Maritime Deception and Concealment: Concepts for Defeating Wide-Area Oceanic Surveillance-Reconnaissance-Strike Networks

Deception and concealment can help mitigate the risks that an adversary might cripple U.S. forward maritime forces in a massive, war-opening strike, achieve in the first days or weeks some fait accompli, or inflict severe losses on maritime forces as they maneuver within a contested zone to retake the initiative

An Evaluation Schema for the Ethical Use of Autonomous Robotic Systems in Security Applications

We propose a multi-step evaluation schema designed to help procurement agencies and others to examine the ethical dimensions of autonomous systems to be applied in the security sector, including autonomous weapons systems

The Future Role of Strategic Landpower

Recent Russian aggression in Ukraine has reenergized military strategists and senior leaders to evaluate the role of strategic Landpower. American leadership in the European theater has mobilized allies and partners to reconsider force postures for responding to possible aggression against NATO members. Although Russian revisionist activity remains a threat in Europe, the challenges in the Pacific for strategic Landpower must also be considered. At the same time, the homeland, the Arctic, climate change, and the results of new and emerging technology also challenge the application of strategic Landpower. This publication serves as part of an enduring effort to evaluate strategic Landpower’s role, authorities, and resources for accomplishing the national strategic goals the Joint Force may face in the next conflict. This study considers multinational partners, allies, and senior leaders that can contribute to overcoming these enduring challenges. The insights derived from this study, which can be applied to both the European and Indo-Pacific theaters, should help leaders to consider these challenges, which may last a generation. Deterrence demands credible strategic response options integrated across warfighting functions. This valuable edition will continue the dialogue about addressing these issues as well as other emerging ones.https://press.armywarcollege.edu/monographs/1959/thumbnail.jp

STRATEGIC COUNTERINTELLIGENCE: AN APPROACH TO ENGAGING SECURITY THREATS TO AMERICAN SECURITY

The US Intelligence Community has shown a lack of understanding and appreciation of counterintelligence and its capabilities as a strategic tool. Historically, US adversaries have used the famed Double-Cross System to engage in counterintelligence and counter-espionage operations that have effectively neutralized US foreign intelligence operations. This research reviews and answers the question of “Strategic Counterintelligence; What Is It and What Should We Do About it?” Strategic counterintelligence is the analysis of foreign intelligence or security service entity acting on behalf of state or non-state actor. The operational aspect is aimed at exploiting the state or non-state actor’s clandestine collection channel to manage the actor’s objectives. My deception research revealed that state and non-state actors are still susceptible to deception, and that technology is increasing this vulnerability in the US. Through researched historical examples, it was found that strategic counterintelligence operations are a method of imposing costs on a state or non-state actor, specifically through the controlled release of technology. Lastly, Double-Cross-like operations are viable in cyberspace through the use of decoy and real network systems. The US has the ability to effectively employ strategic counterintelligence operations, deliberately and reactively, against a state or non-state actor, to drive the actor’s moves and countermoves

“I spy, with my little sensor”:Fair data handling practices for robots between privacy, copyright and security

The paper suggests an amendment to Principle 4 of ethical robot design, and a demand for "transparency by design". It argues that while misleading vulnerable users as to the nature of a robot is a serious ethical issue, other forms of intentionally deceptive or unintentionally misleading aspects of robotic design pose challenges that are on the one hand more universal and harmful in their application, on the other more difficult to address consistently through design choices. The focus will be on transparent design regarding the sensory capacities of robots. Intuitive, low-tech but highly efficient privacy preserving behaviour is regularly dependent on an accurate understanding of surveillance risks. Design choices that hide, camouflage or misrepresent these capacities can undermine these strategies. However, formulating an ethical principle of "sensor transparency" is not straightforward, as openness can also lead to greater vulnerability and with that security risks. We argue that the discussion on sensor transparency needs to be embedded in a broader discussion of "fair data handling principles" for robots that involve issues of privacy, but also intellectual property rights such as copyright

The Army Role in Achieving Deterrence in Cyberspace

In 2015, the Department of Defense (DoD) released the DoD Cyber Strategy which explicitly calls for a comprehensive strategy to provide credible deterrence in cyberspace against threats from key state and nonstate actors. To be effective, such activities must be coordinated with ongoing deterrence efforts in the physical realm, especially those of near-peers impacting critical global regions such as China in the Asia-Pacific region and Russia in Europe. It is important for the U.S. Army to identify and plan for any unique roles that they may provide to these endeavors. This study explores the evolving concept of deterrence in cyberspace in three major areas: • First, the monograph addresses the question: What is the current U.S. deterrence posture for cyberspace? The discussion includes an assessment of relevant current national and DoD policies and concepts as well as an examination of key issues for cyber deterrence found in professional literature. • Second, it examines the question: What are the Army’s roles in cyberspace deterrence? This section provides background information on how Army cyber forces operate and examines the potential contributions of these forces to the deterrence efforts in cyberspace as well as in the broader context of strategic deterrence. The section also addresses how the priority of these contributions may change with escalating levels of conflict. • Third, the monograph provides recommendations for changing or adapting the DoD and Army responsibilities to better define and implement the evolving concepts and actions supporting deterrence in the dynamic domain of cyberspace.https://press.armywarcollege.edu/monographs/1379/thumbnail.jp

U.S Naval Strategy in the 1990\u27s

The decade of the 1990s represents a distinctive period in American naval strategic thinking. Bounded on one side by the end of the Cold War in 1989-91 and on the other by the beginning of the era of the global war on terrorism after 11 September 2001, these were years in which the U.S. Navy of the 1990s found itself faced with a dramatically altered strategic situation. For the first time in at least four decades, the U.S. Navy had neither a peer nor a superior naval adversary; further, no credible naval adversary could be discerned in the foreseeable future.https://digital-commons.usnwc.edu/usnwc-newport-papers/1026/thumbnail.jp

Three Decades of Deception Techniques in Active Cyber Defense -- Retrospect and Outlook

Deception techniques have been widely seen as a game changer in cyber defense. In this paper, we review representative techniques in honeypots, honeytokens, and moving target defense, spanning from the late 1980s to the year 2021. Techniques from these three domains complement with each other and may be leveraged to build a holistic deception based defense. However, to the best of our knowledge, there has not been a work that provides a systematic retrospect of these three domains all together and investigates their integrated usage for orchestrated deceptions. Our paper aims to fill this gap. By utilizing a tailored cyber kill chain model which can reflect the current threat landscape and a four-layer deception stack, a two-dimensional taxonomy is developed, based on which the deception techniques are classified. The taxonomy literally answers which phases of a cyber attack campaign the techniques can disrupt and which layers of the deception stack they belong to. Cyber defenders may use the taxonomy as a reference to design an organized and comprehensive deception plan, or to prioritize deception efforts for a budget conscious solution. We also discuss two important points for achieving active and resilient cyber defense, namely deception in depth and deception lifecycle, where several notable proposals are illustrated. Finally, some outlooks on future research directions are presented, including dynamic integration of different deception techniques, quantified deception effects and deception operation cost, hardware-supported deception techniques, as well as techniques developed based on better understanding of the human element.Comment: 19 page

Anti-war and the cyber triangle : strategic implications of cyber operations and cyber security for the state

[From the introduction:]The main driver for this choice of research was the growing influence of Internet-related issues in contemporary politics in various fields. 2009 saw an intensification of this link between information and communication technologies and international relations, particularly in the field of intelligence and military, with the revelation of notorious cyber operations such as AURORA, Ghostnet and Night Dragon (see chapter II). While those events started to attract the broader attention of academics, it was not until the discovery of the Stuxnet malware in 2010 (see chapter IV) that the issue gained momentum in other fields as well. A computer malware targeting a nuclear enrichment facility in a foreign country amidst a latent conflict certainly raised a lot of questions that demanded answers. Its sophisticated design and potential implications for international relations as well as strategic studies was one of the main inspirations for this research.While the emergence of literature on espionage and sabotage in conjunction with the Internet can be traced back to the 1990's, Kello recognises that even in 2013 it remains a weakly developed area, stating that '[t]he range of conceivable cyber conflict is poorly understood by scholars and decision-makers, and it is unclear how conventional security mechanisms, such as deterrence and collective defence apply to this phenomenon' (Kello, 2013: 7). Thus, the aim of this research is to contribute to the literature in this way '[…] in addition to elucidating empirical cyber events, scholars can guide the design of policies to affect them' (Kello, 2013: 38-39). Undertaking research in a field which is state-of-the-art and therefore, highly volatile, presents a particular academic challenge. It does also however enable a researcher to make a potentially crucial contribution, a dent, in the current debate. In areas of research in a vacuum exists, it is imperative for scholars to contribute to filling up that academic lacuna. The main outcome therefore is supposed to be a contribution to the academic debate on the strategic relevance and conduct of cyber operations and the state’s response to it. The intellectual tools developed as part of this research may be of future use for policy-makers. The underlying question for the research is: What are the strategic implications of cyber operations for the state?The Economist recently saw 'intensifying cyber threats' as one of the top challenges for 2014 (The Economist, 2014). The revelations of the past years, starting with Stuxnet, Operation AURORA, APT-1, Red October and activities derived from the NSA Documents revealed by whistleblower Edward Snowden indicate that this threat will not abate soon. More and more states are readying themselves for future conflicts by developing defensive as well offensive cyber operations capabilities (Lewis, 2013b: 9-55). The latest domain for conflict resolution is currently being explored and exploited too by a growing number of different stakeholders. Based on the increased number of stakeholders and the intensity and number of occurrences of said events (see section 3.5 and appendix), its contemporary relevance is high and has been increasing for several years and looks set to continue. Guiding principles in the field of strategy is an important part of this development. Though the debate on strategic implications of cyber operations started in the early 1990's, and promoted under the auspices of the RAND Corporation, '[i]ntellectually, we are in a position not unlike that faced 65 years ago as we began to develop our thinking about nuclear weapons' (Kramer, 2012: I). Nye agrees, stating that 'in comparison to the nuclear revolution in military affairs, strategic studies of the cyber domain are chronologically equivalent to 1960 but conceptually more equivalent to 1950. Analysts are still not clear about the lessons of offense, defense, deterrence, escalation, norms, arms control, or how they fit together into a national strategy' (Nye, 2011: 19). Thus, an intensive academic analysis of this field is pivotal, especially within the framework of strategic studies, in order to enable strategic adaptation and decision-making (Kello, 2013: 14). The timeliness of events, paired with the lack of a properly developed strategic framework, signify the increased contemporary relevance for research of the strategic implications of cyber operations for the state.Definitions are very important in political science, and only more so for research in the field of cyber operations. In the absence of commonly agreed upon definitions for cyber operations, and a multitude of other terms such as cyber warfare, digital warfare, information warfare, electronic warfare (see sub-sections 3.1 and 3.2 as well as section 4) which are at once related and disparate, mean that clarity in definitions is centrally important. While definitions might normally differ slightly, all elements included in the definition of cyber operations might vary. This includes the stakeholders (and their representation as entity in the cyber domain), the means to conduct cyber operations, the platform where it is conducted (for example all digital devices, Internet only, electromagnetic spectrum) and the operations through which it is conducted (for example, if cyber espionage is included or not).Therefore, the coherent and comprehensive definition is of vital importance for the understanding of the research and more so for its outcomes. The terminology of this research applies for the state in the cyber domain, cyber operations and cyber strategy. Thus, the three key definitions which are developed in this research can be found below.The state and its representation in the cyber domain is defined in chapter I: The state’s representation of the cyber domain is the Critical National Information Infrastructure (CNII). The CNII is composed of a particular part of the information infrastructure which is vital to the function of the state according to the state-teachings of Jellinek: territory, people and legitimate use of violence.The definition of cyber operations as developed in chapter II: A cyber operation is the targeted use and hack of digital code by any individual, group, organization or state using digital networks, systems and connected devices, which is directed against CNII in order to steal, alter, destroy information or disrupt and deny functionality with the ultimate aim to weaken and/ or harm a targeted political unit.Subsequently, the definition of a cyber strategy in chapter IV: The development and employment of cyber operations, potentially integrated and coordinated with other operational domains and forms of information operations, to achieve or support the achievement of political objectives