Risky Bulletin Episode Summary

Title: Between Two Nerds: NSA's Thinking on Information Warfare
Host/Author: risky.biz
Release Date: June 2, 2025
Description: Regular cybersecurity news updates from the Risky Business team.

Introduction and Context

In this episode of Risky Bulletin, hosts Tom Uren and Gruk delve into the National Security Agency's (NSA) perspectives on information warfare as outlined in a declassified 1997 document titled Cryptolog, the Journal of Technical Health. The discussion unpacks the foresight embedded in the NSA's vision of information operations and examines its relevance—or lack thereof—three decades later.

Overview of the 1997 NSA Document on Information Warfare

Tom Uren introduces a special issue of Cryptolog from 1997, highlighting its comprehensive analysis of information operations (IO). He remarks on the document's prescience and alignment with current concepts of information warfare, noting, “...how far sighted it was and it feels very correct...nothing's really changed” (00:12).

Gruk expands on the NSA's clear-eyed vision, appreciating their understanding of the emerging information domain while critiquing their adherence to existing military doctrines. He observes, “they're constrained by the doctrines and the thought processes that they exist within already” (02:41), emphasizing the NSA's traditional military focus despite the evolving landscape.

Vision vs. Reality: Has Information Warfare Evolved?

The hosts discuss the extent to which the 1997 vision has materialized. Gruk points out the stagnation in innovative practices, stating, “for example, here’s something we could do and it’s... 30 years later we’re still just doing that thing” (03:38). Uren concurs, noting the persistence of doctrines such as offensive cyber operations—“degrade, disrupt, deny, destroy”—which remain central to U.S. strategy (07:28).

Defining Information Operations

The conversation delves into the nuanced definitions of IO within the NSA's doctrine. Gruk references the Department of Defense's 1996 definition of Computer Network Attack (CNA) as actions to “disrupt, deny, degrade, or destroy information resident in computers and computer networks” (08:07), comparing it to modern terminology like "offensive cyber operations."

Bureaucratic Inertia and Institutional Challenges

A significant portion of the discussion centers on the NSA's institutional inertia. Gruk relates insights from recent literature, highlighting how bureaucracies resist change despite recognizing the need for innovation: “once you have these bureaucracies in place, they develop... institutional inertia” (06:01). This resistance hampers the adoption of the bold ideas proposed in the 1997 document, leaving the organization entrenched in conventional practices.

Comparative Analysis: U.S., Russian, and Chinese Approaches to Information Warfare

The episode provides a comparative analysis of how different nations conceptualize and implement information warfare:

Terminology and Conceptualization

• Russia: Utilizes the term “information sphere”, encompassing all forms of information dissemination and manipulation.
• China: Similar to Russia, adopts a broad view but emphasizes “information operations” and “information environment”.
• United States: Primarily operates within the confines of “cyberspace”, limiting the scope to digital realms.

Gruk critiques the U.S. for being “stuck with this idea of cyberspace... how do we attack through a space” (13:03), contrasting it with the more holistic approaches of Russia and China.

Strategies and Methods

• Russia: Engages in covert influence operations, such as paying influencers to promote specific agendas. Gruk cites, “the Russians have caused disruptions... via information operations” (15:24).
• China: Focuses on state-led storytelling through entities like China Global TV Network (CGTN) and employs influencer capture to sway public opinion.
• United States: Relies on traditional intelligence and cybersecurity measures, often overlooking the integration of information dissemination and manipulation in warfare.

Doctrine of Offensive Cyber Operations

The hosts explore the evolution of cyber operation doctrines since the 1997 document:

• 1997 Definition: Focused on CNA operations to disrupt or destroy adversarial information systems.
• Modern Equivalent: Now termed “offensive cyber operations”, maintaining similar objectives but with updated terminology (08:07).

Gruk expresses disappointment that the fundamental strategies remain unchanged, despite technological advancements and evolving threat landscapes.

The Role of Technology vs. Conceptual Thinking

A critical discussion emerges around the balance between technological prowess and innovative conceptual strategies:

• U.S. Focus: Emphasizes technological advancements such as stealth technology and precision-guided munitions.
• Russian and Chinese Focus: Advocate for “unrestricted warfare”, which leverages any means to achieve strategic objectives, including non-technological methods like social manipulation and economic disruption.

Gruk criticizes the U.S. for being “slaves to technology”, lacking the incisive thinking needed for unrestricted warfare strategies (25:03).

Influence Operations and Modern Information Warfare

The episode highlights contemporary manifestations of information warfare:

• Russian Influence: Utilizes influencers and propaganda to destabilize target societies.
• Chinese Strategies: Employ state-controlled media and influence campaigns to shape global narratives.
• U.S. Limitations: Despite possessing advanced cyber capabilities, faces challenges in implementing broad-spectrum information operations due to institutional constraints and privacy concerns.

Gruk remarks sarcastically on the U.S. stance, “They have CGTN, China global TV network... but Hollywood isn’t directed to promote American hegemony” (27:19), highlighting inconsistencies in how information operations are perceived and executed.

Challenges of Integrating Information Operations

Tom Uren and Gruk discuss the structural challenges within U.S. agencies like the NSA:

• Siloed Operations: Information operations and cyber functions reside in separate organizational structures, hindering cohesive strategy development.
• Bureaucratic Hurdles: The need for inter-agency collaboration and broader governmental support complicates the implementation of comprehensive information warfare strategies.

Uren muses, “nothing makes for a better codeword than shredding the system” (29:54), reflecting on the systemic barriers to integrating advanced information operations within existing frameworks.

Conclusions and Insights

In concluding their analysis, Uren and Gruk assert that the NSA's early recognition of the importance of information warfare was accurate, yet the execution has lagged due to institutional inertia and limited doctrinal flexibility. They emphasize the necessity for:

• Holistic Approaches: Integrating information dissemination and manipulation with traditional cyber and intelligence operations.
• Innovative Thinking: Moving beyond technological solutions to include strategic narrative shaping and influence operations.
• Organizational Reform: Overcoming bureaucratic barriers to enable comprehensive and adaptive information warfare strategies.

Gruk summarizes, “We have to have a stake in all three information warfare camps...” (29:53), underscoring the multifaceted nature of modern information warfare and the need for balanced investment across various operational domains.

Future Outlook

The hosts suggest that without significant organizational and doctrinal changes, the U.S. risks falling behind adversaries who continue to innovate in the realm of unrestricted and asymmetric information warfare. They advocate for a reassessment of current strategies to encompass the full spectrum of information operations, ensuring resilience and adaptability in an increasingly digital and interconnected conflict landscape.

Notable Quotes

• Tom Uren (00:12): "It feels like they captured something at the time and also how at the same time, talking about information warfare, nothing's really changed."

• Gruk (02:41): "They're constrained by the doctrines and the thought processes that they exist within already."

• Gruk (03:38): "For example, here's something we could do and it's... 30 years later we're still just doing that thing."

• Tom Uren (07:28): "...exactly the same doctrine, at least last time I looked, that the US uses today."

• Gruk (06:01): "Once you have these bureaucracies in place, they develop... institutional inertia."

• Gruk (13:03): "How do we attack through a space."

• Gruk (15:24): "The Russians have caused disruptions and interruptions to aid Ukraine several times now thanks to the use of information operations like that."

• Tom Uren (25:03): "The Americans are great at this, but they have this next thing, which is that rather than new concept weapons, there's a new concept of weapons where you would then take the idea that anything can be a weapon."

• Gruk (27:19): "They have CGTN, China global TV network, and other mastheads that they fund and influence and stuff like that."

Timestamp Reference Guide

• 00:12: Introduction to the 1997 NSA document.
• 02:41: Gruk on NSA's constrained vision.
• 03:38: Gruk on stagnation in innovation.
• 07:28: Continuation of offensive cyber operations doctrine.
• 06:01: Discussion on bureaucratic inertia.
• 13:03: Critique on U.S. conceptualization of cyberspace.
• 15:24: Russian influence operations in Ukraine.
• 25:03: Contrast between U.S. and other nations' weapon concepts.
• 27:19: Chinese state-controlled media and influence.

Final Thoughts

This episode of Risky Bulletin offers a critical examination of the NSA's historical and contemporary approaches to information warfare. Hosts Tom Uren and Gruk provide insightful analysis, highlighting the challenges posed by institutional inertia and the imperative for innovative, holistic strategies in the ever-evolving digital battleground.