Skip to main content
SpringerLink
Log in

Identities, Anonymity and Information Warfare

  • Chapter
Conflict and Complexity

Part of the book series: Understanding Complex Systems ((UCS))

  • 2064 Accesses

Abstract

We discuss the primarily role of anonymity and identity manipulation in information warfare. We contend that those who engage in information warfare have very similar goals as those involved in cyber-crime and cyber-terrorism. Today Internet-based commerce has become global, representing a significant component of the world market. Network-based personal communications services are rapidly becoming the method of choice for many nations. In fact many critical infrastructure components are managed and controlled remotely. Yet these various capabilities are usurped by cyber-warriors, terrorists, or other criminals.

A number of networking issues contribute to the current state of Information Warfare. Historically, security capabilities (e.g., authentication, authorization, and confidentiality services) had not been considered a high priority in the original design of the critical Internet protocols still in use.

Further complicating the security problem is the lack of consistency in name scheme adopted for network-related objects (hosts, applications, interfaces). Mapping of object names continues to be a trial-by-error exercise, which is frequently misused by malicious actors, as in the case of Address Resolution Protocol (ARP). Moreover, the lack of authentication facilitates the use of ICMPv4 (internet control message protocol version 4) and UDP (user datagram protocol) as protocols of choice for distributed denial-of-service (DDoS) attacks. Dynamically used transport protocol port numbers are now common: negating the effectiveness of classic firewall type packet filtering. Regrettably, mapping of device domain names to IP (internet protocol) addresses via DNS (domain name system) continues with no major efforts to prevent invalid updates or query responses.

Many of the aforementioned protocols rely on data-origin authentication via secret key and message digests, yet, secret key management is non-existent. IEEE 802.1X, used in newer wireless networks, is routinely avoided for wired infrastructures. Although internet protocol security (IPsec) is widely available, it is rarely deployed beyond secure virtual private networks (VPNs), especially given that its availability in IPv4 is optional and usage optional with IPv4 and IPv6. Domain name system security (DNSSEC) has existed for over 10 years, yet serious discussion for its deployment is only now occurring. The standards for public key infrastructures (PKIs) and digital certificates are extensive but the majority of organizations find excuses to avoid its use and most PKI-enabled applications cannot even check for revoked certificates.

In conclusion, we contend that given the security threats associated with current and future information warfare activities, the inter-networked global community should focus on more rapid implementation and deployment of the existing security mechanisms. As such, mandatory, robust authentication as well as several key network security services should be adopted. The necessary mechanisms already exist, now is the time for network administrators to recognize the need for prompt deployment of these capabilities as a proactive defense/mitigation against malicious attacks at reasonable level.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 129.00
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. N.Y. Times (2007). Estonia says cyber-assault may involve the Kremlin [online]. The New York Times. http://www.nytimes.com/2007/05/17/world/europe/17iht-estonia.4.5758556.html

  2. Krebs, B. (2007). Shadowy Russian firm seen as conduit for cybercrime [online]. The Washington Post. http://www.washingtonpost.com/wp-dyn/content/article/2007/10/12/AR2007101202461.html

  3. Schactman, N. (2009). Top Georgian official: Moscow cyber attacked us – we just can’t prove it [online]. Condé Nast Digital. http://www.wired.com/dangerroom/2009/03/georgia-blames/

  4. Schactman, N. (2008). Russian coder: I hacked Georgia’s sites in cyberwar [online]. Condé Nast Digital. http://www.wired.com/dangerroom/2008/10/government-and/

  5. Mocana, (2010). Expert Warns of Industrial Control Security Risks [online]. Mocana DeviceLine Blog. http://mocana.com/blog/2010/01/10/expert-warns-of-industrial-control-security-risks/

  6. Vijayan, J. (2010). Military contractors targeted in Chinese attacks, says F-secure [online].Computerworld. http://www.computerworld.com/s/article/9146318/Military_contractors_targeted_in_Chinese_attacks_says_F_Secure

  7. Zetter, K. (2010). Google hack attack was ultra sophisticated, new details show [online]. Condé Nast Digital. http://www.wired.com/threatlevel/2010/01/operation-aurora/

  8. United States. Congressional Research Service. (2008). CRS Report for Congress: Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress, January 29, 2008. Retrieved on 21 Jan 2010 from http://www.fas.org/sgp/crs/terror/RL32114.pdf

  9. Leyden, J. (2010). Baidu sues registrar over DNS records hack: Legal salvo lands in New York [online]. Enterprise Security. http://www.theregister.co.uk/2010/01/20/baidu_dns_hack_lawsuit/

  10. Leyden, J. (2009). DNS attack hijacks Twitter [online]. Enterprise Security. http://www.theregister.co.uk/2009/12/18/dns_twitter_hijack/

  11. McPherson, D. (2009). Multi-Stage BGP & DNS Attack Vector [online]. Arbor Networks Security Blog. http://asert.arbornetworks.com/2009/01/multi-stage-bgp-dns-attack-vector/

  12. Keizer, G. (2008). Researchers unleash DNS attack code: HD Moore unveils two exploits for Dan Kaminsky’s critical Internet routing bug [online]. Computerworld. http://www.computerworld.com/s/article/9110622/Researchers_unleash_DNS_attack_code

  13. RFC 791 (1981). Internet protocol DARPA internet program protocol specification, September 1981, Defense Advanced Research Projects Agency Information Processing Techniques Office.

    Google Scholar 

  14. RFC 2617 (1999). HTTP authentication: Basic and digest access authentication, June 1999, Internet Engineering Task Force.

    Google Scholar 

  15. RFC 1883 (1995). Internet protocol, version 6 (IPv6) specification, December 1995, Internet Engineering Task Force.

    Google Scholar 

  16. RFC 1825 (1995). Security architecture for the internet protocol, August 1995, Internet Engineering Task Force.

    Google Scholar 

  17. Carr, D. F. (2003). What’s Federated Identity Management? [online]. Ziff Davis Enterprise Holdings Inc. http://www.eweek.com/c/a/Channel/Whats-Federated-Identity-Management/

  18. Huntington, G. (2006). Federated Authentication [online]. Huntington Ventures Ltd. http://www.authenticationworld.com/Authentication-Federation/

  19. United States Public Law 106-229, 114 Stat. 464 (2000). Electronic Signatures in Global and National Commerce Act, 30 June 2000

    Google Scholar 

  20. RFC 2401 (1998). Security architecture for the internet protocol, November 1998, Internet Engineering Task Force.

    Google Scholar 

  21. RFC 2410 (1998). The NULL encryption algorithm and its use with IPsec, November 1998, Internet Engineering Task Force.

    Google Scholar 

  22. RFC 2403 (1998). The use of HMAC-MD5-96 within ESP and AH, November 1998, Internet Engineering Task Force.

    Google Scholar 

  23. RFC 2404 (1998). The use of HMAC-SHA-1-96 within ESP and AH, November 1998, Internet Engineering Task Force.

    Google Scholar 

  24. RFC 2409 (1998). The internet key exchange (IKE), November 1998, Internet Engineering Task Force.

    Google Scholar 

  25. RFC 2246 (1999). The TLS protocol version 1.0, January 1999, Internet Engineering Task Force.

    Google Scholar 

  26. RFC 4033 (2005). DNS security introduction and requirements, March 2005, Internet Engineering Task Force.

    Google Scholar 

  27. RFC 4035 (2005). Protocol modifications for the DNS security extensions, March 2005, Internet Engineering Task Force.

    Google Scholar 

  28. RFC 4034 (2005). Resource records for the DNS security extensions, March 2005, Internet Engineering Task Force.

    Google Scholar 

  29. RFC 2451 (1998). The ESP CBC-mode cipher algorithms, November 1998, Internet Engineering Task Force.

    Google Scholar 

  30. RFC 3602 (2003). The AES-CBC cipher algorithm and its use with IPsec, September 2003, Internet Engineering Task Force.

    Google Scholar 

  31. RFC 5751 (2010). Secure/multipurpose internet mail extensions (S/MIME) version 3.2 message specification, January 2010, Internet Engineering Task Force.

    Google Scholar 

  32. ITU-T X.509v3 (1997). ITU-T Recommendation X.509: Information technology – Open systems interconnection – the directory: Authentication framework. International Telecommunications Union Telecommunication Standardization Sector.

    Google Scholar 

  33. RFC 2560, X.509 (1999). Internet public key infrastructure online certificate status protocol – OCSP, June 1999, Internet Engineering Task Force.

    Google Scholar 

  34. PKCS #10 v1.7 (2000). Certification request syntax standard, May 26, 2000, RSA Laboratories.

    Google Scholar 

  35. PKCS #12 v1.0 (1999). Personal information exchange syntax, June 24, 1999, RSA Laboratories.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Metropolitan College, Boston University, 755 Commonwealth Ave, Boston, MA, 02215, USA

    Stuart Jacobs, Lou Chitkushev & Tanya Zlateva

Authors
  1. Stuart Jacobs
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lou Chitkushev
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tanya Zlateva
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Stuart Jacobs .

Editor information

Editors and Affiliations

  1. American Military University, Charles Town, West Virginia, USA

    Philip Vos Fellman

  2. New England Complex Systems Institute, Cambridge, Massachusetts, USA

    Yaneer Bar-Yam

  3. University of Cincinnati, Cincinnati, Ohio, USA

    Ali A. Minai

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer Science+Business Media New York

About this chapter

Cite this chapter

Jacobs, S., Chitkushev, L., Zlateva, T. (2015). Identities, Anonymity and Information Warfare. In: Fellman, P., Bar-Yam, Y., Minai, A. (eds) Conflict and Complexity. Understanding Complex Systems. Springer, New York, NY. https://doi.org/10.1007/978-1-4939-1705-1_11

Download citation

Publish with us

Policies and ethics

Search

Navigation