The Battlefield Transformed

Uploaded on 2023-10-02 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW

The initial phase of warfare now often begins with the hacking of utilities and public entities, before the military aspect of war fighting is about to start. This disruption of infrastructure is the first strike in warfare with the aim to create chaos and disinformation.

Cyber warfare represents a fundamental transformation in the very nature of the concept of conflict, not only changing the weapons of modern conflict, but radically shifting the nature of the battlefield.

Cyber and electronic warfare are distinct entities as the former involves hackers using information systems and the Internet to disrupt or attack states or companies for strategic and military purposes. This can take multiple forms. A denial-of-service attack floods the target with traffic and/or data that triggers a crash intended to shut down a machine or network.

An advanced persistent threat is a network attack in which an unauthorised person accesses a network and remains undetected for a long period of time in order to steal data.

Malware is an overarching term for hostile or intrusive software, such as trojans, computer viruses, worms and ransomware, while spear phishing involves the deployment of fraudulent emails to induce a target into revealing confidential information.

Current Concerns

US intelligence officials believe that malware could give China the power to disrupt or slow American deployments, or resupply operations, including during a Chinese move against Taiwan. “The United States is challenged by malicious cyber actors who seek to exploit our technological vulnerabilities and undermine our military's competitive edge... They target our critical infrastructure and endanger the American people. Defending against and defeating these cyber threats is a Department of Defense (DoD) imperative,” say the US 2023 Cyber Strategy from the US Department of Defence.

Malware has recently been discovered in US military networks on Guam. This could suggest China’s strategy to disrupt military mobilisation at the outset of a conflict, but it is also a signal to significantly increase cyber security preparations, a top defense cyber official said.  

China’s “living off the land” techniques suggest a “theory of disrupting military mobilisation, but also sowing chaos in the United States and for the United States military,” Mieke Eoyang, the deputy assistant secretary of defense for cyber policy, told reporters Friday 15th Sept at the Defense Writers Group. “It is the second piece of that, the sowing chaos, that would cause harm to the American people that we find an anathema. That is not something that we, the United States military, would do to deliberately harm civilians with no military nexus there.”

The Pentagon expects adversaries to disrupt military mobility, but the ‘living off the land’ techniques, which use tools that are built in to a system or network to evade detection, could unduly harm civilians, she said:

“Our obligations under the laws of armed conflict would require us to have some kind of military necessity in the operations that we would conduct… and so we have some real concerns about what that activity might mean.” But China’s use of those tactics is also a call for broad adoption of zero-trust management tools “to better monitor and log network activity to be able to identify things that look anomalous, and be able to figure out if that's in fact, just something weird, or that's actually malicious activity on their networks,” Eoyang said.

The Pentagon wants to have a complete Zero Trust architecture by 2027 as a way to prevent insider threats. In particular, the new document  identifies zero trust as a way to “frustrate future malicious cyber activity” and as a bedrock for expanding cyber capabilities. It could also be essential to relaying classified information on the battlefield, as well as on bases and among offices across tye us defense establishment.

Defense One:     Atlantic Council:     US Army:     New York Times:     US Dept Of Defense:     DNYUZ:    

GlobalDefence:     Arthur D Little:     Grizzly                                               Image: Sashkinw

You Might Also Read: 

The Emerging Domain Of  Cyber War:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Neuromorphic Computing Changes Machine Learning
Cyber Criminals Exploit Legitimate Software »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CERT-SE

CERT-SE

CERT-SE is the national and governmental Computer Security Incident Response Team of Sweden.

XenArmor

XenArmor

XenArmor products include NetCertScanner, an enterprise software to scan & manage expired SSL Certificates on your local network or internet.

HUB International

HUB International

HUB is one of the largest insurance brokers in the world. HUB Risk Services provides the full range of expert consulting to identify risks, reduce exposure to loss and manage claims issues.

Intertek Group

Intertek Group

Intertek Group provides Assurance, Testing, Inspection and Certification services. Activities include cybersecurity testing and certification.

ECOLUX

ECOLUX

ECOLUX is a professional IoT security service company committed to developing world-leading “IoT Lifecycle Security” technologies and products.

GLESEC

GLESEC

GLESEC offer a complete range of Cyber Security services from Operations & Intelligence Services to Auditing & Compliance and Simulation and Training.

NuID

NuID

NuID is a pioneer in trustless authentication and decentralized digital identity.

Digital Craftsmen Ltd

Digital Craftsmen Ltd

We're ISO27001 & Cyber Essentials Cybersecurity experts, delivering full cloud security and managed services. We take a bespoke approach for each client from hosting, optimising & securing them online

Mindmajix Technologies

Mindmajix Technologies

Mindmajix is a live and interactive e-learning platform that offers professional online IT training in areas including cyber security.

Cybolt

Cybolt

Cybolt helps companies, organizations, and governments manage digital risks and live in an environment of confidence and certainty.

Qrypt

Qrypt

Qrypt has developed the only cryptographic solution capable of securing information indefinitely with mathematical proof as evidence.

Kintek Group

Kintek Group

Kintek Group provides cybersecurity and managed services to protect organizations from threats that exist inside and outside their networks.

RiskOptics

RiskOptics

RiskOptics (formerly Reciprocity) equips organizations with one of the most intuitive and powerful information security and cyber risk management solutions in the market.

FluidOne

FluidOne

FluidOne are an award-winning Connected Cloud Solutions provider. We design tailored solutions to help customers and partners digitally transform their IT and communications.

Semgrep

Semgrep

Semgrep is a fast, open-source, static analysis tool for profoundly improving software security and reliability.

Spec

Spec

Spec is the only no-code orchestration platform that protects enterprise fraud defenses from being blocked, bypassed, and manipulated by modern attack tactics.