August 1, 2018 — Due to a recent increase in popularity, Darknet hacker marketplaces and forums now provide a rich source of cyber threat intelligence for security analysts. This paper offers background information on Darknet hacker communities and their value to the cybersecurity community before detailing an operational data-collection system that is currently gathering over 300 threat warnings per week, with a precision of around 90% (Nunes 2016). Additionally, we introduce a game theoretic framework designed to leverage the exploit data mined from the Darknet to provide system-specific policy recommendations. For the framework, we provide complexity results, provably near-optimal approximation algorithms, and evaluations on a dataset of real-world exploits. MORE
|
August 1, 2018 — The Special Operations Forces (SOF) Truths—humans are more important than hardware, quality is better than quantity, SOF cannot be mass produced,competent SOF cannot be created after emergencies occur, and most special operations require non-SOF assistance—have become tried-and-true guiding principles for the special operations community. [1] This article explains why and how the United States Army can repurpose SOF Truths to serve as guiding principles to recruit, resource, and train effective Cyber leaders, operators, organizations, and capabilities. This article provides the SOF Truths lineage and illustrates their relevance to the cyberspace domain so as to advocate for the incorporation of a set of Cyber Effects Truths for the Army’s contribution to the Joint Cyber Mission Force (CMF).
MORE
|
August 1, 2018 — This first article in the series covers Imperative 1 for cybersecurity success in the digital age. Before I get to the details of the first imperative, allow me to provide some background and context for all four imperatives, and then I’ll provide an executive summary of the first imperative. MORE
|
August 1, 2018 — Today’s cyber threat landscape is evolving at a rate that is extremely aggressive, and attacks are becoming more complex and targeted. Cyber criminals are growing increasingly more sophisticated and harder to predict, the number of connected devices is increasing exponentially, and the growing reliance on the cloud-based systems potentially opens up new attack surface for our cyber adversaries. These factors mean that today’s defense techniques and strategies will need to evolve with the threat in order to keep our institutions and information safe and secure. In today’s interconnected world, no single entity or organization has full visibility into the threats that exist, and the existence of partnerships, including between the public and private sectors, is extremely important and necessary in protecting us all. As a private institution, we recognize the need to, in a privacy protective manner, build strong relationships beginning with our internal teams and with our critical partners, such as government agencies, the military, and our business partners and clients, all working as a strong network to achieve the common goal of defending against bad cyber actors. MORE
|
July 31, 2018 — Since 9/11, collaboration, on any subject touching national security, has increased and improved among U.S. Government departments and agencies. While this improvement is welcome, it nonetheless waxes and wanes with various leaders. Though a bit of a generalization, it is a recognized truth that leaders with previous ‘good experiences’ throughout the interagency champion collaboration and those with ‘bad experiences’ stifle collaboration. Those with negative experiences are content to allow the ‘small stuff’ (time to meet, time to build personal relationships, time for education, and minor expenditures for travel) to present insurmountable obstacles to collaboration. In the quickly changing environment of cyberspace, this cannot stand. Blowing through bureaucracy is an imperative to the development of effective strategies and subsequent plans and actions that counter adversarial cyber operations. The Department of Defense (DoD), with a rather large share of the budget and doctrine that defines planning and execution, should take a stand across the inter-agency cultural divide and drive results-based collaboration. To apply a relatable metaphor, DoD needs to achieve results faster than it took Army to halt Navy’s most recent football winning streak. National cybersecurity guidance mandates collaboration on many fronts, but does not speak to (nor should it) how to actually collaborate. Recent Congressional legislation guides and directs collaboration and reinforces this urgent need particularly in the cyber arena (e.g., Cyber Intelligence Sharing and Protection Act of 2016; Cybersecurity Enhancement Act of 2014; National Cybersecurity Protection Act of 2014; Federal Information Security Modernization Act of 2014, Cybersecurity National Action Plan of 2016, that supports and implements the Cyber Security Act of 2015). MORE
|
July 31, 2018 — Cyberspace is becoming bordered and moving away from westernized civil society control. Governments and major organizations are building a “Cyber Westphalia” of bordered national jurisdictions, forming in pieces across nations. Furthermore, the world has entered into the era of ‘cybered conflict’ among states and non-state organizations. As the centers of economic and demographic power move to Asia, rising non-westernized states are contesting the western notions of an unbordered, civil society led global cyberspace directly, as well as inevitably western control of the rest of the international economic system. That the challenge happened in less than a generation is, in large part, due to these western societies whose key actors were captured by a tri-part convergence during the formative ‘frontier era’ of cyberspace. Three cognitive frames guided western approaches to the growing global substrate: unrealistic optimism in early utopian cyber visions, security-blind IT capital goods business models, and western societies’ deeply institutionalized hubris about the permanency and moral superiority of their Cold War legacy control of the international system. Time is running out for scholars and practitioners to consider, debate, and consense on alternatives that can rescue some remnant of the free and open cyberspace created by the West for its own tolerant cultural preferences, transparent legal regimes, and comparative well-being. MORE
|
July 31, 2018 — Information communication technologies (ICTs) have become the foundation—both the bone marrow and connective tissue—of modern militaries. Satellites, precision guided munitions, nuclear launch systems, helicopters, and any number of other weapon platforms are reliant on ICTs for their operational capability and connectivity. No modern military can enter the battlespace without some reliance on cyberspace for their land, sea, air, space, or information operations. Moreover, the ‘battlespace’ is no longer reserved solely for ‘war time’. Cyberspace has blurred the lines between traditional conflict and peace, and states are finding themselves in a position of protracted, low-level conflict in the cyber realm. While this conflict often takes the form of cyber crime, cyber espionage or service disruption, the specter of a large-scale armed conflict conducted wholly or partially in cyberspace, continues to rise. [1] And while cybersecurity is not solely a defense challenge, the US military’s increasing reliance on cyberspace, alongside the growing array of cyber threats and vulnerabilities, has made securing this space and establishing a competitive advantage on the modern battlefield a leading priority for any military in the 21st century. MORE
|
July 31, 2018 — We are proud to introduce the inaugural print edition of The Cyber Defense Review (CDR). This quarterly journal will generate an intellectual multidisciplinary dialogue through thought provoking scholarly articles and essays on the strategic, operational, and tactical aspects of the cyber domain. The CDR will break down barriers and foster innovative solutions to global cybersecurity challenges. This inaugural CDR compiles perspectives from preeminent thinkers across the government, industry, and academia regarding potential challenges, impacts, and initiatives for consideration as we come to grips with cybersecurity. MORE
|
July 31, 2018 — There is a general principle driving the massive cybersecurity ecosystem that has flourished from the beginning: the necessary trade-off in balancing ease of deployment, the simplicity of operation, stability, and efficacy. While the entire ecosystem is predicated on constraints inherent in the foundational architecture, most in the defender community do not realize or understand what these are. Reliance on flawed fundamental assumptions from what worked years ago has led us to a deeply entrenched, but intrinsically vulnerable environment that is continually compromised by an endless number of exploits. Exploitation occurs in an infinite space that is unsolvable. We are building skyscrapers on quicksand, yet are surprised when they fall. MORE
|
July 31, 2018 — You can’t pick up a newspaper or view a cable news program without hearing about cyber, whether cyberattacks, cyber defense, offensive cyber, cybersecurity, cyber threat, cyber Pearl Harbor, etc. You might think this issue just popped up the last few years. But all the armed services have been thinking about cyber for a number of years, in fact DEPSECDEF John Hamre originally used the term “cyber Pearl Harbor” in the 1990s, SECDEF Leon Panetta repeated it in 2012. The Navy in particular has been thinking about cyber for a long time. The origins of the military’s emphasis on cyber and cybersecurity can be traced back to at least 1996, when Joint Chiefs of Staff Chairman General John M. Shalikashvili, U.S. Army, released Joint Vision (JV) 2010. This seminal publication championed “Full Spectrum Dominance” as the “…key characteristic we seek for our Armed Forces in the 21st century.” MORE
|