Recent Journal Articles

Disclaimer: The articles and other content which appear in the Cyber Defense Review are unofficial expressions of opinion. The views expressed are those of the contributing authors and do not reflect the official position of the United States Military Academy, Department of the Army, United States Marine Corps, Department of the Navy, or Department of Defense.

Cyberspace in Multi-Domain Battle

and For months, a nation state has covertly infiltrated a neighboring state’s critical networks while massing armored forces along its common border with a US ally. While the adversary prepares to launch a massive cyber-attack on its neighbor state, its tanks are readied to roll over the border. Nearby, a U.S. Division, engaged in an allied training exercise prepares to become the first line of defense against aggression. Unknown to the adversary, Allied and US forces have hardened their networks and at the first indication of aggression, have temporarily cut power to a nearby city to deceive the enemy. Simultaneously, a U.S. Navy warship fires an Electro Magnetic Pulse (EMP) missile at the adversary, disabling their electronic systems. Facing a numerically superior enemy, Allied forces, take advantage of the window of opportunity created by the EMP weapon to engage the crippled and confused enemy forces across multiple domains. Read the whole article below... read more

Cyber (In)Security: Decision-Making Dynamics When Moving Out of Your Comfort Zone

  “Every assumption we hold, every claim, every assertion, every single one of them must be challenged.” — General Mark A. Milley, 39th Chief of Staff of the U.S. Army This paper focuses on how the dynamic speed of change and the compression of time in cybersecurity move individuals and organizations out of their comfort zones. This often results in forcing faulty decision-making generated by an enhanced dependence on untested assumptions. The counterbalance to this behavior begins by recognizing a key truism: within every decision lies an assumption. Equipping your cyber team with the mechanisms and tools to identify and properly challenge these assumptions drives better decision-making and new opportunities to successfully defend, attack, and adapt in the cyber battleground. Read the whole article below... read more

Joint Interagency Coordination: How Can the Reserve Component Be Better Utilized to Defend Our Nation in the Cyber Arena? 

Introduction In a time of constrained and reduced resources and to fortify the protection against the ever-increasing global cyber threats, the United States (US) must do more with less and better utilize its existing resources. The Reserve Components (RC) of the US military are filled with cyber expertise gained through civilian and military training as well as job experience. If the Department of Defense (DoD) can develop a program to better utilize the experience and skills resident in the Reserves, the US military can improve the nation’s cyber capabilities and better protect its networks. Based on the current DoD CYBER Strategy[i], the Guard and Reserve has a significant role to play in the cyber realm. Specifically, the DoD CYBER Strategy calls on the Guard and Reserve to provide a “resource for expertise and to foster creative solutions to cybersecurity problems” and to provide “critical surge capacity” when needed. To provide the resources required to defend the nation, the Reserve Forces need to be better utilized. This paper proposes the establishment of a full-time support program manned by the RC and augmented by traditional Selected Reservists and Guardsmen on weekend duty. This program will capitalize on existing expertise and further develop the in-depth technical skills required to tackle the enormous cybersecurity challenges that exist today, and in the future. Also, the creation of such a program will result in an available, fully trained surge capacity when needed. USCYBERCOM’S Cyber Mission Force In December 2012, the U.S. Secretary of Defense (SecDef) authorized the creation of the Cyber Mission Force (CMF). According to the DoD CYBER Strategy and the 2014 Quadrennial Defense Review (QDR),... read more

Countering Hybrid Threats in Cyberspace

1.   Countering Hybrid Threats in Cyberspace Abstract: For almost two decades, cyberwar has posed various challenges to military organizations. Doctrine has hardly defined the scope of cyber activities and how military forces can act or react in that specific new battlefield. Highly technical by nature, the cyber defense mission was, at first, to counter major cyber threats, thus the focus was, and is, to protect critical infrastructures and networks. Building up a cyber force was, therefore, a move to militarize cybersecurity by transferring methodologies and skills. But the reality of cyber conflict undermines the idea of the unique technical roots of cyber warfare. Most of the strategists and military experts considered cyberwarfare as a force multiplier in the global reshaping of the military affairs. Preparing for a “cyber Pearl Harbor” we have missed the overall picture where State and non-State actors use cyber tools to conduct their global information war. This paper proposes a broad overview of the concept of hybrid threat and how it applies in cyberspace. Built to counter a major cyberattack against our National Critical Infrastructure (NCI), most of the cyber forces are not well adapted to face the guerilla style warfare imposed by our adversaries. Based on recent lessons learned, this paper enlightens the challenges and opportunities of countering hybrid threats in cyberspace. Keywords: Cyber Operations, Hybrid warfare, information operations.   2.   Introduction There is, so far, no clear definition of the ‘hybrid threat’ concept in Western military institutions although there is no longer any debate about the reality of its existence in cyberspace. Whether one refers to the 2006 Israeli – Hezbollah... read more

Army Tactical Network Quality of Service and Graceful Degradation Concept

and Introduction The Army tactical network(s) currently comprise multiple, individually federated, transport mechanisms. Almost all warfighting functions, in addition to other specialized services (e.g. medical), maintain a dedicated network communication infrastructure. While this does provide some redundancy[i], it also impedes collaboration and data sharing, as well as greatly increases complexity and Cost, Size, Weight and Power (SWaP) requirements across all tactical echelons. The U.S. Army Cyber Center of Excellence has recently introduced a plan to converge these Command Post (CP) network architectures, promoting the concept of a single transport layer as a means to increase efficiency and enable the sharing of data across all mission functions. Achieving this degree of integration has numerous challenges. This article will focus on just one – critical information delivery assurance. Given that within this network model, all data must share a single finite capacity communication transport layer, how do we ensure that critical information is provided some assurance of guaranteed delivery and responsiveness? To achieve this, we make the case that a converged tactical network must support a comprehensive Quality of Service (QoS) implementation as well as graceful degradation mechanisms.   Background As related to computer networking, QoS is a means of prioritizing amongst various data flows such that some degree of assured service can be maintained. Simply put, QoS can be thought of as a contract between the application (user) and the network, ensuring some agreed-upon minimum level of service. QoS is predicated on the fact that not all data streams are as susceptible to high latency or bit error rate conditions as others, or that not all communication streams are of equivalent... read more

Education for the Future of Cyber

Abstract Education will be the cornerstone for our nation’s success in cyberspace. The military has made efforts towards building the force necessary to defend its borders within cyberspace. The United States (US), however, will need to invest in its youth to better prepare for the future. This article focuses on current efforts to prepare for cyber warfare through the education system, community programs, and military training. With a better understanding of the current efforts, organizations can strengthen programs or focus on areas necessary to further US capabilities in cyberspace. Introduction Over the course of the last century, warfare has made giant leaps in terms of battle ground in which war is fought. No longer are wars fought solely on ground, air, or sea, but in space, and now cyberspace. Due to this change in terrain, Soldiers must be smarter than they have ever been, and eager to not only train physically, but mentally. The need to educate Soldiers has become crucial to future military success, and that need reaches beyond the services to grade school, in order to develop the fighting force the US requires. The question becomes, what is the US doing to better prepare young people to inherit the cyberspace battlefield? To answer this question, the military is making changes to its current structure as well as looking to other agencies and organizations to fill military requirements. Education             “We know that the nation that out-educates today will out-compete us tomorrow. And I don’t intend to have us out-educated.”[1] – Barack Obama, President of the United States of America. In the aftermath of 9/11, the US government... read more

Online First: Darknet Mining and Game Theory for Enhanced Cyber Threat Intelligence

Due to a recent increase in popularity, Darknet hacker marketplaces and forums now provide a rich source of cyber threat intelligence for security analysts. This paper covers background information on Darknet hacker communities and their value to the cybersecurity community before detailing an operational data-collection system that is currently gathering over 300 threat warnings per week, with a precision of around 90% (Nunes 2016). Additionally, we introduce a game theoretic framework designed to leverage the exploit data mined from the Darknet to provide system-specific policy recommendations. For the framework, we provide complexity results, provably near-optimal approximation algorithms, and evaluations on a dataset of real-world exploits. Download the full... read more

Online First: U.S. Special Operations Forces in Cyberspace

Cyberspace is a human space, as dynamic and uncertain as human nature. No longer simply a technical abstraction or manmade domain unto itself, cyberspace is a growing facet of every-day life that increasingly cuts across all aspects of Special Operations. Cyber is a dynamic space, a global commons of human practice, which embodies the actions, behaviors, and decisions of man. Cyber is also an uncertain space; and although its future impact to our national security is yet to be determined, it is clearly a space where United States Special Operations Forces (USSOF) have an increasing role in shaping the final outcome. Ultimately, cyber is a human enterprise which empowers and entangles countless global interactions, and is rapidly becoming a preeminent space where human conflicts, and thus USSOF, must play a part. Download the full... read more

FBI Cyber: Preventing Tomorrow’s Threats Today

, , , and Is the Federal Bureau of Investigation capable of defending the citizens of the United States of America against cyber-attacks? Are the cyber criminals of today too advanced and unpredictable for the FBI to keep up with? Is it possible for the FBI to predict and overcome such an advanced and ever-changing adversary? Although the cyber domain is challenging law enforcement in new and unpredictable ways, this paper imagines a future in which they are fully capable of combating cyber criminals. By reviewing past successes within the FBI, examining their ability to overcome jurisdictional hurdles, and analyzing their capacity to innovate and adapt to criminals who think they can outsmart them, the FBI of the future will be able to proactively prevent tomorrow’s threats today. Origins of the FBI During the early 20th century, as the country began to widely adopt innovations such as automobiles and radios, which were science fiction just decades before, many American workers began moving into cities to capitalize on this increasing need to develop and maintain new technologies. The drastic influx of people into urban areas created cities with a multitude of citizens, packed into relatively small areas. As these cities began to grow, a new phenomenon began to develop as well: organized crime. Organized crime began to plague local authorities in unforeseen ways, and it became such an issue that the U.S. Attorney General was forced to intervene.[1] The Bureau of Investigation, later renamed the Federal Bureau of Investigation (FBI), was the Attorney General’s answer to organized crime. Founded in July 1908, the FBI was created to address the myriad of problems that local... read more

Safeguarding The United States Military’s Cyber Supply Chain

America’s military cyber supply chain (USMCSC) depends on China’s manufacturing sector, yet faces uncertainty with regards to China’s global political stance. While trade between the United States  and China is extremely crucial to both country’s economies and respective GDPs, at what point does the US military choose to refrain from doing business with China? China’s desire to become one of the leading global powers has resulted in its significant and aggressive military growth. American defense companies, desiring to maintain revenues and market share, increasingly outsource military manufacturing to Chinese companies. China is slated to become a hub for American military software outsourcing. Given such a flow of information along the cyber supply chain, it is not unreasonable to suspect that China is culling the USMCSC for information for its own militaristic use. If this is the case, should the US military curb or cut trade with China as means of safeguarding American military secrets? The International Cyber Supply Chain Presently, the United States (US) military utilizes an international cyber supply chain, whereby it outsources the manufacturing of military resources and supplies so that it can maintain revenues and market share. One of the USMCSC’s partners is China, which has found equal footing alongside the US, Russia, and Great Britain as a world power due to economic prowess. Since China enjoys a status of neither an ally nor enemy of the US, it can engage with the American military as a manufacturing supplier. However, now that China has emerged as one of the foremost US geopolitical competitors, the American military must strike a balance between working within China’s global economy... read more
© Copyright protection is not available for official publications of the United States government. However, the authors of specific content published in the Cyber Defense Review retain copyright to their individual works, so long as those authors are not United States government personnel (military or civilian). Publication in a government journal does not authorize the use or appropriation of copyright-protected material without the owner’s consent.