Where Should The Pentagon Focus In Cyberspace?

Uploaded on 2017-11-30 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW

The cyber domain as an operational environment is still relatively new, and the US Department of Defense is still working out tactics, techniques, procedures and authorities in cyberspace for military operations.

But despite the DoD and NATO declaring cyberspace a domain of warfare, “nobody has defined what that means,” said Alex Crowther, of the National Defense University.

Recently at the annual conference of the Association of the US Army, he called for a circumscribed mission set, as forces can’t be everywhere all the time. Lagos would swallow the entire US Army, he said, using the Nigerian city as a physical analogy to cyberspace, which he noted would swallow all of the DoD’s cyber capability.

“There are pressures for DoD to do more in cyberspace. But if DoD was to do that, you would be frittering away cyber capability,” Crowther asserted. “It’s like going into a city and leaving two guys at every street corner, and pretty soon you don’t have a reaction platoon. Your combat power is frittered away.”

So, what are appropriate mission sets and spheres for operation in cyberspace for the military? Crowther offered four: crime, intelligence, information and operations.

The crime space for the DoD is quite limited, he said, but the agency needs to operate in this space given actors use cyberspace to commit crimes via hacking against the DoD and the defense industrial base; a prominent example of the latter is the theft of F-35 plans from its contractor.

The Pentagon needs to operate in the crime cyberspace to fight crimes involving DoD personnel, such as the misuse of DoD assets, he added.

On the intelligence space, he said that virtually all aspects of intelligence will eventually be cyber-enabled. This means that while traditional intelligence operations such as terrorist network analysis would be done the old-fashioned way, the big-data analysis of the intelligence would be the cyber-enabled portion.

Cyber intelligence itself, he added, would be the hack of the Office of Personnel Management (announced in 2015) where all of the intelligence operation is performed in cyberspace.

Like cyber intelligence, more information operations are becoming cyber-enabled, Crowther said. The 2016 hack of the Democratic National Committee would be cyber-enabled, but not entirely cyber-based, Crowther said, because while cyber was the means of extracting the data, it was disseminated through print outlets such as The New York Times.

The Islamic State group, he noted, has a different view of information operations than that of the US military, and it might be worth taking a page from the group’s book. The US military executes information ops in support of operations, whereas ISIS performs operations in support of information ops.

In other words, the military will perform an objective and relay the results back to a central location for dissemination via a news release. Conversely, ISIS will scout an objective prior to an attack to determine the best place from which to capture footage to later post online.

He also offered a common complaint of activity in the “information” space: Actors and nations such as Russia conduct information operations below the threshold of triggering a military response. “You’ve heard of the gray zone. That’s exactly what those operations are designed to do: Create an effect without triggering a crossing-over into a military response,” Crowther said.

The last sphere of cyberspace where the military should exist is operations, according to Crowther. He split this between conventional operations and special operations, but noted he has been informed by officials there is no such thing as cyber special operations.

However, he contended, if one looks at the definition of special operations from the joint publication on special ops and compares it to certain cyber operations, “it’s very clear that things like the Stuxnet operation meet many of the criteria of being a special operation.”

Conventional cyber operations include the dropping of  “cyber bombs” on ISIS, as described by former Secretary of Defense Ash Carter. These are designed to disrupt the group’s command-and-control capability.

Cyber-enabled operations involve elements of cyber with conventional military activity, such as Russia’s invasion of Georgia, said Crowther. This saw the use of conventional ground and air operations against the Georgian military in concert with cyber operations to attack command, control and communications.

Contrast that to the attack against the Estonian government, which was a distributed denial-of-service attack against its infrastructure; that would be an entirely cyber operation, Crowther said.

He also discussed cyber-enabled special ops, citing a Pakistani operation as an example. Forces performing reconnaissance in Mumbai had GoPro cameras mounted to them to survey the routes for intel on terrain. During the execution phase, which was remotely run from Pakistan, mission controllers monitored traditional and social media in India, steering the teams away from Indian security forces.

Federal Times

You Might Also Read: 

US Ready To Fight Hybrid War By 2030:

Overconfident: US Will Win A Cyber War With China In 2017:

Modern Fiction: A Novel  Is Required Reading At The Pentagon:

Cybersecurity: The Human Dynamic:

 

 

« US Ready To Fight Hybrid War By 2030
Poor North Korea Is A Cyber Superpower »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Northbridge Insurance

Northbridge Insurance

Northbridge is a leading Canadian business insurance provider. Services offered include Cyber Risk insurance.

Latvian Information & Communications Technology Association (LIKTA)

Latvian Information & Communications Technology Association (LIKTA)

LIKTA brings together leading Latvian companies, organizations and professionals in the field of Information & Communications Technology

Beryllium InfoSec Collaborative

Beryllium InfoSec Collaborative

Beryllium InfoSec Collaborative is an information security and cyber security company with 40-plus years of experience across industry & government.

GCHQ Apprenticeships

GCHQ Apprenticeships

GCHQ, the UK intelligence and security organisation, offers a unique three-year Cyber Security Degree Apprenticeship with employment on successful completion.

LOGbinder

LOGbinder

LOGbinder eliminates blind spots in security intelligence for endpoints and applications.

SyferLock Technology Corp.

SyferLock Technology Corp.

SyferLock is an innovative provider of next-generation authentication and security solutions.

Elisity

Elisity

Elisity Cognitive Trust is a new security paradigm that combines Zero Trust Network Access and an AI-enabled Software Defined Perimeter.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

Airgap Networks

Airgap Networks

Airgap is fixing the fundamental flaw of excessive trust. We help enterprises modernize their network for a simple and secure infrastructure.

Omega Systems

Omega Systems

Omega Systems is a leading managed service provider (MSP) and managed security service provider (MSSP) to mid-market organizations.

Protecto

Protecto

Make privacy and governance effortless. Brakes allow you to drive faster. Stronger data privacy and security enable companies to unlock the full potential of the data.

SecureWeb3

SecureWeb3

SecureWeb3 helps businesses and brands to secure their Web3 presence by offering a full suite of security services including training, consultancy & brand protection solutions.

Center for Cyber Security Studies & Research (CFCS2R)

Center for Cyber Security Studies & Research (CFCS2R)

CFCS2R's mission is to empower individuals, organizations, and governments with the knowledge and tools necessary to protect against cyber threats.

CoinCover

CoinCover

Blockchain technology is changing everything. However, it brings its own set of unique risks. Coincover ensures everyone is protected, enabling them to innovate freely, without constraints.

Dialog Enterprise

Dialog Enterprise

Dialog Enterprise is the corporate ICT solutions arm of Dialog Axiata, Sri Lanka’s leading connectivity provider.

System Two Security

System Two Security

System Two Security automates detection engineering and threat hunting.