The Journal Online

Countering Hybrid Threats in Cyberspace

1.   Countering Hybrid Threats in Cyberspace Abstract: For almost two decades, cyberwar has posed various challenges to military organizations. Doctrine has hardly defined the scope of cyber activities and how military forces can act or react in that specific new battlefield. Highly technical by nature, the cyber defense mission was, at first, to counter major cyber threats, thus the focus was, and is, to protect critical infrastructures and networks. Building up a cyber force was, therefore, a move to militarize cybersecurity by transferring methodologies and skills. But the reality of cyber conflict undermines the idea of the unique technical roots of cyber warfare. Most of the strategists and military experts considered cyberwarfare as a force multiplier in the global reshaping of the military affairs. Preparing for a “cyber Pearl Harbor” we have missed the overall picture where State and non-State actors use cyber tools to conduct their global information war. This paper proposes a broad overview of the concept of hybrid threat and how it applies in cyberspace. Built to counter a major cyberattack against our National Critical Infrastructure (NCI), most of the cyber forces are not well adapted to face the guerilla style warfare imposed by our adversaries. Based on recent lessons learned, this paper enlightens the challenges and opportunities of countering hybrid threats in cyberspace. Keywords: Cyber Operations, Hybrid warfare, information operations.   2.   Introduction There is, so far, no clear definition of the ‘hybrid threat’ concept in Western military institutions although there is no longer any debate about the reality of its existence in cyberspace. Whether one refers to the 2006 Israeli – Hezbollah...

Army Tactical Network Quality of Service and Graceful Degradation Concept

and Introduction The Army tactical network(s) currently comprise multiple, individually federated, transport mechanisms. Almost all warfighting functions, in addition to other specialized services (e.g. medical), maintain a dedicated network communication infrastructure. While this does provide some redundancy[i], it also impedes collaboration and data sharing, as well as greatly increases complexity and Cost, Size, Weight and Power (SWaP) requirements across all tactical echelons. The U.S. Army Cyber Center of Excellence has recently introduced a plan to converge these Command Post (CP) network architectures, promoting the concept of a single transport layer as a means to increase efficiency and enable the sharing of data across all mission functions. Achieving this degree of integration has numerous challenges. This article will focus on just one – critical information delivery assurance. Given that within this network model, all data must share a single finite capacity communication transport layer, how do we ensure that critical information is provided some assurance of guaranteed delivery and responsiveness? To achieve this, we make the case that a converged tactical network must support a comprehensive Quality of Service (QoS) implementation as well as graceful degradation mechanisms.   Background As related to computer networking, QoS is a means of prioritizing amongst various data flows such that some degree of assured service can be maintained. Simply put, QoS can be thought of as a contract between the application (user) and the network, ensuring some agreed-upon minimum level of service. QoS is predicated on the fact that not all data streams are as susceptible to high latency or bit error rate conditions as others, or that not all communication streams are of equivalent...

Education for the Future of Cyber

Abstract Education will be the cornerstone for our nation’s success in cyberspace. The military has made efforts towards building the force necessary to defend its borders within cyberspace. The United States (US), however, will need to invest in its youth to better prepare for the future. This article focuses on current efforts to prepare for cyber warfare through the education system, community programs, and military training. With a better understanding of the current efforts, organizations can strengthen programs or focus on areas necessary to further US capabilities in cyberspace. Introduction Over the course of the last century, warfare has made giant leaps in terms of battle ground in which war is fought. No longer are wars fought solely on ground, air, or sea, but in space, and now cyberspace. Due to this change in terrain, Soldiers must be smarter than they have ever been, and eager to not only train physically, but mentally. The need to educate Soldiers has become crucial to future military success, and that need reaches beyond the services to grade school, in order to develop the fighting force the US requires. The question becomes, what is the US doing to better prepare young people to inherit the cyberspace battlefield? To answer this question, the military is making changes to its current structure as well as looking to other agencies and organizations to fill military requirements. Education             “We know that the nation that out-educates today will out-compete us tomorrow. And I don’t intend to have us out-educated.”[1] – Barack Obama, President of the United States of America. In the aftermath of 9/11, the US government...

Blogs

The False Promise of Hacking Democracy

“Probable impossibilities are to be preferred to improbable possibilities” It is immensely convenient to claim that a Federal election can be hacked; however, the reality of hacking such an election is far more difficult than one might realize. The level of complexity in the US electoral process is such that to hack the election would require a combined feat of technical and social engineering requiring tens of thousands of co-conspirators operating across hundreds of jurisdictional boundaries with divergent laws and practices. Having worked in democracy development for the better part of 10 years on elections in several dozen countries, the state of American electoral security is strong because of its immensely decentralized nature. In a case where the bewildering and often arcane complexity facilitates inefficiency, it is this inefficiency that coincidentally fosters systemic resilience. It is the organizational attributes of a national election run by state and local authorities that make the United States a poor target for any malicious actor attempting to directly affect the polling places where American’s cast their ballots. To understand why the United States is so resilient to malicious actors seeking to manipulate a national election requires understanding the nuances of federal, state and local roles in the execution of a national election. One of the best sources for understanding the complexities of the American voting process was produced by a 2014 Presidential Commission. The commission deconstructs its recommendations and thereby provides insight into the electoral procedures of states by examining issues about voter registration, access to polling locations, the management of polling places, and the technology of voting itself.[i] It should be noted...

There Is No “Cyber”

At the recent Joint Service Academy (JSA) Cyber Security Summit at West Point (20-21 April, 2016), the word “cyber” was used in multiple different facets. As a noun, cyberspace is the “Domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data…” [COL11]. This is perhaps the broadest definition possible, proposed as the Cyberspace Operations Lexicon by the Joint Chiefs of Staff. While the ambiguity with the meaning of the proper noun “Cyber” provides a difficult framework to focus meaningful actions, our use of the words “Cyber”, “Digital” and their like as adjectives serves only to create artificial divisions among researchers, practitioners, and decision-makers in the area. The term “Cyber Security” is of course ubiquitous, being the focus of the JSA Cyber Security Summit and one of the main foci of the Army Cyber Institute (ACI) at West Point; that is unavoidable. Cyber Security can be many things: at the JSA Summit it was identified as the agglomeration of practicing good hardware and software manufacturing and implementation, sourcing trusted components (again, from both a hardware and software side) and providing training and education for workers to avoid naively poking holes in those standards [CON16]. The term operational security (OPSEC) is used to describe our behaviors while conducting the mission. For those whose jobs have security considerations, OPSEC refers to not discussing their work in public places, even in an unclassified way. The phrase “Digital OPSEC” or even “Cyber OPSEC” is frequently used to discuss our behaviors on the internet, such as not connecting to public WiFi, using discretion with location services on our...

Enter the Policy and Legal Void

Soldiers are down range and have suites of tools available to them that they cannot use to their full capability. They are not technically limited, but rather constrained by the authorities and pre-requisite policies established in a pre-digital age. We tell them to go and defeat ISIS, Al al’Qaeda, or pick another future adversary, but they must do so with their hands tied behind their backs. Make no mistake, as a nation we are currently involved in a global conflict. The conflict is not defined by traditional weapons, but by bits and bytes traversing fiber lines and airwaves. This global information war collides with many of the values of Western Democracies, and the societal constraints of authoritarian regimes. The robust constraints on governmental instruments serve a valuable purpose, yet at the same time our Soldiers in the field are struggling to navigate complex legal and policy waters while corporations are drowning in data that might inform or provide context for a variety of mission sets. The volume and velocity of this data is only set to grow as globally the number of Internet enabled devices increases from approximately 17 billion to 50 billion and beyond. At the beginning of the digital age it is imperative that we, as a society, begin discussing the future we are rapidly entering. Constraints are pivotal for maintaining the fundamental civil rights Americans cherish.  Civil rights, to include various liberties such as privacy, free speech, and freedom of religion among others are challenged by data repositories that eliminate anonymity and the ability to be forgotten and to forget. Yet, we as a society are...

Network Science Center

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.