Chapter 9
A South African Perspective on Information Warfare and Cyber Warfare 1
,
South Africa is the leading economy in Southern Africa, and is a strategic maritime nation that serves a major shipping lane between the western and eastern hemispheres. Its ports are also vital to the country’s economy, as 98% of all exports are conveyed by sea [GCI 10]. The national communications infrastructure in South Africa is 99% digital, and is the most developed telecommunications network in Africa [GCI 10]. The main telecommunications supplier, Telkom, is the largest in Africa; the cell phone industry has also shown significant growth, and by the end of 2008 there were estimated to be over 34 million cell phone users in the country [GCI 10]. The developed nature of the infrastructure necessitates the development of information warfare and cyber-warfare in order to protect the national communications infrastructure from threats; particularly those that are cyber-based.
South Africa is making an effort to develop skills in these arenas; it was first reported in 2004 that an information warfare battlelab had been commissioned by the Council for Scientific and Industrial Research (CSIR) [CSI 04]. In March 2009, the CSIR hosted the 4th International Conference on Information Warfare and Security, and there are numerous local conferences in the country that revolve around information warfare and security. The Military Information and Communication Symposium of South Africa is a biennial conference that ran for the fifth time in 2011.
There is a history of the use of information warfare tactics in South Africa. During the apartheid era, the media was heavily censored [MER 01]; and anti-government radio stations were jammed. A ban was placed on sounds or images of racial protests to deny anti-apartheid protestors a stage, aiming to reduce international sympathy for their cause [SAL 11]. Military operations in Angola saw the deployment of electronic warfare. The African National Congress used computers and modems as part of Operation Vula, an underground communications network [SAL 11]. As the prevalence of computers and computer networks was not high during this period, there were no instances of cyber-war.
9.1. The South African structure of information warfare
The South African National Defense Force (SANDF) defines information warfare as:
“all actions taken to defend the military’s information-based processes, information systems and communications networks and to destroy, neutralize or exploit the enemy’s similar capabilities within the physical, information and cognitive domains” [BRA 07].
From this definition, there are three ‘domains’ in which to conduct information warfare. The concept of the ‘information sphere’ comprises the physical domain, the electromagnetic spectrum, the network spectrum or ‘cyberspace’, and the human or cognitive domain [COE 11]. Cyberspace is therefore a subset of the information sphere, and is considered to be comprised of the technologies that enable the distribution and storage of data packages in the form of bits and bytes [COE 11]. The human or cognitive domain is also significant as it contains the relevant wisdom and knowledge of the soldiers fighting wars and populations; this is where decisions are made based on experience, information and perceptions [COE 11].
The management and governance of the South African information warfare capabilities fall under the Directorate of Information Warfare, whereas the various branches of the SANDF are responsible for its implementation [BRA 07]. The SANDF organizes information warfare into six functional areas [BRA 07, THE 08]:
– command and control warfare: protecting the efficiency and integrity of decision making and the link between the command structure and the soldiers of its own forces, and aims to damage the similar capabilities of the opposing forces.
– intelligence-based warfare: protecting the intelligence cycle and dissemination to soldiers of its own forces in real-time (i.e. ‘sensor-to-shooter capabilities’ [BRA 07]), and aims to damage the similar capabilities of opposing forces.
– information infrastructure warfare: the information infrastructure is considered to include the networks and communications as well as the energy infrastructure upon which they depend. Information infrastructure warfare aims to protect South Africa’s forces information infrastructure, and to attack or exploit that of opposing forces;
– network warfare: this is equivalent to cyber-warfare, computer network operations and network-centric warfare. It aims to protect the information networks of South African forces and to attack or exploit those of opposing forces;
– electronic warfare: this protects the availability of the electromagnetic spectrum for utilization by South African forces and aims to prevent, damage or exploit the use of the electromagnetic spectrum by opposing forces;
– psychological operations (or PSYOPs): operations aimed to support military objectives by influencing the behavior and attitudes of a target audience, which may be hostile, neutral, or friendly.
The six functional areas are organized into two domains [BRA 07, THE 08]:
– the application domain, which comprises of command and control warfare, intelligence-based warfare and information infrastructure warfare; and
– the enabling domain, which consists of network warfare, electronic warfare and PSYOPs.
The application domain can be seen as the ‘target’, while the enabling domain is applied to create effects in the application domain. As the military in South Africa is primarily a defense force, information warfare also takes a defensive posture [HEF 09]. This is also evident in the fact that the aims of the six functional areas are described as primarily to protect its own force’s information activities and secondly to neutralize, modify, degrade, deny or destroy those of the opposing forces [THE 08].
Table 9.1 compares the six functional areas of the South African model to the seven that are proposed by Libicki [LIB 95] and the Indian model described by Chatterji [CHA 08]. It can be seen that the South African model does not consider economic information warfare but that there is the introduction of information infrastructure warfare in the South African model. The South African network warfare construct is also a combination of cyber-warfare, hacker warfare and network-centric operations. The South African model also segments the six functional areas into the two domains, which is not done elsewhere.
The information warfare functional areas are related to the operational battle space as follows [THE 08]:
– network and electronic warfare can be used to disrupt the flow of data from sensors to processing units and from processing units to the command structure, or to inject false data into data flows;
– to intercept the information flow between an adversary’s command structure to those fighting the war (intelligence agencies), or to disrupt the flow of information or inject false information using network warfare and electronic warfare;
– to disrupt the information flow between the command structure and support units through the use of electronic and network warfare, or to modify and inject false information, with the aim of introducing errors into the logistics supply.
Table 9.1. Comparison of the information warfare models
| South Africa [BRA 07] | Libicki[LIB95] | India [CHA 08] |
| Command and control warfare | Command and control warfare | Command and control warfare |
| Intelligence-based warfare | Intelligence-based warfare | Intelligence-based warfare |
| Electronic warfare | Electronic warfare | Electronic warfare |
| Psychological operations | Psychological operations | Psychological warfare |
| Hacker warfare | Network-centric warfare | |
| Network warfare | Cyber-warfare | Cyber-warfare |
| Information infrastructure warfare | Information economic warfare | Economic information warfare |
In addition to its functional areas and domains, the SANDF identifies four layers of information warfare: doctrine, command and control, physical network, and the communications grid [THE 08]. The doctrine layer refers to the operational tactics (both long-term and day-to-day operations) during peace and wartime; it may be possible to utilize information warfare to force an adversary to alter its doctrine, providing an advantage to South Africa’s forces. The physical network refers primarily to computer-based networks, and the communications grid refers to the military communications systems, with a focus on the electromagnetic forms of communication (radio frequency and satellite communication systems). Command and control refers to the structure used to manage forces and may include both the communications grid and physical network [THE 08].
In the SANDF 2020 Vision, Brazzoli emphasizes the importance of PSYOPs in the African context [BRA 07]. This focus on PSYOPs and influence operations is echoed by Wardini while discussing Senegal’s information operations structure [WAR 08]. Wardini attributes the focus on PSYOPs in the African context due to the technological components required for other functional areas being not readily available [WAR 08]. Brazzoli argues, however, that technology may be bought and introduced very quickly, and therefore should not be ignored [BRA 07]. South Africa also has a strong electronic warfare industry; particularly related to the SAAB group [DAR 08].
The 1998 Defense Review indicates that the role of information technology in the SANDF is to provide combat and operational advantages. It recognizes that the convergence of information and communication technologies is resulting in the “erosion of the distinctions between strategic, operational and tactical systems” [DOD 98]. Information technology was considered essential for the transformation of the South African Department of Defense and the SANDF. The term ‘information warfare’ first appeared in the South African Department of Defense annual report in 2003 [DOD 03]; this indicates that the SANDF has acknowledged the importance of information warfare. In the 2005 annual report it was indicated that the Information Warfare Directorate and Capability Boards had been established, and the draft information warfare strategy had been completed and distributed for comment. It also indicated that the draft information warfare policy and information warfare doctrine were nearing completion [DOD 05]. By 2006, the information warfare committees of the services had been established [DOD 06].
In the 2010 report, it was indicated that the annual implementation targets are being met for information warfare; however a concern is raised that there is a lack of capacity [DOD 10]. This report and the 2009 strategic business plan indicate that the information warfare and security field need development, and that this is an essential area of research [DOD 09, DOD 10].
From these reports it is clear that the development of information warfare in the SANDF is of strategic importance, and there is a clear path for the further development and implementation of information warfare in South Africa. In addition to this, the Faculty of Military Science at the University of Stellenbosch, which forms the Military Academy of the SANDF, has courses that include information warfare, electronic warfare, and cyber-warfare [FMS 11].
9.2. A South African perspective on cyber-warfare
As with many other nations, South Africa is looking to improve its cyber-defense capability following the attacks on Estonia and Georgia. South Africa would regard a cyber-based incident that causes major disruption to national information systems as an act of war [ENG 08]. Much of the country’s information warfare and cyber-warfare capabilities are still classified, therefore publications containing doctrine-related material are scarce. What is clear is that there is increasing concern over the growing prevalence and availability of broadband services, coupled with the lack of user awareness. Adequate legislative, incident response and monitoring mechanisms at a strategic level are also lacking to a certain degree, therefore there is no holistic view of cyber-security incidents in South Africa.
9.3. The Southern African cyber-environment
South Africa has a relatively low penetration of Internet services compared to ‘developed’ countries. The International Telecommunications Union estimates that only 8.82 out of every 100 people in South Africa are Internet users. There are an estimated 0.96 fixed-line broadband subscribers in South Africa for every 100 residents, compared to 10.52 mobile broadband subscriptions per 100 residents; this is a ratio of 11 mobile broadband subscriptions for every fixed-line broadband subscription [ITU 11]. This indicates that in general the South African population is reliant on mobile options for data communications.
There is concern over the vulnerability of the country to cyber-based incidents due to the increasing prevalence and affordability of broadband connectivity; and the lack of security awareness. There is expected to be a drop in the price of broadband in Africa due to the new undersea cables that are being installed. Currently South Africa is connected to three cables, totaling 5,460 gigabits of capacity. This is expected to increase to five cables totaling 15,700 gigabits capacity by the end of 2012. Sub-Saharan Africa currently has six active undersea cables, totaling 9,960 gigabits of capacity, which is expected to increase by the end of this year to 10 undersea cables totaling 23,980 gigabits. While this increase in capacity is good for development in the region, it also brings the concern that the resultant drop in connectivity prices will result in the growth of users who are unaware of online security issues. The primary concern, raised by a number of local and international researchers, is that there will be an explosion of cyber-crime activity and malicious software infections, which will lead to increased susceptibility of the nation’s infrastructure to an attack, or an increased risk of the Internet being utilized as part of a cyber-based attack [JJV 10, FRY 10, VAN 10].
There is already a high rate of malicious software infections in Southern Africa. The Microsoft Security Intelligence Report [MSC 10a] lists the number of computers (per 1,000) cleaned (CCM) by Microsoft Malicious Software Removal Tool. Table 9.2 shows this malware infection rate of South Africa and the neighboring nations compared to the worldwide figure. The figures in brackets indicate the rank of the nation out of the 212 listed.
There is a general trend where these African nations are moving up the rankings, i.e. having higher infection rates. It should be noted that these figures are only for legitimate Windows platforms; therefore there may be many more infected computers using pirated copies. The rate of pirated software in Africa was estimated at 59% in 2009 [BSA 10]. The pirated software may remain unpatched, leaving the systems vulnerable to infection [FRY 10].
Table 9.2. Infection statistics of South Africa and neighboring nations in CCM (rank of 212 nations) [MSC 10a]
Table 9.3. Botnet infection statistics of African nations in CCM (rank of 86 nations) [MSC 10b]
Table 9.3 shows the bot infection rate of African nations compared to the worldwide figure; this infection rate is again the number of computers per 1,000 cleaned by the Microsoft Malicious Software Removal Tool. The figures in brackets indicate the rank of the nation out of the 86 listed. As can be seen from the bot infections, South Africa has a very high infection rate compared to other African Nations, and this is higher than the worldwide average.
The figures shown in these tables are ominous signs that a prediction cited by [CAR 10] that 80% of the computers in Africa will become infected by bots may come to fruition; some researchers already claim that 80% have some form of infection [JVV 10]. If this happens, it will establish Africa as a launching point for major cyber-attacks. While the targeted nation will bear the brunt of the attack, it is also highly probable that the networks in Africa will experience severe degradation in performance.
Another concern regarding the increase in broadband activity is that this will facilitate greater piracy, which may result in an increase in unpatched systems, leaving them vulnerable to exploitation [FRY 10]. This will contribute to an increase in the infection rates in Africa. The 2008 survey indicates that 59% of software was pirated in Africa, with Zimbabwe (92%), Algeria (84%), Nigeria (83%), Zambia (82%), Botswana (79%) and Kenya (79%) being listed among the top 30 nations for software piracy rates [BSA 10]. South Africa was relatively low, with a rate of 35%, but it is listed in the top 30 economies with the highest commercial value of pirated software, totaling $324 million [BSA 10]. This indicates that there are many vulnerable systems in South Africa from which an attack can be launched.
According to the Internet Crime Complaint Center [IC3 10], South Africa is already ranked 7th in the world for cyber-crime in terms of the number of perpetrators; consisting of 0.7% of the total. South Africa is also ranked 9th in terms of the number of complainants, totaling 0.15%. Three other African nations appear in the top 10 perpetrators: Nigeria, ranked 3rd with 8%; Ghana is ranked 6th with 0.7%; and Cameroon is ranked 9th with 0.6%. Therefore Africa has four nations in the top 10, totaling 10% of the perpetrators. This indicates that Africa may already be a launching point for cyber-crime activity. As of December 20, 2010, 19,340 South African websites had been hacked since the beginning of the year; of those 74 were government websites [HAC 10]. This indicates that there is a potential susceptibility to hacktivism.
South Africa’s neighbors have experienced cyber-warfare tactics due to political conflict. Zimbabwe has reportedly undergone an internal politically-motivated information war. An article cites numerous instances of government attempts to monitor the Internet and cell phones, jam radio stations, instigate denial-of-service attacks on Internet-based newspapers and anti-government hacktivism [MAV 08]. It was also reported that the Zimbabwean government received aid from China to assist with the jamming and monitoring the of country’s gateway to Intelsat [MAV 08].
Mozambique recently joined the nations that have experienced electronically-initiated protests. In September 2010, protesters took to the streets over rising food prices, the protest reportedly being orchestrated via short messaging service [JAC 10]. Even though the cell phone penetration is only approximately 29% [BMI 10], it appears that cell phones proved to be a powerful tool to distribute the message. Such use of mobile devices is significant for South Africa, as there is a very high penetration rate of cell phones compared to Internet access; therefore a cyber-based attack on the telecommunications infrastructure may have greater impact than an attack on the Internet-specific infrastructure.
In January 2011, mass anti-government protests in Tunisia and Egypt utilized online social media to spread word of the protests [KES 11]; it is reported that Tunisian authorities attempted to hack into user accounts [MAD 11] and Egyptian authorities shut down the Internet and some cell phone services [KES 11, KRA 11] in an attempt to hamper the co-ordination of the protests. This again signifies the presence of cyber-based conflict in Africa.
Limited denial-of-service attacks are experienced in South Africa and the telecommunications networks do report attempted penetrations of their infrastructure. There is, however, a view that South Africa is unlikely to be the subject of a large cyber-attack unless another nation takes offence to an event or political decision [SCH 09]. Despite this, the growing Chinese influence in Africa may increase the likelihood of cyber-attacks in the region due to its apparently aggressive cyber-tactics; infections of the GhostNet series of malware was reported to be found in some African nations [IWM 09]. The GhostNet cyber-espionage malware has been attributed to the Chinese reportedly targeting those sympathetic to the Dalai Lama [IWM 09]. There have been reports that it was pressure from China that resulted in South Africa refusing entry to the Dalai Lama [SAP 09]. It is possible that South Africa may also have been subjected to cyber-espionage had the Dalai Lama been allowed entry. It is also believed that the ties South Africa has with China also increase the risk of a cyber-attack [JON 09]. The throughput of the undersea cables to South Africa has been calculated at between 500 and 1,000 Kb/s [COT 10]; a distributed denial-of-service attack such as the one that targeted Myanmar in October/November 2010, which peaked at over 14 Gb/s [LAB 10], would severely degrade the country’s international connectivity.
Currently there are only three African nations with operational Computer Security Incident Response Teams (CSIRTs): Tunisia, Mauritius and Kenya. Three others are in the process of developing CSIRTs: South Africa, Egypt and Morocco.
As the CSIRT in South Africa is still under development, the country is beginning to lag behind other nations with regards a coherent information security response capability. Robertson, Lessing and Nare advocate the introduction of a military-specific CSIRT with the aim of aiding the military to protect the nation by handling responses to all cyber-security incidents [ROB 08], including cyber-warfare. However, CSIRTs are expensive and complex, and require highly trained personnel [ELL 10]. In South Africa it is also unclear which organization has the political mandate to control the CSIRT, which has hindered the development of the CSIRT in the past [GRO 11]. It has been proposed that community-orientated security, advisory and warning (C-SAW) teams be implemented as a method of protecting cyber-assets within communities; these will not replace the CSIRTs, but provide initial protection while the CSIRT is under development and then operate alongside the CSIRT once it is operational. The benefit of the C-SAW teams is that they are independent of any controlling organization, and therefore will not be hindered by organizational or political mandates [ELL 10].
9.4. Legislation
Legislation relating to cyber-security is currently being introduced. The Electronic Communications and Transmissions Act of 2002 outlines basic laws regarding hacking, intercepting and interfering with electronic communications, including those online [ECT 02]. The second major piece of legislation is the Regulation for the Interception of Communications Act. As the name suggests, this makes provision for security-related monitoring of communications [RIC 02]. The Protection of Personal Information Bill was due to be enacted in 2011, however, this did not occur. The Bill intended to provide basic rights regarding personal information; and places the onus for protecting information on the organization that controls it [POP 09]. In 2002 an Act was passed to allow the establishment of a company to provide services and products that will enable state organizations to maintain communications security [ECS 02].
While these acts are in place, there has yet to be a major, high-profile test of them in court. There also does not to appear to have been a major test in an international incident either. This may create some doubt and uncertainty regarding the implementation and applicability of the acts; organizations therefore may not be fully compliant and have vulnerabilities.
In February 2010, the country’s Draft Cyber-Security Policy was released for comment. This document allows for the creation of a national CSIRT, and various CSIRTs for each sector. This policy is a step in the right direction, as the creation of the CSIRT is seen as crucial to the cyber-defense of South Africa. However, most of the legislation focuses on cyber-crime issues, and not specifically on protection from a major cyber-attack.
It is clear that South Africa recognizes the importance of a strong legal framework that can protect organizations and users from cyber-threats. With the advantage of hindsight of a ‘late-adopter’ it is likely that the legal framework, once in place, will provide adequate protection to users. It is imperative, though, that a strong technical framework is also put into place to support the legal framework. These frameworks will aid in mitigating the impact of a potential cyber-attack against the nation’s infrastructure.
9.5. Cyber-security and information warfare organizations in South Africa
There are a number of public and private organizations in South Africa that focus on cyber-security. The following government and related organizations have responsibilities that are related to cyber-security and information warfare in South Africa [BRI 11]:
– the Department of Communications;
– the Department of Defense and the SANDF;
– the CSIR;
– the National Intelligence Agency;
– the Secret Service;
– the South African Police Service;
– the Special Investigation Unit;
– the State Information Technology Agency; and
– Communications Security Pty (Ltd).
The Department of Communications is effectively the government department charged with developing policies regarding information and communications technologies in South Africa; its mandate indicates a focus on socioeconomic development through ICT. The Department of Defense and the SANDF are charged with protecting South Africa through military force. They are therefore responsible for the military aspects of cyber-defense and information warfare. The CSIR is the national research body. As such it is responsible for conducting research into cyber-defense and information warfare for the military and government. The National Intelligence Agency and Secret Service provide intelligence and counter-intelligence services, as well as being involved in anti-corruption, counterterrorism, and countering organized crime. The area of responsibility for the South African Police Service and Special Investigations Unit will revolve around cyber-crime and corruption and fraud [BRI 11]. The State Information Technology Agency is tasked with supplying the South African government and related organizations with information technologies. Communications Security Pty (Ltd) was established to provide the South African government with communications security capabilities [ECS 02].
The disadvantage of having this number of organizations is that it is unclear whose political mandate it should be to lead the national cyber-security efforts, and this often results in hindrances in the existing projects.
There are private organizations that are also involved in the cyber-defense field. The Information Security Group of Africa is a not-for-profit organization that provides a forum for the information security community [ISG 10]. ITWeb is an online news website that has an information security section; it hosts an annual ‘Security Summit’ [ITW 11]. Ekwinox is an organization that organizes conferences and training in the areas of information security and information warfare [EKW 11]. There are also a number of private organizations in South Africa that provide cyber-security consulting services.
9.6. Estimated cyber-warfare capability in Africa
As much of the doctrine and documentation is not publicly available, estimates need to be made on the capabilities. A study carried out in 2003 ranked South Africa as 37 out of 57 nations with possible cyber-warfare capabilities; Nigeria was ranked 48th, Zimbabwe 55th, and Kenya and Ghana were joint 56th [GIA 03]. Using a different set of data from 2000, the same study ranked South Africa as 22 out of 27 nations [GIA 03]. Given that the first ranking listed China as 43rd, which is now considered to be one of the more capable nations in cyber-warfare, and the fact the term ‘information warfare’ first appeared in the 2003 South African Department of Defense annual report, it is possible that South Africa has increased in its rankings.
A number of security research projects in South Africa will also improve the defensive capabilities. An example is the quantum cryptography research group based at the University of KwaZulu-Natal, where quantum encrypted networks have been implemented in the eThekwini Municipality (Durban and the surrounding suburbs) [MIR 11]. The internal ‘cyber-conflict’ in Zimbabwe and the development of CSIRTs in some African nations indicates that there is a growing cyber-warfare capability in Africa.
9.7. Conclusion
The information warfare model adopted by the SANDF is comparable with those of other nations, in that it has similar functional areas to the models of other countries. From the annual reports since 2003, it is apparent that information warfare capabilities will continue to develop and be implemented by the SANDF; however, a lack of human capacity in the area has been noted. The focus of information warfare is on a defensive posture, and this extends to the network warfare functional area, which is analogous to cyber-warfare.
South Africa does not have a particularly high penetration rate of Internet services, and there appears to be a reliance on mobile broadband services. While South Africa has not yet been a victim to a major cyber-attack, there is a particular concern over its vulnerability to cyber-based attacks due to the increasing broadband connectivity and lack of user awareness. High rates of infection, software piracy, and cyber-crime are already evident; this situation is expected to worsen. High rates of botnet infections may see the African information infrastructure employed as a cyber-weapon to launch attacks. There have been cyber-related incidents in Africa. This indicates that despite the low penetration rates, the potential for cyber-power has been recognized. South Africa is not expected to fall victim to a major cyber-attack, however, unless there is an event that attracts the attention of a group with aggressive cyber-tendencies.
Currently Africa, particularly South Africa, is lagging in the introduction of legislation and policies to aid in countering the cyber-threats. South Africa lacks an operational CSIRT, and the general lack of CSIRTs on the continent results in a huge vulnerability to cyber-based incidents. There are a number of public organizations whose mandate is relevant to addressing cyber-security and information warfare; however it is unclear which organization should take the lead responsibility for national cyber-defense.
African countries have been ranked in an information warfare study; this illustrates that some capability exists. The internal ‘cyber-conflict’ in Zimbabwe, the mass demonstrations throughout Africa, the response by the respective governments and current research indicates that there is a growing capacity in this continent for cyber-warfare. The relevant technology required to conduct cyber-warfare can be purchased and operated with a minimum of human capability; this provides these nations with the ability to ‘develop’ some cyber-warfare capability almost overnight. Other sympathetic nations may provide both the technology and training to allow African nations to acquire cyber-warfare capabilities. Botnets to conduct cyber-attacks can be ‘hired’; providing any state or non-state actors with the capacity to launch an anonymous attack.
Africa, and South Africa in particular, are developing cyber-warfare capabilities. Internal cyber-conflicts and cyber-supported mass demonstrations illustrate that the philosophy and some capability exists. Some African nations have a CSIRT, providing them with a defensive advantage over those that do not; however, the increasing prevalence of broadband in the continent may result in increasing levels of cyber-insecurity due to large levels of piracy and lack of awareness of information security issues.
9.8. Bibliography
[BMI 10] BUSINESS MONITOR INTERNATIONAL, Mozambique: How Rising Wheat Prices Crippled SMS Services, Business Monitor International Risk Watchdog, 2010, available at: http://www.riskwatchdog.com/2010/09/13/mozambique-how-rising-wheat-prices-crippled-sms-services/ (accessed 5 November 2010).
[BRA 07] BRAZZOLI M.S., “Future prospects of information warfare and particularly psychological operations,” in LE ROUX L., South African Army Vision 2020, Institute for Security Studies, pp. 217-232, 2007.
[BRI 11] BRITZ D., “The supporting role of the private sector in the IW sphere,” 5th Military Information and Communications Symposium of South Africa 2011 (MICSSA ‘11), Pretoria, July 18-21, 2011.
[BSA 10] BUSINESS SOFTWARE ALLIANCE, 7th Annual BSA-IDC Global Software Piracy Study 2009, Business Software Alliance, Washington, DC, May 2010.
[CAR 10] CARR J., Inside Cyber Warfare, O’Reilly Media, 2010.
[CHA 08] CHATTERJI S.K., “An overview of information operations in the Indian army,” IOSphere, Special Edition, pp. 10–14, 2008.
[COE 11] COETZEE A.J., “Information warfare: The 5th dimension to project strategic power,” 5th Military Information and Communications Symposium of South Africa 2011 (MICSSA ‘11), Pretoria, July 18–21, 2011.
[COT 10] COTTRELL R.L., KALIM U., “New E. Coast of Africa fibre”, SLAC Confluence, September 2010, available at: https://confluence.slac.stanford.edu/display/IEPM/New+ E.+Coast+of+Africa+Fibre (accessed November 30, 2010).
[CSI 04] COUNCIL FOR SCIENTIFIC AND INDUSTRIAL RESEARCH (CSIR), Science Scope, CSIR, April/May 2004, available at: http://www.csir.co.za/publications/pdfs/sciencescope/May2004_technobrief.pdf (accessed November 26, 2010).
[DAR 08] DARDINE A., KNOWLES J., “The EW top 20,” The Journal of Electronic Defense, vol. 31, no. 8, pp. 30-33, 2008.
[DOD 03] SOUTH AFRICAN DEPARTMENT OF DEFENSE, South African Defense Review 1998, Government of the Republic of South Africa, 1998.
[DOD 03] SOUTH AFRICAN DEPARTMENT OF DEFENSE, Annual Report FY 2002–2003, Government of the Republic of South Africa, 2003.
[DOD 05] SOUTH AFRICAN DEPARTMENT OF DEFENSE, Annual Report FY 2004–2005, Government of the Republic of South Africa, 2005.
[DOD 06] SOUTH AFRICAN DEPARTMENT OF DEFENSE, Annual Report FY 2005–2006, Government of the Republic of South Africa, 2006.
[DOD 09] SOUTH AFRICAN DEPARTMENT OF DEFENSE, Strategic Business Plan 2009, Government of the Republic of South Africa, 2009.
[DOD 10] SOUTH AFRICAN DEPARTMENT OF DEFENSE, Annual Report FY 2009–2010, Government of the Republic of South Africa, 2010.
[ECS 02] Electronic Communications Security Pty (Ltd) Act, Act 68, Government of the Republic of South Africa, 2002.
[ECT 02] Electronic Communications and Transmissions Act, Act 25, Government of the Republic of South Africa, 2002.
[EKW 11] EKWINOX, Pasts Events, 2011, available at: http://ekwinox.webs.com/pastevents.htm.
[ELL 10] ELLEFSEN, I., VON SOLMS, S., “C-SAW: critical information infrastructure protection through simplification,” International Federation of Information Processing Advances in Information and Communication Technology, vol. 328, pp. 315–325, 2010.
[ENG 08] ENGELBRECHT, L., SANDF Considers Info Warfare Threat, DefenceWeb, 2008, available at: http://www.defenceweb.co.za/index.php?option=com_content&view=article&id=192&catid=48:Command%20&%20Control&Itemid=109 (accessed November 26, 2010).
[FMS 11] FACULTY OF MILITARY SCIENCE, Calender 2011, Part 13, University of Stellenbosch, 2011.
[FRY 10] FRYER, B., MERRITT, K., TRIAS, E., “Security in the emerging African broadband environment,” Proceedings of the 5th International Conference of Information Warfare and Security, Wright-Patterson Air Force Base, Ohio, USA, pp. 98–105, April 2010.
[GCI 10] GOVERNMENT COMMUNICATION AND INFORMATION SYSTEM (GCIS), Pocket Guide to South Africa 2009/2010, South African Government Communications, Pretoria, 2010, available at: http://www.gcis.gov.za/resource_centre/sa_info/pocketguide/2009-10.htm (accessed February 15, 2011).
[GIA 03] GIACOMELLO, G., “Measuring digital wars: learning from the experience of peace research and arms control,” The Information Warfare Site Infocon Magazine Issue One, October 2003, available at: http://www.iwar.co.uk/infocon/measuring-io.pdf (accessed September 26, 2011).
[GRO 10] GROBLER, M., BRYK, H., “Common challenges faced during the establishment of a CSIRT,” 2010 Information Security for South Africa (ISSA 2010) Conference, Sandton, August 2010.
[HAC 10] HACKING STATS.COM, Hacking Statistics, December 20, 2010, available at: http://www.hackingstats.com/hacking-statistics.php (accessed December 20, 2010).
[HEF 09] HEFER, J., THERON, J., “IW into Africa,” Military Information and Communications Sumposium of South Africa 2009, Pretoria, July 2009.
[IC3 10] INTERNET CRIME COMPLAINT CENTER (IC3), 2009 Internet crime report, Federal Bureau for Investigations, 2010, available at: http://www.ic3.gov/media/annualreports.aspx (accessed May 3, 2010).
[ISG 10] INFORMATION SECURITY GROUP OF AFRICA, About Us, ISGA, 2010, available at: http://www.isgafrica.org/blog/?page_id=37.
[ITU 11] INTERNATIONAL TELECOMMUNICATIONS UNION, ICT Data and Statistics, ITU, 2011, available at: http://www.itu.int/ITU-D/ict/statistics/index.html.
[ITW 11] ITWEB, Security Summit 2011 – Info, ITWeb, 2011, available at: http://www.itweb.co.za/index.php?option=com_content&view=article&id=38100&Itemid=2330.
[IWM 09] INFORMATION WARFARE MONITOR (IWM), Tracking GhostNet: Investigating a Cyber Espionage Network, IWM, 2009.
[JAC 10] JACOBS S., DUARTE D., Protest in Mozambique: The Power of SMS, AfrOnline – The Voice of Africa, 2010, available at: http://www.afronline.org/?p=8680 (accessed November 5, 2010).
[JON 09] JONES C., SA Could Face Cyber War, ITWeb, May 29, 2009, available at: http://www.itweb.co.za/index.php?option=com_content&view=article&id=23157:sa-could-face-cyber-war&catid=296:security-summit-2009&tmpl=component&print=1 (accessed November 29, 2010).
[JJV 10] JANSE N., VAN VUUREN J., PHAHLAMOHLAKA J., BRAZZOLI M., “The impact of the increase in broadband access on South African national security and the average citizen,” Proceedings of the 5th International Conference of Information Warfare and Security, Wright-Patterson Air Force Base, Ohio, USA, pp. 171–181, April 2010.
[KES 11] KESSLER S., Twitter Blocked in Egypt as Protest Turns Violent, Yahoo! News, 2011, available at: http://news.yahoo.com/s/mashable/20110125/tc_mashable/twitter_blocked_in_egypt_as_protests_turn_violent (accessed January 26, 2011).
[KRA 11] KRAVETS D., Internet Down in Egypt, Tens of Thousands Protest in ‘Friday of Wrath’, Wired.com Threatlevel Blog, 2011, available at: http://www.wired.com/threatlevel/2011/01/egypt-internet-down/# (accessed February 1, 2011).
[LAB 10] LABOVITZ C., Attack Severs Burma Internet, Arbor Networks, November 2010, available at: http://asert.arbornetworks.com/2010/11/attac-severs-myanmar-internet/ (accessed November 11, 2010).
[LIB 95] LIBICKI M., What is Information Warfare? Center for Advanced Concepts and Technology, 1995, available at: http://www.dodccrp.org/files/Libicki_What_Is.pdf (accessed December 20, 2010).
[MAD 11] MADRIGAL A., “The inside story of how Facebook responded to Tunisian hacks,” The Atlantic, 2011, available at: http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044/# (accessed January 25, 2011).
[MAV 08] MAVHUNGA C., “The glass fortress: Zimbabwe’s cyber-guerrilla warfare,” Concerned African Scholars, no. 80, pp. 21–27, 2008, available at: http://concernedafricascholars.org/docs/acasbulletin80.pdf (accessed November 26, 2010).
[MER 01] MERRIT C., “A tale of two paradoxes: media censorship in South Africa, Pre-Liberation and Post-Apartheid”, Critical Arts, vol. 15, no. 1, pp. 50–68, 2001.
[MIR 11] MIRZA A., PETRUCCIONE F., “Quantum technology: A next generation solution for secure communication,” 5th Military Information and Communications Symposium of South Africa 2011 (MICSSA ‘11), Pretoria, July 18–21, 2011.
[MSC 10a] MICROSOFT CORPORATION, Microsoft Security Intelligence Report – Global Infection Rates, vol. 9, 2010, available at: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=%20b5f9eddc-70dc-4b11-996b-1bc6987c44b9 (accessed November 26, 2010).
[MSC 10b] MICROSOFT CORPORATION, Microsoft Security Intelligence Report – Global Botnet Infection Rates, vol. 9, 2010, available at: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=%20b5f9eddc-70dc-4b11-996b-1bc6987c44b9 (accessed November 26, 2010).
[POP 09] GOVERNMENT OF THE REPUBLIC OF SOUTH AFRICA, Protection of Personal Information Bill, Bill 9, Government of the Republic of South Africa, 2009.
[RIC 02] GOVERNMENT OF THE REPUBLIC OF SOUTH AFRICA, Regulation for Interception of Communications and Provision of Communication-related Information Act, Act 70, Government of the Republic of South Africa, 2002.
[ROB 08] ROBERTSON J., LESSING M., NARE S., “Preparedness and response to cyber threats require a CSIRT,” IFIP Proceedings on ICT Uses in Warfare and the Safeguarding of Peace, pp. 84–94, July 2008.
[SAL 11] SALEH I., “The impact of ICT on peace, security & governance in Africa”, Alliance of Civilisations Media Literacy Education, available at: http://www.aocmedialiteracy.org/index.php?option=com_contest&task=view&id=100&itemid=31 (accessed February 2011).
[SAP 09] SOUTH AFRICAN PRESS ASSOCIATION (SAPA), Best not to Invite Dalai Lama, News 24, 2009, available at: http://www.news24.com/SouthAfrica/Politics/Best-not-to-invite-Dalai-Lama-20090322 (accessed April 19, 2010).
[SCH 09] SCHEEPERS W., “Information (cyber) warfare: fact or fiction?”, Military Information and Communications Symposium of South Africa 2009, Pretoria, July 2009.
[SON 10] SONG S., African Undersea Cables, Many Possibilities, 2010, available at: http://manypossibilities.net/african-undersea-cables/ (accessed November 19, 2010).
[THE 08] THERON J., “Operational battle space: an information warfare perspective,” IFIP TC9 Proceedings on ICT uses in Warfare and the Safeguarding of Peace, Council for Scientific and Industrial Research, Pretoria, 2008.
[VAN 10] VAN NIEKERK B., Safety and Security on the NET, TEDx UKZN, May 14, 2010.
[WAR 08] WARDINI A., “Information operations in Senegal”, IOSphere, Special Edition, pp. 53–56, 2008.
1 Chapter written by Brett VAN NIEKERK and Manoj MAHARAJ.