Some people worry that artificial intelligence will steal their jobs, but machine learning algorithms now generate images of fake fingerprints that match the prints of one in five people on the planet. Other biometric identification systems, such as face and iris recognition, may also be vulnerable. The capability puts the mobile device industry on notice that current biometric authentication systems may not be adequate for securing cell phones and other devices.
The Cyber Edge
The maritime services continue to maintain a balance between cyber and kinetic weapons even while engaged in a daily cyber conflict.
Leaders for all three maritime services—the Navy, Marines and Coast Guard—participated in a town hall forum during the AFCEA-USNI West 2019 Conference in San Diego, and they agreed that cyber conflict rages on.
“If you’re asking me if I think we’re at war, I think I’d say yes,” Gen. Robert Neller, USMC, Marine Corps commandant, told one audience member. “We’re at war right now in cyberspace. We’ve been at war for maybe a decade. They’re pouring oil over the castle walls every day.”
The United States is fully engaged in combat operations in the cyber realm, according to a panel of military officials at the AFCEA-USNI West conference in San Diego.
Lt. Gen. Robert Shea, USMC (Ret.), president and CEO of AFCEA International, who served as moderator on the panel, kicked off the discussion saying the nation is in “Phase III” in the information domain. Phase III refers to the multiple stages of war. According to GlobalSecurity.org, the phases include: halting an invasion, force buildup and deployment, counteroffensive or counterattack, and ensuring postwar stability.
Last year the U.S. Defense Department released a cyber strategy and followed that with posture review that identified more than 90 gaps in cybersecurity capabilities, many of which were determined to be critical shortcomings. This year, officials expect to begin implementing the strategy, beginning with several priority areas involving endpoint management, network visibility, user authentication and cyber force development, according to Brig. Gen. Dennis Crall, USMC, deputy principal cyber advisor, Office of the Secretary of Defense.
The cloud strategy document released this week by the U.S. Defense Department is drawing mixed reactions from industry and military officials. Experts welcome the strategy as an important step toward modernizing the department’s infrastructure but also express some concerns and note that many questions remain.
The U.S. Navy is consolidating its information warfare efforts to ensure effective operations across the breadth of the fleet and its ashore assets. This endeavor ties together training, doctrine and equipping as new threats and technologies rapidly change the nature of the information operations realm.
The U.S. Coast Guard is pursuing digital solutions to support its unique set of military, law enforcement, humanitarian, regulatory and diplomatic responsibilities. It is no small feat to provide information technology to its workforce of 87,570, as well as to its cutters, boats, and aircraft that move along the coastline and inland waterways protecting the United States.
Months after initiating a project to research and rapidly field information warfare-related technologies, the U.S. Navy has expanded the effort servicewide and expects to field the first system by the end of fiscal year 2019.
The Space and Naval Warfare Systems Command (SPAWAR) Systems Center Atlantic announced last summer the formation of an industry consortium for the Information Warfare Research Project (IWRP). The intent is to leverage the flexible contracting platform known as other transaction authority (OTA) to rapidly develop and deploy technologies.
A broad misconception is that the U.S. Army Signal Corps is a single-function organization, but its responsibilities have grown over time, and it is now a vital element of communications support that applies technology to ensure mission success. As much as the Army performs maneuver operations on land, it also performs signal offensive, defensive and stability operations in the cyber domain.
The Army’s Signal officers are expected to perform duties well beyond communications support. Signal organizations are the nexus of cyber and electronic warfare activities.
Two years’ experience at the U.S. Cyber Command has shaped U.S. Coast Guard Rear Adm. Dermanelian’s perspective as he implements, as commander, the Coast Guard Cyber Command’s three main missions: (1) defending the Coast Guard’s portion of the Department of Defense Information Network, or DODIN; (2) protecting the maritime transportation sector; and (3) enabling cyber operations. The admiral is dual hatted as the assistant commandant for command, control, communications, computers and information technology/CG-6 as well as being the commander of the Coast Guard Cyber Command.
The United States faces a “toxic mix of threats,” Dan Coats, the director of National Intelligence, testified today before the Senate Select Committee on Intelligence while unveiling the annual Worldwide Threat Assessment of the U.S. Intelligence Community.
More than a year has passed since the Modernizing Government Technology (MGT) Act was signed into law, cementing the establishment of a capital fund for agencies to support their special IT projects. The MGT Act prompted defense and intelligence agencies to accelerate the replacement of legacy systems with innovative and automated technologies, especially as they explore new ways to mitigate security risks like those experienced all too often by their private sector counterparts.
The United States faces a threat unlike any in its history. The cyber threat zips around the world at blinding speeds and continually transforms. It can neutralize billion-dollar weapon systems and leave entire cities in the dark. It also can be wielded by superpowers, smaller governments or criminal organizations. At the same time, however, legislation, strategies, policies, authorities and a vigorous spirit of cooperation across government and the international community are all aligning to meet that threat.
The U.S. Transportation Command was the first U.S. Defense Department organization to begin moving its cyber capabilities, along with command and control applications, to a commercial cloud environment. More than a year later, the unified command is making strides in transferring its unclassified systems and is sharing lessons learned that will make the path to cloud usage smoother for others to follow.
Embedded systems are emerging as the latest challenge in the drive to secure deployed U.S. military technologies, including those residing within weapons and flight controllers. Because they are deeply entrenched inside critical hardware, these systems can be tricky to safeguard, so cybersecurity and cyber resiliency must be considered at the beginning of the design and architecture process. And although upgrades can boost embedded systems’ cybersecurity, system operators must determine when the potential pitfalls of doing so outweigh the benefits.
Up until the digital age, wars involved a limited number of combatants with clear identities battling within distinct boundaries visible on a map. These conflicts ended either with a victor or as a stalemate. But today’s information warfare does not fit this traditional model. Instead, it comprises an unlimited number of potential combatants, many with hidden identities and agendas.
Cyberspace is a theater of operations that is nowhere and everywhere. Within this domain, information warfare will not and in fact cannot come to any conclusion. This conflict closely resembles an incurable disease that can be managed so the patient can lead a productive life but is never completely cured.
Artificial intelligence can analyze vast amounts of information, identifying patterns and anomalies at a speed and scale beyond human capacity. To make it an invaluable part of defense, the goal will be to create cybersecurity systems that can anticipate national security threats. Once systems can automatically reconfigure themselves and their security controls to prevent any potential breaches, the next step will be to move to machines with the power to make their own decisions.
The U.S. defense industrial supply chain is vast, complex and vulnerable. Organic components, large-scale integrators, myriad commercial service providers, and tens of thousands of private companies sustain the Defense Department. According to the SANS Institute, the percentage of cyber breaches that originate in the supply chain could be as high as 80 percent.
Powered by recent advances in artificial intelligence and machine learning, long-hyped technologies such as facial recognition and behavioral biometrics are promising frictionless identity authentication. In the near future, people will be able prove who they are without even trying and sometimes without even knowing they’re doing it.
Threat researchers from McAfee Labs have released their 2019 cybersecurity threats predictions report. Unfortunately, cyber criminals are expected to become more sophisticated and collaborative as the “underworld” consolidates into stronger malware-as-a-service families actively working together.
Software and security teams will need to adapt as threats become more complex. McAfee predicts more attackers will be using artificial intelligence to avoid detection by security software. “In fact, an entire underground economy has emerged where criminals can now outsource products and dedicated services to aid their activities,” says Thomas Roccia, a researcher on the team.