---------------------------------------------------------------------- InfoWarCon '95 D I S T R I B U T E W I D E L Y Here is the latest information about our upcoming Information Warfare Conference; please redistribute this information widely: InfoWarCon '95 September 7-8, 1995 Stouffer Concourse Hotel Arlington, VA CONFERENCE OVERVIEW The Information Warfare Conference (InfoWarCon 95) is our third international conference dedicated to the exchange of ideas, policies, tactics, weapons, methodologies and defensive posture of Information Warfare on a local, national, and global basis. InfoWarCon will bring together international experts from a broad range of disciplines to discuss and integrate concepts in this rapidly evolving field. Attendees will intensely interact with the speakers and presenters as well as each other to increase each other's understanding of the interrelatedness of the topics. While there are many interpretations of Information Warfare by different groups, the current working definition we employ is: "Information Warfare is the use of information and information systems as weapons in a conflict where information and information systems are the targets". Information Warfare is broken down into three categories, and InfoWarCon speakers and attendees will interactively examine them all: Class I: Personal Privacy. "In CyberSpace, You Are Guilty Until Proven Innocent." The mass psychology of information. Privacy versus stability and law enforcement. Class II: Industrial and Economic Espionage. Domestic and international ramifications and postures in a globally networked, competitive society. Class III: Global Information Warfare. Nation-state versus Nation-state as an alternative to conventional warfare, the military perspective and terrorism. THE SPONSORS National Computer Security Association Winn Schwartau, Inter.Pact Robert Steele, OPEN SOURCE SOLUTIONS, Inc. THE CONFERENCE The conference is designed to be interactive - with a healthy dialog between all participants. The contents and discussions will all be considered open source. - What is Information Warfare? - What Are the Targets? - Protecting the Global Financial Infrastructure - Military Perspectives on InfoWar - InfoWar Vs. Non-Lethal Warfare - Defending the U.S. Infrastructure - The Intelligence Community and Information - Open Source Intelligence - The Psychology of Information - Privacy Balances - Information As the Competitive Edge - International Cooperation - Denial of Service - Cyber-Terrorism - Offensive Terrorism - Offensive InfoWar Techniques - Defensive InfoWar Postures - Education and Awareness Training - Corporate Policy - Government Policy - Global Policy - Espionage - Export Controls of Information Flow - The Legal Perspective - The New Information Warriors Plenary sessions will accommodate all attendees, while the three break-out session rooms will provide for more intimate presentations and interactivity on topics of specific interests. * * * * * * * Tentative Agenda * * * * * * * Preliminary Schedule (Rev. 4; May 14, 1995) DAY I: Thursday, September 7, 1995 7:00 - 7:45 Continental Breakfast 7:45 - 8:00 Introductory Remarks: - Peter Tippett, NCSA - Robert Steele, OSS - Winn Schwartau, Interpact 8:00 - 8:30 Keynote Address (TBD) Morning Plenaries "What Is Information Warfare?" There is no consensus as to what Information Warfare means; everyone has a different definition and application which often suits specific agendas. The morning sessions are to provide attendees with a current review of what Information Warfare means to different people. 8:30 - 9:30 "The Government Perspective" How do the various military services see Information Warfare as fitting within their needs and mission? Moving information rapidly and efficiently to the modern soldier provides key battlefield advantage. How does lethal versus non-lethal warfare fit into their models? 9:30 - 10:30 "The Commercial View" The commercial sector sees Information Warfare from a different perspective. Business survival is top on the list. How do private sector leaders view Information Warfare from both a defensive and offensive standpoint? Government attendees will be especially interested in this session. 10:30 - 11:00 Morning Coffee Break 11:00 - 12:00 Breakout Sessions I Class I "Anti-Privacy Technology" This will be a hands-on demonstration of how to breach personal privacy, bug and eavesdrop on individuals and corporations. Attendees will see how easy it is to violate privacy, and how hard it is to detect such violations. Class II: "Industrial and Economic Espionage - An Update" What's new in the world or private spying? Front line experts will what's better and what's worse. Who's spying on whom? What are they looking for? What are their techniques and tools? What can you do to protect your organization from being a victim? Moderator: Jim Settle Former head of Natl. Computer Crime Squad, FBI - Larry Watson, DECA, FBI Class III "Magnetic Weapon Systems: Risks and Defenses" The first half will present an overview of the risks of HERF Guns, EMP/T Bombs and Magnetic Pulse Cannons (MPC). The attendee will learn how easy they are to build, and why increasingly sophisticated magnetic weapons will become a choice weapon for terrorists. The second half will describe fundamental approaches to defensive postures against such Class 3 Denial of Service Assaults. - Winn Schwartau, Interpact, Inc. - Don White, EMC 12:00 - 13:30 Working Lunch Luncheon Speech 12:30 - 13:00 (TBD) 13:30 - 14:30 Breakout Sessions I Class I "Well Managed Propaganda" The media is a powerful filter by which citizens and the government collect most of their information. Was the media a puppet of the US in the Gulf War? Does aggressive PR makes media policy? How can the media be used, or protect itself from being used? What do journalists have to say about their apparent control over what people hear and see? Moderated by: Neil Munro, Senior Editor, Washington Technology Class II "Should the US Spy on the World?" The US has been the target of economic and indutrial espionage by military allies and 'friendly' competitors such as France, Japan, Korea, Israel, Germany, Taiwan among others. With an estimated intelligence budget of $30 Billion and arguably the most proliferate and advanced technologies, should we turn our spying 'eyes' on our global neighbors for the benefit of American economic security? Or, are Mom and Apple Pie Americans above that? Class III "Practicing Defensive Information Warfare" Military lessons for the private sector This exciting session will show 'real time' security testing with an active Internet connection. The military has developed an arsonal of tools for penetration and monitoring and alerting users about intrusions. Commercial attendees will learn what life is like without these mechanisms, and how much more secure they can be with them - with a low increase in overhead. What steps are required to build a defensive posture, and just how much defense is enough? 14:30 - 15:00 Afternoon Coffee Break Afternoon Plenaries 15:00 - 15:30 "Denial of Service on Information Systems" Confidentiality Availability and Integrity, two of the three pinions of security have been technically solved with advanced encryption techniques. The third aspect, Availability remains unsolved because of daunting technical problems. What do DOS attacks look like? From the Civil-Cyber Disobedience to Accidental Acts God or Man, a failure of key system components can trigger a domino-like chain of collapses. This sessions examines the vulnerability of current US infrastructures and the application such techniques in offensive military applications. 15:30 - 16:00 "Terrorism and Counter-Terrorism" Terrorist attacks against the US are now occurring on our home ground. What can the modern terrorist do which will meet his goals of sowing fear and distrust? Key infrastructures such as power grids, communications and transportation systems are attractive targets for the terrorist minded Information Warrior. What are we doing in planned response? 16:00-17:00 "What Is the Role of Government in defending National Economies?" As evolving global conditions shift competitive value from military might to economic advantage, how should we redefine national security? The threats to the private sector increase and become more likely targets in information warfare of all three classes. What is, and what should the role of the military be in defending US interests both domestically and abroad? This session will provide plenty of time for audience involvement. 17:00 - 19:00 Cocktail Reception Most speakers will be available for more intimate groups chats,and authors will be available to sign books. Great opportunity to pursue those ideas with people from different disciplines. 19:00 - 21:00 Birds of a Feather Dinners "Dutch" dinners give attendees the chance to dig into more and more depth in areas of their particular interest. * * * * * DAY II: Friday, September 8, 1995 7:00 - 8:00 Continental Breakfast 8:00 - 8:30 Keynote II (TBD) 8:30 - 9:00 "Defending the Financial Infrastructure" Not only the US is concerned. The world's financial infrastructure are inextricably linked. If one portion is hurt, the rippling effect is immediate. Trillions and trillions of dollars are trade every day. What can Information Warriors do to the global spider-web of electronic money, and what defenses are in place? 9:00 - 9:30 "PsyOps" The military and intelligence community have practiced Psychological Operations against adversaries for decades. How is this done, and how well does it work? Does PsyOps also have a place in commercial ventures? 9:30 - 10:00 "CORE WARS: Practicing Information Warfare in Cyberspace" The Core War was invented by A.K. Dewdney from the University of Western Ontario, Canada. As fought today on the Internet, Core Wars represent the purest intellectual tests of pure strategy, tactics and capability. Battalions of software programs must genetically breed themselves for combat knowing that they will go up against fierce competition. Video examples will be used to portray how Core Wars is a working model for Information Warriors on the front lines. Chair: Stuart Rosenberg, University of Cologne, Germany Jo Seiler, University of Cologne, Germany 10:00 - 10:30 "Security By Obscurity: Point-Counterpoint" Should the threats and details of potential vulnerabilities and actual events be guarded under the shrouds of official government secrecy or corporate policy of denial? Or is open disclosure the best route for education, awareness and defense? How can one defend against the unknown? Strong arguments exist for all views. 10:30 - 11:00 Morning Coffee Break 11:00 - 12:00 Breakout Sessions I Class I "An Electronic Bill of Rights" Defining Privacy In Cyberspace How do we as a nation balance the privacy rights of the individual against the legitimate needs of the state, and in sync with the policies of our global trading partners? The views from three differing positions will stimulate a healthy audience-panelist dialogue. Moderated by: Andrew Grosso, Former Asst. US Attorney Scott Charney, DOJ Computer Crime Unit Class II: "The 'Third Wave' Approach to Managing Information Warfare: Building a Commercial War Room" Maximizing the flow and control of informations key to competitiveness- whether it be on the battlefield or in the marketplace. An innovative tool and approach to planning and managing information in these very intense, time-sensitive environment is the advent of "war rooms." These are dynamic facilities which are optimized to channel the collection, analysis and dissemination of information. 'War rooms' can be static or field-portable and vary in ergonomic layout and technical capability. This session will provide case studies on the use of war rooms in government and industry. State of the art automated war rooms will be described which feature the projection of computer-generated information. Tools and practices for knowledge discovery, processing and dissemination will help you understand how you go about planning and building a competitive intelligence War Room? Chair: Steve Shakar, KnowledgeBASE, Inc. Panel: Mark Gembecki, Technology and Security Oversight Consultant, US Dept of State Robert Beckman, Alta Analytics, Inc. Class III "International Cooperation" All countries have an interest in stability, but rising nationalism often transcends the greater good. While most countries are becoming militarily allied, we all remain competitively aggressive. 25% of the world's population control 75% of the wealth (The Haves) while nearly 4 billion people share the remaining 25% (The Have-Nots). Where is the balance, and at what point does Information Warfare become openly hostile? In an electronically border-less world, how do we collectively avoid getting to that point? 12:00 - 13:30 Working Lunch 12:30 - 13:00 Luncheon Speech What are the organizing principles for information security and the design basis of information systems and networks? The DII is mandated to provide information services to the war-fighter. The NII initiative is enhancing the economic posture of the US. The infrastructures are inter-related and the loss of either capability could have devastating effect on the economy and security of the United States. The GII will necessarily find similar challenges where all nations must develop a viable means of cooperation. This presentation outlines high level approaches to successful implementation. 13:30 - 14:30 Breakout Sessions Class I "The Legal Consequences: The Lawyers Are Coming, The Lawyers Are Coming." What are the legal rights of Cyber-citizens in the US and how do those relate to the laws in other countries? What is the real criminal and civil recourse and remedies to combat industrial espionage? How do we legally handle non-physically violent attacks against the interest of the US on our own soil or overseas? Get the views of the experts. Moderated by: Daniel Kuehl, PhD, Professor National Defense University Scott Charney, DOJ Computer Crime Unit Class II "Defending Against the Internet" The chaotic ravages of the Internet constantly knock at the doors of anyone or any company is connected. What do you have to do to protect your information resources? What have others done? Is it enough and what does the future bode? Chair: Kermit Beseke, President, Secure Computing Corp. John Nagengast, NSA, Deputy Chief of Network Security Class III "The First Information War" The military is attempting to build a global network where intelligence information from the field is fed back to a War Room, analyzed, decisions made, and then instructions sent back to the theater: almost in real time. How well does this work, and how far from reality is the Pentagon's dream? Chair: Mich Kabay, Ph.D., NCSA Alan D. Campen, Col. USAF (Ret.) Author, "The First Information War." Former Director of Command and Control Policy to the Undersectrary of Defense. 14:30-15:00 Afternoon Coffee Break 15:00 - 15:30 "Who Are The Information Warriors?" Who are the bad guys? Who has the capability and the motivation to wage any of the Three Classes of Information Warfare? It's time to name names. 15:30 - 16:00 "Hackers: National Resources or Criminal Kids " DEBATE Germany uses professional hackers for their domestic industrial and economic advantage. What about the US? The kindest words ever uttered by Mich Kabay, Ph.D., about hackers is, "Amoral, sociopathic scum." Robert Steele, President of Open Source Solutions, Inc. sees them as national resources, to be cultivated as a tool for US economic security. Do they have a value in the protection of the US infrastructure, or can their specific expertise be found elsewhere? After short opening statements, the audience will be encourage to ask provocative questions. Robert Steele, President, OPEN SOURCE SOLUTIONS, Inc. Mich Kabay, Ph.D. NCSA Dir of Education 16:00 - 17:00 "The Future of Information Warfare" Where do we go from here? After two intensive days of interaction, learning and listening, what's the next step? What do industry and the government have to do to better understand each other? What steps can each take to improve individual, corporate and national defensive postures? Chair: National Defense University 17:00 - 17:15 Closing remarks - Peter Tippett - Robert Steele - Winn Schwartau 17:15 - 19:00 No host reception. -==========================- Hotel Information: Stouffer Concourse Hotel (Crystal City) 2399 Jefferson Davis Highway Arlington, VA 22202 703-418-6800 -============================- Conference Fees: $495.00/445.00 - NCSA Members/OSS Attendees $595.00/545.00 - All others ($50.00 discount available if payment is received by July 1, 1995) -============================- InfoWarCon '95 Registration Form: Name: ___________________________________________________________ Title: ___________________________________________________________ Org: ___________________________________________________________ Address: ___________________________________________________________ Address: ___________________________________________________________ City: ___________________________________________________________ State: _______________________________ Zip: _____________________ Country: __________________________ Email: ________________________ Phone: __________________________ Fax: _________________________ FEES: Payment made BEFORE July 1, 1995: ( ) $445.00 NCSA Members/OSS Attendees ( ) $545.00 All others Payment made AFTER July 1, 1995: ( ) $495.00 NCSA Members/OSS Attendees ( ) $595.00 All others Make checks payable to NCSA, or Charge to: ( ) VISA ( ) MasterCard AMEX ( ) Number: ___________________________________________ Exp date: ___________________________ Signature: ___________________________________________ MAIL OR FAX REGISTRATION TO: National Computer Security Association 10 South Courthouse Avenue Carlisle, PA 17013 Phone 717-258-1816 or FAX 717-243-8642 EMAIL: 74774.1326@compuserve.com CompuServe: GO NCSAFORUM Winn Schwartau Interpact, Inc. Information Security & Warfare V:813.393.6600 F:813.393.6361 Email: Winn@Infowar.Com PGP Key(2.3a & 2.6) Available on key servers.Voice (AT&T) 0-700-TANGENT F CON mailing list, mail: majordomo@fc.net with "subscribe dc-announce" in the body. DEF CON FTP: ftp.fc.net /pub/defcon http://www.defcon.org