March 30, 2017 — On March 21, 2017, Foreign Policy published an article by Dr. Mark Hagerott and Admiral (Ret.) James Stravridis entitled “Trump’s Big Defense Buildup Should Include a National Cyber Academy.” The authors recommended “the creation of something audaciously different but critical to winning the wars of the future: a U.S. cyber academy.” They explicitly endorse a national cyber service academy much like the US Military Academy (USMA), Naval Academy, and Air Force Academy. MORE
|
March 28, 2017 — For months, a nation state has covertly infiltrated a neighboring state’s critical networks while massing armored forces along its common border with a US ally. While the adversary prepares to launch a massive cyber-attack on its neighbor state, its tanks are readied to roll over the border. MORE
|
March 21, 2017 — “Every assumption we hold, every claim, every assertion, every single one of them must be challenged.” — General Mark A. Milley, 39th Chief of Staff of the U.S. Army. This paper focuses on how the dynamic speed of change and the compression of time in cybersecurity move individuals and organizations out of their comfort zones. MORE
|
March 1, 2017 — In a time of constrained and reduced resources and to fortify the protection against the ever-increasing global cyber threats, the United States (US) must do more with less and better utilize its existing resources. The Reserve Components (RC) of the US military are filled with cyber expertise gained through civilian and military training as well as job experience. If the Department of Defense (DoD) can develop a program to better utilize the experience and skills resident in the Reserves, the US military can improve the nation’s cyber capabilities and better protect its networks. MORE
|
February 28, 2017 — Writing a history of anything without clear or accepted chronological boundaries, such as cyber war, is a challenging undertaking. Even with a definite start and stop points, Winston Churchill still felt that he needed six enormous volumes, eight years, and a team of contributing authors to tell his history of the easily demarcated Second World War. British wartime codebreaker turned Cambridge historian, F.H. “Harry” Hinsley, in some respects had a more modest task than Churchill—to write a history of World War II examining only the intelligence aspect. Like Churchill, however, Professor Hinsley found that he required several research and writing assistants, many years of work, and four volumes to tell his history of World War II secrets, not to mention the benefit of over a quarter century of time—much-needed hindsight and cooling off of intelligence sources and methods—to place intelligence and code-breaking operations into their wartime context. MORE
|
February 15, 2017 — For almost two decades, cyberwar has posed various challenges to military organizations. Doctrine has hardly defined the scope of cyber activities and how military forces can act or react in that specific new battlefield. Highly technical by nature, the cyber defense mission was, at first, to counter major cyber threats, thus the focus was, and is, to protect critical infrastructures and networks. Building up a cyber force was, therefore, a move to militarize cybersecurity by transferring methodologies and skills. MORE
|
December 28, 2016 — The general notion is that much of the core understanding of cyber is in place. I would like to challenge that perception. There are still vast territories of the cyber domain that need to be researched, structured and understood. I would like to use Winston Churchill’s words: “it is not the beginning of the end; it is maybe the end of the beginning.” In my opinion, the cyber journey is still in a very early stage. The cyber field has yet to mature, and the big building blocks for the future cyber environment are not yet in place. The Internet and networks that support it have increased dramatically over the last decade. Even if the growth of cyber might be stunning, the actual advances are not as impressive. MORE
|
December 28, 2016 — 1 MAY 2011 – ABBOTTABAD, PAKISTAN – Abbottabad, Pakistan is less than a two-hour drive from the capital city of Islamabad and 3.1 miles from the Pakistan Military Academy to the southwest. In relative terms, Abbottabad is a much less busy place than Karachi, Pakistan, and is very attractive to tourists and those seeking higher education for their children. Despite Abbottabad’s relative inactivity compared to the bustling Karachi, there were signs of digital life in 2011. MORE
|
December 3, 2016 — United States government officials and policymakers regularly warn that China will launch destructive cyberattacks against critical US civilian infrastructure, including electrical grids, water supply stations, and transportation networks. However, they base such predictions on analysis that emphasizes China’s cyberwarfare capabilities, while ignoring the country’s cyberwarfare strategy and objectives. While China may possess the capacity to carry out devastating cyberattacks, does the country want to? Accurately predicting Chinese cyberattacks requires a holistic analysis that considers not just China’s capabilities, but its strategy and objectives as well. This paper relies on military reports and academic articles produced by senior PLA officials to uncover, organize, and ultimately distill Chinese cyberwarfare strategies and objectives. In addition, secondary analysis conducted by Western military experts on China and intelligence gathered by the US government help identity key trends and anomalies found in the primary sources. These documents reveal a Chinese cyberwarfare strategy that calls for cyberattacks to be used during military conflicts in a preemptive manner to disrupt enemy logistics and communications networks. The strategy does not call for the destruction of civilian infrastructure during peacetime. Framing China’s cybersecurity threat within a broader context of strategy and objectives emphasizes that the country may not be the most likely perpetrator of future destructive cyberattacks. This discovery has significant implications for current US national security policy, which is heavily focused on confronting a major Chinese cyberattack. MORE
|
November 21, 2016 — Conducting cyber warfare is cheap and easy.[1] It affords anyone from individual hackers to nation-state actors the ability to wage destructive acts against the United States.[2] In 2009, the Secretary of Defense directed the Commander of U.S. Strategic Command to establish a sub-unified command, U.S. Cyber Command (USCYBERCOM), to prepare the Department of Defense (DoD) for the integration of offensive and defensive cyberspace operations.[3] Due to the constant rate of change in cyberspace, USCYBERCOM has experienced challenges integrating joint force cyber components. A quick examination of the US cyber force organizational chart demonstrates how complex the relationships are between service components and outside agencies. These organizational intricacies have led Admiral Michael Rogers, National Security Agency (NSA) Director and Commander of USCYBERCOM, to ask “is cyber so different, so specialized, so unique, so not well understood that it requires a very centralized, focused, unique construct to how we generate capacity and knowledge?”[4] While still heavily debated, many US government officials believe the existing organizational structure best meets current DoD requirements. However, there is an increasing necessity to transform the joint cyber construct into a stand-alone military service branch or similar entity that is separate from, yet integrated into the other military service branches. This necessity is based on cyberspace operations occurring in a separate operational domain, requiring a different organizational composition than traditional service branches, and hampered by the current joint cyber construct. MORE
|