Cyber only a small part of info warfare, official says

snagfilms-a.akamaihd.netdata-a84bc91895924bb13fea7554ccbd0b6f6f905d5d-1.jpg

While a major focus in the latest influence operation involving the 2016 election, cyber is only one small part of information warfare and information operations, according to current and former officials.

Cyber was the vector used to extract the information, but how the stolen information is used “is not necessarily a cyber issue,” Christopher Painter, coordinator for cyber issues at the State Department, said during a panel discussion in April hosted by the Carnegie Endowment for International Peace.

Information warfare has happened for centuries, he added, and while cyber has been either an accelerant or an enabler for these types of activities, it is just a small part.

Director of the NSA Adm. Michael Rogers told Congress last month that the “biggest difference was cyber to gain access to and extract information,” as it related to massive influence campaign perpetrated by the Russians in the 2016 presidential election.

Similarly, Michael Chertoff, the second Homeland Security secretary, said during the same panel that this problem should be viewed through a counter-messaging lens.

However, the counter-messaging efforts, especially against ISIS and its former kinsmen al-Qaida , have been widely criticized as ineffective.

Chertoff warned against using terms such as “weaponization” of information and news, as this becomes a slippery slope toward censorship. There are a lot people throwing around fake news and information operations that should be viewed through the lens of cybersecurity.

“I think that would be a big mistake,” he said, adding that if cyber is used to repel fake news and information operations, the first two nations to sign up would be Russia and China, as they might argue that content they don’t like is fake news. Some in the U.S. think the same, that fake news is “stuff I don’t want to read about,” he said.

Others have suggested that cyber could be a means for repelling such information operations in light of Russia’s meddling in the 2016 election.

A fundamental goal should be to knock down fake news, and cyber is a tool to accomplish this, as well as taking down fake websites, James Miller, a member of the Defense Science Board and the former undersecretary of defense for policy, said during congressional testimony this year. Having a set of rules of engagements and polices associated with that could be valuable, he said, but offered no specifics on the way the government could or would evaluate what constitutes as fake news.

Painter said this issue has to be disaggregated and warned against getting to the point where the government is the arbiter of what’s truth and what’s not. Within this sphere, Painter said private companies have a lot of responsibility not in deciding what’s truth, but ensuing bots aren’t pushing traffic and stories to make them seem authentic.

In terms of disaggregating this issue — as terms such as espionage, cyberattacks and information operations are being lumped together — Chertoff said these should be viewed as separate issues.

Espionage is the oldest thing around, he said, the only difference is the use of technology.

“I don’t think the reaction to espionage in cyberspace is dramatically different than traditional espionage,” he said. “Basically it’s on us to protect and preserve our secrets.”

This aspect has been a point of contention among members of Congress who believe the Chinese, widely attributed to perpetrating the hack of thousands of sensitive files from the Office of Personnel Management, have gotten off unscathed for the massive breach.

“Well, there’s a lot of espionage, certainly collecting and exfiltrating information; obviously the Chinese come to mind,” former Director of National Intelligence James Clapper said of the alleged Russian influence operation against the U.S. election to Congress earlier this year prior to departing. “But in very much a contrast between the passive collection, the passive exfiltration as opposed to the actively purloining information and then using it for a political end — that’s the difference here.”

“If you’re conducting espionage, then if … nation-states are going to punish each other for conducting espionage, which is the passive collection of information, that’s a pretty heavy policy call, which I don’t think any of us want to make,” he said. “When it’s an activist campaign as it was here, that’s a different proposition.”

Similarly, attacks such as the one against Sony Pictures, the Ukrainian electric grid and Georgia’s command and control systems “are really just acts of violence,” Chertoff said and responses should be similar to acts of violence in the physical world.

Chertoff also drew a distinction between the manipulation of data — a top threat from the view of many in the intelligence community that can be done by intruding into networks — and content or speech under the guise of information operations.

Data manipulation is what malware does, he said. He used the example of a car, in which manipulating data could affect the control systems forcing it to do things the operator doesn’t want it to do.

“I would not consider that to be information warfare and information operations,” he said. “That is attacking the integrity of data.”

For Chertoff, information is content that a human intakes and understands.