July 31, 2018 — We are living in a time when virtually anything can be connected to the Internet: from smart clothing to autonomous driving to near realtime management of assets in agriculture, manufacturing, logistics, and more—the possibilities are endless. Among this connectedness, the smart cities trend continues to gain momentum. In November 2017, a real estate investment firm owned by Microsoft co-founder Bill Gates announced they purchased nearly 25,000 acres, approximately 45 minutes west of downtown Phoenix for $80 million for development into a smart community. [1] Similarly, Google's parent company, Alphabet, committed $50 million for a Toronto neighborhood development, AT&T is investing nearly $3 billion in the Atlanta area to enhance smart-city networks, and Saudi Arabia is forecasting a $500 billion investment in a mega-city spanning three countries intended to “push the boundaries of innovation.” [2,3] A smart base may be able to take advantage of the same benefits anticipated for a smart city, with added military capabilities—mission assurance and mission command. MORE
|
July 31, 2018 — SOCIAL MEDIA—BEGINNINGS When discussing the origins of social media, researchers usually start in the 1980s and the Bulletin Board Systems (BBS). They were a kind of online meeting room that allowed users to download games and other files, and leave messages to co-users. The social aspect of this exchange was pretty clear, but the interaction was rather limited and slow due to technological reasons. What is more important, the social interaction had a rather random character—people did not know who was sitting at the other end of the telephone line. MORE
|
July 31, 2018 — Modern defense platforms are at increasing risk of cyber-attack from sophisticated adversaries. These platforms do not currently provide the situational awareness necessary to identify when they are under cyberattack, nor to detect that a constituent subsystem may be in a compromised state. Long-term improvements can be made to the security posture of these platforms by iterative application of cyber risk assessments and subsystem hardening, but this is a time-consuming and costly task. Monitoring platform communication networks for malicious activity is an attractive solution for achieving improved cyber security on defense platforms in the near term. The MIL-STD-1553 bus is central to the operation of a broad range of defense platforms, making 1553 security solutions generally applicable. This article presents our research into the susceptibility of modern defense platforms to cyber-attack. We discuss risk factors contributing to cyber access, and command and control channels. We then describe a range of platform cyberattack classes, while considering the observables and indicators present on the 1553 bus. Finally, we examine factors and considerations relating to implementation of a “Cyber Warning Receiver” solution approach for detection of such attacks. MORE
|
July 31, 2018 — Through technological development and the continuously expanding Internet, the challenges of physical distance, borders and time has diminished, enabling new and more efficient business models and concepts. With this technological development, however, follows an increase in global cybercrime, mass surveillance, internet censoring, and espionage. Terror attacks and cybercrime incidents are now forcing policy makers to balance surveillance and privacy through a paradox: While privacy regulations protect individuals’ freedom of speech and safety from persecution, it may also restrain effective crime and terror investigation. In November 2015, the Norwegian Governmental Committee on Digital Vulnerability delivered an Official Norwegian Report (NOU) to the Minister of Justice and Public Security in which the problematic issue of balancing surveillance and privacy was emphasized. The intricate challenge is that in-between surveillance and the privacy lays the personal data—the new gold from a commercial perspective, a resource in the fight against terrorism from a security perspective, and a future threat of human rights from an individual perspective. MORE
|
July 31, 2018 — Cyber weapons have been used to steal billions of dollars of intellectual property, influence elections, manipulate news and damage critical infrastructure. Yet, we think of cyberattacks as only a technology problem, which are handled by smart computer network technicians capable of discovering a breach and developing patches to mitigate the problem. Certainly, technical solutions are a big part of cyber preparedness. But what if cyberattacks combine denial of services in cyberspace with targeted attacks on critical infrastructure, causing massive damage and loss of life in the physical world? MORE
|
July 31, 2018 — Society has become utterly dependent on information systems (IS) to power everyday life. While this seismic shift has taken place, the security of those IS and their consequential information assets has not taken a front seat alongside innovation, resulting in breaches of trust and loss of corporate goodwill. Organizations are struggling to find an effective approach that encompasses not just technical aspects of cybersecurity, but also improves people and processes. This article will define, discuss, and operationalize the technical, semantic, and effectiveness aspects of cybersecurity and their application into the organizational construct. MORE
|
July 31, 2018 — “An Army Marches On Its Stomach,” is a quote attributed to both Napoleon and Frederick the Great. [1] Both men certainly would attest to the veracity of the sentiment—without secure supply lines, no army can survive for very long. This reliance has grown beyond mere food and now encompasses a broad range of materiel from pencils to remotely piloted drones.
By their very nature, military supply chains are a high-value target for thieves, saboteurs, and counterfeiters. Fraudulent materials, particularly those switched out for high-grade defense aerospace technologies, represent a serious risk to military operations. When materials that can’t meet military standards fail in combat situations, it is the warfighter or the innocent bystander who pays the price. MORE
|
July 31, 2018 — Extending the military principle of maneuver into the war-fighting domain of cyberspace, academic and military researchers have produced many theoretical and strategic works, though few have focused on researching the applications and systems that apply this principle. We present a survey of our research in developing new architectures for the enhancement of parallel and distributed applications. Specifically, we discuss our work in applying the military concept of maneuver in the cyberspace domain by creating a set of applications and systems called “maneuverable applications.” Our research investigates resource provisioning, application optimization, and cybersecurity enhancement through the modification, relocation, addition or removal of computing resources. MORE
|
July 31, 2018 — Despite obvious distinctions, parallels exist between 18th century era fortification and the purposes, processes, and implications of pursuing security in an artificial cyber realm of the 21st century. The Revolutionary War era fortification of the Hudson River bottleneck focused upon the West Point area between 1778 and 1781. Differing professional perspectives and factors such as available resources led to disagreement about the defensive concept, and Thaddeus Kosciuszko’s construction of layered defenses strengthened the US position in the region during the latter phases of the war. British failure in a belated overland raid, demonstrating an inability to “brute” the new defenses, led to British interest in leveraging an insider threat (Benedict Arnold), but then as now, insider threats could not automatically guarantee success. MORE
|
July 31, 2018 — A security dilemma is said to exist when one country cannot make itself more secure without making another less secure. [2] Circa 1913, for instance, if a major European country sought security by drafting more men, its neighbors would feel impelled to do likewise to recover their former levels of security. During the Cold War, when deterrence was the only feasible response to threat posed by the other side’s nuclear weapons, any attempt to build more weapons or bring them to a higher state of readiness (for retaliatory purposes only, it would be claimed) would alarm the other side who would feel impelled to do likewise. MORE
|