April 7, 2023 — Mark Twain famously observed that the difference between the “right word and the almost right word is the difference between lightning and a lightning bug.” Similarly, here, the term ‘countermeasures’ has a particular textual meaning under international law. It is not an unfettered privilege that can be conjured at any whim—especially in the cyber domain. Definitionally, countermeasures are a limited set of responses available to an injured State responding to an aggressor State’s behavior; further, these responses would otherwise be unlawful but for the aggressor State’s “un¬friendly” and illegal actions.
In a previous Cyber Defense Review article, Dr. Nori Katagiri outlined challenges to implementing countermeasures in cyberspace from a perspective of active defense. For purposes of his article, he defined countermeasures as “a set of responses toward verified attackers within a reasonably short period of time.” He also discussed the challenges of implementing an active defense approach from a strategic and political perspective. Yet “countermeasures,” as described by Dr. Katagari (i.e., an active defense cyber strategy, which we will refer to as “active defense perspective” for this paper), are quite different from “countermeasures” as traditionally defined under international law. As a legal matter, countermeasures are responses to unfriendly state actions that would otherwise be un¬lawful but for the responsible State’s misconduct. As articulated in Tallinn Manual 2.0, an “injured State” engages in countermeasures to induce the “responsible State” to cease its wrongful behavior.
MORE
|
April 7, 2023 — As the pace of change in cyberspace operations and the nature of cyberspace forces continues to increase, the demand for innovative solutions to warfighters’ needs and improved lethality of the joint force shows no signs of slacking, and the concepts and frameworks established just a few years ago to meet these needs have evolved to keep pace. The Cyber Mission Force is tasked to handle national and combatant commander priorities, working from garrison, or deployed when necessary. As the Cyber Mission Force reached full mission capacity, including concomitant changes to their alignment and command and control, additional capability and capacity were required, including, ultimately, calls for additional types of cyberspace forces. In particular, there is a growing need for cyberspace forces that deploy within the physical domains. This article introduces and defines the term Expeditionary Cyber¬space Operations (ECO) to standardize terminology for these tactical maneuver units operating across the competition continuum. MORE
|
April 7, 2023 — We begin our discussion of “autonomy” with its Western meaning for the hu¬man individual: “to be autonomous is to govern oneself, to be directed by considerations, desires, conditions, and characteristics that are not simply imposed externally upon one.” Autonomy is “the capacity to impose upon ourselves, by virtue of our practical identities, obligations to act.”1 Similarly, extending au¬tonomy to machines is a partial release from external control that comes with obligations to act. That’s the easy part.
Until the last decade, machines with no human in the loop had very limited repertoires of actions they could take, turning on the pump when they detected the water was rising. From that set of inherent constraints came reliability and understandability. As is obvious, we are transiting an inflection point where machines are gaining trained reasoning capac¬ity that can allow problem-solving without a human in the loop. Even the training can be self-administered: the autonomy of self-modification.
MORE
|
April 7, 2023 — Welcome to the Spring CDR. We proudly announce that the CDR has a new home with the West Point Press. This reorganization aligns with the vision of the 15th Dean of the Academic Board, BG Shane Reeves, for West Point to be “the intellectual engine of the Army.” At the unveiling of the West Point Press in January 2023, BG Reeves asserted, “Our faculty and cadets are conducting re¬search that impacts some of the Nation’s toughest problems and most pressing issues … producing scholarship [with] major impacts across academia, the Army, and the world.” The CDR will continue its special relationship with the Army Cyber Institute (ACI) at West Point. MORE
|
November 14, 2022 — The ancient Greek philosopher Heraclitus is credited with the quote “The only constant in life is change.” While Heraclitus was certainly not thinking of cyberspace or modern technologies, it occurs to me that he may have been onto something with respect to the larger world of cyber related issues as we have seen continual evolution since the founding of the Army Cyber Institute (ACI) at West Point.
This Fall marks ten years since the creation of the ACI by the Secretary of the Army, John McHugh, and the Chief of Staff of the Army, General Raymond Odierno, in 2012 to serve as “a national resource for research, advice, and education in the cyber domain, engaging military, government, academic, and industrial cyber communities in impactful partnerships to build intellectual capital and expand the knowledge base for the purpose of enabling effective Army cyber defense and cyber operations.” MORE
|
November 14, 2022 — We live in an increasing cyber enabled world where more of our lives are monitored, assessed, and controlled by forces and decisions that function largely in the background and with little appreciation for the risks that we assume as a result. Absent fundamental rethinking as to how we incorporate Information Age technologies into the fabric of our daily lives, we will increasingly find ourselves reaching a point of no return as more complex technologies such as AI and greater ubiquity of cyber technologies inherent in the Internet of Things (IoT) continue to proliferate in cyberspace. To manage these technologies, we still rely on organizations and processes rooted in the 18th century to confront threats that move across the globe in milliseconds. It is no wonder that we find ourselves in a defensive battle and in a position of great disadvantage. MORE
|
November 14, 2022 — In March 2021, Russia began to deploy large numbers of troops and armaments near the Russia-Ukraine border in what Western observers believed posed an invasion threat to Ukraine, which Russia strongly denied. An intense debate in the West ensued over whether the troops were being deployed to pressure Ukraine into making political concessions or to conduct an actual invasion.
Noting previous Russian offensive cyber operations against Ukraine starting as early as 2014, many cyber analysts and scholars predicted that an invasion would be accompanied by significant cyberattacks on Ukraine and possibly on Western nations supporting Ukraine, including particularly the US. For example, Maggie Miller wrote in Politico that “in a full-scale cyber assault [on Ukraine], Russia could take down the power grid, turn the heat off in the middle of winter and shut down Ukraine’s military command centers and cellular communications systems.”1 Samuel Charap of the RAND Corporation thought the most likely Russian response to Western economic sanctions would be a cyber operation that temporarily shut down some major Western banks. MORE
|
November 14, 2022 — National security communities cannot protect all their information. Yet the exigencies of cyber security and identified network vulnerabilities are trumping more strategic consideration of information protection, and national security communities have found it difficult to adhere to clear and defensible information protection principles. A more strategic approach would focus on identifying and prioritizing the most important organizational information; a defense that aligns information security resources to the most important information, with a clear view of the actions needed to protect against the intelligence capabilities of strategic competitors; and, established mechanisms for situations when preventive security measures will so often fall short, which include standing deception plans and well-coordinated reparative measures. Without defensible principles, the immense cyber security investments being made will not have the desired information security effect. MORE
|
November 14, 2022 — It is conceivable and probable that today’s adversaries have contemplated and recruited for event scenarios in which a physical crisis is pre-ignited by a series of more carefully orchestrated cyber incidents. As extremist groups grow bolder and attract younger more technology-astute prospects, there will be a convergence where both logical and physical attacks methods are used in concert towards a singular goal. These will be much more complex and targeted than the typical diversionary tactics we are prepared for today.
This new breed of threat is multi-modal; it takes advantage of the operational silos between organizations, whether those are departments within a corporation, supply chains or competitors across an industry, regional government agencies across a nation, or multiple governing nations across a global coalition. Planning such complex executions requires extremely intimate knowledge of the disparate targets and their relationships. MORE
|
November 14, 2022 — You would be hard pressed to find a room full of office typists in any present-day corporate setting. Office typists (who reached an apex in the mid-20th century) employed fast typing skills, a mastery of language and grammar, and the ability to take real-time dictation through shorthand.1 However, with the advent of personal computers and email, the speed of business required leaders to improve their own typing and communication skills. Those that embraced these skills quickly outperformed those that failed to adapt. Today, office typists are obsolete; their skills are now integral to everyone in an organization.
Similarly, today’s business leaders rely on teams of data scientists to manage, analyze, and model large amounts of data to inform decisions. Will data scientists one day sustain a fate similar to office typists? It may be too early to make such a prediction. Nonetheless, to compete in the near-future global market, leaders–military and civilian alike–will need to adapt these skills and become data literate with deep knowledge of data capabilities. MORE
|