July 31, 2018 — The year is 2025. Just before dawn, several independent 5-man teams from an Army Combined Arms Battalion prepare to launch an attack on a terrorist-insurgent stronghold outside a mega coastal city in a sub-Saharan nation. Before the commander sends in his attack forces, his cyberspace maneuver force has already established a secure communications network using Free Space Optics and Li-Fi and are conducting defensive cyber maneuver to protect and defend key cyber terrain. While monitoring local social media, cyber operators have intercepted insurgent communications, and located their operations center. They begin sending messages on social media to confuse the insurgent network and interfere with their command and control. Next, the cyber operators launch an offensive cyber maneuver, cutting power to the insurgent headquarters. In another offensive maneuver, the cyber force employs electromagnetic pulses to destroy the adversary’s electronic systems followed by a Radio Frequency capability to disable all insurgent vehicles. As dawn breaks, the insurgents awaken to the sound and fury of the Battalion’s direct and indirect fires… MORE
|
July 31, 2018 — Commercially-available, end-to-end encryption software application solutions address cyber threats from advanced nation-state actors by securing mobile voice communications from eavesdropping. Existing mobile security frameworks, such as explained in a recent Department of Homeland Security (DHS) study, provide a good base for analysis, but are shown to have dealt insufficiently with the threat to mobile voice and corresponding encryption-based safeguards. A secure cyberspace thus requires increased attention to securing voice in addition to data when using mobile devices. MORE
|
July 31, 2018 — Imagine if Pearl Harbor had been attacked and there had been no response from Washington.
This is the actual case today due to a highly sophisticated, mature, and stealth strategy perpetrated against the United States (US) by advanced military methods leveled at every sector and organization in our society. This includes private sector businesses, all government agencies, the military, and academia—every US organization operating with innovation, intellectual property, or sensitive data. The world is in significant conflict requiring the US government, military, and private sector to deliberately confront this national crisis or become permanently irrelevant. It is no longer “business as usual.” MORE
|
July 31, 2018 — Our world is facing explosive growth in data being communicated on and generated by its people, their systems, and their networks. More data has been created in the past two years than in the entire previous history of mankind (Heidorn, 2016). By 2020, our digital universe of data will grow to 44 zettabytes (or 44 trillion gigabytes) which is ten times its size today. The enormity of this data and our ability to apply advanced technology to leverage it to gain new insights is often described as the era of “big data.” The study and application of big data spawned a new interdisciplinary field known as data science which combines the domains of operations, mathematics, and computer science as well as several ancillary fields such as social science, intelligence, and economics. The application of data science has already shown great promise in a wide range of fields from medicine to business. MORE
|
July 31, 2018 — Both the Department of Defense (DoD) and the North Atlantic Treaty Organization (NATO) have declared that cyber is a “domain”, co-equal with air, land, and sea. DoD also recognizes space as a domain. Merriam-Webster defines a domain as a sphere of knowledge, influence, or activity. [1] Although DoD does not define “domain”, it does define cyberspace as “A global domain within the information environment consisting of the interdependent network of information technology infrastructures and resident data, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.” [2] No one has yet proposed what the cyber domain is, where militaries should be operating in cyberspace, and what missions’ militaries should be doing in cyberspace. This article identifies what DoD says their missions are in cyberspace and discusses what areas are appropriate for military operations in cyberspace. Additionally, it argues that militaries must be very careful about what missions they accept in cyberspace, and must circumscribe their forays into cyberspace lest they are overwhelmed by the sheer scope of the domain. MORE
|
July 31, 2018 — Cybersecurity control frameworks, the foundation of security practices in any enterprise today, are becoming less significant with the evolving cyber threat landscape--driving a response towards innovation in control design and resulting in the deployment of unconventional controls. Control frameworks will remain essential, but they alone are no longer sufficient to avoid significant data loss from cyber breaches. In some respects, this represents an 180° change from how our cybersecurity professionals were trained over the past several decades. MORE
|
July 31, 2018 — Each strategy has a foundation—an overarching way of explaining why things are the way we see them, and how to successfully reach our goals. Therefore, strategy is theory-based because theory provides an intellectual framework for predicting outcomes leading to the end goal the strategy pursues. This article will present the strategic cyberwar theory whose utility is tied to the likelihood of institutional instability in the targeted nation. In an ideal scenario, a nation conducts systematic cyber attacks against the targeted adversary’s institutions triggering the dormant entropy embedded in a nation possessing weak institutions. This will lead to submission to foreign will and intent. MORE
|
July 31, 2018 — While the United States (US) fought two wars over the past decade, its adversaries were evolving their technology for fighting in the electromagnetic spectrum (EMS). In his 2014 monograph, Dr. Larry M. Wortzel writes “the PLA [Chinese People’s Liberation Army] is updating 21st century mechanized and joint operations, combining them with electronic warfare—what the PLA calls “fire power warfare”–and precision strike.” [1] New doctrinal concepts ranging from the tactical to operational levels of employing traditional signals intelligence and electronic warfare lead this change movement in China. [2] Included in the transition is cyber warfare, which details both kinetic and non-kinetic effects across the EMS. [3] We have seen similar advances in capability from Russia in the ongoing conflict in Ukraine. The Ukrainian military has witnessed first-hand the actual effectiveness of Russian electronic warfare (EW) technology and tactics. [4] Russian artillery has demonstrated the synergistic effects of EW and commercial off-the-shelf (COTS) small-UAS platforms when paired with jamming, indirect fire, and direct fire assets [in Ukraine]. [5] The Russians have utilized EW capabilities to geolocate Ukrainian signals and their associated forces, then fixed the formation with UAS, and finished these forces with jamming of mission command frequencies while delivering devastating barrages. MORE
|
July 31, 2018 — Although the cyber realm is a comparatively new environment, with professionals typically setting the origins in the mid-19th century with the communications network established in support of the Anglo-French-Piedmontese force in the Crimean War, many of the imperatives of security and defense in the physical realm offer significant continuity as well as areas for profitable comparison. The historical vantage point empowers, through the use of relevant analogy and studious research and analysis. A cyber-conscious study of the early progress toward fortification of the Hudson River during the American Revolutionary War illuminates themes about the primary security role played by defensive constructions: to guarantee time that permits an active and coherent response against an adversary. It also demonstrates the vital role played by leaders who recognize security challenges and the need for expertise that can translate policymakers’ support and resources into an effective security system. This essay uses the period from 1775-1777 to highlight these issues, setting the stage for the development of expert-designed fortress construction beginning in the spring of 1778 (to be examined in the author’s next contribution to the CDR). MORE
|
July 31, 2018 — In January 2017, the U.S. Office of the Director of National Intelligence published a highly unusual public report outlining the Russian state-sponsored cyberenabled campaign to distract, disrupt, and skew the 2016 U.S. elections. [1] This latest influence campaign and continuing activities in both the U.S. and other Western countries are increasingly acknowledged as part of a broader, ambitious Russian strategy of strategic competition to restore its European sphere of influence, and erode other countries’ subscription to the Western liberal economic and political order. [2] MORE
|