May 6, 2016 — On the 21st and 22nd of March, 2016, Indiana hosted its inaugural Defense Cyber Summit (DCS), which aimed to advance the state’s cyber readiness and preparations against a cyberwarfare attack. Spurred on by Admiral Michael Rogers, the Commander of the U.S. Cyber Command, who in 2014 called cybersecurity “the ultimate team sport,” Indiana has purposefully adopted a culture of collaboration between government organizations, private firms, non-profits, and academia to improve the state’s response and resiliency to a significant cyber incident. This team approach will counter cyberattacks intent on degrading Indiana’s economic capacity and threating the critical services of its citizens [1]. Under the umbrella of the Applied Research Institute (ARI), organizations such as Purdue University, Indiana University, Crane Naval Surface Warfare Center, the Cyber Leadership Alliance, the Indiana National Guard, and the Indiana Department of Homeland Security have partnered together to address and propose solutions to Indiana’s cyber security challenges. This effort is boosted by the Indianapolis-based Lilly Endowment support of nearly $16.3 million that is funded through a grant from the Central Indiana Corporate Partnership Foundation. The ARI is working to foster collaboration, research, and problem solving on cyber threats to Indiana’s critical infrastructure [2]. MORE
|
May 2, 2016 — Cyber security as a work domain and commercial sector is relatively new, but has been maturing rapidly over the past 20 years. Cyberspace operations, on the other hand, are synchronized military activities to identify, degrade and/or deceive threat actors in cyberspace. Cyberspace operations are inherently dynamic due to changing technology and tactics of malicious actors. Recent increases in the number and scale of cyber incidents have illustrated the need for improved coordination across the Cyber Mission Force as well as improved feedback and accelerated technology transition between operational research, and development communities. This paper presents arguments for improving cyberspace operations with sustained efforts to understand cyber work and the impacts of technologies on the people who perform it. The Cyber Immersion Lab, operated by USCYBERCOM, is an activity that is demonstrating the strengths of this approach. MORE
|
April 11, 2016 — The United States military has made significant strides to counter the increasing number of worldwide cyber threats. Recently, the U.S. Army created a Cyber Branch as the newest of its basic branches. Now the transition becomes necessary to integrate the Cyber Branch into its important, future everyday role on the battlefield. Currently, most of the cyber force is congregated in certain branch specific areas. This allows for effective command and control of these units, but limits their operational utility. Despite being able to access cyberspace from anywhere in the world, using cyber to its full capability requires adaptation at the tactical level, and on the battlefield. The definition of cyber is “of, relating to, or involving computers or computer networks.”[1] A dedicated cyber force is important for defense and offense alike on the national stage, but what about cyber on the battlefield? With the increase of computers and accompanying networks on the battlefield, a deployable cyber force becomes a necessity.
One of the ‘game changers’ on the modern battlefield are the multiple missions conducted by U.S. Special Operations Command (USSOCOM). These highly trained professionals have been rapidly deployed worldwide in support of Operation Enduring Freedom and Operation Iraqi Freedom. Now with US military operations in Afghanistan transitioning, special ops missions will stay constant. With over 66,000 personnel assigned to USSOCOM, and more than a $10B budget, this is one segment of the military that is not decreasing in size.[2] Operations occur worldwide, from the Middle East to South America to Africa. This force is focused on US strategic interests, while operating with a reduced signature to accomplish their mission in sensitive and dangerous environments. But how can this force increase its effectiveness? Integrating cyber operations with the special operations community will enhance this elite fighting force effectiveness by 2025 with the addition of one cyber operations specialist to every tactical Special Operations Forces (SOF) team
MORE
|
March 28, 2016 — Computer networks are no longer the isolated, small, and static webs of the 1970s. With the number of devices connected to the internet quickly surpassing the world’s population, the ability to manage massive networks has become increasingly difficult. Additionally, the variety of devices which now access networks has gone from single home computers to include watches, tablets, smart phones, and all types of vehicles. This increase in size and complexity has created a huge burden on network security professionals. The amount of data entering and exiting many networks far exceeds what a network security staff is able to effectively monitor. With the help of automation tools and modern management strategies these challenges can be overcome. Network security professionals need to look to tools such as Splunk and the Meraki Cloud Platform to intelligently filter and focus on critical pieces of data. Additionally, they need to utilize strategies such as the Continuous Diagnostics and Mitigation (CDM) program to make error detection and response fluid and systematic. MORE
|
March 22, 2016 — With countless cyber-attacks coming from advanced persistent threats (APTs) attribution for these attacks is increasingly important to calculate the damage and response as well as preventing future attacks. Establishing a framework is a way to increase analytic confidence in attribution, intelligence preparation of the battlefield/battlespace (IPB) combines elements of the battlefield and adversary which fall in line with cyber-attribution. Pulling elements of ‘OAKOC’ and ‘ASCOPE’ as well as components of the adversary the connections between the two disciplines is evident, and is shown in a graph on page 12. The overlap between IPB and cyber-attacks becomes more evident when applying the methodology to two hypothetical cyber-attacks from APTs: Axiom and APT1. As APTs reuse their tactics, techniques, and procedures (TTPs) and toolset patterns and signatures can be detected and identified utilizing cyber-IPB leading to attribution. However, APTs utilize innovative obfuscation techniques which could hamper cyber-IPB attribution. Combined with effective indicator and malware-analysis cyber-IPB provides a framework for cyber-attribution. MORE
|
March 21, 2016 — Cyber conflict is a growing alternative and supplement to traditional armed conflict. Recent scholarship has sought to apply the traditional ethics of war, Michael Walzer’s just war theory of jus ad bellum and jus in bello, to this novel form of combat. Yet, this framework does not apply perfectly. Cyber conflict presents challenges to the jus in bello principle of distinction, among others, which makes utilizing any form of cyber attack as unethical; yet, naively cyber conflict can be far more humane, and thus more ethical, than traditional war. An extension of just war theory to more accurately guide economic sanctions, the humanitarian proviso, can replace the standard principle of distinction and create a more accurate moral framework for cyber conflict. MORE
|
March 10, 2016 — The Gartner Hype Cycle, which assigns emerging technologies into 5 regions: Innovation Trigger, Peak of Inflated Expectations, Trough of Disillusionment, Slope of Enlightenment and Plateau of Productivity. In 2014, Big Data was at the edge of the Peak of Inflated Expectations, where the hype has already generated an enormous amount of goodwill through amazing success stories, and on a descent towards the Trough of Disillusionment, where the rate of new successes relative to the Peak creates a depressed sense of its novelty.
Big Data fell off the chart in 2015.
MORE
|
March 1, 2016 — ‘I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones.’ – Albert Einstein
Technology is great, when it works the way we want it to. Over the last couple years it seems the ever-mounting stream of hacks could leave even the most stoic of technologists cringing. As researchers at the Army Cyber Institute at West Point, our task is to be forward thinking and anticipate the hill after next. We are one part of the Army’s robust effort to address cyberspace issues of today and tomorrow. Along with our cross-service and cross-agency partners we are making progress: we are working our way through a highly disruptive era in technology and politics to find solutions ensuring the security of the United States. At the same time, as we step forward into the complexity of a fully integrated future, we must not lose sight as a military of the fundamentals of fighting and defending the security and interests of the nation. The more the tools and gadgets of modern warfare are challenged by state and non-state actors, the more critical it becomes that our men and women in uniform maintain the fundamental skills of warriors from previous generations.
MORE
|
February 24, 2016 — Despite being unmatched technologically on the battlefield, low-cost, asymmetric threats have proven dangerous for US military forces. The proliferation of IEDs (of all types) in the Iraqi and Afghan theaters demonstrated that inexpensive, commercial off-the-shelf (COTS) technology can impact US high tech operations. Robots have the potential to provide a similar destructive impact on our forces given their wide availability including powerful, open-source software, which has been illustrated recently with ISIS coupling IEDs with ‘driver-free’ vehicles.[1] MORE
|
February 8, 2016 — 2015 proved a watershed year for artificial intelligence (AI) systems. Such advanced computing innovations can power autonomous weapons that can identify and strike hostile targets. AI researchers have expressed serious concerns about the catastrophic consequences of such military applications. DoD policy forbids the use of autonomous weapons for targeting human beings. At the same time, advances in remotely operated weapons like drones have geographically separated decision-makers from their weapons at distances measured in thousands of miles. This paper explores how advances in remotely piloted aircraft alongside evolving cyber threats converge to create considerable incentive to field autonomous weapons. To retain human executive control, military operators rely on communications links with semi-autonomous systems like RPA. As adversaries develop an anti-access/area denial operational approach, they will field new electronic/cyber capabilities to undermine the US military’s technological superiority. The data link between RPA and human beings is vulnerable to disruption. Cyber threats against RPA systems will entice militaries to develop autonomous weapon systems that can accomplish their mission without human supervision. MORE
|