensive measures against IW, states can also work to develop deterrent capabilities against potential aggressors. Joseph Nye identified four main mechanisms for deterrence in cyberspace: punishment or the use of retaliatory threats; denial or minimizing the possible impact by attacks; entanglement or making potential attackers believe that the potential blowback from any attack would be far greater than the potential benefit and norms or establishing taboos against certain operations (Nye, 2017, pp. 52-63). Because of the multitude of ways IW can manifest itself because of its “blurring of traditional boundaries” feature and wide array of military and civilian targets that IW could potentially impact, it would be almost impossible for states to develop frameworks that render useless IW campaigns or even help military and civilian targets recover quickly after an IW attack. The benefits of developing norms regarding IW have already been discussed in the “Implications for International Governance” section. Punishment, because of the difficulty of identifying adversaries, is not as effective in IW deterrence (Nye, 2017, pp. 55-56). However, if the adversary is known, as in the case of interstate rivalries, states may adopt a doctrine of Jam All Strategic Systems (JASS), which was proposed by Jerome Glenn as a possible means for the USA to deter information-era attacks from the USSR (Glenn, 1989, pp. 201-202). This doctrine will allow states to plant programs within strategic infrastructure of rival states to trigger in the case of an attack, thus ensuring that potential aggressors would be “unsure of the reliability of attack forces” (Glenn, 1989, p. 202). While this doctrine was proposed to deter nuclear and conventional attacks, the notion that an adversary has the potential to cripple one’s infrastructure if an attack was detected could provide a viable disincentive to conduct IW operations. Because while IW is extremely difficult to detect, it is certainly not the case that all cases of IW will remain ignored. This deterrent strategy seems to have been the rationale behind the Obama administration authorizing the planting of cyberweapons in Russian infrastructure in response to its interference in the 2016 US presidential elections (Miller et al., 2017). In addition to punishment, entanglement may also be a viable deterrent strategy. States that depend on the internet for economic activities and communication may have an interest in making sure that foreign investors and consumers continue to trust using the internet as a medium for commerce and interaction (Nye, 2017, pp. 59-60). Therefore, they may try to refrain from taking actions severe enough to greatly undermine international trust in the system because of fears that doing so would undermine the economic vitality of cyberspace.
A combination of international and domestic policies can serve to both mitigate the threat of modern IW and deal with the issue effectively if and when it comes up. Internationally, developing institutions and norms to define and open discourse regarding IW can greatly lower the popularity of IW as a policy tool. Domestically, states can work with important internet corporations, conduct defensive information campaigns or develop effective deterrence frameworks to protect themselves from the threat of IW. Altogether, while IW is a difficult issue to tackle, by no means is it an insurmountable problem.
Modern IW, made possible by the rise of cyber connectivity, is a novel threat that states are struggling to deal with. From Ukraine to Korea, IW operations have challenged traditional security doctrines, a fact that many policymakers are only now beginning to understand. Driven by the factors that IW is an effective tool by weaker states to challenge stronger ones and that existing legal and normative frameworks are nascent at best, IW can be expected to become a more common threat to international peace in the coming years. However, this does not mean that actions cannot be taken against IW. Internationally, states can open forums for discussing IW, setting norms that make IW less attractive and less effective. Domestically, states can work with corporations, develop robust defensive tactics and formulate deterrence strategies to protect themselves from IW. One can only hope that action, not inaction, becomes the norm as modern IW continues to be used as a foreign policy tool.
Abramson, A. (2017), “Vladimir Putin: Russia never interfered in 2016 election”, [online] Time, available at: http://time.com/4718173/vladimir-putin-russia-donald-trump-election/ (accessed 8 May 2018).
Badshah, N. (2018), “Facebook to contact 87 million users affected by data breach”, [online] The Guardian, available at: www.theguardian.com/technology/2018/apr/08/facebook-to-contact-the-87-million-users-affected-by-data-breach (accessed 8 May 2018).
Braw, E. (2018), “How to deal with Russian information warfare? Ask Sweden’s subhunters”, [online] Defense One, available at: www.defenseone.com/ideas/2018/04/how-deal-russian-information-warfare-ask-sweden/147154/ (accessed 8 May 2018).
Byers, D. (2017), “Facebook estimates 126 million people were served content from Russia-linked pages”, [online] CNNMoney, available at: http://money.cnn.com/2017/10/30/media/russia-facebook-126-million-users/index.html (accessed 8 May 2018).
Farrell, H. (2017), “Analysis | don’t believe what Putin is saying about, ’patriotic’ Russian hackers”, [online] The Washington Post, available at: www.washingtonpost.com/news/monkey-cage/wp/2017/06/07/dont-believe-what-putin-is-saying-about-patriotic-russian-hackers/?noredirect=on&utm_term=.32e4bf5fa6c2 (accessed 9 May 2018).
Galeotti, M. (2014), “The ’Gerasimov doctrine’ and Russian non-linear war”, [online] In Moscow’s Shadows, available at: https://inmoscowsshadows.wordpress.com/2014/07/06/the-gerasimov-doctrine-and-russian-non-linear-war/ (accessed 9 May 2018).
Galeotti, M. (2017), “Russia is punching above its weight”, [online] The Moscow Times, available at: https://themoscowtimes.com/articles/russia-is-punching-above-its-weight-36931 (accessed 9 May 2018).
General Assembly of the United Nations (2018), “UN General Assembly – First Committee – Disarmament and International Security”, [online] available at: www.un.org/en/ga/first/index.shtml (accessed 26 November 2018).
Glenn, J. (1989), Future Mind: Artificial Intelligence – Merging the Mystical and the Technological in the 21st Century, Acropolis Books, Washington, DC, pp. 193-209.
Harris, S. (2014), @War: The Rise of the Military-Internet Complex, Houghton Mifflin Harcourt, Boston, Mass, p. 180.
International Committee of the Red Cross (2010), “War and international humanitarian law”, [online] available at: www.icrc.org/eng/war-and-law/overview-war-and-law.htm (accessed 9 May 2018).
Kang, T. (2018), “North Korea’s influence operations, revealed”, [online] The Diplomat, available at: https://thediplomat.com/2018/07/north-koreas-influence-operations-revealed/ (accessed 23 November 2018).
Keeley, G. (2018), “Combatting Russian information warfare – in the Baltics”, [online] TheHill, available at: http://thehill.com/opinion/technology/382245-combatting-russian-information-warfare-in-the-baltics (accessed 9 May 2018).
Lin, H. and Rosenzweig, P. (2018), “Information warfare and cybersecurity are different, related and important”, [online] Lawfare, available at: www.lawfareblog.com/information-warfare-and-cybersecurity-are-different-related-and-important (accessed 8 May 2018).
McKenzie, T. (2017), Is Cyber Deterrence Possible?, 1st ed. Maxwell AFB, Air University Press, Air Force Research Institute, AL.
Mackey, R. (2014), “Information Warfare – Military History – Oxford Bibliographies – Obo”, [online] Oxford Bibliographies – Your Best Research Starts Here – Obo, available at: www.oxfordbibliographies.com/view/document/obo-9780199791279/obo-9780199791279-0024.xml (accessed 9 May 2018).
Meese v. Keene (1987), 85-1180 (Supreme Court of the United States)
Miller, G. Nakashima, E. and Entous, A. (2017), “Obama’s secret struggle to punish Russia for Putin’s election assault”, [online] The Washington Post, available at: www.washingtonpost.com/graphics/2017/world/national-security/obama-putin-election-hacking/?utm_term=.7aae1004d181 (accessed 10 December 2018).
Molander, R. Riddile, A. and Wilson, P. (1996), “Strategic information warfare: a new face of war”, [online] Santa Monica, RAND Corporation, CA, available at: www.rand.org/pubs/monograph_reports/MR661.html (accessed 9 May 2018).
Nye, J. (2017), “Deterrence and dissuasion in cyberspace”, International Security [online] , Vol. 41 No. 3, pp. 44-71. available at: www.mitpressjournals.org/doi/pdf/10.1162/ISEC_a_00266 (accessed 20 December 2018).
Nye, J. (2018), “How will new cybersecurity norms develop?”, [online] Project Syndicate, available at: www.project-syndicate.org/commentary/origin-of-new-cybersecurity-norms-by-joseph-s–nye-2018-03 (accessed 27 December 2018).
Pifer, S. (2016), “Watch out for little green men”, [online] Brookings, available at: www.brookings.edu/opinions/watch-out-for-little-green-men/ (accessed 9 May 2018).
Pinkston, D. (2016), “Inter-Korean rivalry in the cyber domain: the North Korean cyber threat in the Sŏn’gun Era”, Georgetown Journal of International Affairs, Vol. 17 No. 3, pp. 60-76, available at: http://muse.jhu.edu.revproxy.brown.edu/article/649449/pdf (accessed 10 October 2018).
Pomeranz, K. (2018), “On China and North Korea: the strength of weakness and the limits of power”, [online] NPR, available at: www.npr.org/sections/parallels/2017/04/18/524341304/on-china-and-north-korea-the-strength-of-weakness-and-the-limits-of-power (accessed 23 November 2018).
Shen, L. (2018), “Why Facebook suddenly shed $35 billion in value”, [online] Fortune, available at: http://fortune.com/2018/03/19/facebook-stock-share-price-cambridge-analytica-donald-trump/ (accessed 9 May 2018).
Singer, P. (2018), “Winning the war of words: information warfare in Afghanistan”, [online] Brookings, available at: www.brookings.edu/research/winning-the-war-of-words-information-warfare-in-afghanistan/ (accessed 23 November 2018).
Singer, P. and Brooking, E. (2018), “What Clausewitz can teach us about war on social media”, [online] Foreign Affairs, available at: www.foreignaffairs.com/articles/2018-10-04/what-clausewitz-can-teach-us-about-war-social-media?cid=soc-fb (accessed 5 October 2018).
United Nations (2018), “Overview”, [online], available at: www.un.org/en/sections/about-un/overview/index.html (accessed 27 December 2018).
United States Department of Justice (2018), “Foreign agents registration act”, [online] available at: www.justice.gov/nsd-fara (accessed 9 May 2018).
Zambri, J. (2018), “Why Chinghis Khan matters: reflections on the Mongol way of intelligence”, Small Wars Journal, available at: http://smallwarsjournal.com/jrnl/art/why-chinghis-khan-matters-reflections-on-the-mongol-way-of-intelligence (accessed 9 May 2018).
North Atlantic Treaty Organization (2016), “Comprehensive assistance package for Ukraine”, [online] Public Diplomacy Division (PDD) – Press & Media Section, available at: www.nato.int/nato_static_fl2014/assets/pdf/pdf_2016_09/20160920_160920-compreh-ass-package-ukraine-en.pdf (accessed 20 November 2018).
The author would like to thank Professor John E. Savage of Brown University, Professor Jordan Branch of Brown University and Jerome C. Glenn of The Millennium Project for their help and guidance in the writing of this paper.
About the author
Hanci Lei is based at Brown University, Providence, Rhode Island, USA. He is a student at Brown University studying economics and political science. He has written and edited articles for Brown Political Review and Brown Journal of Philosophy, Politics, & Economics. Hanci is interested in interactions between global systems and enjoys studying subjects such as political economy, East Asian international relations and new security threats.