Cyber Defense Review

Recent Articles

1 2 3 4 5 6 7 8

Senior Snake-Eater’s Predictions On The Future Of Terrorism And How It Can Inspire The Future Of DOD Cyber

August 14, 2015 — Many, many people are writing great things about using U.S. Special Operations Command (SOCOM) as a model for the development of U.S. Cyber Command (CYBERCOM), and many, many people are writing great things about the potential of raising CYBERCOM to a full unified command. However, cyberspace has yet to be recognized as a functional domain deserving of its own dedicated unified command. The comments made by GEN Joseph Votel, commander of SOCOM, at the West Point Senior Conference this past April illustrate the military’s increased emphasis on understanding the vulnerabilities and advantages that cyberspace brings to conflict. The Department of Defense should heed GEN Votel’s words and elevate CYBERCOM to unified command status, and, moreover, use SOCOM as model in developing CYBERCOM. Thanks to our friends at the Combating Terrorism Center at West Point, below is an excerpt from GEN Votel’s speech* dedicated to describing the implications of terrorism in the future operating environment: * I have bolded cyberspace-related nouns to emphasize the targets and attack/influence vectors future terrorist may affect and use to achieve their ends. MORE

Is Clausewitz Compatible with Cyber?

August 11, 2015 — The theories proposed by Carl Von Clausewitz almost 185 years ago maintain relevance based on their applicability relating to the rise of non-state actors and the increasing relevance of cyber operations in the context of modern warfare. Clausewitzian theory is useful in the Computer Age and continues to offer insights to some of the most consistently experienced issues in modern warfare. The recent release of the Department of Defense (DOD) Cyber Strategy is predicated upon the tenacious adherence to a comprehensive strategy, a topic to which Clausewitz devotes a significant amount of attention. Another area of interest for success in cyber warfare is defining the proper mix of joint Cyber Mission Forces (CMF) to fight and win the nation’s future wars (DOD Cyber Strategy). Clausewitz again provides valuable insights by analyzing the relationship between the branches of service in the context of battlefield efficacy. Some may contend that with the exponential proliferation of technology and non-state actors that Clauswitz and his theories lose relevance, and this may apply in the context of legacy, kinetic-based warfare. However, Clausewitz will continue to influence future generations of American military practitioners simply from the standpoint that his theories remain rooted in the very nature of warfare. Additionally, nation-states and non-state actors will continue to operate across the cyber domain, where the changing definitions of terms such as “lethality” and “magnitude” are factors in a new form of warfare. MORE

Thank You Very Much, Mr. Robot

July 27, 2015 — Recent headlines provide a virtually unlimited source of material for Hollywood’s latest trend: the cyber-thriller. From the paranoia-fueled Person of Interest, to the widely-panned CSI:Cyber, these shows attract a huge audience and often inform a significant segment of the population on all things technical. They also, as discussed in a previous Cyber Defense Review post, have the potential to educate users about the risks of information security on a very large scale. USA Networks’ newest cyberpunk thriller, Mr. Robot is one of the newest entrants into the fray. The show has already received rave reviews, not only for its immersive and dark tone, but also for its unusual technical accuracy. MORE

A Cyber Discussion

July 17, 2015 — In 1920, the then CPT Dwight Eisenhower wrote an article, titled “Tank Discussion”, for the United States Infantry Association’s Infantry Journal championing the integration of motorization (particularly tanks) into combat arms maneuver. As a member of the minority, his faith in the potential of motorization and the tank resulted in intense scrutiny from the Infantry establishment, which almost ended his career early. Undoubtedly, the tank later proved critical to the Army’s success in WWII. The Strategic Initiatives Group at the Army Cyber Institute conducted a short experiment with the first three paragraphs of “A Tank Discussion”. We replaced occurence of “tank” with “cyber” and updated some language to modern terminology and context. The result is a remarkably relevant commentary given the current tensions in Army during the growth of the Cyber branch. MORE

Recruiting Cyber Warriors: Let’s Not Rush to Failure

July 2, 2015 — I have sat through many briefings and discussions on how the Army is short of Cyber warriors and how it will take extraordinary incentives and methods to fill the ranks. There are committees studying this issue and lots of discussion occurring. All of it is well intentioned and motivated by the perception of being behind schedule. However, I think some tactical patience is required and a pause taken to think critically about this issue before we make hasty decisions we may regret. MORE

An Emotional Response to Being One of the First Cadets to Branch Cyber

June 11, 2015 — I have been asked multiple times what my emotions were the night I learned that I would be branching cyber. The night was like any other branch night at West Point with all of the First Class cadets anxiously awaiting their fate as army officers. The only difference with this branch night as opposed to the previous decades of them was the inclusion of the new branch, Cyber, to the list of possibilities. I knew going into this night that there were roughly forty to fifty cadets that were competing for Army Cyber slots. All of us had put in work through a selection process known as the Cyber Leader Development Program in which our talents, experiences and skills were assessed by a mentor. I thought my chances were decent because I had put hours into my application packet and had done everything I had been asked to do. I knew I would branch either Army Signal or Army Cyber. My grandpa had been an officer in the Army Signal Corps so I had a historical connection to Army Signal, but my hope and dream was to branch Army Cyber. MORE

Implications of Quantum Information Processing On Military Operations

May 29, 2015 — This paper discusses the benefits and drawbacks of quantum computing and quantum cryptography, subsets of the field of Quantum Information Processing (QIP). This field uses quantum mechanics for information processing rather than classical mechanics and portends game-changing implications to technologies long-relied on by military organizations, including computing, communication, and cryptographic systems. Quantum information processing may provide advantageous to Army operations in two areas: massive parallel processing and secure key distribution. Quantum mechanics allows a single quantum computer to compute as dozens or even hundreds of classical computers, known as ‘quantum parallelism.’ This is leading to a new paradigm in computing as these computers undermine current cryptographic systems. Continuing work in other families of cryptographic systems shows promise for being unaffected by quantum processing and quantum mechanics allows for the creation and distribution of completely secret keys. This solution may require fielding a new generation of cryptographic hardware systems throughout the Army. Quantum parallelism applies to data searching, providing a polynomial speed-up for searching large databases, such as cloud storage, personnel systems, or intelligence repositories. “If a quantum computer is ever built, much of conventional cryptography will fall apart!” (Giles Brassard, 1984) MORE

Urban Warfare and Lessons Learned for Cyber Operations: Developing a New Tactical Approach

May 11, 2015 — What is it like to fight in cyberspace? Almost every paper regarding cyberwarfare depicts a battlefield, wild and open, where “cyberwarriors” move like a hunting pack; smart, sharp and agile. Reality is obviously far from that. Thus, the digital battle is usually compared to what happens in real life and the strategic approach of cyberspace stresses the parallel with the open spaces and naval theories. It may seem relevant up to a certain point, but at the tactical level, we surely have to change our mind, and start to think “outside the box”. MORE

The New 2015 DoD Cyber Strategy – General Alexander Was Right

May 5, 2015 — The reports on the new Department of Defense (DoD) Cyber Strategy were typical; each highlighted what was put in or left out of the document in accordance to what their authors wanted to report. On the whole they hit the mark in pointing out that this 2015 cyber strategy was more transparent, emphasized deterrence and innovation, and that DoD would partner for a “whole of government approach.” Presumably this is what the DoD, and this Administration, wanted. MORE

Active Defense: Security Operations Evolved

May 1, 2015 — Fighting evil consistently requires you to proactively investigate it, hunt it down, and kick in the door where you find it. Organizations must evolve their security operations to hunt intruders and either eradicate them from the network or confirm that they were not there in the first place. By integrating timely threat intelligence, security practitioners can deploy an active defense specifically targeted at critical resources rather than focusing on the outer perimeter. Defenders will improve their effectiveness, and attackers will seek out softer targets. The term “Active Defense” has been used, abused, and misconstrued. Learn how to expose your cyber enemies and eradicate them from your network by leveraging anomaly analysis, active hunting, cyber-recon by fire, and clear-and-hold missions. We’ll discuss these and other tactics to show why the best defense is an active defense. MORE

1 2 3 4 5 6 7 8

Comment Disclaimer

If you wish to comment on any of the posted articles, please use the comment box provided below the individual article. The Army Cyber Institute (ACI) reserves the right to modify this policy at any time.

This is a moderated forum. This means that all articles are subject to review. In addition, we expect that the participants will treat each other, as well as our agency and our employees, with respect. We will not post and will remove any comments that contain abusive or vulgar language, spam, hate speech, personal attacks, violate EEO policy, are offensive to others or similar content. We will not post and will remove comments that are spam, clearly "off topic", promote services or products, infringe on copyright protected material, or contain any links that don't contribute to the discussion. Comments that make unsupported accusations will not be posted and will be removed. The ACI and the ACI alone will make a determination as to which comments will be posted and/or removed. Any references to commercial entities, products, services, or other non-governmental organizations or individuals that remain on the site are provided solely for the information of the individuals using the Cyber Defense Review site. These references are not intended to reflect the opinion of the ACI, the Army, the Department of Defense (DoD), its officers, or employees concerning the significance, priority, or the importance to be given the referenced entity, product, service, or organization. Such references are not an official or personal endorsement of any product, person, or service, and may not be quoted or reproduced for the purpose of stating or implying ACI, Army, or DoD endorsement or approval of any product, person, or service.

Any comments that report criminal activity including: suicidal behavior or sexual assault will be reported to the appropriate authorities. This forum is not:
- To be used to report criminal activity. If you have information for law enforcement, please contact your local police agency.
- Do not submit unsolicited proposals or other business ideas or inquiries to this forum. This site is not to be used for contracting or commercial business.
- This forum may not be used for the submission of any claim, demand, informal or formal complaint, or any other form of legal and/or administrative notice or process, or for the exhaustion of any legal and/or administrative remedy.

The ACI does not guarantee or warrant that any information posted by individuals on this forum is correct, and disclaims any liability for any loss or damage resulting from reliance on any such information. The ACI may not be able to verify, does not warrant or guarantee, and assumes no liability for anything posted on this website by any other person. The ACI does not endorse, support, or otherwise promote any private or commercial entity or the information, products or services contained on those websites that may be reached through links on the Cyber Defense Review website. 

Members of the media are asked to send questions to the public affairs office through normal channels and to refrain from submitting questions here as comments. Reporter questions will not be posted and may be removed at the discretion of the ACI. We recognize that the web is a 24x7 medium and your comments are welcome at any time. However, given the need to manage federal resources, moderating, posting, and removal of comments will occur during normal business hours Monday through Friday. Comments submitted after hours or on weekends will be reviewed and posted or removed as early as possible; in most cases, this means the next business day.

For the benefit of robust discussion, we ask that comments remain "on-topic". This means that comments will be reviewed and posted only as it related to the topic that is being discussed within the blog post and "off-topic" posts may be removed. The views expressed on the site by non-federal commentators do not necessarily reflect the official views of the ACI, the Department of the Army, the Department of Defense, or the Federal Government.