August 22, 2023 — As revisionist powers seek to disrupt the international order and cyber threats to critical infrastructure persist, the Department of Defense (DoD) must effectively position its cyber forces and capabilities to defend against cyber-attacks before they hit the homeland. An attack against the US power grid could result in multiple failures in life-sustaining infrastructure and significantly impact Joint Force power-projection capabilities. U.S. Northern Command (USNORTHCOM) must work closely with U.S. Cyber Command (USCYBERCOM) to orchestrate federal and non-federal stakeholders’ cyber authorities, capabilities, and equities to posture DoD cyber forces to respond with speed and agility. However, the myriad of federal cyber laws, regulations, authorities, and public and private sector stakeholder equities could impede DoD’s response efforts. National cybersecurity is “a team sport,” but players tend to use different playbooks or play by different rules. Tools such as a DoD “Complex Catastrophe Cyber Stakeholders, Communications, Authorities, and Narratives” (C3 SCAN) framework could enable USNORTHCOM and USCYBERCOM to foster collaboration, validate plans and orders, enumerate and prioritize mission-relevant terrain in cyberspace, and ensure readiness for Defense Support to Cyber Incident Response (DSCIR). MORE
|
August 22, 2023 — The need to understand cyber vulnerabilities and information in real time is imperative and often mission-critical in battlefield scenarios. As technologies continue to evolve, a need arises for more time-efficient and effective solutions within the cyber domain. With the growing popularity of synthetic environment technologies such as Augmented Reality (AR), Virtual Reality (VR), and Mixed Reality (MR) in a variety of fields, the question emerges: How can applications of this technology be applied to the field of cyber and what impact can they have? In this article, we survey the body of knowledge, both theoretical and empirical, of existing works exploring AR, VR, and MR technologies as solutions to common cyber challenges, as well as discuss the advances, gaps, and opportunities of this technology within the cyber domain. MORE
|
August 22, 2023 — This article provides an overview of updates to the Dyadic Cyber Incident and Campaign Dataset (DCID). Whereas most efforts to catalogue cyber incidents focus on curated lists and attack typologies, the DCID uses a standardized set of coding procedures consistent with best practices in social science. As a result, the analysis reveals there is a tendency to exaggerate the use and impact of cyber operations, obscuring their role as an instrument of disruption, espionage, and sabotage, and complements to larger coercive campaigns. The article outlines the construction of version 2.0, which documents rival, state-to-state use of cyber operations as an instrument of power. The expanded dataset introduces additional incidents based on various web-searching methods and human coder cross-validation while also adding new variables for ransomware, supply chain attacks, and connections to ongoing information operations. DCID 2.0 contains 429 incidents representing a critical attempt to scope the domain of conflict among strategic rivals. MORE
|
August 22, 2023 — Whichever country successfully harnesses AI throughout its military first may obtain both a decisive advantage while also changing the character of war for future generations. Therefore, it is vital for the US to be the first to employ autonomous weapons systems in an operational environment. The Cyber Mission Forces have an urgent and operational need to augment its forces with autonomous and semi-autonomous cyberspace capabilities to meet its ever-expanding mission objectives. Exempting autonomous cyberspace capabilities in Department of Defense Directive (DODD) 3000.09 will (1) provide near-term benefits that avoid the path of a hollow Cyber force but (2) may create legal implications that could undermine the directive. MORE
|
August 22, 2023 — How many personnel in the Department of Defense (DoD) can create and use com-puter code? Using what coding languages? How well? These are straightforward questions, but the answers are unknown, particularly to the personnel management system. The answers could also be a critical part of solving one of the DoD’s thorniest problems: filling the ranks of the US military’s cyber forces.
In an increasingly cyber-dependent and volatile world with fierce recruitment competition from the private sector, the DoD needs to be more creative in recruiting, training, and retaining cyber talent. To date, the primary focus of the DoD has been attracting cyber talent from outside. However, as the DoD is America’s largest employer with 2.91 million employees, it is essential that it also recruits internally to see if already hired personnel can fulfill DoD cyber talent needs.
MORE
|
August 22, 2023 — Unchecked, proxy hacking attacks will further undermine the rule of law in cyberspace and increasingly threaten if not cause ir¬reparable harm to the international community. Unabated, proxy hacker attacks will spread disinformation, undermine public confidence in governments and diminish the ability of countries to maneuver freely in cyberspace.
The US should prioritize efforts to continue to defend forward and impose costs on proxy hackers and their supporters. Meanwhile, specific application of deterrence and compellence theories against proxy hacker efforts by Russia, combined with an effort to further develop international law and norms will help combat the problem. Over time, the use of proxy hackers may diminish under the pressure of such sustained efforts by the US and its partners.
MORE
|
August 22, 2023 — In his introduction to the Fall 2022 issue of The Cyber Defense Review (CDR), COL Jeff Erickson, the Army Cyber Institute (ACI) director at the time, opened with, “The only constant in life is change,” a phrase credited to the ancient Greek philosopher Heraclitus. COL Erickson went on to relate this idea via a list of impactful changes that had occurred within the Army’s Cyber Community in the decade since the ACI’s founding in 2012. Three years earlier, the Secretary of Defense had directed the establishment of U.S. Cyber Command as a subordinate unified command under U.S. Strategic Command, followed in 2010 by the stand-up of the U.S. Army Cyber Command. COL Erickson recounted that during this period, “the Army was trying to figure out the best approach to address the uncertain environment and growing demand for deeper understanding” in cyberspace. In my estimate, the Army saw risk in the uncertainty and took action to address and mitigate that risk by directing the creation of the ACI at West Point. Internally, the creation of the ACI was carried out by members of the Department of Electrical Engineering and Computer Science (EECS). MORE
|
April 7, 2023 — Richard A. Clarke and Robert K. Knake’s book The Fifth Domain: Defending our Country, our Companies, and Ourselves in the Age of Cyber Threats (2019) ex-plains “why raising the alarm on cyber threats is warranted, and… lays out a plan for how the worst outcomes can be avoided.” Both Clarke and Knake provide unique perspectives on potential cyber threats as both have served as members of multiple presidential administrations’ Department of Defense and Homeland Security staffs. Richard Clarke “drafted the first national strategy on cybersecurity that any nation ever published.” With a foundational understanding of cyber policy im¬plementation, both Clarke and Knake capitalize on their experience to create a superb¬ly-crafted plan to reinforce corporations' cyber readiness, increase governmental focus and impact on cyber security, develop lasting and successful cyber policies, increase personal cyber security, and share their perspectives on critically important issues like¬ly to surface in the near future. This review highlights Clarke and Knake’s key assertions about establishing lasting cyber peace, and their views on implementing the proposed segmented plan. MORE
|
April 7, 2023 — China’s use of cyberspace is a significant threat to US relative power in an inherently dangerous and anarchic international system. Despite the clear threat, the US limits its own deterrent potential by maintaining a narrow view of cyberspace, applying a restrictive understanding of cyber attribution, and conceding to the influences of its own strategic culture. By prioritizing deterrence over other competing interests, while also adopting a broader view of the domain and a more stratified view of cyber attribution, the US can improve its ability to take the type of consistent, credible, and decisive action needed to deter China's aggression in cyberspace. MORE
|
April 7, 2023 — Modern multi-domain battle involves not only physical threats like IEDs, but also, increasingly, cyber threats. The enemy may jam or intercept communication signals, or hack electronics including navigation systems and drones. Thus, all military lead¬ers - not just signal/cyber specialists - now require some awareness of tactical cyber resources and vulnerabilities. Physical threats come more readily to mind due to their frequency, and because their effects are so salient to the senses. Cyber threats have less historical precedence and are less ‘visible’ (“out of sight, out of mind”). We developed a task (Problem Anticipation Task: PAT) to gauge the degree to which future Army officers automatically anticipate cyber as well as non-cyber tactical threats. They read a hypothetical mission description and tried to anticipate up to 25 problems that could arise. The mission description explicitly mentioned several cyber-vulnerable components (e.g., radios, navigation systems, drones, biosensors). Yet 39% of these “digital native” participants failed to list a single cyber issue, and only 8% of anticipated issues were cyber-related. The PAT allowed us to assess a baseline regarding our readiness to anticipate cyber vulnerabilities, and can be used in future to assess the effectiveness of training interventions to raise cyber situation¬al understanding. MORE
|