Cyber Defense Review

Recent Journal Articles

Disclaimer: The articles and other content which appear in the Cyber Defense Review are unofficial expressions of opinion. The views expressed are those of the contributing authors and do not reflect the official position of the United States Military Academy, Department of the Army, United States Marine Corps, Department of the Navy, or Department of Defense.

Recent Articles

1 2 3 4 5 6 7 8

Necessary Audacity: A Case for a U.S. Cyber Academy

March 30, 2017 — On March 21, 2017, Foreign Policy published an article by Dr. Mark Hagerott and Admiral (Ret.) James Stravridis entitled “Trump’s Big Defense Buildup Should Include a National Cyber Academy.” The authors recommended “the creation of something audaciously different but critical to winning the wars of the future: a U.S. cyber academy.” They explicitly endorse a national cyber service academy much like the US Military Academy (USMA), Naval Academy, and Air Force Academy. Their case is made from the historical perspective that service academies were formed in a time of need and crisis for the nation and its military services. The authors see a similar requirement in cyber operations in today’s unsettled world. They also advocate for a similar model of service academy recruitment with a broad-based education and 5-year commitment. The one difference would be the parent organization would be the Department of Homeland Security and not the Department of Defense as is the case for the current service academies. I am teaching a course to cadets at USMA entitled “Networks for Cyber Operations”, and had my senior-year cadets read and discuss the Foreign Policy article in class. We had a lively discussion, where the cadets presented many ideas about the why, how, when, and what of this proposal. I hope they comment on this post so you can read some of their ideas. I must admit that in addition to providing needed talent and skills to the Army’s operational units, I have wanted the recent establishment of a cyber branch to give the Army culture a boost in intellectual and technical perspective. Currently, USMA can produce 15 graduates... MORE

Cyberspace in Multi-Domain Battle

March 28, 2017 — For months, a nation state has covertly infiltrated a neighboring state’s critical networks while massing armored forces along its common border with a US ally. While the adversary prepares to launch a massive cyber-attack on its neighbor state, its tanks are readied to roll over the border. Nearby, a U.S. Division, engaged in an allied training exercise prepares to become the first line of defense against aggression. Unknown to the adversary, Allied and US forces have hardened their networks and at the first indication of aggression, have temporarily cut power to a nearby city to deceive the enemy. Simultaneously, a U.S. Navy warship fires an Electro Magnetic Pulse (EMP) missile at the adversary, disabling their electronic systems. Facing a numerically superior enemy, Allied forces, take advantage of the window of opportunity created by the EMP weapon to engage the crippled and confused enemy forces across multiple domains. MORE

Cyber (In)Security: Decision-Making Dynamics When Moving Out of Your Comfort Zone

March 21, 2017 — “Every assumption we hold, every claim, every assertion, every single one of them must be challenged.” — General Mark A. Milley, 39th Chief of Staff of the U.S. Army This paper focuses on how the dynamic speed of change and the compression of time in cybersecurity move individuals and organizations out of their comfort zones. This often results in forcing faulty decision-making generated by an enhanced dependence on untested assumptions. The counterbalance to this behavior begins by recognizing a key truism: within every decision lies an assumption. Equipping your cyber team with the mechanisms and tools to identify and properly challenge these assumptions drives better decision-making and new opportunities to successfully defend, attack, and adapt in the cyber battleground. Read the whole article... read more MORE

Joint Interagency Coordination: How Can the Reserve Component Be Better Utilized to Defend Our Nation in the Cyber Arena?

March 1, 2017 — In a time of constrained and reduced resources and to fortify the protection against the ever-increasing global cyber threats, the United States (US) must do more with less and better utilize its existing resources. The Reserve Components (RC) of the US military are filled with cyber expertise gained through civilian and military training as well as job experience. If the Department of Defense (DoD) can develop a program to better utilize the experience and skills resident in the Reserves, the US military can improve the nation’s cyber capabilities and better protect its networks. MORE

Countering Hybrid Threats in Cyberspace

February 15, 2017 — For almost two decades, cyberwar has posed various challenges to military organizations. Doctrine has hardly defined the scope of cyber activities and how military forces can act or react in that specific new battlefield. Highly technical by nature, the cyber defense mission was, at first, to counter major cyber threats, thus the focus was, and is, to protect critical infrastructures and networks. Building up a cyber force was, therefore, a move to militarize cybersecurity by transferring methodologies and skills. But the reality of cyber conflict undermines the idea of the unique technical roots of cyber warfare. Most of the strategists and military experts considered cyberwarfare as a force multiplier in the global reshaping of the military affairs. Preparing for a “cyber Pearl Harbor” we have missed the overall picture where State and non-State actors use cyber tools to conduct their global information war. This paper proposes a broad overview of the concept of hybrid threat and how it applies in cyberspace. Built to counter a major cyberattack against our National Critical Infrastructure (NCI), most of the cyber forces are not well adapted to face the guerilla style warfare imposed by our adversaries. Based on recent lessons learned, this paper enlightens the challenges and opportunities of countering hybrid threats in cyberspace. MORE

WarTV: A Future Vision for a Common Operating Picture

December 28, 2016 — 1 MAY 2011 – ABBOTTABAD, PAKISTAN – Abbottabad, Pakistan is less than a two-hour drive from the capital city of Islamabad and 3.1 miles from the Pakistan Military Academy to the southwest. In relative terms, Abbottabad is a much less busy place than Karachi, Pakistan, and is very attractive to tourists and those seeking higher education for their children. Despite Abbottabad’s relative inactivity compared to the bustling Karachi, there were signs of digital life in 2011. MORE

After Twenty Years of Cyber – Still Unchartered Territory Ahead

December 28, 2016 — The general notion is that much of the core understanding of cyber is in place. I would like to challenge that perception. There are still vast territories of the cyber domain that need to be researched, structured and understood. I would like to use Winston Churchill’s words: “it is not the beginning of the end; it is maybe the end of the beginning.” In my opinion, the cyber journey is still in a very early stage. The cyber field has yet to mature, and the big building blocks for the future cyber environment are not yet in place. The Internet and networks that support it have increased dramatically over the last decade. Even if the growth of cyber might be stunning, the actual advances are not as impressive. MORE

Beyond Capabilities: Investigating China’s Military Strategy and Objectives in Cyberspace

December 3, 2016 — United States government officials and policymakers regularly warn that China will launch destructive cyberattacks against critical US civilian infrastructure, including electrical grids, water supply stations, and transportation networks. However, they base such predictions on analysis that emphasizes China’s cyberwarfare capabilities, while ignoring the country’s cyberwarfare strategy and objectives. While China may possess the capacity to carry out devastating cyberattacks, does the country want to? Accurately predicting Chinese cyberattacks requires a holistic analysis that considers not just China’s capabilities, but its strategy and objectives as well. This paper relies on military reports and academic articles produced by senior PLA officials to uncover, organize, and ultimately distill Chinese cyberwarfare strategies and objectives. In addition, secondary analysis conducted by Western military experts on China and intelligence gathered by the US government help identity key trends and anomalies found in the primary sources. These documents reveal a Chinese cyberwarfare strategy that calls for cyberattacks to be used during military conflicts in a preemptive manner to disrupt enemy logistics and communications networks. The strategy does not call for the destruction of civilian infrastructure during peacetime. Framing China’s cybersecurity threat within a broader context of strategy and objectives emphasizes that the country may not be the most likely perpetrator of future destructive cyberattacks. This discovery has significant implications for current US national security policy, which is heavily focused on confronting a major Chinese cyberattack. MORE

The Increasing Necessity for a United States Cyber Service

November 21, 2016 — Conducting cyber warfare is cheap and easy.[1] It affords anyone from individual hackers to nation-state actors the ability to wage destructive acts against the United States.[2] In 2009, the Secretary of Defense directed the Commander of U.S. Strategic Command to establish a sub-unified command, U.S. Cyber Command (USCYBERCOM), to prepare the Department of Defense (DoD) for the integration of offensive and defensive cyberspace operations.[3] Due to the constant rate of change in cyberspace, USCYBERCOM has experienced challenges integrating joint force cyber components. A quick examination of the US cyber force organizational chart demonstrates how complex the relationships are between service components and outside agencies. These organizational intricacies have led Admiral Michael Rogers, National Security Agency (NSA) Director and Commander of USCYBERCOM, to ask “is cyber so different, so specialized, so unique, so not well understood that it requires a very centralized, focused, unique construct to how we generate capacity and knowledge?”[4] While still heavily debated, many US government officials believe the existing organizational structure best meets current DoD requirements. However, there is an increasing necessity to transform the joint cyber construct into a stand-alone military service branch or similar entity that is separate from, yet integrated into the other military service branches. This necessity is based on cyberspace operations occurring in a separate operational domain, requiring a different organizational composition than traditional service branches, and hampered by the current joint cyber construct. MORE

Army Tactical Network Quality of Service and Graceful Degradation Concept

November 15, 2016 — The Army tactical network(s) currently comprise multiple, individually federated, transport mechanisms. Almost all warfighting functions, in addition to other specialized services (e.g. medical), maintain a dedicated network communication infrastructure. While this does provide some redundancy[i], it also impedes collaboration and data sharing, as well as greatly increases complexity and Cost, Size, Weight and Power (SWaP) requirements across all tactical echelons. The U.S. Army Cyber Center of Excellence has recently introduced a plan to converge these Command Post (CP) network architectures, promoting the concept of a single transport layer as a means to increase efficiency and enable the sharing of data across all mission functions. Achieving this degree of integration has numerous challenges. This article will focus on just one – critical information delivery assurance. Given that within this network model, all data must share a single finite capacity communication transport layer, how do we ensure that critical information is provided some assurance of guaranteed delivery and responsiveness? To achieve this, we make the case that a converged tactical network must support a comprehensive Quality of Service (QoS) implementation as well as graceful degradation mechanisms. MORE

1 2 3 4 5 6 7 8