Cyberspace and 4th Generation Warfare - A Marriage of Convenience

Thursday, August 25, 2011

Don Eijndhoven


In 1989 a group of US military analysts including William S. Lind, decided to conveniently ignore the rest of world history and look at evolution in armed conflict starting at a mere 100 years before the inception of the United States.

Any biologist worth his salt will tell you that this is too small a sample to take an accurate measurement of such a lengthy ordeal as evolution, but for this article's sake I will digress.

The resultant work of this team was published in the US Marine Corps Gazette and revolved around a 'generational' view to warfare, in which each evolution - dubbed a Generation - had distinct characteristics particular to that generation.

In their article they describe four generations. The following definitions were gleaned from Wikipedia:

imageFirst Generation: Tactics of line and column; which developed in the age of the smoothbore musket. William S. Lind (2004) explains the generations of war as the First Generation beginning after the Peace of Westphalia in 1648 ending the Thirty Years’ War and establishing the state’s need to organize and conduct war.

1GW consisted of tightly ordered soldiers with top-down discipline. These troops would fight in close order and advance slowly. This began to change as the battlefield changed.

Old line and column tactics were now suicidal as the bow and arrow/sword morphed into the rifle and machine gun (Lind 2).

Second Generation: Tactics of linear fire and movement, with reliance on indirect fire. This type of warfare can be seen the early stages of WWI, where there was still strict adherence to drill and discipline of formation and uniform, but the dependence on artillery and firepower to break the stalemate and move towards a pitched battle.

Third Generation: Tactics of infiltration to bypass and collapse the enemy's combat forces rather than seeking to close with and destroy them; and defense in depth.

The 3GW military seeks to bypass the enemy, and attack his rear forward, such as the tactics used by German Storm Troopers in WWI against the British and French in order to break the trench warfare stalemate (Lind 2004).

These aspects of 3GW bleed into 4GW as it is also warfare of speed and initiative. However, it targets both military forces and home populations.

Fourth Generation:  Tactics generally revolve around unconventional warfare, often seen as terrorist activities or Insurgency. The conflict itself is characterized by a blurring of the lines between war and politics, soldier and civilian, often leading to long and drawn out conflicts.

In terms of generational modern warfare, the fourth generation signifies the nation states' loss of their near-monopoly on combat forces, returning to modes of conflict common in pre-modern times.

The simplest definition includes any war in which one [or more, ed.] of the major participants is not a state but rather a violent non-state actor.

The article was heavily debated on its accuracy, especially when considering the rest of world history. Certain forms of warfare had always existed and seem more dependent on the intelligence of the Generals fighting the war than it does on technology or 'modernity'.

For instance, it can be argued that Maneuver Warfare -or 3d generation- was used with great success by conquerors such as Alexander the Great (356 – 323 BC) when he deployed his cavalry in a flanking maneuver.  Additionally we can see 4th generation warfare (4GW) in the rise of Spartacus in ancient Rome, where he (a non-state entity) made war with the Romans.

Nevertheless the theory made one point that is of particular application to Cyber Warfare: A blurring of the lines between Soldier and Civilian. Everyone can start a war through cyberspace. War is no longer the sole province of Nation States.

In his eye-opening book "Brave New War", author John Robb explains how the internet and other global communication systems have supercharged the individual's capacity to wage war. For virtually every extremist view there is a place on the internet, so its quite easy to find other people who share your cause and build a small army. 

You can find manuals on how to craft bombs and other weapons from household products, so weapons to fight with are certainly not a problem. Furthermore: terrorists have begun to move away from targeting symbolic places and instead seem to be focusing on weak spots in critical infrastructure.

These are far easier targets to hit and this drives down the requirements, making it that much easier for extremist groups or individuals to achieve their goals. These attacks on critical infrastructural weak points have proven to be cheap to execute, with a small chance of getting caught and have an extremely high ROI.

Sometimes the cost of repairing the damage is several thousand times more costly than the attack itself. Furthermore it delegitimizes the hosting nation state every time they succeed, and they succeed often because it is nearly impossible to defend everything, all the time. Whats worse: the number of attacks is on the rise precisely because they are so successful.

The chance of another 9/11 happening are slim to none, while cheap and easy attacks on (for instance) oil lines in the middle of the desert are occurring daily. Information on where those weak spots are in our critical infrastructure is freely available on the internet as well, as long as you know what to look for.

If you have a degree in Engineering you may not even need such internet access because you can find them on your own. And these are just the kinetic side-effects of global access to global knowledge. Remember: Much of Western critical infrastructure is connected to cyberspace too.

As such, it is both an excellent method to attack critical infrastructure as well as a target in and of itself.

With this in mind we should expect the same growth in cyber conflicts (cyber terrorism, cyber warfare etc). Cyberspace will become more hostile rather than less hostile, despite any efforts in securing the products and systems we work with, simply because through cyberspace they can hit us where it hurts.

As our dependance on cyberspace grows, naturally so must phenomena such as cyber terrorism. It is perfectly in line with that supercharged unconventional warfare so suited for individuals and small groups as described in the article on 4GW, as well as Robb's observed trend towards what he calls Global Guerrilla tactics.

The lesson here is that we should prepare our online critical infrastructure for such attacks ahead of time. Assume that attacks will come and that attacks will be successful. This means that critical services should be redundant and capable of providing service even while under attack.

Decentralization is your friend.

Mr. Robb advocates turning services into independent Open Standard platforms that other companies, groups or even individuals can build onto with greater ease, and I believe he rightly points to the Open Source movement as a prime example. We can still learn much from Eric S. Raymond's Bazaar model. We can, and if we wish to survive: we must.

About the Author:

Don Eijndhoven has a BA in System & Network Engineering with a Minor in Information Security from the Hogeschool van Amsterdam, The Netherlands. Among a long list of professional certifications he obtained are the titles CISSP, Certified Ethical Hacker, MCITPro and MCSE. He has over a decade of professional experience in designing and securing IT infrastructures. He is the CEO of Argent Consulting and often works as a management consultant or Infrastructure/Security architect. In his spare time he works as a Project Manager for CSFI and currently has 2 projects in his portfolio. He also blogs for several tech-focused websites about the state of Cyber Security and is a founding member of a Dutch foundation that aims to support the Dutch Ministry of Defense in writing proper Cyber Doctrine.

Cross-posted from


Help Support Infosec Island by Tweeting and Stumbling our Articles - and join our LinkedIn Group HERE - Thanks!

Possibly Related Articles:
Defense in Depth National Security Cyber Warfare Netherlands Cyber Defense Cyberterrorism William S. Lind
Post Rating I Like this!
JT Edwards The reality is cyberwar as we know it is a form of asymmetrical warfare. There is a lot of talk about cyberwar as total war and that is the premise of Cyber War: The Next Threat to National Security and What to Do About It. The reality is that is not what is happening now and though a lot of people are preparing for total war I believe cyberwar will remain asymmetrical for the foreseeable future. A lot of this is semantics and is based on the paradigm you start with. Just like in the generational model, nothing is perfect.

We have been trying to define war and explain war since its inception and cyberwar is no different. There are plenty of people out there who don’t even think there is such a thing as cyberwar. I think the issue is too many are looking at total war (think WWII) as the model for cyberwar. Study a little bit about asymmetrical warfare and I think you will see our current experience fitting into that paradigm nicely. It is time for us geeks to pick up some books like The Sling and the Stone: On War in the 21st Century or Keegan’s A History of Warfare if we are to remain relevant in this discussion.
JT Edwards Also a good short read from the author of Sling and Stone.

Fourth generation warfare evolves, fifth emerges.
Don Eijndhoven Many people have acknowledged that cyber warfare is asymmetrical/guerilla/unconventional warfare. Its that fact that I assumed my piece on, although you are right in asserting that not everyone understands that. What I was trying to do was establish the link between what mr. Robb described about global terrorism and cyber warfare. The book you mention is one I have heard before. I think i'll pick it up sometime soon.
JT Edwards Sorry I misread it as an attempt to place cyberwar within a particular paradigm. Not a bad one just thought there were better..

For now I think terrorist will remain focused on the kinetic side of the house. The challenge of creating a kinetic event from a cyber event will be more effort than it is worth for awhile. I know Mr. Black’s talk at BlackHat on cyber terrorism was well received I am just not sure any NGO out there could pull anything off that would truly be impactful. I think where we will have an issue, at some point, is with the Jihad-Hobbyist. Some Jihad-Hobbyist or a group of them will try and pull of some anonymous style attack. This will not be a kinetic event and will be at best an annoyance. There is still far too much low hanging fruit for cyber terrorism to be a priority for terrorist. At least in the foreseeable future..
Joel Harding Don, your article is beyond accurate in some ways. There have been rumors floating around the US DoD that CyberCom might displace and fall under USSOCOM. Personally, I don't think that plan stands a snowball's chance in hell of passing, but at least it is under consideration.

I grew up in Special Forces versus the conventional Army, the mindset is the same as is needed in cyber.
Don Eijndhoven Hi Joel,

Thank you, but most of the credit should go to mr. Robb who's book I so blatantly took from.

While the link between unconventional warfare and cyber warfare is there, I don't know if placing CyberCom under USSOCOM will work. I understand the reasoning though: Let the unconventional warfare experts do what they're best at. Maybe it IS a good idea, I don't know. Maybe the 'cyber warriors' (by lack of a better term) would indeed be better off by learning more about the guerilla mindset that is so prevalent amongst SF operators. Who knows? I also understand your scepticism.

Thanks for that piece of information. It'll be interesting to see how that develops.
Joel Harding To add insanity to this discussion, I recently participated in a discussion about US Cyber Command and Service Component support to Global Combatant Commands (GCC) and their Service Components. That sentence, by itself, should make you scratch your head... I only understand it because I worked it for one year but providing Army intelligence support to Army Service Components to each GCC. Basically, ARFORCYBER is going to have an office at each GCC for the Army, supporting the Army Component of, say, ARCENT for CENTCOM.

Now, throw in a twist and imagine if you might, this all falling beneath SOCOM instead of STRATCOM, the way it is now. You'd have all the same requirements but now there are restrictions on who can know what, internally to each command. If you're an insider you have the accesses you need. If you're an outside, you don't even know you don't have access because you don't know it exists!

I love it and hate it, all at the same time. It all makes sense, in a twisted, squish your face up, sort of way.
Don Eijndhoven Well the bureaucracy is essentially at the heart of why 'the system' is failing us, right? Its simply unable to fight these small, flexible and fast groups because every bit of minutia has to be weighed and decided upon. Would that go any better for CyberCom under SOCOM?
Joel Harding Truthfully? Yes. SOCOM has the unique warrior mentality from top to bottom. If a decision needs to be made quickly, they will find a way. BUT, normally it would be a slow, deliberate process uncomfortably like conventional commands.
Don Eijndhoven Then it just may work out :)
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.