Some military and civilian experts are calling on the United States to create a civilian cyber corps to help fill the gap in cybersecurity expertise in times of need. Such a corps could enhance state and local emergency response efforts, help protect Defense Department networks and other critical infrastructure or combat social media information warfare campaigns.
The Cyber Edge
Thirty years after the Morris Worm, networks face a long and growing list of potential attack vectors employed by an almost limitless number of threat sources, including criminals, hacktivists and nation-state actors. In response to threats, the U.S. Defense Department has taken prudent measures to shore up vulnerable systems and networks. In accordance with the well-established practice of concentric rings of security, the most sensitive department data exists on its most secure and isolated networks.
When operating one of the most complex and critical networks on the planet, risk is a given. That risk comes in two forms, technical and operational, and managing both is a matter of balance.
Roger Greenwell, Defense Information Systems Agency (DISA) risk management executive and authorizing official, is responsible for maintaining that balance on the Defense Information Systems Network (DISN), a global enterprise network that enables information superiority and critical communications. The DISN is the core of the Department of Defense Information Network, a worldwide conglomeration of military networks.
The Navy’s new Combat to Connect in 24 Hours (C2C24) is an ambitious program that has the potential to change naval warfare as we know it.
The program is designed to improve operational efficiency by automating the Navy’s risk management framework (RMF) efforts; providing sailors with near real-time access to critical data; and accelerating the Navy’s ability to deploy new applications in 24 hours rather than the typical 18 months.
The National Security Agency is now sharing the source code of Ghidra, its reverse engineering tool developed by the agency’s Research Directorate in support of its cybersecurity mission. Ghidra, a suite of software analysis tools, examines complied code using capabilities such as disassembly, assembly, decompilation, graphing and scripting.
Ghidra helps analyze malicious code and malware and improves cybersecurity professionals’ understanding of potential vulnerabilities in their networks and systems. With this release, developers can now collaborate, create patches and extend the tool to fit their cybersecurity needs.
Senior executives are increasingly interested in objective measurements to determine the robustness of their organizations’ cybersecurity protections. However, measuring the adequacy of network and data security can be likened to verifying the amount of air in a room: A formula can ascertain how much air the room contains in theory, but does it take into account the leaky windows?
The Army is approaching cybersecurity in “a systematic methodical way that takes into consideration that not all things have the same level of risk or threat involved,” states Maj. Gen. Garrett Yee, USA, military deputy to the Army Chief Information Officer(CIO)/G-6.
He cites as an example trying to secure a stand-alone device that is not connected to the network but has an information technology component, versus securing a device that is connected to the network. The stand-alone device offers a negligible risk, so efforts should focus on the connected device, he offers.
The water and wastewater treatment industry is facing cybersecurity threats. The risks affect the sector disproportionately compared to other utilities, given local-level water processing operations.
Along with physically securing its critical infrastructure, the water industry has to leverage available tools to protect against cyber attacks, an expert says.
The requirement to partner with allied nations and share a classified network will only grow in the coming years, leaders say. In combined exercises, engagements or missions, coalition partners need to be able to connect digitally to share communications, resources and information to strengthen defenses and partnerships. At the Pentagon, the Joint Staff is working to improve coalition systems and how the U.S. can connect securely to those networks outside of the national networks, one expert shares.
NATO is taking a comprehensive approach to building a cyber policy that would deter adversaries, defend its member nations and provide key capabilities in multidomain operations. This approach to the alliance’s cyberspace strategy takes into account resilience, counter-cyber activities and operational capabilities in both civilian and military elements.
Yet when it comes to NATO cyber policy, much remains to be established. With 29 member nations all having different needs and different approaches to cyber operations, the alliance has not yet arrived at a fully functional policy. It continues to seek input from its nations while incorporating necessary capabilities amid continuing changes in the cyber domain.
Russia may have popularized the manipulation of social media to further its own agenda, but it was not the first country to do so, nor will it be the last. A number of other countries are engaging in similar tactics, but so far have flown largely under the radar. The Oxford Internet Institute found that at least 28 countries worldwide are exploiting social media to influence the public opinion of their own or foreign populations.
The growing interconnection among the elements of the critical infrastructure may hold the key to safeguarding it against an increasingly sophisticated threat picture. Many elements of the critical infrastructure depend on each other, and securing them in a coordinated endeavor holds promise for combatting adversaries who are targeting it on a daily basis.
Trident Juncture 2018, a large-scale NATO military exercise, wrapped up late last year. But in the weeks since, the alliance has been doing something it has never done before by using big data science to help inform lessons learned from the exercise.
Many people have written marketing off as frivolous, but it is a field of constant data-driven experimentation, and in the past decade social media sites such as Facebook have become state-of-the-art laboratories for honing influence messaging. In the information revolution marketplace, the organization with the most data and the ability to utilize it wins.
In today’s environment, the network no longer can be considered a safe zone. Every asset an organization possesses and every transaction it conducts must be secured as if it were a standalone item continually exposed to the full range of cyber threats. The realization that perimeter protection alone is not sufficient has led to the security concept of Zero Trust. In this never-trust/always-verify approach, all entities and transactions rely on multiple solutions to work together and secure digital assets.
A 2018 exercise developed by the Army Cyber Institute at West Point and hosted by the city of Houston provided participants with a full view of potential critical infrastructure crises while also offering a path to security and resiliency. Known as the Jack Voltaic 2.0 Cyber Research Project, the exercise exposed critical infrastructure issues to 200 participants from 44 organizations.
NATO’s longtime motto says that an attack on one NATO member is considered an attack on all the alliance. Today, this creed also applies to cyberspace, alliance leaders indicate. NATO’s new Cyberspace Operations Center, formed in August 2018, takes up the mantle of defending the alliance in the digital realm.
The vulnerabilities of machine learning models open the door for deceit, giving malicious operators the opportunity to interfere with the calculations or decision making of machine learning systems. Scientists at the Army Research Laboratory, specializing in adversarial machine learning, are working to strengthen defenses and advance this aspect of artificial intelligence.
As the U.S. Army continues to evolve its newest warfighting domain, the cyber domain, information plays a key role. The service is working to incorporate information capabilities along with intelligence, electronic warfare, cyber and space, as well as with traditional fire capabilities.
In December, the Army released a doctrine guiding multidomain operations through 2028. The policy acknowledges that U.S. adversaries are contesting all domains, and that in the information environment American dominance is not guaranteed.
The newly created Cyber and Non-Kinetic Operations Division within the Air Combat Command is expected to reach full strength this summer. The new organization integrates multiple missions, including cyber, electronic warfare, intelligence and information warfare.