April 30, 2019 — A Campaign of Experimentation is necessary for the United States to achieve a robust capability in cyber defensive and offensive operations, that is effectively and efficiently integrated with operations in cyber-kinetic domains. The article describes challenges for such a Campaign, regarding experimental design, logistics, measurement, and methodology. The campaign concept In a report titled “Code of Best Practice: Experimentation,” David Alberts and Richard Hayes [1] asserted: Experimentation is the lynch pin in the DoD’s strategy for transformation. Without a properly focused, well-balanced, rigorously designed, and expertly conducted program of experimentation, the DoD will not be able to take full advantage of the opportunities that Information Age concepts and technologies offer. MORE
|
April 30, 2019 — Cyberspace represents a new domain of warfare unlike any other in military history. Cyberwarfare practitioners be they state actors, non-state actors or individual hackers, are capable of tremendous–and readily deniable–damage to an opponent’s civil or military infrastructure. While recent events have focused upon the Islamic State’s ability to use the Internet for recruiting purposes, the real danger to the West comes from its two primary competitors. The Russian and Chinese governments are suspected of using the entire spectrum of cyber warfare as both a standalone capability as well as effectively incorporating it into the more traditional domains of war. MORE
|
April 30, 2019 — This paper presents an integration of decision-maker preferences, quantitative risk analysis, and simulation modeling to aid commanders in choosing a course of action (COA) for conducting offensive cyber operations (OCO). It incorporates information from subject matter experts (SMEs) to parameterize a simulation model which provides decision support to mission planners when evaluating different COAs. The methodology is exercised and evaluated by cyberwarfare practitioners. MORE
|
April 30, 2019 — After the United States blamed China for the Office of Personnel Management intrusion in 2015, China called speculation on their involvement neither “responsible nor scientific.” [1] They subsequently suggested it was “imperative to stop groundless accusations, [and] step up consultations to formulate an international code of conduct...” [2] The US-China exchange raises a critical question: what qualifies as “groundless accusations,” and what would “responsible and scientific” attribution of nation-state sponsored attacks look like? The incident raises another question as well: what is the current US process for attribution, and is it achieving its aims? This paper argues that authoritative attribution of cyberattacks to nation-state actors requires more than purely technical solutions. MORE
|
April 30, 2019 — Cyberspace has become the most active, contested, and congested of the warfighting domains. Both the new National Cyber Strategy and recent Department of Defense (DoD) Cyber Strategy describe an environment wrought with adversaries attempting to gain a military, political, and economic advantage over the United States (US). [1] Given the pace of operations and the rate of change in the environment, new ways of operating develop at a rapid pace. Although DoD has published Joint Publication (JP) 3-12 (Cyberspace Operations) that provides a foundation for understanding cyberspace and operations therein, the Army and Joint Force have a great opportunity (and requirement) to reflect the complexity and fluidity in this new domain and to more fully describe the level of conceptual and practical convergence between the land (physical), human, and cyberspace domains. The Army and Joint Force have the capacity to understand and detail these changes in the land and cyber domains and have the innovative leadership we need to integrate this convergence into our discussions, debates, concepts, and doctrine. The changes involved with the technology and the extent to which cyberspace is impacting the land and human terrain are significant even today. DoD must be bold and innovative to stay ahead of the threat and to take advantage of the potential that exists. MORE
|
April 30, 2019 — Cyber Protection Teams (CPTs) defend our Nation’s critical military networks. While Cyber Security Service Providers are responsible for the continuous monitoring and vulnerability patching of networks, CPTs perform threat-oriented missions to defeat adversaries within and through cyberspace. The research we report here provides a descriptive workflow of cyber defense in CPTs as well as a prescriptive work model that all CPTs should be capable of executing. This paper describes how these models were developed and used to assess technologies and performance of CPTs. Such models offer a variety of benefits to practitioner and research communities, particularly when the domain of practice is closed to most researchers. This project demonstrates the need for continual curation of CPT work models as well as the need for models of work for the other types of cyber teams (i.e. Mission and Support) in the Cyber Mission Force. MORE
|
April 30, 2019 — In Code Girls, Liza Mundy explores the previously untold story, and largely unrecognized contributions, of the first women to officially serve as part of World War II US intelligence code-breaking efforts. At approximately 11,000, these women comprised more than fifty percent of the 20,000 workers. Based on voluminous research from the National Cryptologic Museum and the National Archives, Mundy brings to life these civilian and military women’s stories as they decrypted messages from the enemy Axis Powers, thereby significantly advancing the Allied war effort. MORE
|
April 30, 2019 — Welcome to another provocative edition of the CDR, which explores the importance of partnerships in the cyber environment. Crucial to the success and growth of the Army Cyber Institute (ACI) is the development of impactful partnerships. We are most proud of our special relationship and partnership with the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia. The NATO CCDCOE is a global thought leader in the discussion and advancement of critical cyber issues—technology, strategy, operations, and law. Each year NATO CCDCOE hosts their prestigious International Conference on Cyber Conflict (CyCon) in Tallinn. This year’s CyCon conference theme of “Silent Battle” seeks to foster a conversation on topics such as vulnerabilities, exploitations and patches, threat detection and attribution, and situational awareness to wage this ‘silent battle.’ The ACI will support this magnificent event with speakers, West Point cadet participation, and distribution of the Spring CDR to all attendees. We at the ACI believe that operational success in the cyber domain derives from the development and evolution of strategic partnerships. We are excited that the CDR facilitates impactful partnerships and is at the fulcrum of the global cyber conversation. MORE
|
December 20, 2018 — Disinformation is defined by Merriam-Webster as “false information deliberately and often covertly spread (as by the planting of rumors) in order to influence public opinion or obscure the truth.” [1] The word disinformation did not appear in English dictionaries until the 1980s. Its origins, however, can be traced back as early as the 1920s when Russia began using the word in connection with a special disinformation office whose purpose was to disseminate “false information with the intention to deceive public opinion.” [2]
MORE
|
December 20, 2018 — From Joint Publication (JP) 3-13, the Information Environment (IE) is defined as “an aggregate of individuals, organizations, and systems that collect, process, disseminate, or act on information.” It is within this environment that our adversaries have engaged us persistently below a threshold that could trigger a kinetic response. Within the IE, MORE
|