Cyber Defense Review


1 2 3 4 5 6 7 8 9 10 ... 15

U.S. Special Operations Forces in Cyberspace

August 1, 2018 — Cyberspace is a human space, as dynamic and uncertain as human nature. No longer simply a technical abstraction or man-made domain unto itself, [1]cyberspace is a growing facet of every-day life that increasingly cuts across all aspects of Special Operations. Cyber is a dynamic space, a global commons of human practice, which embodies the actions, behaviors, and decisions of man.Cyber is also an uncertain space; and although, its future impact to our national security is yet to be determined, it is clearly a space where United States Special Operations Forces (USSOF) have an increasing role in shaping the final outcome. Ultimately,cyber is a human enterprise which empowers and entangles countless global interactions,[2] and is rapidly becoming a preeminent space where human conflicts, and thus USSOF, must play a part. MORE

Bring on the Cyber Attacks – The increased predatory power of the restrained red queen in a nationstate cyber conflict

August 1, 2018 — The militarized and contested Internet with a multitude of state-sponsored cyberattacks can generate an evolutionary process when the targeted nation is strengthened by the abundance of information it receives from the attacks.When the targeted nation restrains from retaliating against the attacking adversarial state its systems are perfected, meanwhile the attacking state is denied the feedback needed to stay current and pose a long-term threat. The targeted nation has increased its potential to go from prey to predator, when the accrued knowledge far exceeds the attacker, and the game has changed. The targeted nation can then strike back far superior on the initial attacker compared to the initial attacker’s first moves. In contrast to the Red Queen hypothesis, our Restrained Red Queen model illustrates the adaptive advantage of a targeted nation that decides to selectively counterstrike its aggressor. The reticent targeted nation has benefited from restraining to counter-strike and increases its own survivability by embracing the initial attacks as information that can be converted to superiority over time. MORE

Attacking Cyber: Increasing resilience and protecting mission essential capabilities in cyberspace

August 1, 2018 — We are entering a new era of evolving threats, advancing technologies, and reduced resources. Adversaries continue to exploit weaknesses within interconnected systems, such as the Enterprise Resource Planning solutions that now power the Army’s daily operations through the aggregation and analysis of vast amounts of data, sometimes from dozens of sources. Each of these sources brings its own level of threat and vulnerability, leading to an incredibly complex environment ripe for exploitation. Despite these challenges, Army Materiel Command (AMC) is employing an aggressive cyber strategy to ensure our resilience within an increasingly congested and contested domain. MORE

Engaging Security and Intelligence Practitioners in the Emerging Cyber Regime Complex

August 1, 2018 — Security and intelligence practitioners are rapidly expanding their cyber capabilities to accomplish their core missions of warfighting, ensuring homeland security and advancing national security interests. However, their efforts also have significant implications for a large and expanding array of other actors, rules and institutions at both the domestic and global levels. This article discusses the emerging global regime complex for cyber issues, highlighting contemporary rule-making challenges and the potential for international conflict over the nature of the cyber regime complex. It then demonstrates the importance and the difficulty of engaging security and intelligence practitioners more closely with these processes of global rule-making, and argues that such efforts must begin at the cultural and attitudinal levels within the broader intelligence and defense communities. The article concludes by advancing modest recommendations for next steps in ensuring the engagement of security and intelligence practitioners with the global cyber regime complex. MORE

Cyber Education via Mathematical Education

August 1, 2018 — Cyber is more than programming 1s and 0s, it is an interdisciplinary domain that involves elements of many disciplines of science, engineering,and humanities. Understanding mathematics is critical to understanding the cyber domain. At the United States Military Academy (USMA), the Mathematical Sciences Department is contributing to cadets’ cyber education. The Military Academy CYBER Education Working Group produced initial thoughts on how to educate in this domain. [1] Using this construct, this article identifies the knowledge, skills, and attributes that are elements of USMA’s core mathematics,network science minor, or mathematics major. The intent is to help prepare future military officers for leadership roles in the cyber-affected world in three tiers: (1) what all officers should know, (2) what highly technical officers should know, and (3) what cyber leaders should know. [2] All officers should have a broad professional cognizance of cyber operations, while highly technical officers and cyber leaders could benefit from a more in-depth understanding of mathematics relative to cyberspace. MORE

Darknet Mining and Game Theory for Enhanced Cyber Threat Intelligence

August 1, 2018 — Due to a recent increase in popularity, Darknet hacker marketplaces and forums now provide a rich source of cyber threat intelligence for security analysts. This paper offers background information on Darknet hacker communities and their value to the cybersecurity community before detailing an operational data-collection system that is currently gathering over 300 threat warnings per week, with a precision of around 90% (Nunes 2016). Additionally, we introduce a game theoretic framework designed to leverage the exploit data mined from the Darknet to provide system-specific policy recommendations. For the framework, we provide complexity results, provably near-optimal approximation algorithms, and evaluations on a dataset of real-world exploits. MORE

Special Operations Forces Truths - Cyber Truths

August 1, 2018 — The Special Operations Forces (SOF) Truths—humans are more important than hardware, quality is better than quantity, SOF cannot be mass produced,competent SOF cannot be created after emergencies occur, and most special operations require non-SOF assistance—have become tried-and-true guiding principles for the special operations community. [1] This article explains why and how the United States Army can repurpose SOF Truths to serve as guiding principles to recruit, resource, and train effective Cyber leaders, operators, organizations, and capabilities. This article provides the SOF Truths lineage and illustrates their relevance to the cyberspace domain so as to advocate for the incorporation of a set of Cyber Effects Truths for the Army’s contribution to the Joint Cyber Mission Force (CMF). MORE

Four Imperatives for Cybersecurity Success in the Digital Age: We Must Flip the Scales

August 1, 2018 — This first article in the series covers Imperative 1 for cybersecurity success in the digital age. Before I get to the details of the first imperative, allow me to provide some background and context for all four imperatives, and then I’ll provide an executive summary of the first imperative. MORE

Preparing for a Bad Day – The importance of public-private partnerships in keeping our institutions safe and secure

August 1, 2018 — Today’s cyber threat landscape is evolving at a rate that is extremely aggressive, and attacks are becoming more complex and targeted. Cyber criminals are growing increasingly more sophisticated and harder to predict, the number of connected devices is increasing exponentially, and the growing reliance on the cloud-based systems potentially opens up new attack surface for our cyber adversaries. These factors mean that today’s defense techniques and strategies will need to evolve with the threat in order to keep our institutions and information safe and secure. In today’s interconnected world, no single entity or organization has full visibility into the threats that exist, and the existence of partnerships, including between the public and private sectors, is extremely important and necessary in protecting us all. As a private institution, we recognize the need to, in a privacy protective manner, build strong relationships beginning with our internal teams and with our critical partners, such as government agencies, the military, and our business partners and clients, all working as a strong network to achieve the common goal of defending against bad cyber actors. MORE

Book Review: Cyber War

August 1, 2018 — This book takes a holistic view of the cyber world and how it pertains to the United States regarding capabilities, vulnerabilities, policy, and potential strategies. We, as student and instructor in a course entitled Networks for Cyber Operations used this book as one of our texts in the Spring semester of 2016. Author Richard Clarke uses his experience in dealing with nuclear weapons, and his role as a Special Advisor to the President for Cyber Security to explain how the world situation has changed to make cyberattacks a significant threat to the United States. Clarke and Knake do an excellent job of speaking to a general audience (from cyber novices to experienced cyber warriors and hackers). The authors introduce the subject by describing the Israeli cyberattack on Syria before the bombing of a nuclear facility in 2007. This book stays away from the technical aspects of cyberattacks, but provides detailed background information about the Internet and how digitization has created a new battlefield. MORE

1 2 3 4 5 6 7 8 9 10 ... 15