An official website of the United States government
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

The Cyber Defense Review

Articles

1 ... 19 20 21 22 23 24 25 26 27 28 ... 40

Cyber Attribution: Can a New Institution Achieve Transnational Credibility?

April 30, 2019 — After the United States blamed China for the Office of Personnel Management intrusion in 2015, China called speculation on their involvement neither “responsible nor scientific.” [1] They subsequently suggested it was “imperative to stop groundless accusations, [and] step up consultations to formulate an international code of conduct...” [2] The US-China exchange raises a critical question: what qualifies as “groundless accusations,” and what would “responsible and scientific” attribution of nation-state sponsored attacks look like? The incident raises another question as well: what is the current US process for attribution, and is it achieving its aims? This paper argues that authoritative attribution of cyberattacks to nation-state actors requires more than purely technical solutions. MORE

Reshaping Intelligence Operations in the Cyberspace Domain

April 30, 2019 — Cyberspace has become the most active, contested, and congested of the warfighting domains. Both the new National Cyber Strategy and recent Department of Defense (DoD) Cyber Strategy describe an environment wrought with adversaries attempting to gain a military, political, and economic advantage over the United States (US). [1] Given the pace of operations and the rate of change in the environment, new ways of operating develop at a rapid pace. Although DoD has published Joint Publication (JP) 3-12 (Cyberspace Operations) that provides a foundation for understanding cyberspace and operations therein, the Army and Joint Force have a great opportunity (and requirement) to reflect the complexity and fluidity in this new domain and to more fully describe the level of conceptual and practical convergence between the land (physical), human, and cyberspace domains. The Army and Joint Force have the capacity to understand and detail these changes in the land and cyber domains and have the innovative leadership we need to integrate this convergence into our discussions, debates, concepts, and doctrine. The changes involved with the technology and the extent to which cyberspace is impacting the land and human terrain are significant even today. DoD must be bold and innovative to stay ahead of the threat and to take advantage of the potential that exists. MORE

Modelling the Cognitive Work of Cyber Protection Teams

April 30, 2019 — Cyber Protection Teams (CPTs) defend our Nation’s critical military networks. While Cyber Security Service Providers are responsible for the continuous monitoring and vulnerability patching of networks, CPTs perform threat-oriented missions to defeat adversaries within and through cyberspace. The research we report here provides a descriptive workflow of cyber defense in CPTs as well as a prescriptive work model that all CPTs should be capable of executing. This paper describes how these models were developed and used to assess technologies and performance of CPTs. Such models offer a variety of benefits to practitioner and research communities, particularly when the domain of practice is closed to most researchers. This project demonstrates the need for continual curation of CPT work models as well as the need for models of work for the other types of cyber teams (i.e. Mission and Support) in the Cyber Mission Force. MORE

Code Girls: The Untold Story of the American Women Code Breakers of World War II

April 30, 2019 — In Code Girls, Liza Mundy explores the previously untold story, and largely unrecognized contributions, of the first women to officially serve as part of World War II US intelligence code-breaking efforts. At approximately 11,000, these women comprised more than fifty percent of the 20,000 workers. Based on voluminous research from the National Cryptologic Museum and the National Archives, Mundy brings to life these civilian and military women’s stories as they decrypted messages from the enemy Axis Powers, thereby significantly advancing the Allied war effort. MORE

The Cyber Defense Review: The Importance of Partnerships in the Cyber Domain

April 30, 2019 — Welcome to another provocative edition of the CDR, which explores the importance of partnerships in the cyber environment. Crucial to the success and growth of the Army Cyber Institute (ACI) is the development of impactful partnerships. We are most proud of our special relationship and partnership with the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia. The NATO CCDCOE is a global thought leader in the discussion and advancement of critical cyber issues—technology, strategy, operations, and law. Each year NATO CCDCOE hosts their prestigious International Conference on Cyber Conflict (CyCon) in Tallinn. This year’s CyCon conference theme of “Silent Battle” seeks to foster a conversation on topics such as vulnerabilities, exploitations and patches, threat detection and attribution, and situational awareness to wage this ‘silent battle.’ The ACI will support this magnificent event with speakers, West Point cadet participation, and distribution of the Spring CDR to all attendees. We at the ACI believe that operational success in the cyber domain derives from the development and evolution of strategic partnerships. We are excited that the CDR facilitates impactful partnerships and is at the fulcrum of the global cyber conversation. MORE

Disinformation – Дезинформация (Dezinformatsiya)

December 20, 2018 — Disinformation is defined by Merriam-Webster as “false information deliberately and often covertly spread (as by the planting of rumors) in order to influence public opinion or obscure the truth.” [1] The word disinformation did not appear in English dictionaries until the 1980s. Its origins, however, can be traced back as early as the 1920s when Russia began using the word in connection with a special disinformation office whose purpose was to disseminate “false information with the intention to deceive public opinion.” [2] MORE

Operationalizing the Information Environment: Lessons Learned from Cyber Integration in the USCENTCOM AOR

December 20, 2018 — From Joint Publication (JP) 3-13, the Information Environment (IE) is defined as “an aggregate of individuals, organizations, and systems that collect, process, disseminate, or act on information.” It is within this environment that our adversaries have engaged us persistently below a threshold that could trigger a kinetic response. Within the IE, MORE

Book Review: On Cyber: Towards an Operational Art for Cyber Conflict

December 18, 2018 — The core of Conti and Raymond’s On Cyber: Towards an Operational Art for Cyber Conflict is found in the preface under the self-explanatory title, “Why this book?” and embedded in the following sentence: “The lack of an operational art for cyberspace operations is the inspiration for this book.” Conti and Raymond have identified a wide and open gap in the cyber literature, found not in the cyber hinterlands, but in the pivotal question of, “how do you do cyber operations?” We are now about 20 years into cyber – 20 years ago, cyber defense and cyber operations were all but unknown, and had less than a few references in the now-defunct Alta Vista search engine – and, discussions within the cyber community still occur mainly at the strategic and conceptual level, or at the purely tactical level. The larger policy debate is driven by a non-technical community, and the tactical level quickly becomes highly technical as a subset of computer science. MORE

Supremacy by Accelerated Warfare through the Comprehension Barrier and Beyond: Reaching the Zero Domain and Cyberspace Singularity

December 18, 2018 — “In The Land Of The Blind, The One-Eyed Man Is King.” Erasmus Of Rotterdam, 16TH Century INTRODUCTION It is questionable and even unlikely that cyber supremacy could be reached by overwhelming capabilities manifested by stacking more technical capacity and adding attack vectors. The alternative is to use time as the vehicle to supremacy by accelerating the engagements’ velocity beyond the enemy’s ability to target and precisely execute and comprehend the events as they unfold. The space created beyond the adversary’s comprehension is called the Zero Domain. Military strategists traditionally see the battle space as land, sea, air, space, and cyber domains. When fighting a battle beyond the adversary’s comprehension, the conflict occurs in the Zero Domain, not in a traditional warfighting domain. MORE

Cultivating Technology Innovation for Cyberspace Operations

December 18, 2018 — Pursuit of innovation need not require big bets on uncertain futures….[Organizations] can succeed … by harnessing the past in powerful ways” [1].Our Nation and our allies are fighting a Cyber Cold War against multiple capable adversaries. [2] Like the original Cold War, we have lost ground in the first decade by failing to acknowledge the breadth and sophistication of our adversaries’ actions. While recent hacks of financial and political institutions have drawn significant attention, some of the most disturbing intrusions have been directed at military and nuclear industries.Sadly, these cyber-attacks have been met with general inaction. Widespread Russian cyber-attacks in Ukraine [3] set the conditions for an invasion that was generally described as a separatist movement. [4] The most recent National Security Strategy emphasizes the gravity of China and Russia’s information operations. [5] Unfortunately, disinformations own about and through cyberspace attacks has resulted in domestic squabbling that has limited our ability to govern effectively, let alone mount an effective response. MORE

1 ... 19 20 21 22 23 24 25 26 27 28 ... 40