Officials in U.S. federal and state governments need to consider and address the possible cyber risks stemming from the current civilian unrest, cyber experts advise. Until now, the federal government, especially, has had a foreign intelligence focus, said Adm. Michael Rogers, USN (Ret.).
The Cyber Edge
It is no secret that the U.S. government is grappling with cybersecurity issues across its organizations and agencies. The good news is that the government has an auditing agency that investigates possible weaknesses or cybersecurity gaps and makes key recommendations to rectify problems: the U.S. Government Accountability Office, known as GAO.
Germany, the United States and many other nations are facing a more diverse, complex, quickly evolving and demanding security environment than at any time since the end of the Cold War. The resulting challenges to national and international security and stability could be as harmful to societies, economies and institutions as conventional attacks.
The U.S. Army’s universal, reprogrammable encryption chip is in final testing and may be destined for the service’s next-generation encryption fill device, other military services or possibly even the commercial sector.
The REprogrammable Single Chip Universal Encryptor (RESCUE) technology was developed to be a government-owned, general-purpose cryptographic module and architecture that is highly tailorable to counter emerging cryptographic threats. It uses standardized encryption algorithms designed by the National Security Agency (NSA) and the National Institute for Standards and Technology.
The U.S. Army upped the tempo when Gen. Mark Milley, USA, fired off his first message to the force in August 2015 as the newly sworn-in Army Chief of Staff: “Readiness for ground combat is—and will remain—the U.S. Army’s No. 1 priority.” Today, Gen. Milley is the chairman, Joint Chiefs of Staff, and the Army has rebuilt its tactical readiness through a transformational process that it is now expanding to focus on strategic readiness.
Emerging technology, state actors such as Russia and China, and nonstate actors including ISIS, are often quoted as some of the greatest threats to computer and network security. But before the United States can engage with these threats effectively, the war against words must take place.
One place to start is by eliminating the word “cyber” as a descriptor. The term has been used and overused, manipulated and exploited so many times and in so many places, it has become meaningless. What individuals or organizations mean or want when they use it is impossible to say. It’s time to scrap the word altogether and instead specify technical concepts at a more granular level.
December’s news of yet another highly sophisticated break into U.S. government agencies’ cyber systems didn’t come as a surprise to the Government Accountability Office. The government’s auditing agency investigates possible weaknesses or cybersecurity gaps and makes key recommendations to rectify problems. In some ways, it saw this coming.
The European Union has released a new EU Cybersecurity Strategy designed to bolster Europe's collective resilience against cyber threats and help to ensure that all citizens and businesses can fully benefit from trustworthy and reliable services and digital tools, according to a published announcement.
Cyber attacks against the Defense Department and many other organizations have increased dramatically during the COVID-19 pandemic, but the integration of cyber threat intelligence has helped the department defend its networks, according to Col. David Violand, deputy director of intelligence, Joint Forces Headquarters-Department of Defense Information Network (DODIN).
Col. Violand made the comments during the AFCEA TechNet Cyber conference, a virtual event held December 1-3.
Because U.S. adversaries likely will be able to use quantum computers within the next several years, Defense Information Systems Agency (DISA) officials are beginning to explore quantum-resistant technologies and the role the agency might play in developing or deploying those technologies.
Massive amounts of sensitive information on U.S. citizens are being collected, created, shared, bought and sold, and in some cases used as a weapon by the country’s adversaries, according to a panel of experts speaking at the AFCEA TechNet Cyber conference, a virtual event held December 1-3.
The information is gathered and sold by companies such as Facebook and Google and the producers of a wide range of applications, programs and technologies.
Electronic implants in the brain or other parts of the body may be more efficient and effective due to a recent breakthrough by researchers at the University of Delaware. The advance potentially offers a wide array of biotechnology benefits and could also allow humans to control unmanned vehicles and other technologies with the brain.
The U.S. Defense Department is developing a machine learning tool that can more quickly detect cyber intrusions and enable a more rapid response.
Speed will be the order of the day for military information systems as new technologies incorporate breakthrough innovations. Hardware also will transform as capabilities grow in influence. But above all, the entire defense information system community is undergoing major cultural changes spawned by a combination of innovation and disease.
U.S. data protection and its relationship to national interests are swiftly evolving. One reason this trend will continue, cybersecurity specialists say, is that other nations see cyberspace differently than the United States and other democracies. Rather than incorporating technology into their societies as a tool, they use cybersecurity—both offensively and defensively—to support their different views and overall significantly challenge U.S. interests.
It is not necessary for a leader to be the most brilliant person in an organization but to foster innovation and ensure those with big ideas are given opportunities to succeed, according to Vice Adm. Nancy Norton, USN, the Defense Information Systems Agency (DISA) director and the commander for the Joint Forces Headquarters-Department of Defense Information Network (JFHQ-DODIN).
The U.S. military is rapidly pursuing Joint All-Domain Command and Control, known as JADC2, as a way to confront near-peer adversaries China, Russia and other nations. The effort requires innovative computing, software and advanced data processing; emerging technologies such as artificial intelligence, cloud and 5G communications; along with integration of the military’s existing legacy systems. Leaders have learned that to fully implement JADC2, they have to shed some of the military’s old practices.
When the U.S. Army conducts its Multi-Domain Operations Live experiment in the Indo-Pacific region next year, it will mark the first time the service has undertaken a full-scale technology development experiment in a combat theater. The goal is to assess technologies under the same conditions they will face in times of war, rather than in a stateside setting.
Nanotechnology continues its march through the field of electronics, enabling faster and more energy-efficient computer processors, larger computer memory density and increased battery capacity. These ever-shrinking micro and nanodevices require advanced manufacturing methods to produce. Atomic-scale processing refers to a collection of these methods that may be used to deposit and remove material at the smallest scales, a single atomic layer at a time.
During an October 27 telephonic roundtable discussion with reporters, Lt. Gen. John Morrison, USA, Army Deputy Chief of Staff, G-6, revealed four pillars for the restructured office. They include building a unified network; posturing signal, cyber and electronic warfare forces for multidomain operations; reforming and operationalizing cybersecurity processes; and driving effective and efficient network and cyber investments.
The recently completed Network Modernization Experiment (NetModX) included an army of autonomous agents unleashed in defense of the network and in some cases also protected other artificial intelligence (AI) technologies.
NetModX is a science and technology experiment held July 20-October 2 at Joint Base McGuire-Dix-Lakehurst, New Jersey. The science and technology experiment provides lessons learned for Army acquisition decisions, science and technology specifications, requirements and strategies necessary to modernize the force. Systems that performed well this year might ultimately end up in the Army’s arsenal as part of the capability sets to be fielded in 2023 and 2025.
Automation software tools are being under-utilized, especially in the U.S. Defense Department. While the department has purchased and used automated scanning tools for security and compliance, it has been slow to adopt automation for many other tasks that would benefit from the capability, such as easing software deployment and standardization and, once developed, increasing the speed of overall automation.
While the world was facing the rapid and deadly spread of the severe acute respiratory syndrome coronavirus 2, most commonly known as COVID-19, malicious cyber attackers were also at work, increasing the number of attacks, switching methods, taking advantage of the boom in Internet, network and email users, and playing on fears during the uncertain time, cybersecurity experts say. Companies struggling to maintain operations are still leaving gaps in digital security, they warn.
When it comes to nefarious deeds, the COVID-19 pandemic has been a gold mine for bad actors. In addition to wreaking havoc for individuals and healthcare organizations, federal agencies are also prime targets. Case in point: a portion of the Department of Health and Human Services’ (HHS) website was recently compromised, in what appears to be a part of an online COVID-19 disinformation campaign.
In a time of heightened cyber risk and limited human and fiscal resources, how can agencies protect their networks from malicious actors by taking a page from the COVID playbook? They can diligently practice good (cyber) hygiene.
In fact, there is a direct correlation between personal and cyber hygiene.
The U.S. Navy is focusing on parallel development of its new digital assets and capabilities as it works to rush advanced information innovations to the fleet. With the need for better technologies increasing coincidental to the rapidly evolving threat picture, the Navy has opted for concurrence as its main tool for implementing both upgrades and innovations.
Users need to transition all networked computing from the commercial central processing unit addiction to pure dataflow for architecturally safe voting machines, online banking, websites, electric power grids, tactical radios and nuclear bombs. Systems engineering pure dataflow into communications and electronic systems can protect them. The solutions to this challenge are in the users’ hands but are slipping through their fingers. Instead, they should grab the opportunity to zeroize network attack surfaces.
The two-factor authentication schema is often heralded as the silver bullet to safeguard online accounts and the way forward to relegate authentication attacks to the history books. However, news reports of a phishing attack targeting authentication data, defeating the benefits of the protection method, have weakened confidence in the approach. Furthermore, hackers have targeted account recovery systems to reset account settings, yet again mitigating its effectiveness. Facilitating additional layers of security is crucial to bolstering user account protection and privacy today and into the future.
Cybersecurity is now a significant area of focus and concern for senior leaders who have witnessed cyber events that have resulted in significant financial and reputational damage. However, for many organizations, data defense continues to be a technology-focused effort managed by the technical “wizards.” Board of director discussions often zero in on describing the latest cyber threats rather than taking a long-range approach.
But cybersecurity is more than a technical challenge. Enterprise risk management (ERM) is an effective tool to assess risks, including those with cyber origins, but few businesses or agencies use the technique for this purpose, cyber experts assert.
The future of U.S. technology likely will be cyber-heavy with innovative breakthroughs erupting from several areas such as telecommunications and digital ledger capabilities. Many of these disruptive technologies have policy ramifications either in their development or their implementation. The federal government must consider aspects such as regulatory issues, privacy, economic competitiveness and security requirements.
The cloud computing infrastructure at the Intelligence Advanced Research Projects Activity allowed the organization to pivot to a new teleworking norm during the pandemic that’s not much different than the old norm. The organization has conducted business as usual, hiring program managers, adding office directors, creating and killing programs, and continuing to meet the intelligence community’s technology needs.
Catherine Marsh, director of the Intelligence Advanced Research Projects Activity, known as IARPA, was told on March 12 to “lean forward,” and she did, allowing almost the entire staff to telecommute beginning the next day. Even contractors work from home legally, securely and effectively.
Today’s identity management is fragmented and decentralized, relying on a lot of different systems to authenticate people and manage identities. Organizations use a variety of disjointed tools from passwords and smart cards to biometrics. Instead, organizations should pursue a more holistic approach.
China’s global moves to gain technological hegemony over 5G and reshape the Internet to suit its own needs offer the potential to give the Middle Kingdom control over the telecommunications market and information itself. At the very least, it would achieve market dominance. But at most, it would control both the nature of the Internet and the information that flows through it, say Internet experts.
Second of a two-part report.
The Cyber Solarium Commission, a congressionally chartered panel of expert policymakers, was created to tackle cyber conflict in the same way its Truman-era predecessor addressed the Cold War confrontation between the United States and the Soviet Union. An article in SIGNAL Magazine’s August issue (“Leaders Seek a Grand Strategy for Cybersecurity") explored the commission’s theory of deterrence by denial and how it embraced the concept of resilience.
The U.S. Army’s wearable authentication tokens intended for the tactical environment could be used for nontactical purposes, such as accessing strategic-level systems, enterprise networks and medical systems, researchers say.
The U.S. Army’s technology assessment experiment known as Cyber Blitz has grown beyond its cyber roots. Beginning next year, when it will be held in the Indo-Pacific region, the exercise will be known as Multi-Domain Operations (MDO) Live.
The Defense Information Systems Agency is searching for talented personnel in a broad array of career fields, including information technology, science and engineering, program and project management, contracting and acquisition and human resources—and the effort to recruit those personnel virtually is gaining steam.
Less than a year old, the San Antonio-based LevelUp Code Works Software Factory is succeeding in starting to “break the mold” of Defense Department software development. The factory, which had its grand opening last December, is providing key cyber-related products to U.S. military cyber organizations, says Lt. Col. John Priestly, program manager and materiel leader, Unified Platform Program; and director, LevelUp Code Works Software Factory.
The state of the U.S. cybersecurity industrial base is robust, including for numerous start-up companies exploring new and, in some cases, pioneering cybersecurity technologies. Members of the AFCEA International Cyber Committee say the infusion of cybersecurity technologies and innovations originating in friendly countries and allies such as Israel, the United Kingdom and Australia certainly support this strength.
The U.S. Army is attacking defensive cyber operations from the laboratory. It is focusing new research efforts, including autonomous network agents, on ensuring cyber resiliency in the battlespace.
Some of this work builds on related efforts long underway at the Combat Capabilities Development Command Army Research Laboratory (ARL). Other thrusts aim at exploiting capabilities that are within reach but not yet ready to field. Still more are areas of research that have been given greater emphasis reflecting the more urgent need for cyber resilience.
The U.S. Army has spent the last two years pursuing a modernized integrated tactical network, or ITN, that supports increased mobility, resiliency and capabilities. Now, the service has a focus toward making sure that the modernization of that network can enable joint all-domain command and control, or the concept of JADC2. The service is preparing to fight seamlessly across the sea, land, air, space and cyberspace, or multidomain operations, by 2028.
When the first Solarium Commission convened in 1953, it had the task of helping Former President Dwight D. Eisenhower and his cabinet colleagues assess the threat from the Soviet Union after the death of Joseph Stalin and agree on a strategic U.S. response. Three teams of policy experts put together three competing policy models: containment, confrontation and roll-back. Former President Eisenhower famously chose containment, a strategy based on the deterrence of Soviet military power and a norms-based alliance with Western Europe.
For many, the issue of cyber resilience conjures up thoughts of conducting military operations in a denied environment. But the COVID-19 pandemic has added another dimension. The importance of cyber resilience to everyday activities has been illustrated through the changes wrought by the coronavirus. As the need for online telework and related efforts continues to expand, so do the attack vectors leveraged by cyber marauders.
The COVID-19 pandemic brings with it a new set of cyber vulnerabilities built around lifestyle changes throughout society, and these vulnerabilities cry out for new means of cyber resiliency. “It’s quite possible that historians will remember COVID-19 as one of the very important civilizational turning points,” says Alexander Kott, chief scientist of the Army Research Laboratory and Army ST for cyber resilience. “COVID-19 is acting as a forcing function. It forces us to accelerate the transition to a more virtual society than we were before, and it is accelerating the trend that was occurring before COVID-19 but was happening more slowly and less noticeably.”
Although the world is still in the midst of the coronavirus disease 2019 pandemic, technology experts agree lessons the infection teaches about cybersecurity and resilience are emerging. As people don masks to decrease the likelihood of germs entering their bodies, they also must put barriers in place to protect their networks. And, just as they prepare for how they will rebound from the illness or economic downturns, they must examine their options for life after the pandemic.
Next week, the U.S. Army’s 101st Airborne Division will begin testing a software repository that allows the downloading of up-to-date software systems and patches. The effort is one of thee major initiatives to resolve the service’s challenges in updating and securing systems to enhance operational readiness.
Maj. Gen. Mitchell Kilgo, USA, commanding general, Army Communications-Electronics Command (CECOM), reported the effort during the final day of the virtual Army’s 2020 Signal Conference, which is hosted by AFCEA.
In response to the teleworking boom resulting from the COVID-19 pandemic, the Defense Information Systems Agency (DISA) dramatically increased network capacity, expanded access to virtual private networks and adopted new online collaboration tools, allowing thousands of Defense Department personnel to safely and securely work from home.
Addressing the audience tuning into the Army’s 2020 Signal Conference, which is sponsored by AFCEA and streamed online, Vice Adm. Nancy Norton, USN, the agency’s director, reported that the agency never shut down and never stopped working during the ongoing pandemic.
The U.S. Defense Department by the end of the calendar year will release an initial zero trust architecture to improve cybersecurity across the department, says Vice Adm. Nancy Norton, USN, director, Defense Information Systems Agency, and commander, Joint Force Headquarters-Department of Defense Information Network.
Norton’s agency, commonly known as DISA, is working with the National Security Agency, the Department of Defense (DOD) chief information officer and others on what she calls an initial “reference” architecture for zero trust, which essentially ensures every person wanting to use the DOD Information Network, or DODIN, is identified and every device trying to connect is authenticated.
Protecting critical data is paramount to the Army’s vision for command-centric network operations, which will allow commanders to more easily understand what is happening on the operational network and more rapidly make decisions for the network’s defense, says Lt. Gen. Stephen Fogarty, USA, commander, U.S. Army Cyber Command.
Gen. Fogarty made the comments in a pre-recorded address as part of the virtual Army’s 2020 Signal Conference, which is hosted by AFCEA.
Network data collection, analysis and sharing are core to cyber defense, and Tinisha McMillan is on a mission to improve all three.
As division chief for the Cyber Situational Awareness and NetOps Division within the Defense Information Systems Agency (DISA), McMillan is responsible for building and providing cyber analytics and tools to enhance the department’s cyber information sharing to protect the Department of Defense Information Network (DODIN).
The U.S. Army Cyber Command is transferring some of its cyber defense responsibilities for the service’s networks to the Army Network Enterprise Technology Command, commonly known as NETCOM. The change, which officially took effect on June 1, transfers authority for the Army’s worldwide regional cyber centers to NETCOM, allows Cyber Command to increase its focus on electronic warfare and information operations and provides one primary point of contact for warfighters in need of network support.