Today’s battlefield is highly technical and dynamic. We are not only fighting people and weapons but also defending and attacking information at light speed. For mission success, the American warrior in the field and commanders up the chain need the support of highly adaptive systems that can quickly and securely establish reliable communications and deliver real-time intelligence anytime and anywhere.
The John S. McCain National Defense Authorization Act for Fiscal Year 2019 (NDAA 2019), passed by Congress on August 1 and signed by President Trump yesterday, takes cybersecurity a step further, with language affirming DOD’s role in defending against attacks and operating in cyberspace, the fifth warfare domain.
Although past NDAA legislation has included some provisions on DOD’s cyber role, this year’s bill specifies that the Secretary of Defense has the authority to conduct military cyber activities or operations in cyberspace—including clandestine activities—to defend the United States and its allies.
Recently, Secretary of State Michael Pompeo, in response to Executive Order 13800, released recommendations to the President of the United States on the subject of cybersecurity. Included was an emphasis both on domestic policy and international cooperation to achieve several key diplomatic, military and economic goals. The specific focus on international cooperation is a big step in the right direction. The United States has a chance to demonstrate international leadership on a complex issue, while setting the groundwork necessary to protect national interests.
The U.S. Army’s efforts to bring electronic warfare, information warfare and cyber capabilities into expeditionary forces is succeeding, Army leaders report. To better support tactical commanders, the service developed a pilot program in 2015 to add such capabilities to brigade combat teams (BCTs). In addition to providing equipment, abilities and authorities to BCTs, the service deployed cyber electromagnetic activities (CEMA) teams to support the initiative known as CEMA Support to Corps and Below (CSCB). The CEMA teams, under the guidance of the U.S. Army Cyber Command, provide training to brigade combat teams (BCTs) through National Training Center (NTC) rotations at exercises and home-base training.
Millions of times every single day, antagonists search for entry into the U.S. Defense Department’s networks. They come from all over: Russia, China, North Korea, Iran. Some are sponsored by nation-states; others are terrorist groups.
The U.S. Office of Management and Budget released a report this spring showing the abysmal state of cybersecurity in the federal government. Three-quarters of the agencies assessed were found to be “at risk” or “at high risk,” highlighting the need for a cyber overhaul. The report also noted that many agencies lacked “standardized cybersecurity processes and IT capabilities,” which affected their ability to “gain visibility and effectively combat threats.”
The U.S. Army Cyber Command’s successful consolidation of capabilities from cyber, intelligence, electronic warfare and signal forces may be the deciding factor in whether sophisticated adversaries prevail in the future battlespace, says Lt. Gen. Stephen G. Fogarty, USA, leader of the command.
Medical technologies such as electronic devices implanted or injected into the human body are the next growth area for hackers pursuing money or control of individual people. With nanotechnology implants already being used for some medical treatments, advances in their application could pose as great a cybersecurity threat as what faces the Internet of Things, experts say.
The U.S. Army’s major overhaul of its network may lead to a communications structure capable of conforming to an array of operational situations, including the possibility of providing offensive cyber and electronic warfare capabilities.
When Alexander Woody was born, his mother knew she needed to forge a new path career-wise. She enrolled in an associate's degree program at her local community college and studied computer programming.
“She hit that program really hard back in the '90s and was able to succeed,” says Woody, who is now an Army specialist working as a counter pursuit operator within the National Security Agency’s (NSA’s) Cybersecurity Threat Operations Center.
Spc. Woody ended up with the NSA after finding himself also at a career crossroad. He studied chemistry at North Carolina State University and sometimes tutors high school students struggling with chemistry. But he realized it wasn’t the right career choice for him.
Radiance Technologies Inc.,* Huntsville, Alabama, has been awarded a $19,776,547, cost-plus-fixed-fee completion contract for Small Business Cyber Security Operations Center (SB-CSOC). The scope of this effort is the development of a SB-CSOC capability. Unlike private security operations centers or managed security services providers, the SB-CSOC will provide direct integration with state and federal organizations and cyber mission forces, enabling small businesses to adopt best-of-breed cybersecurity strategies (such as those based on the National Institute of Standards and Technology Cybersecurity Framework). Work will be performed in Baton Rouge, Louisiana, and is expected to be completed by July 29, 2021.
The U.S. Navy is working to speed cyber capabilities to the force to keep up with both technology innovation and adversarial activities. Major obstacles can be found both internally and externally, and security concerns dominate all modernization efforts.
Northrop Grumman Systems Corp., McLean, Virginia, was awarded a $16,634,000 modification contract for non-personal Information Technology support services for the U.S. Army Regional Cyber Center-Europe. Work will be performed in Wiesbaden Erbenheim, Germany, with an estimated completion date of July 18, 2019. Fiscal year 2018 operations and maintenance Army funds in the amount of $2,000,000 were obligated at the time of the award. U.S. Army Contracting Command, Aberdeen Proving Ground, Maryland, is the contracting activity.
Fraud, waste, and abuse (FWA) remains a major challenge to the federal government. From 2012 to 2016, the 73 federal inspectors general (IGs), who are on the frontline of fighting FWA, identified $173 billion in potential savings and reported $88 billion in investigative recoveries and 36,000 successful prosecutions and civil actions.
The U.S. Department of Homeland Security’s Science and Technology Directorate is working to improve the resiliency of smartphones and other mobile technologies through directed research and development initiatives. Not as secure as office computers, mobile devices are becoming the preferred target for malicious actions by cyber adversaries. In many cases, smartphones, tablets and other electronic devices simply do not have the same protections available for more traditional computing technologies, experts say. The level of attacks also is moving “deeper down the mobile device stack,” from the application and mobile operating system layers to the hardware and infrastructure layers, according to the department.
It has become increasingly evident that artificial intelligence (AI) and machine learning (ML) are poised to impact government technology. Just last year, the General Services Administration launched programs to enable federal adoption of AI, and the White House encouraged federal agencies to explore all of the possibilities AI could offer. The benefits are substantial, but before the federal government can fully take advantage of advancements like AI, federal agencies must prepare their IT infrastructure to securely handle the additional bandwidth.
The U.S. Air Force is developing a methodology for assessing the cyber resiliency of weapon systems and examining how to standardize that methodology across the service. The effort could improve the security of hundreds of weapon systems, including aerial refueling planes, fighter jets and inertial navigation systems.
The cyber realm has redefined the meaning of warfare itself. Conflict in cyberspace is constant, low-cost and uninhibited by traditional definitions of territory and country. Now, governments, militaries and private research groups from America to South Korea are taking cyber capabilities one step further, using developments in artificial intelligence and machine learning to create autonomous weapons that will soon be deployed into battle.
Machine learning already has been used in both cyber and kinetic weapons, from autonomously firing gun turrets to human-superior social engineering attacks. While these advances are noteworthy, these machines are neither entirely intelligent nor autonomous.
The recent dissemination of classified information through media outlets and social media indicate that contemporary insider threat management has entered a new phase. Unlike previous generations that adhered to a strict code of silence, some millennials in charge of keeping U.S. secrets safe have the urge to share information they deem the public has the right to know. Rather than going through official channels to reveal actions they believe are wrong, people like Chelsea Manning, Edward Snowden and Reality Winner leak classified material through media and are just the first indication of information management processes that must change with the times.
The U.S. Defense Department is leaning forward by investing in capabilities that equip U.S. cyber forces with a warfighting platform to achieve, maintain and defend cyberspace superiority. The Unified Platform will be critical to realizing U.S. Cyber Command’s vision to maneuver globally and seamlessly between defense and offense across the cyberspace domain and defend far forward into an adversary’s cyber space.