Dec. 19, 2024

GenAI in the 2024 Taiwan Presidential Election: Lessons for Democracies

This article examines the use of generative artificial intelligence (GenAI) in disinformation campaigns during the 2024 Taiwan presidential election, with a focus on the People’s Republic of China’s (PRC) tactics and Taiwan’s countermeasures. PRC state and non-state actors utilized GenAI to produce subtle and less detectable disinformation, including deepfakes and biased language models. Taiwan’s curated response to PRC-affiliated information threats feature legislative actions, media literacy initiatives, and development of its own GenAI tools, such as the Trustworthy AI Dialogue Engine (TAIDE) language model, to safeguard its cultural values. Despite the PRC’s efforts, Taiwanese sentiment toward the PRC remains largely neutral or negative, demonstrating resilience in Taiwan’s democratic processes. The study further explores the global implications of GenAI in disinformation campaigns, drawing parallels with Russian tactics and examining the role of U.S. technology firms in countering these threats. Taiwan’s multifaceted response offers valuable insights for other democracies facing similar challenges in the evolving landscape of information warfare.

Dec. 19, 2024

Embracing Memory-Safe APIs for C2 Systems

Information exchange between systems relies on secure implementation of Application Program Interfaces (APIs). This is especially true for modern Joint All-Domain Command and Control (JADC2) efforts. Unfortunately, many mission-critical systems implement APIs with programming languages that are not memory safe. We discuss how the use of these inherently insecure languages creates strategic and tactical risk for Department of Defense (DoD) command and control, artificial intelligence, and legacy systems. Furthermore, we present a set of recommendations for migrating to modern programming languages or mitigating risks from languages that lack memory safety.

Dec. 19, 2024

Forward Persistence in Great Power Cyber Competition: Military Assets in a Relative Power Erosion Framework

The United States, the People’s Republic of China (PRC), and Russia are engaged in strategic competition below the threshold of armed conflict. Cyberspace is its principal medium. America’s relative power stature is under non-stop cyber duress from these rivals. Protecting America’s three main peacetime power sinews – its economic edge; domestic political cohesion and electoral system confidence; and public trust in protection of personal privacy and security – from the subversive and corrosive cyber activities by Great Power rivals requires an array of U.S. government agencies, especially the U.S. military. The new era of Great Power strategic competition has fragmented the internet and rendered inadequate America’s historical preference for an orderly, law-based framework that manages cyber-competition. The U.S. needs to focus on a Relative Power Erosion Framework featuring persistent engagement and a hunt forward posture. USCYBERCOM-led cyber campaigns are necessary in the short-term for effective American strategic cyber competition. In the longer-term, unique American military capabilities for persistent cyber engagement should be replaced with those in selected civilian governmental agencies more befitting of a ‘new normal’ for endemic cyber-competitive interactions among the Great Powers.

July 30, 2024

Special Edition on Data in the Cybersecurity Landscape

In an age where digital data reigns supreme, its safeguarding and strategic utilization have become paramount to maintaining effective cybersecurity. This special edition of The Cyber Defense Review delves into the multifaceted roles that data plays within the cybersecurity landscape, offering a comprehensive exploration of emerging technologies, innovative frameworks, and strategic approaches to enhance data security and leverage its potential.

July 30, 2024

Leadership Matters

There are significant opportunities and challenges ahead for our people and teams, as well as for our future operations and technologies. Future cyber forces will neither resemble nor operate like today’s forces. Operational concepts are changing. We are experiencing revolutionary changes in technology, and much of that change applies both to the government and commercial sectors and can be used for good or evil. Thus, this note is a call for every cyber leader to exercise the fundamentals of leadership to ensure that our cyber force into the future will remain unequaled.

July 30, 2024

Cyber Data Sanitization: A Cyber Revival at the Heart of the Next Data Battle

Data pollution is the degradation of the digital environment by data that can be considered as waste or a nuisance. These data can be naturally produced by digital systems for their operation or linked to human activities in the digital space. Data pollution is likely to affect the health of digital systems leading to degradation or interference with operations in cyberspace. The battle against data pollution can be won through the optimization of data processing.

July 30, 2024

The Importance of Analytic Superiority in a World of Big Data and AI

Rapid advances in machine learning, deep learning, artificial intelligence (AI), large language models, and generative AI have accelerated efforts to leverage these technologies for military advantage. We refer to these and related technologies as analytics. We present a framework as a guide to achieving “analytic superiority,” which is the operational advantage obtained through the ability to collect data required for analytics; build useful, performant, and robust analytic models; and deploy analytic models in operational systems to achieve objectives, while exploiting or denying an adversary’s ability to do the same. Analytic superiority is best understood in the context of the analytic capabilities of one’s adversaries, who also collect data, build models, and deploy them to achieve their own objectives and defeat the analytics of their adversaries. U.S. cyberspace superiority, which is foundational to military advantage in the physical domains, now depends on prevailing in analytic competition with adversaries and thus requires adopting a strategy and processes to achieve analytic superiority.

July 30, 2024

Emerging Technologies for Data Security in Zero Trust Environments

Zero Trust (ZT), simply defined, is an information security framework which monitors and protects users, assets, resources, and data on a network by positively verifying all activity and never trusting anything by default. With the push to implement ZT across the public and private sectors, this transition between cybersecurity paradigms must be accomplished in a manner that is robust and enduring. This article examines emerging technologies most likely to impart the largest impact on ZT architectures (ZTAs), so that we better anticipate the pluses and minuses that will accompany those technologies. The discussion here focuses on data security, and the potential of each technology to affect security and protection across the lifecycle of data as it is generat¬ed, collected, transmitted, utilized, and stored. Technologies appraised include differ¬ential privacy, confidential computing, homomorphic encryption, quantum technolo¬gy, biological technology, blockchain, and alternative computing methods.

July 30, 2024

An Introduction to Quantum Computing and Its Applications

Winning is much easier if you have an edge, whether that be better personnel, strategy, and/or technology. Quantum Information Science (QIS) - which includes quantum sensing, networking, communications, and computing - provides a technology that both tactical and strategic commanders will leverage to seize the initiative and create positions of advantage. Optimizing the exploitation of quantum technology will require that senior leaders understand enough about the technology and its fast-evolving applications to outmaneuver and outthink our adversaries. This does not require expertise in all facets of QIS, any more than a computer user needs to know computer design. This article attempts to be an introduction to quantum technology and some of its potential uses in the military operational environment.

July 30, 2024

Data as Ammunition – A New Framework for Information Warfare

This article presents a new framework for thinking about data and the risks posed to national security. Taking issue with the prevailing analogy of “data as oil,” this article argues that viewing data as ammunition provides a clearer understanding of the real threats and a familiar path toward risk mitigation in the information space. The “data as ammunition” analogy carries a better intuitive depiction of the risk and why, in the days of increasing storage which keeps data easily accessible seemingly forever, categorizing data through the lens of ordnance classifications can help clarify the risks to force and national security. We close this article with recommendations to adapt current privacy, security, and commercial policies to mitigate the new risks to force and personnel on and off the battlefield.