Information Systems Warfare: Is there such a thing?

Most government and private organizations are developing ways to protect them from any information attack. Others are even trying to develop tools to attack other systems. Information troopers are trying to capture and destroy information, and processes of the "enemy", while they secure vulnerabilities on systems flaw that attackers already are familiar. Information warfare can exist technically on the privacy of people in different levels such as: personal, corporate(companies) and global(countries).

Cyber-terrorism is a form of attack on information systems that compromises national security. Business-to-business(B2B) transactions over the internet is one type of information system that is vulnerable to Cyber-terrorists.

The following are some of the strategies that Cyber-terrorist use in their attacks, depending on the type of institution:

• Virus/Spyware - Any company can be attacked by planting a virus into any other software. These virus may destroy valuable and critical information in an organization's network of computers.
  
• Alteration of Data - Banks can be attacked by changing bank accounts. Unauthorized fund transfers may cause financial losses and loss in consumer confidence.
• Communication cut-off - Electronic signals can be jammed to cut communications of airport towers with airlines.
• Distant Killing - Alteration of patient records can cause wrong diagnosis that may lead to death of patients.
• Information Dissemination - Disinformation can be very costly to organizations. Using the internet to spread false information is like a wildfire that is very hard to contain.

With the threat of Cyber-terrorism comes preventive measures that organizations can practice to repel attacks.

• Passwords - Password must be a combination of alphanumeric characters and symbols and should be at least eight(8) characters long. Regular changing of password will be a very good practice.
• Network - Firewall, proxy and anti-virus are some of the tools that may be used to secure the infrasture of the organization. If possible, network audits can also be done periodically. As a minimum requirement, an anti-virus must have a scanner, shield and a cleaner.
  
• Patches - Make it a habit to be updated of certain vulnerabilities of your information systems and acquire regular critical updates from the developer.
• Audit - Analysis of log files might be necessary and must be done on a regular basis to check the systems health and status.

Everyone must take note that all attacks may not come from outside of the organization. Rather, within the organization, someone may wreak havoc on information systems such as competitors, and former employees.