The U.S. Navy is consolidating its information warfare efforts to ensure effective operations across the breadth of the fleet and its ashore assets. This endeavor ties together training, doctrine and equipping as new threats and technologies rapidly change the nature of the information operations realm.
The Cyber Edge
The U.S. Coast Guard is pursuing digital solutions to support its unique set of military, law enforcement, humanitarian, regulatory and diplomatic responsibilities. It is no small feat to provide information technology to its workforce of 87,570, as well as to its cutters, boats, and aircraft that move along the coastline and inland waterways protecting the United States.
Months after initiating a project to research and rapidly field information warfare-related technologies, the U.S. Navy has expanded the effort servicewide and expects to field the first system by the end of fiscal year 2019.
The Space and Naval Warfare Systems Command (SPAWAR) Systems Center Atlantic announced last summer the formation of an industry consortium for the Information Warfare Research Project (IWRP). The intent is to leverage the flexible contracting platform known as other transaction authority (OTA) to rapidly develop and deploy technologies.
A broad misconception is that the U.S. Army Signal Corps is a single-function organization, but its responsibilities have grown over time, and it is now a vital element of communications support that applies technology to ensure mission success. As much as the Army performs maneuver operations on land, it also performs signal offensive, defensive and stability operations in the cyber domain.
The Army’s Signal officers are expected to perform duties well beyond communications support. Signal organizations are the nexus of cyber and electronic warfare activities.
Two years’ experience at the U.S. Cyber Command has shaped U.S. Coast Guard Rear Adm. Dermanelian’s perspective as he implements, as commander, the Coast Guard Cyber Command’s three main missions: (1) defending the Coast Guard’s portion of the Department of Defense Information Network, or DODIN; (2) protecting the maritime transportation sector; and (3) enabling cyber operations. The admiral is dual hatted as the assistant commandant for command, control, communications, computers and information technology/CG-6 as well as being the commander of the Coast Guard Cyber Command.
The United States faces a “toxic mix of threats,” Dan Coats, the director of National Intelligence, testified today before the Senate Select Committee on Intelligence while unveiling the annual Worldwide Threat Assessment of the U.S. Intelligence Community.
More than a year has passed since the Modernizing Government Technology (MGT) Act was signed into law, cementing the establishment of a capital fund for agencies to support their special IT projects. The MGT Act prompted defense and intelligence agencies to accelerate the replacement of legacy systems with innovative and automated technologies, especially as they explore new ways to mitigate security risks like those experienced all too often by their private sector counterparts.
The United States faces a threat unlike any in its history. The cyber threat zips around the world at blinding speeds and continually transforms. It can neutralize billion-dollar weapon systems and leave entire cities in the dark. It also can be wielded by superpowers, smaller governments or criminal organizations. At the same time, however, legislation, strategies, policies, authorities and a vigorous spirit of cooperation across government and the international community are all aligning to meet that threat.
The U.S. Transportation Command was the first U.S. Defense Department organization to begin moving its cyber capabilities, along with command and control applications, to a commercial cloud environment. More than a year later, the unified command is making strides in transferring its unclassified systems and is sharing lessons learned that will make the path to cloud usage smoother for others to follow.
Embedded systems are emerging as the latest challenge in the drive to secure deployed U.S. military technologies, including those residing within weapons and flight controllers. Because they are deeply entrenched inside critical hardware, these systems can be tricky to safeguard, so cybersecurity and cyber resiliency must be considered at the beginning of the design and architecture process. And although upgrades can boost embedded systems’ cybersecurity, system operators must determine when the potential pitfalls of doing so outweigh the benefits.
Up until the digital age, wars involved a limited number of combatants with clear identities battling within distinct boundaries visible on a map. These conflicts ended either with a victor or as a stalemate. But today’s information warfare does not fit this traditional model. Instead, it comprises an unlimited number of potential combatants, many with hidden identities and agendas.
Cyberspace is a theater of operations that is nowhere and everywhere. Within this domain, information warfare will not and in fact cannot come to any conclusion. This conflict closely resembles an incurable disease that can be managed so the patient can lead a productive life but is never completely cured.
Artificial intelligence can analyze vast amounts of information, identifying patterns and anomalies at a speed and scale beyond human capacity. To make it an invaluable part of defense, the goal will be to create cybersecurity systems that can anticipate national security threats. Once systems can automatically reconfigure themselves and their security controls to prevent any potential breaches, the next step will be to move to machines with the power to make their own decisions.
The U.S. defense industrial supply chain is vast, complex and vulnerable. Organic components, large-scale integrators, myriad commercial service providers, and tens of thousands of private companies sustain the Defense Department. According to the SANS Institute, the percentage of cyber breaches that originate in the supply chain could be as high as 80 percent.
Powered by recent advances in artificial intelligence and machine learning, long-hyped technologies such as facial recognition and behavioral biometrics are promising frictionless identity authentication. In the near future, people will be able prove who they are without even trying and sometimes without even knowing they’re doing it.
Threat researchers from McAfee Labs have released their 2019 cybersecurity threats predictions report. Unfortunately, cyber criminals are expected to become more sophisticated and collaborative as the “underworld” consolidates into stronger malware-as-a-service families actively working together.
Software and security teams will need to adapt as threats become more complex. McAfee predicts more attackers will be using artificial intelligence to avoid detection by security software. “In fact, an entire underground economy has emerged where criminals can now outsource products and dedicated services to aid their activities,” says Thomas Roccia, a researcher on the team.
The U.S. Indo-Pacific Command (INDOPACOM) is seeking the capabilities and enabling technologies to conduct “full-spectrum cyber operations” in its vast region of responsibility, according to its commander. Adm. Philip S. Davidson, USN, commander of the U.S. Indo-Pacific Command, described this new cyber push at the keynote luncheon on the first day of AFCEA’s TechNet Asia-Pacific 2018, held November 14-16 in Honolulu.
For three years, the U.S. Army has been asking questions about how to converge cyberspace operations, electronic warfare and spectrum management capabilities at the corps level and below to deny, degrade, destroy and manipulate enemy capabilities. Now, officials say, they are drawing closer to answers.
In 2015, the service created a pilot program known as Cyberspace Electromagnetic Activity (CEMA) Support to Corps and Below. The CEMA concept integrates elements from offensive and defensive cyber, electronic warfare, and intelligence into expeditionary teams that support tactical units.
In the coming months, researchers from Georgia Tech will reveal the results of testing on a robot called the HoneyBot, designed to help detect, monitor, misdirect or even identify illegal network intruders. The device is built to attract cyber criminals targeting factories or other critical infrastructure facilities, and the underlying technology can be adapted to other types of systems, including the electric grid.
The HoneyBot represents a convergence of robotics with the cyber realm. The diminutive robot on four wheels essentially acts as a honeypot, or a decoy to lure criminal hackers and keep them busy long enough for cybersecurity experts to learn more about them, which ultimately could unmask the hackers.
One way of ensuring that attackers don’t access a network node or break into a device is to render its identification invisible. Cloaking the device’s address gives a hacker nothing to see, and it can be done on systems ranging from government networks to medical electronics implanted inside human beings.
The Warfighter Information Network–Tactical program delivered a digital transformation, enabling maneuver elements to move faster and provide commanders with vital battlefield information in near real-time. Its flexibility facilitated communications in Iraq’s urban environments and Afghanistan’s mountainous terrain. Although a powerful improvement over Mobile Subscriber Equipment, the technologies are not powerful enough to combat adversaries wielding cyber capabilities.