Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

3/26/2010
03:21 PM
Gadi Evron
Gadi Evron
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

A Russian Strategist's Take On Information Warfare

Today I'd like to introduce you to one of the main thinkers on information warfare, who most of you never heard of. S.P. Rastorguev (Расторгуев C.П.). He is a Russian strategist who unfortunately, as far as I can find, hasn't been translated.

Today I'd like to introduce you to one of the main thinkers on information warfare, who most of you never heard of. S.P. Rastorguev (Расторгуев C.П.). He is a Russian strategist who unfortunately, as far as I can find, hasn't been translated.He wrote several books, but the one I will be speaking of is called literally Information Warfare (Informatsionnaya voina -- Информационная война). In it, he discusses the human animal and how viruses of the mind can work just as well as viruses in computer systems, exploring many models of exploitation.

While he covers many concepts, the one I was introduced to originally is the story of the fox and the turtle.

Here is a slightly altered, and shortened, version (full and accurate version below):

A turtle walks through the forest, enjoying the view. She runs into a fox, who says: "Turtle, turtle, get out of your shell and you can fly." The turtle stares skeptically at the fox, and keeps on walking. Eventually, traveling through the forest the turtle comes across a television set. She watches as hundreds of turtles get out of their shells, and fly. She gets out of her shell, and she flies.
When I first heard this story, I was confused. What was the moral of the story? Deception? Perhaps strategy?

A friend of mine explained it as Sergei Rastorguev did at the end of the story: "The turtle didn't know and never will, that information warfare -- it is the purposeful training of an enemy on how to remove its own shell."

While Rastorguev's explanation applies to many aspects of information warfare, my interpretation for the purpose of this post is more limited and is about the nature of information warfare -- and not necessarily with our enemies, if the Estonian case study and its lessons are to be quoted. Specifically, on how entire populations become energized into action as I wrote in the post-mortem analysis of the incident. (See also: Authoritatively, who was behind the Estonian attacks?)

The point is engagement.

In information warfare there is no blood. People don't see soldiers coming back in body bags, nor do they have any feeling of loss. But to wage war, one needs the engagement of the people.

Rastorguev is not the only modern Russian thinker to discuss information warfare from the psychological aspect, there are others such as Pochepcov, Lopatin and Tsigankov, and even the 50s thinker on Reflexive Control, Lefebvre. But this story by Rastorguev makes the point far clearer than entire books on the subject.

Psychological warfare does not (necessarily) mean social engineering, but rather also population manipulation. According to what I read, this is seen as true by Russia for defense as well as offense, in protecting the citizenry against such outside influences of information-psychological warfare.

In the west, our view of information warfare (or if some of you would prefer, cyber warfare) is very limited. We know little more than what some security vendors tell us and what we read in the news, which leads us to mistaken conclusions such as information warfare is mainly about DDoS rather than espionage, or that China is behind every single computer attack (which is naturally not true).

Russians are very smart people, and we would do well to listen to what they have to say. Much like in science fiction in the 1970s, we seem to be living under the illusion that the whole world thinks the same as the United States.

According to United States publications, information warfare is a category that includes computer attacks and information operations, both. I always found this to be a confusing Americanism, and concentrated on the technical aspects alone. Estonia taught me that the original definition is correct, and the human element should not be separated from the computerized aspects, when considering the whole of the subject -- much like in information security (or cyber security, if you prefer).

The following translation of the fox and turtle story was done by Ilya Konstantinov, as a favor to me. As to why the fox is female, you better ask a Russian literary expert, as that's just how it is in Russian fables.

There used to be an ordinary turtle who constantly carried a heavy shell on its back. The shell pressed her to the ground and every step she took was hard effort for her. That's why her life, measured by the number of those uneasy steps, was also hard.

On the other hand, when a hungry fox came running from a nearby forest, the turtle hid her head inside the shell and patiently awaited until the danger was over. The fox kept hopping around, trying to bite at the shell, trying to turn her upside down; all in all, trying all the steps typical of an aggressor, and yet the turtle prevailed.

Once upon a time, the fox got a big wallet, brought in a lawyer and, sitting across the turtle, proposed a buyout offer for the shell. The turtle considered it throughly, but due to her limited imagination, she had to refuse. And yet again, the fox left with nothing.

Time passed, the world changed, new means of telecommunication have entered the forest. One day, coming out of her house, the turtle saw a TV screen hanging off a tree, showing films of flying turtles, shell-less. Breathless with excitement, the woodpecker-announcer spoke of their flight: "Such a lightness! What a speed! How beautiful! Such an elegance!". The turtle watched the show that day, and the next day, and the day after... And then a thought arose in her little mind, about how stupid she is to carry around that weight - the shell. Wouldn't she be better getting it off? Life would be much easier. Scarier? Yeah, a bit scarier, but the news anchor-owl announced that the fox has turned to the Krishnas and became vegetarian.

The world is changing. The forest is also completely different; there are less and less trees and distinctive animals, and more and more indistinguishable stray dogs and jackals. "And really, why shouldn't I fly? The skies -- they're so big and wonderful!" "If only I gave up the shell, and -- right away -- life would be easier!" -- thought the turtle. "If only she gave up the shell, and -- right away -- she'd be easier to eat" -- thought the fox, signing on the bill for yet another advertisement of flying turtles And one beautiful morning, when the skies seemed larger than ever, the turtle has made her first and last step towards freedom of her protection system.

The turtle didn't know and never will, that information warfare -- it is the purposeful training of an enemy on how to remove its own shell.

Follow Gadi Evron on Twitter: http://twitter.com/gadievron.

Gadi Evron is an independent security strategist based in Israel. Special to Dark Reading. Gadi is CEO and founder of Cymmetria, a cyber deception startup and chairman of the Israeli CERT. Previously, he was vice president of cybersecurity strategy for Kaspersky Lab and led PwC's Cyber Security Center of Excellence, located in Israel. He is widely recognized for ... View Full Bio

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Lock-Pickers Face an Uncertain Future Online
Seth Rosenblatt, Contributing Writer,  8/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: It's a technique known as breaking out of the sandbox kids.
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-24330
PUBLISHED: 2020-08-13
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed.
CVE-2020-24331
PUBLISHED: 2020-08-13
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon).
CVE-2020-24332
PUBLISHED: 2020-08-13
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack.
CVE-2020-0261
PUBLISHED: 2020-08-13
In C2 flame devices, there is a possible bypass of seccomp due to a missing configuration file. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-14605...
CVE-2020-17498
PUBLISHED: 2020-08-13
In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.