Search:  

 Blog     e-Newsletter       Resource Library      Directories      Webinars
AFCEA logo
 

Viewpoint

Resolving the Critical Infrastructure Cybersecurity Puzzle

March 1, 2014
By George Kamis

The nation’s critical infrastructure and industrial-control systems have become such potential high-value targets for terrorists that their vulnerability threatens the fabric of society. And, as they increase in both importance and vulnerability, these systems cannot be protected using conventional information security measures.

The targets are electrical grids, transportation networks, water systems, oil/gas pipeline operations and other vital resources that serve in the interests of the U.S. economy and the public good—not to mention public safety—every day. Concerns are rising about reported increases in compromise incidents within these systems, coupled with advancements in the “sophistication and effectiveness of attack technology,” according to the Government Accountability Office (GAO). The number of incidents reported by federal agencies to the U.S. Computer Emergency Response Team has surged 782 percent from 2006 to 2012, the GAO reports.

Such attacks can “cause major economic losses, contaminate ecological environment and, even more dangerously, claim human lives,” according to a research report from the University of California, Berkeley. And, industrial control systems (ICS) lie at the heart of this vulnerability.

Global events have triggered the cautionary warnings. Among the most notorious was Stuxnet in 2010, which damaged uranium-enrichment centrifuges in Iran by infecting the country’s nuclear ICS network. In 2012, the Shamoon virus attacked Saudi Arabia’s state oil company, Saudi Aramco, replacing crucial system files with an image of a burning U.S. flag and overwriting essential data with what then-U.S. Defense Secretary Leon Panetta described as “garbage data.” Panetta added that the incident was the most destructive attack the business sector has seen to date, as more than 30,000 computers were rendered useless.

Readying for Third-Generation Defense Systems

January 1, 2014
By Paul A. Strassmann

The U.S. Defense Department now is advancing into the third generation of information technologies. This progress is characterized by migration from an emphasis on server-based computing to a concentration on the management of huge amounts of data. It calls for technical innovation and the abandonment of primary dependence on a multiplicity of contractors.

Interoperable data now must be accessed from most Defense Department applications. In the second generation, the department depended on thousands of custom-designed applications, each with its own database. Now, the time has come to view the Defense Department as an integrated enterprise that requires a unified approach. The department must be ready to deal with attackers who have chosen to corrupt widely distributed defense applications as a platform for waging war.

When Google embarked on indexing the world’s information, which could not yet be achieved technically, the company had to innovate how to manage uniformly its global data platform on millions of servers in more than 30 data centers. The Defense Department has embarked on creating a Joint Information Environment (JIE) that will unify access to logistics, finance, personnel resources, supplies, intelligence, geography and military data. When huge amounts of sensor data are included, the JIE will be facing two to three orders of magnitude greater challenges to organizing the third generation of computing.

JIE applications will have to reach across thousands of separate databases that will support applications to fulfill the diverse needs of an interoperable joint service. Third-generation systems will have to support millions of desktops, laptops and mobile networks responding to potentially billions of inquiries that must be assembled rapidly and securely.

The Failing of Air Force Cyber

November 1, 2013
By 1st Lt. 
Robert M. 
Lee, USAF

The U.S. Air Force cyber community is failing for a single fundamental reason: the community does not exist. In 2010, the communications community began to be identified as the cyber community. An operational cyberspace badge was created, and those who previously had been communications professionals now were seen as cyberwarriors. This change did not effectively take into account that cyber and communications are two distinct fields and should be entirely separate communities.

When attempting to identify cyber operators, it is impossible to look at the cyber Air Force specialty codes (AFSCs) as an indicator. In the officer ranks, only a small fraction ever takes part in on-keyboard or operational missions where the effects of cyber are leveraged for exploitation, attack or defense. Yet, all of the personnel wear the badge and identify themselves, some cynically so, as part of the cybercommunity.

This faux community creates problems when trying to identify the personnel needed for a mission. It is a distinct way of thinking and set of skills that enables an operator to target adversary networks or take an active role in defense. As an example, many people consider themselves computer network defense operators and are consulted as such. Yet, often they participate in more of a communications or maintenance role. They establish, maintain and oversee networks. This is a very important role—maybe even more important than a defense operator’s role when done correctly—but it is different. Applying vendor-issued software patches is not defense; it is maintenance.

A Longtime Tool of the Community

October 1, 2013
By Lewis Shepherd

What do modern intelligence agencies run on? They are internal combustion engines burning pipelines of data, and the more fuel they burn the better their mileage. Analysts and decision makers are the drivers of these vast engines; but to keep them from hoofing it, we need big data.
 
The intelligence community necessarily has been a pioneer in big data since inception, as both were conceived during the decade after World War II. The intelligence community and big data science always have been intertwined because of their shared goal: producing and refining information describing the world around us, for important and utilitarian purposes.

Let’s stipulate that today’s big-data mantra is overhyped. Too many technology vendors are busily rebranding storage or analytics as “big data systems” under the gun from their marketing departments. That caricature rightly is derided by both information technology cognoscenti and non-techie analysts.

I personally understand the disdain for machines, as I had the archetypal humanities background and was once a leather-elbow-patched tweed-jacketed Kremlinologist, reading newspapers and human intelligence (HUMINT) for my data. I stared into space a lot, pondering the Chernenko-Gorbachev transition. Yet as Silicon Valley’s information revolution transformed modern business, media, and social behavior across the globe, I learned to keep up—and so has the intelligence community.

Twitter may be new, but the intelligence community is no Johnny-come-lately in big data. U.S. government funding of computing research in the 1940s and 1950s stretched from World War II’s radar/countermeasures battles to the elemental electronic intelligence (ELINT) and signals intelligence (SIGINT) research at Stanford and MIT, leading to the U-2 and OXCART (ELINT/image intelligence platforms) and the Sunnyvale roots of the National Reconnaissance Office.

Another Overhyped Fad

October 1, 2013
By Mark M. Lowenthal

Director of National Intelligence Lt. Gen. James R. Clapper, USAF (Ret.), once observed that one of the peculiar behaviors of the intelligence community is to erect totem poles to the latest fad, dance around them until exhaustion sets in, and then congratulate oneself on a job well done.
 
One of our more recent totem poles is big data. Big data is a byproduct of the wired world we now inhabit. The ability to amass and manipulate large amounts of data on computers offers, to some, tantalizing possibilities for analysis and forecasting that did not exist before. A great deal of discussion about big data has taken place, which in essence means the possibility of gaining new insights and connections from the reams of new data created every day.

Or does it?

Some interesting assumptions about big data need to be probed before we dance some more around this totem pole. A major problem is the counting rules. Eric Schmidt, the chairman of Google, has said, “We create as much information in two days now as we did from the dawn of man through 2003.” He quantifies this as five exabytes of data (5 x 1018). Schmidt admittedly counts user-generated content such as photos and tweets, for example. All of this may be generated; but is it information, and more importantly, is it intelligence?

This data clearly is information—to someone—but very little of it would qualify as intelligence. It does qualify as a very large haystack in which there are likely to be very few needles that will be of use to anyone engaged in intelligence. To cite a more relevant example, the National Security Agency (NSA) programs lately in the news went through millions of telephone metadata records, which led to 300 further inquiries. The argument can be made that without the NSA metadata program, these leads might not have existed at all; but a means-and-ends argument remains over the larger big data claims.

Is Big Data the Way 
Ahead for Intelligence?

October 1, 2013

Another Overhyped Fad

By Mark M. Lowenthal

Director of National Intelligence Lt. Gen. James R. Clapper, USAF (Ret.), once observed that one of the peculiar behaviors of the intelligence community is to erect totem poles to the latest fad, dance around them until exhaustion sets in, and then congratulate oneself on a job well done.

One of our more recent totem poles is big data. Big data is a byproduct of the wired world we now inhabit. The ability to amass and manipulate large amounts of data on computers offers, to some, tantalizing possibilities for analysis and forecasting that did not exist before. A great deal of discussion about big data has taken place, which in essence means the possibility of gaining new insights and connections from the reams of new data created every day.

Or does it?

Read the complete perspective

A Longtime Tool of the Community

By Lewis Shepherd

What do modern intelligence agencies run on? They are internal combustion engines burning pipelines of data, and the more fuel they burn the better their mileage. Analysts and decision makers are the drivers of these vast engines; but to keep them from hoofing it, we need big data.

The intelligence community necessarily has been a pioneer in big data since inception, as both were conceived during the decade after World War II. The intelligence community and big data science always have been intertwined because of their shared goal: producing and refining information describing the world around us, for important and utilitarian purposes.

Read the complete perspective

Today's Intelligence Challenges Face 
a Distant Mirror

April 1, 2013
By Capt. D. Mark Houff, USN

An established superpower is dealing with multiple threats to its interests around the world. An emerging global economic and military/naval power is making its presence felt throughout the world, particularly in Asia. The intelligence community is confronted with a complex environment punctuated by socio-economic power shifts and revolutions in communications, commerce and transportation. World intelligence organizations face internal and external terrorist and anarchist threats as well as exploding population growth and resource competition in strategically critical regions. Compounding these challenges are intelligence budgets that range from uncertain to non-existent.

Global Positioning System
 Is a Single Point of Failure

October 1, 2012
By Capt. Charles A. Barton III, USAF

GPS vulnerabilities could be addressed with upgraded long-range navigation.

In an instant, one million people in Tel Aviv are vaporized. Hamas, the terrorist extremist group backed by Iran, has detonated a dirty bomb—a conventional explosive with radioactive material—and is attacking Israel with long-range rockets. Concurrently, the U.S. Air Force loses all communication with its Navigation System Timing and Ranging Global Positioning System satellites. Intelligence reports indicate that Iran has launched multiple antisatellite missiles that have destroyed several navigation satellites, effectively disabling the Global Positioning System.

This is a fictional scenario, but it may not be that far-fetched. The U.S. military must take into account the vulnerabilities of its Navigation System Timing and Ranging (NAVSTAR) Global Positioning System (GPS) and invest in a land-based system that provides the same capabilities.

Communications Electronics Can Be a Strategic Offensive Weapon

August 2012
By David J. Katz, SIGNAL Magazine

The United States and its allies have at their disposal an existing defense capability that can be employed as an effective weapon at the highest levels of conflict. The West's installed base of expertise in communications electronics can be harnessed as a strategic offensive weapon to constrain nation-states that seek to bypass the overwhelming superiority that the United States and its allies possess in conventional warfare.

Cybersecurity Policy and Strategy Need a Dose of Reality

June 2012
By Col. Alan D. Campen, USAF (Ret.), SIGNAL Magazine

Today’s approach to the issue of cybersecurity is totally wrong. For years, experts have been propounding similar solutions to the problem of securing the virtual realm. Yet, that realm is less safe today than it was when the first calls for improved security achieved urgent status. The changes that define cyberspace—and what cyberspace in turn has wrought on society—cry out for a new approach rather than add-on measures to the same strategies that continue to prove unsuccessful over the long term.

Pages

Subscribe to RSS - Viewpoint