talks about information warfare, specifically with the application of
strategy & tactics. This will evolve into a journal of concepts
based on physical and psychological warfare, and eventually become organized
Information of significance. From an IW perspective, this has
to do with asset maps (networks, systems, etc.), defensive and offensive
posture, and systems inventory.
It is important to appreciate the value of deception in any warfare situation.
Information warfare is no different. Is a planted virus outbreak just
a flash fire to be patched around, or is it a method to divert assets
while a real attack is in place, such as theft of intellectual property?
Such covert acts can often be lost in the noise of the outbreak.
This is the act, for the most part, of gathering intelligence. Most initial
recon should use stand-off activity; that is, using search engines
(like Google and Google cache), DNS sites (like DNS Stuff), and fingerprint sites
(like Netcraft). Once stand-off recon is complete, active recon is likely next.
This could include electronically touching systems, like sending a bogus e-mail
and analyzing the DSN; to surveillance and social engineering.