Cyber Defense Review

Recent Articles

1 2 3 4 5 6 7 8

Can the Warfare Concept of Maneuver be Usefully Applied in Cyber Operations?

January 14, 2016 — Although the cyber domain has several unique characteristics, the timeless principles of maneuver warfare can still be readily applied as in the conventional domains of land, maritime, air, and space.[1] Maneuver in cyberspace also leverages many of the same techniques, tactics and procedures (TTPs) as the conventional domains, but with some notable difference, herein explored. For the purpose of this article, the intent of maneuver warfare is to ensure the tactical mobility of capable friendly forces and deny it to the adversary in order to place him at a tactical disadvantage. I also stipulate that movement to and within a theater is a given, thereby focusing our analytical effort on cyber maneuver at the tactical within a theater of operations, though crossing domains. Because cyberspace is a man-made domain that is both virtual and physical, the specific TTPs are distinct, yet they can largely exist within established conceptions of maneuver warfare. As cyberspace is physical, logical, and human in nature, it is possible to maneuver to exploit vulnerabilities at each of these levels. MORE

No-Hack Pacts – Beijing Assumes a Global Leadership Role

January 12, 2016 — While largely recognized as the most pervasive actor engaged in cyber espionage activity for both intelligence collection and commercial espionage, China has recently entered into several “no cyber-enabled commercial hacking” agreements with major governments, efforts that have culminated in the 2015 “no hack” pledge by representatives of the G20. By demonstrating its willingness to work with other governments on this issue, China is promoting itself as a global leader in cyber security while downplaying its suspected involvement in previous espionage activity. MORE

Why Special Operations Forces in US Cyber-Warfare?

January 8, 2016 — Cyber-warfare[1] is human-warfare and SOF must play a role. Even in terms of unclear interaction, such as between the US and China, investing SOF expertise into cyber-organizations helps to fill the gaps of American practice caused by elemental differences in military cultures. Whereas, principled Clausewitzian and Jominian theories inspire idealistic US strategies, China’s Sun Tzu inspired stratagems are as unpredictable and deceptive as human nature itself. Defensively oriented, US military culture favors warfare in terms of absolutes and wrestles with cyber-warfare’s ambiguity as a successful strategic deterrent. Conversely, Chinese military culture embraces and promotes ambiguity and brandishes cyber-warfare as a strategic compellent. While US cyber-warfare practice is objective and technically driven, China’s more subjective “cyber-shi”[2] application is coercive and psychologically driven. Ready to help close cyber-warfare’s clear cultural gap, SOF are experts at exploiting the psychological, cultural, and societal factors that drive human behavior and are masters in unconventional warfare. SOF are purpose-built to provide unique expertise on human nature in conflict and are perfectly-suited to advance US cyber-practice better-adapted to counter adversaries in the “gray zone.”[3] By investing SOF experts into cyber-organizations, the Department of Defense (DoD) generates more asymmetric cyber-warfare options and strengthens the nation by fusing the best of competing historic approaches, in this most modern form of human-warfare. MORE

Convergence of Cyberspace Operations and Electronic Warfare Effects

January 4, 2016 — Convergence is the foundry for new possibilities. Convergence of Cyberspace Operations (CO) and Electronic Warfare (EW) effects creates combined effects to achieve both offensive and defensive overmatch. Recently the US Air Force revealed the use of a modified EC-130 Compass Call aircraft to remotely attack enemy networks.1 The 24th Air Force commander, Major General Burke “Ed” Wilson, spoke of this capability enabling the ability to “touch a network that in most cases might be closed.”2 While the need for convergence of cyberspace operations and electronic warfare is recognized within the Department of Defense (DoD), differences between how these two capabilities are trained, resourced, organized and employed combined with the significant functional level differences between the two have hindered efforts to converge their capabilities. A concerted effort must be undertaken at the both the Joint and Service levels to closely integrate CO with EW effects to achieve combined effects, enabling comprehensive shaping of the operational environment. The first step in this effort is for CO and EW professionals to commit themselves to professional self-development in their counterparts’ field. MORE

Cyber 76ers: Forging a Force of Cyber Planners

December 17, 2015 — The Army has identified a need to more formally develop “cyber planners” who effectively plan and integrate cyberspace operations within Army and joint operations at all levels of command. The establishment of career field 17 (Cyber) and its alignment with FA 29 (EW) have created conditions to initiate such a program, assess its effectiveness over officer careers, and make continual adjustment as needed. Institutional ownership (Cyber School) of the program will ensure the proven build-assess-build approach to developing cyber planners, but the key is to begin now with general consensus. We summarize the essential context for cyber planning based on an informal survey of subject matter experts across the Army and propose a three-tiered model yielding cyberspace planning expertise at tactical, operational, and strategic levels of command. MORE

The Interdependence of Feedback, Stability, and Success in Emerging Professions: A Grounded Theory Study in Support of American Military Cyber Professionals

December 14, 2015 — I.  MotivationAs captured in numerous strategic policy documents and speeches, the need to develop a military cyber profession (MCP) or workforce in America is significant.[1],[2],[3],[4],[5],[6] Unfortunately for the United States military, such development has been hampered by a lack of durable and widely accepted definitions of the MCP, which MORE

Mission Command In and Through Cyberspace: A Primer for Army Commanders

December 10, 2015 — Joint force commanders exercise mission command across all domains to include land, air, maritime, space, and cyberspace. According to joint doctrine, mission command involves the conduct of military operations through decentralized execution,[1] and this demands that leaders at all echelons exercise disciplined initiative to accomplish missions.[2] However, in the case of military operations in cyberspace, there are aspects of mission command that are not yet fully developed for the joint force.[3] For instance, the emphasis on delegation and decentralization are not always appropriate for situations involving the employment of national level cyberspace capabilities designed to create effects in support of unified action.[4] Army forces are currently incorporating cyberspace as an “operational domain,”[5] and commanders understand how this effort has direct implications for their exercise of mission command in support of unified land operations.[6] In the absence of an operational example, past and current conditions on cyberspace integration will be discussed along with the mission command principle of creating shared understanding. MORE

The High Importance of Mobile Networks During Crisis

November 19, 2015 — Every year, developed and developing countries increasingly rely on cyberspace infrastructure for economic activity and governance. Specifically, mobile wireless networks are an indispensable component of the cyberspace landscape. This paper explores the necessity of mobile wireless networks during crisis. Mobile networks have proven essential for relief efforts in the aftermath of disasters and during conflicts. The US military trains to respond to such crisis scenarios, but current US cyberspace doctrine primarily focuses on the cybersecurity of its own military cyberspace infrastructure. This mindset does not adequately addresses the imperatives for assisting civil authorities or host nations restore/protect cyber capabilities. To be successful in future contingencies, the US military must integrate mobile network cybersecurity into its operations planning. Even in the poorest communities, mobile wireless networks are becoming fundamental to the governance, economic growth, and social fabric. The US military must train and deploy teams that can rapidly restore and secure these mobile networks. MORE

SOF – GPF Integration: A Model for Cyber Operations

November 18, 2015 — In 2013, The Decade of War Working Group released a “Decade of War: Enduring Lessons from a Decade of Operations.” The document captured the critical lessons from a decade of combat experience in Iraq and Afghanistan. Absent from this document were insights regarding the employment of US cyber capabilities. This omission should not imply that after a decade of war, the United States cannot delineate key insights into military cyber operations. The Decade of War publication did extensively examine the impacts of General Purpose Force (GPF) – Special Operations Force (SOF) integration. This examination provides a cornerstone for necessary future synergies between Cyber and GPF in order to achieve unity of effort, effective intelligence defensive cyber operations, and optimization of offensive cyber effects. Following a GPF – SOF model, the US military should view cyber forces as a member of the combined arms team, establish fusion cells at the tactical level of war, and imbed cyber personnel as liaisons in tactical organizations to develop a true common operating picture and achieve unity of effort. MORE

Putin’s Cyber Strategy in Syria: Are Electronic Attacks Next?

November 17, 2015 — The past few weeks have seen a remarkable shift in Syria. Russian fighter jets are bombing opponents of Syrian President Bashar al-Assad.[1] At least a few thousand Russian soldiers are now on Syrian soil.[2] And the Obama administration is scrambling to re-calibrate its policy positions toward Syria in light of these developments. Yet there is good reason to suspect that Russian plans for Syria go beyond the mere presence of conventional military forces. For the United States to begin managing the Russian presence in Syria effectively, it will soon have to come to terms with the prospect of Russian cyber attacks in Syria, as well. MORE

1 2 3 4 5 6 7 8

Comment Disclaimer

If you wish to comment on any of the posted articles, please use the comment box provided below the individual article. The Army Cyber Institute (ACI) reserves the right to modify this policy at any time.

This is a moderated forum. This means that all articles are subject to review. In addition, we expect that the participants will treat each other, as well as our agency and our employees, with respect. We will not post and will remove any comments that contain abusive or vulgar language, spam, hate speech, personal attacks, violate EEO policy, are offensive to others or similar content. We will not post and will remove comments that are spam, clearly "off topic", promote services or products, infringe on copyright protected material, or contain any links that don't contribute to the discussion. Comments that make unsupported accusations will not be posted and will be removed. The ACI and the ACI alone will make a determination as to which comments will be posted and/or removed. Any references to commercial entities, products, services, or other non-governmental organizations or individuals that remain on the site are provided solely for the information of the individuals using the Cyber Defense Review site. These references are not intended to reflect the opinion of the ACI, the Army, the Department of Defense (DoD), its officers, or employees concerning the significance, priority, or the importance to be given the referenced entity, product, service, or organization. Such references are not an official or personal endorsement of any product, person, or service, and may not be quoted or reproduced for the purpose of stating or implying ACI, Army, or DoD endorsement or approval of any product, person, or service.

Any comments that report criminal activity including: suicidal behavior or sexual assault will be reported to the appropriate authorities. This forum is not:
- To be used to report criminal activity. If you have information for law enforcement, please contact your local police agency.
- Do not submit unsolicited proposals or other business ideas or inquiries to this forum. This site is not to be used for contracting or commercial business.
- This forum may not be used for the submission of any claim, demand, informal or formal complaint, or any other form of legal and/or administrative notice or process, or for the exhaustion of any legal and/or administrative remedy.

The ACI does not guarantee or warrant that any information posted by individuals on this forum is correct, and disclaims any liability for any loss or damage resulting from reliance on any such information. The ACI may not be able to verify, does not warrant or guarantee, and assumes no liability for anything posted on this website by any other person. The ACI does not endorse, support, or otherwise promote any private or commercial entity or the information, products or services contained on those websites that may be reached through links on the Cyber Defense Review website. 

Members of the media are asked to send questions to the public affairs office through normal channels and to refrain from submitting questions here as comments. Reporter questions will not be posted and may be removed at the discretion of the ACI. We recognize that the web is a 24x7 medium and your comments are welcome at any time. However, given the need to manage federal resources, moderating, posting, and removal of comments will occur during normal business hours Monday through Friday. Comments submitted after hours or on weekends will be reviewed and posted or removed as early as possible; in most cases, this means the next business day.

For the benefit of robust discussion, we ask that comments remain "on-topic". This means that comments will be reviewed and posted only as it related to the topic that is being discussed within the blog post and "off-topic" posts may be removed. The views expressed on the site by non-federal commentators do not necessarily reflect the official views of the ACI, the Department of the Army, the Department of Defense, or the Federal Government.