Communications - October 2011

egant phrase, “small pieces, loosely joined,” comprise the organizational form most empowered by computers, the Internet, and the Web. Their strength comes from their great lateral connectivity and the kind of “collective intelligence” that arises when many share their thoughts and build on one another’s ideas. Over the past two decades the world has seen networks rise, with civil-society movements toppling authoritarian regimes in a series of social revolutions, most recently in the “Arab Spring“ of 2011. But terrorists and transnational criminals, the principal “uncivil society” actors of our time, have benefited from networking, too, demonstrating that the new tools may serve the darkest of purposes, as Al Qaeda has shown the world. Which of networking’s Janus-like faces will prevail in the future?

the Path since the 1970s
Given the wide-ranging effects of the
computer revolution on the larger is-
sues of society and security, it is not
surprising that military affairs are also
profoundly affected by computeriza-
tion and networking. But this reshap-
ing has emerged only in fits and starts,
with halting progress. Difficulties in Af-
ghanistan following the initial triumph
enhanced by a tactical Web page and
the fate of companycommand.com are
dramatic examples of the problem. But
so, too, was the notion that electrons
transmitted through information sys-
tems no longer simply communicate,
but were becoming actual weapons.
This idea, introduced by Thomas
Rona, a science advisor to the Defense
Department, in his seminal 1976 think
piece, “Weapons Systems and Informa-
tion War,” 31 was a breakthrough con-
cept. Yet for the next 20 years, Rona’s
notion was simply folded into existing
strands of strategic thought, leading
to information warfare being equated
with either strategic air power or nucle-
ar war.

u.s. sailors assigned to navy cyber Defense operations command at Joint expeditionary Base, Little creek-fort story, Va, responsible for monitoring, analyzing, detecting, and responding to unauthorized activity within u.s. navy information systems and computer networks.

could be achieved without significant loss of life made strategic information warfare irresistible.

Around the same time (early-1990s) my RAND Corporation colleague David Ronfeldt and I introduced our concept of “cyberwar,” which was far less about using computer viruses to attack other societies than about gaining an information edge over adversary military forces in battle. 2 Our view was based on the belief that information warfare as a form of strategic attack would have as poor a record of success as aerial bombardment, which has seldom achieved its hoped-for goals. 28

Instead, advanced information systems had simultaneously empowered and imperiled modern militaries, opening new operational possibilities but at the same time making armies, fleets, and air forces vulnerable to disruption. Small but better-informed forces could thus defeat larger, less-well-informed, enemies, much as the heavily outnumbered U.S. naval forces outfought the Imperial Japanese fleet at Midway in 1942 by knowing more about their adversary’s dispositions and intentions. Fanatical courage, luck, and timing were important factors in this battle, but the ambush of the Imperial Japanese Fleet could not have happened without an initial information edge. So a key defense research agenda was identified, one aimed at understanding the material effects of “knowing more.”

Doctrinal Debate

Conflict between the two major competing concepts—strategic information warfare as launching “bolts from the blue” and cyberwar as doing better in battle—was inevitable. Since the 1990s, a kind of “war of ideas about the idea of cyberwar” has been waged, with each side landing telling blows. The military proponents of what journalist James Adams once called the “ strategic attack paradigm” 1 have been dominant in the discourse, skillfully using the threat of this kind of assault—in the hands of hostile nations and/or networks—to drive national-security debates in countries around the world and generate huge budgetary support for protection of their “critical information infrastructures.” Much as the still-frightening specter of nuclear