June 28, 2016 — Leaders increasingly focus on the growing risk to national security in cyberspace. Today, there is little need to describe the dynamic and unpredictable nature of cyberspace, a wide and growing threat landscape, and rapidly evolving threat capabilities and tactics. Despite tremendous resources dedicated to securing cyberspace, threats always seem to find a way. In corporate board rooms, cybersecurity means accepting this reality and taking internal defensive measures to mitigate material risk.[1] But the private sector is not defenseless: the DoD established US Cyber Command (USCYBERCOM) and its Service components as part of a full Doctrine, Organization, Training, Materiel, Leadership & Education, Personnel, and Facilities (DOTMLPF) solution for full spectrum cyberspace operations. The country deserves nothing less, but the dynamic nature of cyberspace uniquely challenges DOTMLPF development because of its premise on accurately assessing future capabilities requirements – a major challenge for cyberspace! MORE
|
June 28, 2016 — Since 1958, NASA has been the foremost symbol of American excellence in science and exploration, inspiring generations of engineers around the globe to achieve the impossible through advanced technology. With each of its defining events, NASA pushes humanity further into the future, bringing scientists more information about our universe than ever dreamt possible. But while NASA was reaching for the stars, other forces were secretly at work. In the dark recesses of the agency’s computers and network servers, intruders were lurking. After months of covert access, a hacktivist group called AnonSec obtained 276GB of sensitive data including flight logs, videos, and personal information from thousands of employees (Thalen 2016). This post examines how such an established institution of advanced technology could fall prey to cyber hacking, the glaring warning signs, and the one key lesson all organizations should learn from this historical event. MORE
|
May 16, 2016 — Modern adversaries can now integrate cyber operations into military plans. Recent events have shown that rival governments can not only develop cyber-attack plans, but synch them to achieve national goals. The U.S. Department of Defense must begin integrating and normalizing the use of cyber effects. While there are numerous methods to begin that process, the key is choosing a method and beginning the long process of training in its employment. The primary level this training should be performed is at the Army Division level. Often, the division is the first major headquarters that can develop a list of requirements to submit to the Joint Task Force Headquarters or the Combatant Command. With that in mind, training at home station and during operational level exercises is absolutely necessary. Simulation technology will catch up with cyber operations in due course, but this is no reason to not begin training now.
As a military, the US faces adversaries that have proven their ability to integrate offensive cyber effects from the tactical up to the strategic level. Though multiple methods exist to request and execute Cyber Operations (CO) at the division level, the bigger and more looming problem is the lack of training in utilizing these effects, and being ready to put these effects to use on the battlefield. For the United States to keep pace with near-peer nations, it must train on and prepare to use these effects in a real-world combat environment.
MORE
|
May 6, 2016 — On the 21st and 22nd of March, 2016, Indiana hosted its inaugural Defense Cyber Summit (DCS), which aimed to advance the state’s cyber readiness and preparations against a cyberwarfare attack. Spurred on by Admiral Michael Rogers, the Commander of the U.S. Cyber Command, who in 2014 called cybersecurity “the ultimate team sport,” Indiana has purposefully adopted a culture of collaboration between government organizations, private firms, non-profits, and academia to improve the state’s response and resiliency to a significant cyber incident. This team approach will counter cyberattacks intent on degrading Indiana’s economic capacity and threating the critical services of its citizens [1]. Under the umbrella of the Applied Research Institute (ARI), organizations such as Purdue University, Indiana University, Crane Naval Surface Warfare Center, the Cyber Leadership Alliance, the Indiana National Guard, and the Indiana Department of Homeland Security have partnered together to address and propose solutions to Indiana’s cyber security challenges. This effort is boosted by the Indianapolis-based Lilly Endowment support of nearly $16.3 million that is funded through a grant from the Central Indiana Corporate Partnership Foundation. The ARI is working to foster collaboration, research, and problem solving on cyber threats to Indiana’s critical infrastructure [2]. MORE
|
May 2, 2016 — Cyber security as a work domain and commercial sector is relatively new, but has been maturing rapidly over the past 20 years. Cyberspace operations, on the other hand, are synchronized military activities to identify, degrade and/or deceive threat actors in cyberspace. Cyberspace operations are inherently dynamic due to changing technology and tactics of malicious actors. Recent increases in the number and scale of cyber incidents have illustrated the need for improved coordination across the Cyber Mission Force as well as improved feedback and accelerated technology transition between operational research, and development communities. This paper presents arguments for improving cyberspace operations with sustained efforts to understand cyber work and the impacts of technologies on the people who perform it. The Cyber Immersion Lab, operated by USCYBERCOM, is an activity that is demonstrating the strengths of this approach. MORE
|
April 11, 2016 — The United States military has made significant strides to counter the increasing number of worldwide cyber threats. Recently, the U.S. Army created a Cyber Branch as the newest of its basic branches. Now the transition becomes necessary to integrate the Cyber Branch into its important, future everyday role on the battlefield. Currently, most of the cyber force is congregated in certain branch specific areas. This allows for effective command and control of these units, but limits their operational utility. Despite being able to access cyberspace from anywhere in the world, using cyber to its full capability requires adaptation at the tactical level, and on the battlefield. The definition of cyber is “of, relating to, or involving computers or computer networks.”[1] A dedicated cyber force is important for defense and offense alike on the national stage, but what about cyber on the battlefield? With the increase of computers and accompanying networks on the battlefield, a deployable cyber force becomes a necessity.
One of the ‘game changers’ on the modern battlefield are the multiple missions conducted by U.S. Special Operations Command (USSOCOM). These highly trained professionals have been rapidly deployed worldwide in support of Operation Enduring Freedom and Operation Iraqi Freedom. Now with US military operations in Afghanistan transitioning, special ops missions will stay constant. With over 66,000 personnel assigned to USSOCOM, and more than a $10B budget, this is one segment of the military that is not decreasing in size.[2] Operations occur worldwide, from the Middle East to South America to Africa. This force is focused on US strategic interests, while operating with a reduced signature to accomplish their mission in sensitive and dangerous environments. But how can this force increase its effectiveness? Integrating cyber operations with the special operations community will enhance this elite fighting force effectiveness by 2025 with the addition of one cyber operations specialist to every tactical Special Operations Forces (SOF) team
MORE
|
March 28, 2016 — Computer networks are no longer the isolated, small, and static webs of the 1970s. With the number of devices connected to the internet quickly surpassing the world’s population, the ability to manage massive networks has become increasingly difficult. Additionally, the variety of devices which now access networks has gone from single home computers to include watches, tablets, smart phones, and all types of vehicles. This increase in size and complexity has created a huge burden on network security professionals. The amount of data entering and exiting many networks far exceeds what a network security staff is able to effectively monitor. With the help of automation tools and modern management strategies these challenges can be overcome. Network security professionals need to look to tools such as Splunk and the Meraki Cloud Platform to intelligently filter and focus on critical pieces of data. Additionally, they need to utilize strategies such as the Continuous Diagnostics and Mitigation (CDM) program to make error detection and response fluid and systematic. MORE
|
March 22, 2016 — With countless cyber-attacks coming from advanced persistent threats (APTs) attribution for these attacks is increasingly important to calculate the damage and response as well as preventing future attacks. Establishing a framework is a way to increase analytic confidence in attribution, intelligence preparation of the battlefield/battlespace (IPB) combines elements of the battlefield and adversary which fall in line with cyber-attribution. Pulling elements of ‘OAKOC’ and ‘ASCOPE’ as well as components of the adversary the connections between the two disciplines is evident, and is shown in a graph on page 12. The overlap between IPB and cyber-attacks becomes more evident when applying the methodology to two hypothetical cyber-attacks from APTs: Axiom and APT1. As APTs reuse their tactics, techniques, and procedures (TTPs) and toolset patterns and signatures can be detected and identified utilizing cyber-IPB leading to attribution. However, APTs utilize innovative obfuscation techniques which could hamper cyber-IPB attribution. Combined with effective indicator and malware-analysis cyber-IPB provides a framework for cyber-attribution. MORE
|
March 21, 2016 — Cyber conflict is a growing alternative and supplement to traditional armed conflict. Recent scholarship has sought to apply the traditional ethics of war, Michael Walzer’s just war theory of jus ad bellum and jus in bello, to this novel form of combat. Yet, this framework does not apply perfectly. Cyber conflict presents challenges to the jus in bello principle of distinction, among others, which makes utilizing any form of cyber attack as unethical; yet, naively cyber conflict can be far more humane, and thus more ethical, than traditional war. An extension of just war theory to more accurately guide economic sanctions, the humanitarian proviso, can replace the standard principle of distinction and create a more accurate moral framework for cyber conflict. MORE
|
March 10, 2016 — The Gartner Hype Cycle, which assigns emerging technologies into 5 regions: Innovation Trigger, Peak of Inflated Expectations, Trough of Disillusionment, Slope of Enlightenment and Plateau of Productivity. In 2014, Big Data was at the edge of the Peak of Inflated Expectations, where the hype has already generated an enormous amount of goodwill through amazing success stories, and on a descent towards the Trough of Disillusionment, where the rate of new successes relative to the Peak creates a depressed sense of its novelty.
Big Data fell off the chart in 2015.
MORE
|