The Cyber Edge

The Cyber Edge Home Page

September 1, 2019
By Kimberly Underwood
Increased adversarial threats, combined with a growing demand for intelligence, is driving the Defense Intelligence Agency’s effort in providing advanced tools to the military’s intelligence officers worldwide. Credit: Shutterstock/Gorodenkoff

Trusted intelligence is needed in an era in which the United States is facing growing threats. The military and other entities in the intelligence community rely on the U.S. Defense Intelligence Agency to provide not only actionable intelligence but also the platforms or information technology systems that enable intelligence gathering, processing and analysis. To meet the increasing demand for intelligence, the Defense Intelligence Agency, known as the DIA, has distributed part of its workforce to the various U.S. military commands that it supports. This global deployment has altered the role of the DIA, explains Jean Schaffer, the agency’s chief information security officer (CISO) and chief of Cyber and Enterprise Operations.

September 1, 2019
By Lt. Gen. Susan Lawrence, USA (Ret.)
Credit: TheDigitalArtist/Pixabay

Second of a two-part series.

Few if any topics cause more stress across the Defense Department than cybersecurity. As I noted in my last column, department leaders have taken many steps to address the problem. While most of these steps are helpful, we still see a lot of emphasis placed on setting and enforcing cyber standards across the department and its broader ecosystem of stakeholders.

August 23, 2019
By George I. Seffers
The Multi-Function Electronic Warfare-Air Large program will integrate an offensive electronic warfare pod onto an MQ-1C Gray Eagle unmanned aircraft system. It, along with two other programs, offers the Army an opportunity for interoperability. Credit: U.S. Army

The U.S. Army is enjoying a renaissance period for cyber and electronic warfare (EW) technologies and has a chance to lay a foundation of interoperability in cyber systems, says Col. Kevin Finch, USA, program manager for electronic warfare and cyber within the Program Executive Office-Intelligence, Electronic Warfare and Sensors.

Col. Finch made the comments on the final day of the AFCEA TechNet Augusta conference 2019 in Augusta, Georgia. AFCEA added an extra day to the annual conference to highlight procurement and acquisition.

August 22, 2019
By George I. Seffers
Maj. Gen. Neil Hersey, USA, commander, of the U.S. Army Cyber Center of Excellence and Fort Gordon, speaks at TechNet Augusta. Photo by Michael Carpenter

Maj. Gen. Neil Hersey, USA, commander, of the U.S. Army Cyber Center of Excellence and Fort Gordon, said the center could potentially change its name, but that close cooperation among the centers of excellence essentially already provides the benefits of an information warfare center of excellence.

The change—if it happens—would follow the lead of the Army Cyber Command. Lt. Gen. Stephen Fogarty, USA, who leads Army Cyber Command, has been pushing to change the name to Army Information Warfare Operations Command. The service’s centers of excellence fall under the U.S. Army Training and Doctrine Command (TRADOC).

August 23, 2019
By George I. Seffers
Sgt. Gabrielle Hurd, 237th Military Police Company, New Hampshire Army National Guard, shows her team the route they will take before embarking on an overnight hike to the summit of Mount Monadnock, New Hampshire, during an Enhanced Night Vision Goggle-Binocular Soldier Touchpoint in July. PEO-Soldier incorporates soldier feedback into the ENVG-B product and many others which helps the Army integrate the current needs of soldiers with the Army’s future, multidomain battlefield. Photo by Patrick Ferraris

Brig. Gen. Anthony “Tony” Potts, program executive officer (PEO)-soldier, recently signed a new standard for 256-bit encryption for individual soldier systems. That is an increase from 128-bit encryption.

And since beginning the job about 18 months ago, he has stopped the once-common practice in the PEO-Soldier shop of signing cybersecurity waivers for the individual soldier equipment being developed. Furthermore, he is building a “robust capability” Risk Management Framework, which essentially specifies security controls for a system that involves organizational risk.

August 20, 2019
By George I. Seffers
Air Commodore Elanor Boekholt-O’Sullivan, Royal Netherlands Air Force, speaks about the cyber work force during a panel at AFCEA TechNet Augusta. Photo by Michael Carpenter

Members of an international panel of cyber experts recommend recruiting personnel some might consider misfits in the cyber realm.

June 1, 2019
By Maj. Ryan Kenny, USA
Credit: Shuttersotck/metamorworks

In the cyber realm, organizations need the means to rapidly identify emerging threats, immediately respond to mitigate risk, and systematically learn from these encounters—just as the immune system responds to a virus.

A single tool, process or team cannot deliver true cybersecurity. Collecting, analyzing and disseminating intelligence requires a converged organization that fuses expertise across domains. As adversaries possessing sophisticated expertise and considerable resources target multiple attack vectors—cyber, electromagnetic and physical, for example—cyber leaders must develop teams and systematic processes to rapidly transform analysis into action.

August 9, 2019
By Travis Smith
MITRE’s ATT&CK Framework can be used for cyber defense training even though it wasn’t created for that purpose.  Credit: Stuart Miles/Shutterstock

When government agencies consider the MITRE ATT&CK Framework, most want to better understand and address adversary behavior. When it comes to combating an agency’s debilitating shortage of skilled cyber personnel, most are still looking for effective solutions. But, what if the MITRE ATT&CK Framework is as effective at enhancing cyber defense skills as it is at identifying the adversary’s antics?

July 17, 2019
Posted by George I. Seffers
U.S. Cyber Command officials recently released a list of tough technical challenges areas, for which solutions may not yet exist. Credit: DR MANAGER/Shutterstock

The U.S. Cyber Command has released a list of 39 challenge problems fitting under 12 categories: vulnerabilities, malware, analytics, implant, situational awareness, capability development, persona, hunt, mission management, attack, security and blockchain.

August 1, 2019
By Robert K. Ackerman
Soldiers analyze network data during a cyber academy class at Fort Bragg, North Carolina. The project manager, defensive cyber operations (PM DCO), is working to boost Army cyber capabilities while shortening the training time line to empower more soldiers for the cyber defense mission. U.S. Army photo

Speed is of the essence as the U.S. Army works earnestly with industry to equip the force with the latest tools to combat cyber attacks. Yet rapid acquisition must be weighed against wasteful haste as the service aims to deliver combat-effective capabilities without breaking stride.

These capabilities include a revamped tool suite, a portable cyber defense system and advanced cyber situational awareness. At the forefront of these efforts is the project manager, defensive cyber operations (PM DCO), part of the Army’s Program Executive Office Enterprise Information Systems.

August 1, 2019
By Robert K. Ackerman
The amphibious assault ship USS Boxer anchors off the coast of Phuket, Thailand. The U.S. Indo-Pacific Command is advancing the quality of technology in multinational training exercises, so allies and partners can interoperate in cyber the way they might have to in regional operations. U.S. Navy photo

The U.S. Indo-Pacific Command is incorporating new cyber technologies and standards as it strives for greater interoperability among a growing number of allies and potential partners. This increased reliance on cyber is viewed by command leadership as essential for maintaining effective military capabilities in the face of a growing kinetic and cyber presence by diverse adversaries.

August 1, 2019
By Chief Warrant Officer 2 Cory Jodon, USA
Spc. Dillon Anton, USA, and Spc. Matthew Perry, USA, 601st Aviation Support Battalion, 1st Infantry Division, Combat Aviation Brigade, set up and validate a Combat Service Support Very Small Aperture Terminal (CSS-VSAT) in preparation of Combined Support Exercise at Storck Barracks, Germany.

For more than a decade, the U.S. Army has been improving the Logistics Information Systems Network, which is specifically designed to sustain and maintain warfighters deployed across the globe. However, although the technology has far exceeded the service’s goals, today’s management practices are almost identical to those used when the network was created in 2004. With the increase in cybersecurity policies and advances in capabilities, the need for highly trained, designated network and systems administration personnel has become abundantly clear, and the requirement for better management processes even more evident.

July 15, 2019
By Noah Schiffman
The National Security Agency is not to blame for the recent ransomware attack on the city of Baltimore, says Noah Schiffman, KRB chief technology adviser. Credit: Shutterstock/Stephen Finn

The May 7th ransomware attack against Baltimore has crippled much of the local government’s IT infrastructure while holding its network hostage. Not since the March 2018 attacks against Atlanta has a major U.S. city been so digitally impaired.

The subsequent media coverage of Baltimore’s struggle has generated some misplaced criticism of the U.S. government. Initial news reports erroneously claimed that the ransomware leveraged an NSA-developed exploit to compromise Baltimore’s municipal systems. Unfortunately, this snowballed into numerous sources placing blame on the NSA, claiming that they mismanaged their cyber weaponry. 

This is grossly incorrect.

July 1, 2019
By Robert K. Ackerman
Servicemen participate in a cyber warrior exercise overseas. The U.S. Army’s program executive officer for enterprise information systems (PEO EIS) is striving to speed new software into cyber systems while maintaining effective operations. U.S. Army Reserve photo

The U.S. Army is building a tighter relationship with industry to tap commercial expertise and avoid long procurement delays that often render new information technologies obsolete before they are fielded.

At the heart of this effort is Cherie A. Smith, program executive officer for enterprise information systems (PEO EIS), U.S. Army. After she assumed her position last year, Smith relates, she focused on making promises and seeking help. Since then, she has emphasized a shared relationship with industry.

July 1, 2019
By Kyle Aldrich
Looking Glass stock

Global, asymmetrical threats now dominate attacks on nations and businesses alike, and the enemy is not always immediately knowable, identifiable or even seen. These realities are forcing leaders to invest more resources into analytics, as well as intelligence, surveillance, reconnaissance and other 21st century responses to cyber bombardments today.

July 1, 2019
By Chris Nissen
Bill Bickert, assistant commander for supply chain management policy and performance, Naval Supply Systems Command, visits the command’s Fleet Logistics Center–Jacksonville, Florida, headquarters. Supply chain monitoring software is useful; however, ensuring suppliers are providing clean components is crucially important as well. Photo by Carol Williams

Adversaries are exploiting the inherent vulnerabilities of U.S. military supply chains that involve tens of thousands of private sector providers from all over the globe. Attack operations include stealing valuable technical data; striking critical infrastructure, manufacturing and weapon systems control systems; corrupting the quality and assurance across a broad range of product types and categories; and manipulating software to access connected systems and to degrade systems operation integrity.

July 1, 2019
By Chief Warrant Officer 4 Judy M. Esquibel, USA
Maj. Gen John C. Harris Jr., ANG (c), the adjutant general, Ohio National Guard, observes training while the Cyber Mission Assurance Team (CMAT) conducts network assessments during exercise week of Cyber Shield 19 at Camp Atterbury, Indiana. The National Guard is standing up the teams to help secure the critical infrastructure that services U.S. Defense Department installations. U.S. Army National Guard Photo by Staff Sgt. George B. Davis

As emerging technologies and capabilities permeate and dominate the military and critical infrastructure, a different skill set is required to secure the increasingly complex cyberspace realm. The Internet of Things will be both an asset and a liability in the future when the military incorporates it into operations, and urban environments will complicate these efforts.

Cyber warfare continues to evolve with ever-changing innovation and technology, increasing critical infrastructure defense. In addition, with the onset of smart cities, the U.S. military in general, and the U.S. Army in particular, is exploring gaps in training and education related to operating in dense, super-connected urban areas.

June 19, 2019
By George I. Seffers
The Missouri Cyber Team, a part of the National Guard, developed RockNSM an open source cybersecurity system. Now, they are building a nonprofit organization to help share that system with others. Credit: Missouri National Guard Cyber Team

Members of the Missouri National Guard Cyber Team are launching a nonprofit organization to share RockNSM, a system initially built by cyber warriors for cyber warriors.

RockNSM is a network security monitoring platform that uses open source technologies, such as CentOS, which is an operating system derived from the RedHat enterprise-level open source system. RockNSM formed the basis for a Task Force Echo network anomaly detection system used for real-world cyber operations.

May 31, 2109
By Maryann Lawlor
Artificial intelligence and machine learning are still technically in their infancy. Both show promise in the military and government arenas, but experts still have many questions.

Artificial intelligence and machine learning techniques could help information and network defenders recognize patterns of potential attackers so their next moves can be proactively blocked. In addition, cyber tools enhanced with these capabilities could provide a much more detailed picture of the cyber battlefield and increase the potential of success in a cyber campaign. This knowledge would complement the kinetic battlefield and could permit war planners to choose the appropriate mix of cyber and kinetic operations.

June 1, 2019
By George I. Seffers
Cyber warriors with the National Guard are sometimes similar to colonial-era militiamen, fighting with whatever technological weapons they have at home or building the tools they need. Alexander Herasymchot/Shutterstock and U.S. Defense Department courtesy photo

National Guard members conducting cyber operations found themselves poorly equipped to meet some of the real-world challenges they faced, so they banded together and built the system they needed on a shoestring budget. That system detects anomalous behavior on the network, reduces the number of analysts and enriches network data provided to data scientists.

Pages