March 1, 2016 — ‘I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones.’ – Albert Einstein
Technology is great, when it works the way we want it to. Over the last couple years it seems the ever-mounting stream of hacks could leave even the most stoic of technologists cringing. As researchers at the Army Cyber Institute at West Point, our task is to be forward thinking and anticipate the hill after next. We are one part of the Army’s robust effort to address cyberspace issues of today and tomorrow. Along with our cross-service and cross-agency partners we are making progress: we are working our way through a highly disruptive era in technology and politics to find solutions ensuring the security of the United States. At the same time, as we step forward into the complexity of a fully integrated future, we must not lose sight as a military of the fundamentals of fighting and defending the security and interests of the nation. The more the tools and gadgets of modern warfare are challenged by state and non-state actors, the more critical it becomes that our men and women in uniform maintain the fundamental skills of warriors from previous generations.
MORE
|
February 24, 2016 — Despite being unmatched technologically on the battlefield, low-cost, asymmetric threats have proven dangerous for US military forces. The proliferation of IEDs (of all types) in the Iraqi and Afghan theaters demonstrated that inexpensive, commercial off-the-shelf (COTS) technology can impact US high tech operations. Robots have the potential to provide a similar destructive impact on our forces given their wide availability including powerful, open-source software, which has been illustrated recently with ISIS coupling IEDs with ‘driver-free’ vehicles.[1] MORE
|
February 8, 2016 — 2015 proved a watershed year for artificial intelligence (AI) systems. Such advanced computing innovations can power autonomous weapons that can identify and strike hostile targets. AI researchers have expressed serious concerns about the catastrophic consequences of such military applications. DoD policy forbids the use of autonomous weapons for targeting human beings. At the same time, advances in remotely operated weapons like drones have geographically separated decision-makers from their weapons at distances measured in thousands of miles. This paper explores how advances in remotely piloted aircraft alongside evolving cyber threats converge to create considerable incentive to field autonomous weapons. To retain human executive control, military operators rely on communications links with semi-autonomous systems like RPA. As adversaries develop an anti-access/area denial operational approach, they will field new electronic/cyber capabilities to undermine the US military’s technological superiority. The data link between RPA and human beings is vulnerable to disruption. Cyber threats against RPA systems will entice militaries to develop autonomous weapon systems that can accomplish their mission without human supervision. MORE
|
February 1, 2016 — Part of the dialog and debate about cyber security and warfare concerns the question about whether cyber exploits become obsolete in the course of their first use. While the question centers on whether vulnerabilities can be patched immediately following their initial identification, the issue also carries implications regarding the iterative improvement of technologies. Actual battle experience, the presence of functional feedback loops, and dedication to improvement pave the way for iterative advances to keep pace ahead of changing challenges and environments. It is this iterative cycle that sometimes leads to rapid cumulative advances and effectively “revolutionary” effects, and this is actually part of a pattern that can be identified through historical study. In this case study, the revolutions of the chambers in Samuel Colt’s progressively improving firearms of the 1830s and 1840s provide a window on the connection between iteration and revolution, a question that deserves continued attention and consideration when turning to security and warfare in the digital realm. MORE
|
January 28, 2016 — Adversarial countries’ cybercrime and state sponsored cyber operations could easily be the same coin – just different views. The reason is very simple. Cyber criminals are specialists in luring people to disclose their secrets and open doors to user accounts to allow the perpetrator to use the access for their purposes. If a country adversarial to the US house cyber-criminal activity that targets the US -meanwhile the country itself pursued innovative ways to gather intelligence about the US it is likely that someone sees an opportunity. MORE
|
January 28, 2016 — Cyber is becoming increasing driven by automated process while humans are still operating at human speed. In my view, one of the major weaknesses in larger-scale cyber defense planning is the perception there is time to lead a cyber defense during attack. It is likely that a major attack is automated and premeditated. If it is automated, the systems will execute the attacks at computational speed. In that case no political or military leadership would be able to lead an effective defense for one simple reason – it has already happened before they react. MORE
|
January 23, 2016 — The ratification of a pledge for joint defense in case of a major cyber-attack at the 2014 NATO Summit is a major step forward.Under this pledge a significant cyberattack on any NATO nation would be constitutive of anattack on all of them. While it is hoped that the vague framing and uncertain capabilities of each NATO member will facilitate deterrence through ambiguity, it should be noted that deterrence only works when that ambiguity is backed up by a command structure capable of a timely and organized response. MORE
|
January 19, 2016 — Integration of cyber and electromagnetic activities (CEMA) at the tactical level requires strategic thinking and planning. Current efforts, like Army Cyber’s Cyber Support to Corps and Below, are moving in the right direction but do not necessarily create the critical mass required for lasting effects. This paper seeks to provide a framework based on the people, the preparation, and the process of CEMA to successfully incorporate for tactical operations. Beginning with the people, this paper applies talent management concepts to put the right people with expertise, experience, and networks in the right job to start the conversation. Second, preparing those people and the staffs with whom they work for the integration furthers integration. Leadership must make sure the correct education supplements the experience of cyber planners combined with increased discussion of CEMA in Command and General Staff College is vital to preparing the force for the new domain. Finally, the only way to ensure complete integration is to change staff planning processes. Introducing METT-C2, with the second “C” for cyber, and emphasizing cyber key terrain in Mission Analysis, ritualizes cyber variables at the start of planning and guarantees integration in tactical staffs. MORE
|
January 14, 2016 — Although the cyber domain has several unique characteristics, the timeless principles of maneuver warfare can still be readily applied as in the conventional domains of land, maritime, air, and space.[1] Maneuver in cyberspace also leverages many of the same techniques, tactics and procedures (TTPs) as the conventional domains, but with some notable difference, herein explored. For the purpose of this article, the intent of maneuver warfare is to ensure the tactical mobility of capable friendly forces and deny it to the adversary in order to place him at a tactical disadvantage. I also stipulate that movement to and within a theater is a given, thereby focusing our analytical effort on cyber maneuver at the tactical within a theater of operations, though crossing domains. Because cyberspace is a man-made domain that is both virtual and physical, the specific TTPs are distinct, yet they can largely exist within established conceptions of maneuver warfare. As cyberspace is physical, logical, and human in nature, it is possible to maneuver to exploit vulnerabilities at each of these levels. MORE
|
January 12, 2016 — While largely recognized as the most pervasive actor engaged in cyber espionage activity for both intelligence collection and commercial espionage, China has recently entered into several “no cyber-enabled commercial hacking” agreements with major governments, efforts that have culminated in the 2015 “no hack” pledge by representatives of the G20. By demonstrating its willingness to work with other governments on this issue, China is promoting itself as a global leader in cyber security while downplaying its suspected involvement in previous espionage activity. MORE
|