Where Should The Pentagon Focus In Cyberspace?

Uploaded on 2017-11-30 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW

The cyber domain as an operational environment is still relatively new, and the US Department of Defense is still working out tactics, techniques, procedures and authorities in cyberspace for military operations.

But despite the DoD and NATO declaring cyberspace a domain of warfare, “nobody has defined what that means,” said Alex Crowther, of the National Defense University.

Recently at the annual conference of the Association of the US Army, he called for a circumscribed mission set, as forces can’t be everywhere all the time. Lagos would swallow the entire US Army, he said, using the Nigerian city as a physical analogy to cyberspace, which he noted would swallow all of the DoD’s cyber capability.

“There are pressures for DoD to do more in cyberspace. But if DoD was to do that, you would be frittering away cyber capability,” Crowther asserted. “It’s like going into a city and leaving two guys at every street corner, and pretty soon you don’t have a reaction platoon. Your combat power is frittered away.”

So, what are appropriate mission sets and spheres for operation in cyberspace for the military? Crowther offered four: crime, intelligence, information and operations.

The crime space for the DoD is quite limited, he said, but the agency needs to operate in this space given actors use cyberspace to commit crimes via hacking against the DoD and the defense industrial base; a prominent example of the latter is the theft of F-35 plans from its contractor.

The Pentagon needs to operate in the crime cyberspace to fight crimes involving DoD personnel, such as the misuse of DoD assets, he added.

On the intelligence space, he said that virtually all aspects of intelligence will eventually be cyber-enabled. This means that while traditional intelligence operations such as terrorist network analysis would be done the old-fashioned way, the big-data analysis of the intelligence would be the cyber-enabled portion.

Cyber intelligence itself, he added, would be the hack of the Office of Personnel Management (announced in 2015) where all of the intelligence operation is performed in cyberspace.

Like cyber intelligence, more information operations are becoming cyber-enabled, Crowther said. The 2016 hack of the Democratic National Committee would be cyber-enabled, but not entirely cyber-based, Crowther said, because while cyber was the means of extracting the data, it was disseminated through print outlets such as The New York Times.

The Islamic State group, he noted, has a different view of information operations than that of the US military, and it might be worth taking a page from the group’s book. The US military executes information ops in support of operations, whereas ISIS performs operations in support of information ops.

In other words, the military will perform an objective and relay the results back to a central location for dissemination via a news release. Conversely, ISIS will scout an objective prior to an attack to determine the best place from which to capture footage to later post online.

He also offered a common complaint of activity in the “information” space: Actors and nations such as Russia conduct information operations below the threshold of triggering a military response. “You’ve heard of the gray zone. That’s exactly what those operations are designed to do: Create an effect without triggering a crossing-over into a military response,” Crowther said.

The last sphere of cyberspace where the military should exist is operations, according to Crowther. He split this between conventional operations and special operations, but noted he has been informed by officials there is no such thing as cyber special operations.

However, he contended, if one looks at the definition of special operations from the joint publication on special ops and compares it to certain cyber operations, “it’s very clear that things like the Stuxnet operation meet many of the criteria of being a special operation.”

Conventional cyber operations include the dropping of  “cyber bombs” on ISIS, as described by former Secretary of Defense Ash Carter. These are designed to disrupt the group’s command-and-control capability.

Cyber-enabled operations involve elements of cyber with conventional military activity, such as Russia’s invasion of Georgia, said Crowther. This saw the use of conventional ground and air operations against the Georgian military in concert with cyber operations to attack command, control and communications.

Contrast that to the attack against the Estonian government, which was a distributed denial-of-service attack against its infrastructure; that would be an entirely cyber operation, Crowther said.

He also discussed cyber-enabled special ops, citing a Pakistani operation as an example. Forces performing reconnaissance in Mumbai had GoPro cameras mounted to them to survey the routes for intel on terrain. During the execution phase, which was remotely run from Pakistan, mission controllers monitored traditional and social media in India, steering the teams away from Indian security forces.

Federal Times

You Might Also Read: 

US Ready To Fight Hybrid War By 2030:

Overconfident: US Will Win A Cyber War With China In 2017:

Modern Fiction: A Novel  Is Required Reading At The Pentagon:

Cybersecurity: The Human Dynamic:

 

 

« US Ready To Fight Hybrid War By 2030
Poor North Korea Is A Cyber Superpower »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DoD Cyber Crime Center (DC3) - USA

DoD Cyber Crime Center (DC3) - USA

DC3 is a US Department of Defense (DoD) center of excellence for Digital and Multimedia forensics.

Centrify

Centrify

Centrify’s Next-Gen Access is an identity & access management solution that uniquely converges Identity-as-a-Service, enterprise mobility management and privileged access management.

CloudInsure

CloudInsure

CloudInsure is a Cloud Insurance platform designed to specifically address emerging liabilities within the Cloud environment.

Sucuri

Sucuri

Sucuri have offered holistic website security solutions since 2008 including malware removal, malware monitoring and website protection services.

Armadillo Sec

Armadillo Sec

Armadillo provide penetration testing and vulnerability assessment services.

AppViewX

AppViewX

AppViewX is a global leader in the management, automation and orchestration of network services in data centers.

Secure Decisions

Secure Decisions

Secure Decisions focus on research and product development related to national security including information assurance, computer network defense, cyber security education, and application security.

MASS

MASS

MASS provides world-class capabilities in electronic warfare operational support, cyber security, information management, support to military operations and law enforcement.

Wayra

Wayra

Wayra connects Telefónica and technological disruptors around the world. As their preferred strategic partner, we scale them up to accelerate their business and ours.

Advent One

Advent One

Advent One are recognised for solving intricate dilemmas, not only making technology work but building foundations that customers can grow upon in an effective and secure way.

ITQ Latam

ITQ Latam

ITQ Latam are specialists in cybersecurity, in a convergent ecosystem of technological solutions in infrastructure, cloud and security networks.

Barquin Solutions

Barquin Solutions

Barquin Solutions is a full-service information technology consulting firm focused on supporting U.S. federal government agencies and their partners.

London AI Safety Research (LASR)

London AI Safety Research (LASR)

London AI Safety Research Labs is a technical AI Safety research programme focussed on reducing the risk of loss of control to advanced AI.

Canary Technology Solutions (Canary IT)

Canary Technology Solutions (Canary IT)

A Cloud, Cyber Security, Retail Solutions and Managed IT Services provider for over 25 years, we safeguard and revolutionise business through technology and foresight.

Unosecur

Unosecur

Unosecur is a comprehensive identity security platform that addresses identity-related threats in multi-cloud and on-premise environments.

TekStream Solutions

TekStream Solutions

TekStream accelerates clients’ digital transformation by navigating complex technology environments with a combination of technical expertise and staffing solutions.