Chapter 19. Electronic and Information Warfare

All warfare is based on deception ... hold out baits to entice the enemy. Feign disorder, and crush him.

— Sun Tzu, The Art of War, 1.18–20

Force, and Fraud, are in warre the two Cardinal Virtues.

— Thomas Hobbes


For decades, electronic warfare has been a separate subject from computer security, even though they use some common technologies (such as cryptography). This is starting to change as elements of the two disciplines fuse to form the new subject of information warfare. The Pentagon's embrace of information warfare as a slogan in the last years of the twentieth century established its importance — even if its concepts, theory and doctrine are still underdeveloped. The Russian denial-of-service attacks on Estonia in 2007 have put it firmly on many policy agendas — even though it's not clear that these attacks were conducted by the Russian government; as far as we know, it may have been just a bunch of Russian hackers.

There are other reasons why a knowledge of electronic warfare is important to the security engineer. Many technologies originally developed for the warrior have been adapted for commercial use, and instructive parallels abound. The struggle for control of the electromagnetic spectrum has consumed so many clever people and so many tens of billions of dollars that we find deception strategies and tactics of a unique depth and subtlety. It is the one area of electronic security to have experienced a lengthy ...

Get Security Engineering: A Guide to Building Dependable Distributed Systems, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.