Cyber Defense Review

Recent Articles

1 2 3 4 5 6 7 8

ISIS: The Sound and Fury

April 28, 2015 — Recently, a group claiming association with ISIS called the “Cyber Caliphate” began a campaign of online vandalism by announcing that they hacked several government accounts, seized sensitive documents and was actively monitoring U.S. troop movement.[1] But does their recent attention mean that an ISIS-sponsored cyber-attack is imminent? No – far more likely is these account managers fell victim to less technical attacks such as phishing emails, or perhaps had a password in the 25 most popular passwords list. The most noteworthy episode occurred with the hijacking of the U.S. Central Command’s (CENTCOM) Twitter account. Purporting that they had ‘hacked’ CENTCOM, ISIS sympathizers changed the military organization’s banner to that of a masked ISIS member. MORE

Why CSI: Cyber Matters

April 7, 2015 — CSI: Cyber is getting beat-up by the information security community and at first we went along for the ride.  You have to admit it is fun to play cyber bingo, live tweet during the show, or critique the technical inconsistencies, but there is something more here, something very important.  The security community has long fought an uphill and losing MORE

Organized Cyber Crime: Comparison of Criminal Groups in Cyberspace

April 7, 2015 — Technology has provided ease in accessing media, financial markets, and global communication. Society and criminals have benefited from these same developments in technology, causing an increase in cyber-criminal activity. In 2014, McAfee estimated that the cost of global cybercrime is 0.8% of global GDP;[1] making cyber crime a national and international security threat. The Russians, Nigerians, Ghanaians, and Chinese are some of the best-known cyber criminals, and while groups use similar tactics, their motivations, organizational structures, and culture differ. In analyzing why individuals and organized criminal groups participate in cyber crime, and the culture and history behind the groups policy makers and the international community can make more personalized approaches in combating transnational cyber crime. Right now there are many difficulties in combating cyber crime including attribution, lack of international cooperation, and limited resources in law enforcement. Cyber crime is becoming accepted as the ‘cost’ of doing business online, with stakeholders underestimating the impact it has on security, economy, and innovation. Unless the barriers to entry and cost for cyber criminals is raised, cyber crime will continue to threat international security, economic growth, and technological innovation. MORE

Tinker Maker Solder Try: Promoting a Culture of Innovation in the Cyber Branch

February 23, 2015 — Tinker As a child, I loved when birthday time came around. Not only mine, mind you – but also my brother’s. Whenever he received a shiny new radio-controlled car, it meant an afternoon full of disassembly and exploration was in my future. I took a certain delight in tinkering, hacking, and repurposing all kinds of materials, often to the chagrin of my younger sibling. In the same way that my childhood hero, Angus MacGyver, saw the ordinary paperclip as the life-saving ingredient to a just-in-time solution, I envisioned the fantastic lives that regular household materials could live. This insatiable hunger to find out what’s inside has undoubtedly driven me to my current career path as a Cyber Officer. While there was no path becoming a Cyber Officer when I first joined the military, I believe my interests in technical exploration positioned me well to join the Army’s newest branch. While the Army is placing significant resources into growing Cyber-related career fields by refining doctrine and funding excellent training opportunities, it’s also important for the service and its prospective technical leaders to leverage the well-established community of hobbyists known as makers. MORE

Shaping the Army’s Cyber Operations Force: the Human Dimension

February 12, 2015 — By declaring cyberspace an operational domain, the Department of Defense (DoD) acknowledged the criticality for successfully projecting combat power in the domain,[1] and therefore directed all services to create a component command subordinate to U.S. Cyber Command (USCYBERCOM).[2] Since the declaration of this entirely new operational domain, the Army has faced significant challenges such as determining the force structure requirements, capabilities, and the skills required of its cyberspace operators. In order to build a force capable of operating in cyberspace, the Army must determine how to recruit, assess, train, and retain those with the required talent. However, the Army is not the only organization seeking individuals with the ability to operate in cyberspace and it is widely recognized that there is a small talent pool from which to recruit. According to a recent Rand Institute Report, there already exists a shortage of qualified personnel in general, and that problem is exacerbated within the federal government. Such a dearth of talent potentially undermines the nation’s security in cyberspace.[3] MORE

Paradoxes of (Cyber) Counterinsurgency

February 9, 2015 — The U.S. Army’s Field Manual 3-24, Counterinsurgency, broke the mold for Army doctrine, providing insights into counterinsurgency operations that were largely unknown to U.S. military professionals and offering techniques that could be applied at both the operational and tactical levels to improve local conditions. The manual also highlighted the complex nature of counterinsurgency operations, providing a list of paradoxes, or seemingly contradictory truths, that highlight the difficulties inherent in this type of military operation. Many parallels can be drawn between counterinsurgency and cyber operations, and practitioners of both face challenges even more complex than those encountered in more traditional, kinetic military operations. Herein we provide a list of cyber paradoxes in the spirit of the counterinsurgency paradoxes given in FM 3-24. Through these paradoxes, we hope to highlight the inherent complexity of cyber operations and provide insights to those who hope to be successful in this new operational domain. MORE

A Year of Cyber Professional Development

January 23, 2015 — The nation that will insist upon drawing a broad line of demarcation between the fighting man and the thinking man is liable to find its fighting done by fools and its thinking by cowards. – Sir William Francis Butler, 19th-century British Lieutenant General After more than a decade at war, the Army is not the same institution that I joined before the 9/11 terrorist attacks. Traditions that bound generations of service members together have been forgotten and institutional knowledge has vanished. The development of leaders in a fiscally constrained environment is one of the key skills that has been lost. With military budgets shrinking now, the art of developing leaders prepared to handle diverse situations seems a daunting challenge. We have relied on mobile training teams, scripted rotations in the box[1], and deployments in sustained bases to train Soldiers and Leaders to handle typical scenarios. All of which incur expenses that are no longer sustainable, while none of them truly focus on stretching leaders’ skills and capabilities to handle the unknown. MORE

Broadening Opportunities for Cyber Officers

January 23, 2015 — In a recent trip to Aberdeen Proving Ground, MD, members of the Army Cyber Institute (ACI) visited the Communication-Electronics Research, Development and Engineering Center (CERDEC) of the US Army’s Research, Development and Engineering Command (RDECOM). Led by Director Henry Muller’s, CERDEC’s six directorates support its mission to develop engineering technology solutions for America’s Soldiers. On this particular visit, the ACI met with Mr. Kevin Boyle, Chief Technology Officer of the Intelligence and Information Warfare Directorate (I2WD) and Dr. Paul Zablocky, Director of the Space and Terrestrial Communications Directorate (STCD). The visit included not only command briefs from senior leaders of their respective organizations, but also tours of several of CERDEC’s labs and facilities. The ACI discovered some great opportunities for collaboration with these very talented Civilian Engineers, Scientists and Technicians. MORE

1 2 3 4 5 6 7 8

Comment Disclaimer

If you wish to comment on any of the posted articles, please use the comment box provided below the individual article. The Army Cyber Institute (ACI) reserves the right to modify this policy at any time.

This is a moderated forum. This means that all articles are subject to review. In addition, we expect that the participants will treat each other, as well as our agency and our employees, with respect. We will not post and will remove any comments that contain abusive or vulgar language, spam, hate speech, personal attacks, violate EEO policy, are offensive to others or similar content. We will not post and will remove comments that are spam, clearly "off topic", promote services or products, infringe on copyright protected material, or contain any links that don't contribute to the discussion. Comments that make unsupported accusations will not be posted and will be removed. The ACI and the ACI alone will make a determination as to which comments will be posted and/or removed. Any references to commercial entities, products, services, or other non-governmental organizations or individuals that remain on the site are provided solely for the information of the individuals using the Cyber Defense Review site. These references are not intended to reflect the opinion of the ACI, the Army, the Department of Defense (DoD), its officers, or employees concerning the significance, priority, or the importance to be given the referenced entity, product, service, or organization. Such references are not an official or personal endorsement of any product, person, or service, and may not be quoted or reproduced for the purpose of stating or implying ACI, Army, or DoD endorsement or approval of any product, person, or service.

Any comments that report criminal activity including: suicidal behavior or sexual assault will be reported to the appropriate authorities. This forum is not:
- To be used to report criminal activity. If you have information for law enforcement, please contact your local police agency.
- Do not submit unsolicited proposals or other business ideas or inquiries to this forum. This site is not to be used for contracting or commercial business.
- This forum may not be used for the submission of any claim, demand, informal or formal complaint, or any other form of legal and/or administrative notice or process, or for the exhaustion of any legal and/or administrative remedy.

The ACI does not guarantee or warrant that any information posted by individuals on this forum is correct, and disclaims any liability for any loss or damage resulting from reliance on any such information. The ACI may not be able to verify, does not warrant or guarantee, and assumes no liability for anything posted on this website by any other person. The ACI does not endorse, support, or otherwise promote any private or commercial entity or the information, products or services contained on those websites that may be reached through links on the Cyber Defense Review website. 

Members of the media are asked to send questions to the public affairs office through normal channels and to refrain from submitting questions here as comments. Reporter questions will not be posted and may be removed at the discretion of the ACI. We recognize that the web is a 24x7 medium and your comments are welcome at any time. However, given the need to manage federal resources, moderating, posting, and removal of comments will occur during normal business hours Monday through Friday. Comments submitted after hours or on weekends will be reviewed and posted or removed as early as possible; in most cases, this means the next business day.

For the benefit of robust discussion, we ask that comments remain "on-topic". This means that comments will be reviewed and posted only as it related to the topic that is being discussed within the blog post and "off-topic" posts may be removed. The views expressed on the site by non-federal commentators do not necessarily reflect the official views of the ACI, the Department of the Army, the Department of Defense, or the Federal Government.