April 11, 2016

How Do Cyber Operations Look in 2025?

The United States military has made significant strides to counter the increasing number of worldwide cyber threats. Recently, the U.S. Army created a Cyber Branch as the newest of its basic branches. Now the transition becomes necessary to integrate the Cyber Branch into its important, future everyday role on the battlefield. Currently, most of the cyber force is congregated in certain branch specific areas. This allows for effective command and control of these units, but limits their operational utility. Despite being able to access cyberspace from anywhere in the world, using cyber to its full capability requires adaptation at the tactical level, and on the battlefield. The definition of cyber is “of, relating to, or involving computers or computer networks.”[1] A dedicated cyber force is important for defense and offense alike on the national stage, but what about cyber on the battlefield? With the increase of computers and accompanying networks on the battlefield, a deployable cyber force becomes a necessity. One of the ‘game changers’ on the modern battlefield are the multiple missions conducted by U.S. Special Operations Command (USSOCOM). These highly trained professionals have been rapidly deployed worldwide in support of Operation Enduring Freedom and Operation Iraqi Freedom. Now with US military operations in Afghanistan transitioning, special ops missions will stay constant. With over 66,000 personnel assigned to USSOCOM, and more than a $10B budget, this is one segment of the military that is not decreasing in size.[2] Operations occur worldwide, from the Middle East to South America to Africa. This force is focused on US strategic interests, while operating with a reduced signature to accomplish their mission in sensitive and dangerous environments. But how can this force increase its effectiveness? Integrating cyber operations with the special operations community will enhance this elite fighting force effectiveness by 2025 with the addition of one cyber operations specialist to every tactical Special Operations Forces (SOF) team

March 28, 2016

Maintaining Massive Networks Through Automation And Management Tools

Computer networks are no longer the isolated, small, and static webs of the 1970s. With the number of devices connected to the internet quickly surpassing the world’s population, the ability to manage massive networks has become increasingly difficult. Additionally, the variety of devices which now access networks has gone from single home computers to include watches, tablets, smart phones, and all types of vehicles. This increase in size and complexity has created a huge burden on network security professionals. The amount of data entering and exiting many networks far exceeds what a network security staff is able to effectively monitor. With the help of automation tools and modern management strategies these challenges can be overcome. Network security professionals need to look to tools such as Splunk and the Meraki Cloud Platform to intelligently filter and focus on critical pieces of data. Additionally, they need to utilize strategies such as the Continuous Diagnostics and Mitigation (CDM) program to make error detection and response fluid and systematic.

March 22, 2016

Can Intelligence Preparation of the Battlefield/Battlespace Be Used to Attribute a Cyber-Attack to an Actor?

With countless cyber-attacks coming from advanced persistent threats (APTs) attribution for these attacks is increasingly important to calculate the damage and response as well as preventing future attacks. Establishing a framework is a way to increase analytic confidence in attribution, intelligence preparation of the battlefield/battlespace (IPB) combines elements of the battlefield and adversary which fall in line with cyber-attribution. Pulling elements of ‘OAKOC’ and ‘ASCOPE’ as well as components of the adversary the connections between the two disciplines is evident, and is shown in a graph on page 12. The overlap between IPB and cyber-attacks becomes more evident when applying the methodology to two hypothetical cyber-attacks from APTs: Axiom and APT1. As APTs reuse their tactics, techniques, and procedures (TTPs) and toolset patterns and signatures can be detected and identified utilizing cyber-IPB leading to attribution. However, APTs utilize innovative obfuscation techniques which could hamper cyber-IPB attribution. Combined with effective indicator and malware-analysis cyber-IPB provides a framework for cyber-attribution.

March 21, 2016

Economic Ethics: A Case for Applying the Ethics of Sanctions to Cyber Conflict

Cyber conflict is a growing alternative and supplement to traditional armed conflict. Recent scholarship has sought to apply the traditional ethics of war, Michael Walzer’s just war theory of jus ad bellum and jus in bello, to this novel form of combat. Yet, this framework does not apply perfectly. Cyber conflict presents challenges to the jus in bello principle of distinction, among others, which makes utilizing any form of cyber attack as unethical; yet, naively cyber conflict can be far more humane, and thus more ethical, than traditional war. An extension of just war theory to more accurately guide economic sanctions, the humanitarian proviso, can replace the standard principle of distinction and create a more accurate moral framework for cyber conflict.

March 10, 2016

Big Data is Dead, Long Live Big Data

The Gartner Hype Cycle, which assigns emerging technologies into 5 regions: Innovation Trigger, Peak of Inflated Expectations, Trough of Disillusionment, Slope of Enlightenment and Plateau of Productivity. In 2014, Big Data was at the edge of the Peak of Inflated Expectations, where the hype has already generated an enormous amount of goodwill through amazing success stories, and on a descent towards the Trough of Disillusionment, where the rate of new successes relative to the Peak creates a depressed sense of its novelty. Big Data fell off the chart in 2015.

March 1, 2016

Sticks and Stones – Training for Tomorrow’s War Today

‘I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones.’ – Albert Einstein Technology is great, when it works the way we want it to. Over the last couple years it seems the ever-mounting stream of hacks could leave even the most stoic of technologists cringing. As researchers at the Army Cyber Institute at West Point, our task is to be forward thinking and anticipate the hill after next. We are one part of the Army’s robust effort to address cyberspace issues of today and tomorrow. Along with our cross-service and cross-agency partners we are making progress: we are working our way through a highly disruptive era in technology and politics to find solutions ensuring the security of the United States. At the same time, as we step forward into the complexity of a fully integrated future, we must not lose sight as a military of the fundamentals of fighting and defending the security and interests of the nation. The more the tools and gadgets of modern warfare are challenged by state and non-state actors, the more critical it becomes that our men and women in uniform maintain the fundamental skills of warriors from previous generations.

Feb. 24, 2016

Battlefield Asymmetric Robotic Threat

Despite being unmatched technologically on the battlefield, low-cost, asymmetric threats have proven dangerous for US military forces. The proliferation of IEDs (of all types) in the Iraqi and Afghan theaters demonstrated that inexpensive, commercial off-the-shelf (COTS) technology can impact US high tech operations. Robots have the potential to provide a similar destructive impact on our forces given their wide availability including powerful, open-source software, which has been illustrated recently with ISIS coupling IEDs with ‘driver-free’ vehicles.[1]

Feb. 8, 2016

The Inevitable Militarization of Artificial Intelligence

2015 proved a watershed year for artificial intelligence (AI) systems. Such advanced computing innovations can power autonomous weapons that can identify and strike hostile targets. AI researchers have expressed serious concerns about the catastrophic consequences of such military applications. DoD policy forbids the use of autonomous weapons for targeting human beings. At the same time, advances in remotely operated weapons like drones have geographically separated decision-makers from their weapons at distances measured in thousands of miles. This paper explores how advances in remotely piloted aircraft alongside evolving cyber threats converge to create considerable incentive to field autonomous weapons. To retain human executive control, military operators rely on communications links with semi-autonomous systems like RPA. As adversaries develop an anti-access/area denial operational approach, they will field new electronic/cyber capabilities to undermine the US military’s technological superiority. The data link between RPA and human beings is vulnerable to disruption. Cyber threats against RPA systems will entice militaries to develop autonomous weapon systems that can accomplish their mission without human supervision.

Feb. 1, 2016

Revolutions in Technology: A Consideration of the Role of Iterative Improvement in Warfare

Part of the dialog and debate about cyber security and warfare concerns the question about whether cyber exploits become obsolete in the course of their first use. While the question centers on whether vulnerabilities can be patched immediately following their initial identification, the issue also carries implications regarding the iterative improvement of technologies. Actual battle experience, the presence of functional feedback loops, and dedication to improvement pave the way for iterative advances to keep pace ahead of changing challenges and environments. It is this iterative cycle that sometimes leads to rapid cumulative advances and effectively “revolutionary” effects, and this is actually part of a pattern that can be identified through historical study. In this case study, the revolutions of the chambers in Samuel Colt’s progressively improving firearms of the 1830s and 1840s provide a window on the connection between iteration and revolution, a question that deserves continued attention and consideration when turning to security and warfare in the digital realm.

Jan. 28, 2016

Cybercrime and State-sponsored Cyber Operations

Adversarial countries’ cybercrime and state sponsored cyber operations could easily be the same coin – just different views. The reason is very simple. Cyber criminals are specialists in luring people to disclose their secrets and open doors to user accounts to allow the perpetrator to use the access for their purposes. If a country adversarial to the US house cyber-criminal activity that targets the US -meanwhile the country itself pursued innovative ways to gather intelligence about the US it is likely that someone sees an opportunity.