Cybersecurity Tactics Must be Overhauled

February 29, 2012
By Maryann Lawlor
E-mail About the Author

Amazing anecdotes kept the audience entertained during the lunch session at the AFCEA International Homeland Security Conference. The experts spoke about a serious subject: cyberwar. But the stories about their hands-on experiences in learning how to fight cyberwars, how they've fought cyberthreats and what they believe is needed to prepare future cyberwarriors kept conference attendees enthralled. Among the panelists was Maj. T.J. O'Connor, USA, 10th Special Forces Group (A), S-6. While attending the U.S. Military Academy, Maj. O'Connor had some time on his hands that led him to learn how best to defeat cyberattacks. He and his fellow cadets would spend the little free time they had playing the now nearly 20-year-old video game Command and Conquer and attempting to defeat one another's large armies with their own large armies. Admittedly not being one to follow the rules, the major decided to spend all of his virtual dollars on training one character, Tanya, a Russian special operations soldier, rather than taking the tradition route of pitting large forces against his enemies. His adversaries, who had chosen to fight with large armies using state-of-the-art strategies, were constantly amazed that he was able to win time and time again by sending Tanya up against their massive forces. This free-time hobby turned out to be strangely predictive of the adversaries he would face during his career in cyberspace. "Once trained, Tanya would take out entire infantry brigades. Also difficult with Tanya was that she was a single entity, so the enemy finding her on the battlefield to engage her was nearly impossible," Maj. O'Connor explained. "It was absolutely entertaining to watch as I would destroy Gen. Schwarzkopf wannabes with one single soldier. They were totally upset that their strategy and tactics that they had trained were totally ineffective against my no strategy at all. That's where we're at in cyber today. It's a completely asymmetric platform that favors the adversary; it favors the individual," he stated. But Maj. O'Connor did not leave the audience hanging. He shared the lessons he learned from this experience, saying that today's cyber battlefield requires an asymmetric defense. To deploy an effective defense, cyberwarriors must understand the offense. "Our individual defenders must be offenders first," he stated. Pointing out some failed cybersecurity approaches, the major proposed that a unified defense leads to a unified failure. Although sole-source solutions have advantages, they also can be a weakness if they are deployed across all networks. "If we reduce our investment in one line of defense, we have reduced our adversary's R&D to break into it to nothing," he stated.

Enjoyed this article? SUBSCRIBE NOW to keep the content flowing.

Share Your Thoughts: