July 31, 2018 — Although the cyber realm is a comparatively new environment, with professionals typically setting the origins in the mid-19th century with the communications network established in support of the Anglo-French-Piedmontese force in the Crimean War, many of the imperatives of security and defense in the physical realm offer significant continuity as well as areas for profitable comparison. The historical vantage point empowers, through the use of relevant analogy and studious research and analysis. A cyber-conscious study of the early progress toward fortification of the Hudson River during the American Revolutionary War illuminates themes about the primary security role played by defensive constructions: to guarantee time that permits an active and coherent response against an adversary. It also demonstrates the vital role played by leaders who recognize security challenges and the need for expertise that can translate policymakers’ support and resources into an effective security system. This essay uses the period from 1775-1777 to highlight these issues, setting the stage for the development of expert-designed fortress construction beginning in the spring of 1778 (to be examined in the author’s next contribution to the CDR). MORE
|
July 31, 2018 — In January 2017, the U.S. Office of the Director of National Intelligence published a highly unusual public report outlining the Russian state-sponsored cyberenabled campaign to distract, disrupt, and skew the 2016 U.S. elections. [1] This latest influence campaign and continuing activities in both the U.S. and other Western countries are increasingly acknowledged as part of a broader, ambitious Russian strategy of strategic competition to restore its European sphere of influence, and erode other countries’ subscription to the Western liberal economic and political order. [2] MORE
|
July 31, 2018 — We are living in a time when virtually anything can be connected to the Internet: from smart clothing to autonomous driving to near realtime management of assets in agriculture, manufacturing, logistics, and more—the possibilities are endless. Among this connectedness, the smart cities trend continues to gain momentum. In November 2017, a real estate investment firm owned by Microsoft co-founder Bill Gates announced they purchased nearly 25,000 acres, approximately 45 minutes west of downtown Phoenix for $80 million for development into a smart community. [1] Similarly, Google's parent company, Alphabet, committed $50 million for a Toronto neighborhood development, AT&T is investing nearly $3 billion in the Atlanta area to enhance smart-city networks, and Saudi Arabia is forecasting a $500 billion investment in a mega-city spanning three countries intended to “push the boundaries of innovation.” [2,3] A smart base may be able to take advantage of the same benefits anticipated for a smart city, with added military capabilities—mission assurance and mission command. MORE
|
July 31, 2018 — SOCIAL MEDIA—BEGINNINGS When discussing the origins of social media, researchers usually start in the 1980s and the Bulletin Board Systems (BBS). They were a kind of online meeting room that allowed users to download games and other files, and leave messages to co-users. The social aspect of this exchange was pretty clear, but the interaction was rather limited and slow due to technological reasons. What is more important, the social interaction had a rather random character—people did not know who was sitting at the other end of the telephone line. MORE
|
July 31, 2018 — Modern defense platforms are at increasing risk of cyber-attack from sophisticated adversaries. These platforms do not currently provide the situational awareness necessary to identify when they are under cyberattack, nor to detect that a constituent subsystem may be in a compromised state. Long-term improvements can be made to the security posture of these platforms by iterative application of cyber risk assessments and subsystem hardening, but this is a time-consuming and costly task. Monitoring platform communication networks for malicious activity is an attractive solution for achieving improved cyber security on defense platforms in the near term. The MIL-STD-1553 bus is central to the operation of a broad range of defense platforms, making 1553 security solutions generally applicable. This article presents our research into the susceptibility of modern defense platforms to cyber-attack. We discuss risk factors contributing to cyber access, and command and control channels. We then describe a range of platform cyberattack classes, while considering the observables and indicators present on the 1553 bus. Finally, we examine factors and considerations relating to implementation of a “Cyber Warning Receiver” solution approach for detection of such attacks. MORE
|
July 31, 2018 — Through technological development and the continuously expanding Internet, the challenges of physical distance, borders and time has diminished, enabling new and more efficient business models and concepts. With this technological development, however, follows an increase in global cybercrime, mass surveillance, internet censoring, and espionage. Terror attacks and cybercrime incidents are now forcing policy makers to balance surveillance and privacy through a paradox: While privacy regulations protect individuals’ freedom of speech and safety from persecution, it may also restrain effective crime and terror investigation. In November 2015, the Norwegian Governmental Committee on Digital Vulnerability delivered an Official Norwegian Report (NOU) to the Minister of Justice and Public Security in which the problematic issue of balancing surveillance and privacy was emphasized. The intricate challenge is that in-between surveillance and the privacy lays the personal data—the new gold from a commercial perspective, a resource in the fight against terrorism from a security perspective, and a future threat of human rights from an individual perspective. MORE
|
July 31, 2018 — Cyber weapons have been used to steal billions of dollars of intellectual property, influence elections, manipulate news and damage critical infrastructure. Yet, we think of cyberattacks as only a technology problem, which are handled by smart computer network technicians capable of discovering a breach and developing patches to mitigate the problem. Certainly, technical solutions are a big part of cyber preparedness. But what if cyberattacks combine denial of services in cyberspace with targeted attacks on critical infrastructure, causing massive damage and loss of life in the physical world? MORE
|
July 31, 2018 — Society has become utterly dependent on information systems (IS) to power everyday life. While this seismic shift has taken place, the security of those IS and their consequential information assets has not taken a front seat alongside innovation, resulting in breaches of trust and loss of corporate goodwill. Organizations are struggling to find an effective approach that encompasses not just technical aspects of cybersecurity, but also improves people and processes. This article will define, discuss, and operationalize the technical, semantic, and effectiveness aspects of cybersecurity and their application into the organizational construct. MORE
|
July 31, 2018 — “An Army Marches On Its Stomach,” is a quote attributed to both Napoleon and Frederick the Great. [1] Both men certainly would attest to the veracity of the sentiment—without secure supply lines, no army can survive for very long. This reliance has grown beyond mere food and now encompasses a broad range of materiel from pencils to remotely piloted drones.
By their very nature, military supply chains are a high-value target for thieves, saboteurs, and counterfeiters. Fraudulent materials, particularly those switched out for high-grade defense aerospace technologies, represent a serious risk to military operations. When materials that can’t meet military standards fail in combat situations, it is the warfighter or the innocent bystander who pays the price. MORE
|
July 31, 2018 — Extending the military principle of maneuver into the war-fighting domain of cyberspace, academic and military researchers have produced many theoretical and strategic works, though few have focused on researching the applications and systems that apply this principle. We present a survey of our research in developing new architectures for the enhancement of parallel and distributed applications. Specifically, we discuss our work in applying the military concept of maneuver in the cyberspace domain by creating a set of applications and systems called “maneuverable applications.” Our research investigates resource provisioning, application optimization, and cybersecurity enhancement through the modification, relocation, addition or removal of computing resources. MORE
|