An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

The Cyber Defense Review


1 2 3 4 5 6 7 8 9 10 ... 38

Rethinking US Concepts and Actions in Cyberspace

April 7, 2023 — China’s use of cyberspace is a significant threat to US relative power in an inherently dangerous and anarchic international system. Despite the clear threat, the US limits its own deterrent potential by maintaining a narrow view of cyberspace, applying a restrictive understanding of cyber attribution, and conceding to the influences of its own strategic culture. By prioritizing deterrence over other competing interests, while also adopting a broader view of the domain and a more stratified view of cyber attribution, the US can improve its ability to take the type of consistent, credible, and decisive action needed to deter China's aggression in cyberspace. MORE

What Types of Tactical Vulnerabilities Do Future Officers Most Anticipate

April 7, 2023 — Modern multi-domain battle involves not only physical threats like IEDs, but also, increasingly, cyber threats. The enemy may jam or intercept communication signals, or hack electronics including navigation systems and drones. Thus, all military lead¬ers - not just signal/cyber specialists - now require some awareness of tactical cyber resources and vulnerabilities. Physical threats come more readily to mind due to their frequency, and because their effects are so salient to the senses. Cyber threats have less historical precedence and are less ‘visible’ (“out of sight, out of mind”). We developed a task (Problem Anticipation Task: PAT) to gauge the degree to which future Army officers automatically anticipate cyber as well as non-cyber tactical threats. They read a hypothetical mission description and tried to anticipate up to 25 problems that could arise. The mission description explicitly mentioned several cyber-vulnerable components (e.g., radios, navigation systems, drones, biosensors). Yet 39% of these “digital native” participants failed to list a single cyber issue, and only 8% of anticipated issues were cyber-related. The PAT allowed us to assess a baseline regarding our readiness to anticipate cyber vulnerabilities, and can be used in future to assess the effectiveness of training interventions to raise cyber situation¬al understanding. MORE

Machine Learning Applications for Cybersecurity

April 7, 2023 — The trope of future cybersecurity as a battle between warring artificial intelligences awaits the development of artificial general intelligence. In the interim, however, machine learning is being applied to several cybersecurity problem sets. This article looks more closely at how machine learning is transforming cybersecurity, considering the examples of authentication and masquerade, spam filtering and spam, antimalware and malware, and intrusion detection and intrusion. Machine learning is adding new capabilities for cyber defense and in most cases is useful in conjunction with other approaches. At present, machine learning applications for cyber offense remain primarily proofs of concept. MORE

Conventional Retaliation and Cyber Attacks

April 7, 2023 — On July 27, 2021, President Joe Biden warned, in a speech at the Office of Director of National Intelligence, that “I think it's more than likely we're going to end up, if we end up in a war - a real shooting war with a major power - it's going to be as a consequence of a cyber breach of great consequence and it's increasing expo-nentially, the capabilities.” Most analysts view the president’s hypothetical scenario as unlikely for two reasons. First, attributing cyberattacks is often challenging, making retaliation difficult, if not im¬possible. Cyberattacks are commonly anonymous, hard to trace, and may be triggered long after they were set up. Moreover, they are often carried out not by states but by criminal entities, hacker groups, or other non-state actors, which sometimes but not always are affiliated with or sponsored by states. The practical and political window for overt retalia¬tion closes if a cyberattack cannot be directly and timely attributed to a state. Second, and importantly, most cyberattacks do not have strategic effects. The preponderance of cyberat¬tacks are either distributed denial-of-service (DDOS) attacks (meant to disrupt, blackmail, or extort), or they are efforts to collect information through a combination of hacking and malware. Even attacks attributable to a state usually fall below the threshold for conven¬tional retaliation. MORE

Gaining Competitive Advantages in Cyberspace

April 7, 2023 — Cyberspace has characteristics that differ from air, land, maritime, and space domains, which affect how the Joint Force operates and defends it. Fast-moving innovations are transforming the character of warfare in cyberspace, requiring novel technology in¬tegration. Effective integration of breakthrough technologies in autonomy, artificial intelligence, and machine learning into cyberspace can enable competitive advantages to be gained that enhance the combat power of joint forces conducting multi-domain operations. These technologies help shorten the sensor-to-shooter pathway to acceler¬ate and optimize decision-making processes. These technologies also permit the en¬hancement of cyber situational understanding from the ingest, fusion, synthesis, anal¬ysis, and visualization of big data from varied cyber data sources to enable decisive, warfighting information advantage via the display of key cyber terrain with relevance in the commander’s area of operations at the tactical edge. These technologies engen¬der actionable information and recommendations to optimize human-machine deci¬sion-making via autonomous active cyber defense to effectively execute command and control while informing resourcing decisions. Competitive advantages gained allow key actions to be taken to generate, preserve, and apply informational power against a relevant actor while also permitting maneuver through the information environment. MORE

Countermeasures as Lightning, not a Lightning Bug: Illuminating the Legal Doctrine

April 7, 2023 — Mark Twain famously observed that the difference between the “right word and the almost right word is the difference between lightning and a lightning bug.” Similarly, here, the term ‘countermeasures’ has a particular textual meaning under international law. It is not an unfettered privilege that can be conjured at any whim—especially in the cyber domain. Definitionally, countermeasures are a limited set of responses available to an injured State responding to an aggressor State’s behavior; further, these responses would otherwise be unlawful but for the aggressor State’s “un¬friendly” and illegal actions. In a previous Cyber Defense Review article, Dr. Nori Katagiri outlined challenges to implementing countermeasures in cyberspace from a perspective of active defense. For purposes of his article, he defined countermeasures as “a set of responses toward verified attackers within a reasonably short period of time.” He also discussed the challenges of implementing an active defense approach from a strategic and political perspective. Yet “countermeasures,” as described by Dr. Katagari (i.e., an active defense cyber strategy, which we will refer to as “active defense perspective” for this paper), are quite different from “countermeasures” as traditionally defined under international law. As a legal matter, countermeasures are responses to unfriendly state actions that would otherwise be un¬lawful but for the responsible State’s misconduct. As articulated in Tallinn Manual 2.0, an “injured State” engages in countermeasures to induce the “responsible State” to cease its wrongful behavior. MORE

Expeditionary Cyberspace Operations

April 7, 2023 — As the pace of change in cyberspace operations and the nature of cyberspace forces continues to increase, the demand for innovative solutions to warfighters’ needs and improved lethality of the joint force shows no signs of slacking, and the concepts and frameworks established just a few years ago to meet these needs have evolved to keep pace. The Cyber Mission Force is tasked to handle national and combatant commander priorities, working from garrison, or deployed when necessary. As the Cyber Mission Force reached full mission capacity, including concomitant changes to their alignment and command and control, additional capability and capacity were required, including, ultimately, calls for additional types of cyberspace forces. In particular, there is a growing need for cyberspace forces that deploy within the physical domains. This article introduces and defines the term Expeditionary Cyber¬space Operations (ECO) to standardize terminology for these tactical maneuver units operating across the competition continuum. MORE

Establishing the Conditions of Engagement with Machines

April 7, 2023 — We begin our discussion of “autonomy” with its Western meaning for the hu¬man individual: “to be autonomous is to govern oneself, to be directed by considerations, desires, conditions, and characteristics that are not simply imposed externally upon one.” Autonomy is “the capacity to impose upon ourselves, by virtue of our practical identities, obligations to act.”1 Similarly, extending au¬tonomy to machines is a partial release from external control that comes with obligations to act. That’s the easy part. Until the last decade, machines with no human in the loop had very limited repertoires of actions they could take, turning on the pump when they detected the water was rising. From that set of inherent constraints came reliability and understandability. As is obvious, we are transiting an inflection point where machines are gaining trained reasoning capac¬ity that can allow problem-solving without a human in the loop. Even the training can be self-administered: the autonomy of self-modification. MORE

Leadership in the Digital World

April 7, 2023 — Welcome to the Spring CDR. We proudly announce that the CDR has a new home with the West Point Press. This reorganization aligns with the vision of the 15th Dean of the Academic Board, BG Shane Reeves, for West Point to be “the intellectual engine of the Army.” At the unveiling of the West Point Press in January 2023, BG Reeves asserted, “Our faculty and cadets are conducting re¬search that impacts some of the Nation’s toughest problems and most pressing issues … producing scholarship [with] major impacts across academia, the Army, and the world.” The CDR will continue its special relationship with the Army Cyber Institute (ACI) at West Point. MORE

The Only Constant is Change…

November 14, 2022 — The ancient Greek philosopher Heraclitus is credited with the quote “The only constant in life is change.” While Heraclitus was certainly not thinking of cyberspace or modern technologies, it occurs to me that he may have been onto something with respect to the larger world of cyber related issues as we have seen continual evolution since the founding of the Army Cyber Institute (ACI) at West Point. This Fall marks ten years since the creation of the ACI by the Secretary of the Army, John McHugh, and the Chief of Staff of the Army, General Raymond Odierno, in 2012 to serve as “a national resource for research, advice, and education in the cyber domain, engaging military, government, academic, and industrial cyber communities in impactful partnerships to build intellectual capital and expand the knowledge base for the purpose of enabling effective Army cyber defense and cyber operations.” MORE

1 2 3 4 5 6 7 8 9 10 ... 38