9,525 research outputs found

    Army Support of Military Cyberspace Operations: Joint Contexts and Global Escalation Implications

    Get PDF
    View the Executive SummaryMilitary cyberspace operations have evolved significantly over the past 2 decades and are now emerging into the realm of military operations in the traditional domains of land, sea, and air. The goal of this monograph is to provide senior policymakers, decisionmakers, military leaders, and their respective staffs with a better understanding of Army cyberspace operations within the context of overall U.S. military cyberspace operations. It examines the development of such operations in three major sections. First, it looks at the evolution of Department of Defense cyberspace operations over the past decade to include the founding of U.S. Cyber Command from its roots in various military units focused on defensive and offensive cyberspace operations. Second, it examines the evolution of the Army implementation of cyberspace operations toward the initial establishment of Army Cyber Command as well as recent efforts to establish Fort Gordon, Georgia as the center of gravity for Army cyberspace activities. Third, it explores the role of cyberspace operations in the escalation of international conflict, focusing on the sufficiency of the current cyberspace force structure to address an international environment of multiple actors interacting with varying degrees of tension.https://press.armywarcollege.edu/monographs/1470/thumbnail.jp

    AN AUTOMATED POST-EXPLOITATION MODEL FOR OFFENSIVE CYBERSPACE OPERATIONS

    Get PDF
    The Department of Defense (DOD) uses vulnerability assessment tools to identify necessary patches for its many cyber systems to mitigate cyberspace threats and exploitation. If an organization misses a patch, or a patch cannot be applied in a timely manner, for instance, to minimize network downtime, then measuring and identifying the impact of such unmitigated vulnerabilities is offloaded to red teaming or penetration testing services. Most of these services concentrate on initial exploitation, which stops short of realizing the larger security impact of post-exploitation actions and are a scarce resource that cannot be applied to all systems in the DOD. This gap in post-exploitation services results in an increased susceptibility to offensive cyberspace operations (OCO). This thesis expands upon the automated initial exploitation model of the Cyber Automated Red Team Tool (CARTT), initially developed at the Naval Postgraduate School, by developing and implementing automated post-exploitation for OCO. Implementing post-exploitation automation reduces the workload on red teams and penetration testers by providing necessary insight into the impact of exploited vulnerabilities. Patching these weaknesses will result in increased availability, confidentiality, and integrity of DOD cyberspace systems.Outstanding ThesisLieutenant, United States NavyApproved for public release. Distribution is unlimited

    Cyberspace Sovereignty: Is Territorializing Cyberspace Opposed to Having a Globally Compatible Internet?

    Get PDF
    The internet is at a crossroads today. Whence once viewed as a borderless domain, today it is spoken of in alarmist terms that warn against its demise in the context of growing government censorship programs and powerful commercial interests. This essay reviews the literature on cyberspace and sovereignty, showing the emergence of pro-sovereigntist perspectives and predictions of cyberspace Balkanization in recent decades. It further links the conceptual debate over cyber-sovereignty to real-world geopolitical conflicts and struggles over the future of Internet governance, showing how different conceptions of cyberspace are functions of the geopolitical interests of different powers. Drawing on recent literature on cyber espionage, this essay provides a review of the defensive and offensive practices of state powers in and through cyberspace to argue that while impulses towards re-territorialization of cyberspace are undeniable, such attempts are ultimately frustrated by operations aiming to use common protocols for external security and internal surveillance. Such practices illustrate a more nuanced depiction of sovereignty in cyberspace that goes beyond the borderless versus Balkanized dichotomy

    AUTOMATED CYBER OPERATIONS MISSION DATA REPLAY

    Get PDF
    The Persistent Cyber Training Environment (PCTE) has been developed as the joint force solution to provide a single training environment for cyberspace operations. PCTE offers a closed network for Joint Cyberspace Operations Forces, which provides a range of training solutions from individual sustainment training to mission rehearsal and post-operation analysis. Currently, PCTE does not have the ability to replay previously executed training scenarios or external scenarios. Replaying cyber mission data on a digital twin virtual network within PCTE would support operator training as well as enable development and testing of new strategies for offensive and defensive cyberspace operations. A necessary first step in developing such a tool is to acquire network specifications for a target network, or to extract network specifications from a cyber mission data set. This research developed a program design and proof-of-concept tool, Automated Cyber Operations Mission Data Replay (ACOMDR), to extract a portion of the network specifications necessary to instantiate a digital twin network within PCTE from cyber mission data. From this research, we were able to identify key areas for future work to increase the fidelity of the network specification and replay cyber events within PCTE.Captain, United States Marine CorpsApproved for public release. Distribution is unlimited

    Warfighting for cyber deterrence: a strategic and moral imperative

    Get PDF
    Theories of cyber deterrence are developing rapidly. However, the literature is missing an important ingredient—warfighting for deterrence. This controversial idea, most commonly associated with nuclear strategy during the later stages of the Cold War, affords a number of advantages. It provides enhanced credibility for deterrence, offers means to deal with deterrence failure (including intrawar deterrence and damage limitation), improves compliance with the requirements of just war and ultimately ensures that strategy continues to function in the post-deterrence environment. This paper assesses whether a warfighting for deterrence approach is suitable for the cyber domain. In doing so, it challenges the notion that warfighting concepts are unsuitable for operations in cyberspace. To do this, the work constructs a conceptual framework that is then applied to cyber deterrence. It is found that all of the advantages of taking a warfighting stance apply to cyber operations. The paper concludes by constructing a warfighting model for cyber deterrence. This model includes passive and active defences and cross-domain offensive capabilities. The central message of the paper is that a theory of victory (strategy) must guide the development of cyber deterrence

    Fear, uncertainty, and dread: cognitive heuristics and cyber threats

    Get PDF
    Advances in cyber capabilities continue to cause apprehension among the public. With states engaging in cyber operations in pursuit of its perceived strategic utility, it is unsurprising that images of a “Cyber Pearl Harbor” remain appealing. It is crucial to note, however, that the offensive action in cyberspace has only had limited success over the past decade. It is estimated that less than 5% of these have achieved their stated political or strategic objectives. Moreover, only five states are thought to have the capabilities to inflict or threaten substantial damage. Consequently, this raises the question of what accounts for the continued sense of dread in cyberspace. The article posits that this dread results from the inappropriate use of cognitive shortcuts or heuristics. The findings herein suggest that the lack of experience in dealing with cyber operations encourages uncertainty, which motivates decision-makers to base their judgements on pre-existing, and possibly incorrect, conceptions of cyberspace. In response, the article segues into potential solutions that can mitigate unsubstantiated dread towards cyberspace by peering into the role that attributes at the organizational level can play in tempering the position of individuals. The suggested considerations are rooted in the interactions between the micro and macro level processes in forming judgments, sensemaking, and ultimately, mobilizing actions

    Methodology to Perform Cyber Lethality Assessment

    Get PDF
    The Naval Surface Warfare Center, Dahlgren Division (NSWCDD) Lethality and Effectiveness Branch is the Navy’s subject matter experts (SME) on target vulnerability, weapon lethality, and weapon effectiveness. Branch personnel currently exercise expertise in the kinetic and directed energy weapon domains. When the Navy develops weapons in the kinetic and directed energy domains, there are clear and well established procedures and methodologies for performing target characterization that support weapon-target pairing. Algorithms exist to describe the likelihood of damage effects. It is natural that in the paradigm shift to cyberspace warfare that the Branch provide these same services to the warfighter in the cyber domain. In simplistic terms, cyberspace lethality is the opposite side of the cybersecurity coin. Rather than protecting own-systems, a cyber-offensive capability is applied to an adversary’s network to disrupt normal operations. However, there are currently no established procedures or methodologies for performing cyberspace target vulnerability characterization (CTVC) or cyber lethality and effectiveness analyses. Nor is there any organization currently dedicated to performing these tasks. Previous efforts were conducted stand-alone and did not produce a meaningful or accepted methodology. This dissertation is intended to research existing lethality prediction processes for kinetic and directed energy weapons and modify them for the new cyber weapon realm such that the new methodologies will allow analysts to perform effective and efficient CTVC and cyber weapon lethality performance assessments. The methodology will be presented to the Joint Technical Coordinating Group for Munitions Effectiveness for consideration and adaptation. The cyber lethality research and methodology development has the support of NSWCDD management which has designated cyber warfare engineering to be a thrust within the NSWCDD 2015-2020 Strategic Plan. This thrust includes providing support for offensive cyber operations through the experimentation, development, test and evaluation, training, integration, and certification of combat and weapon systems that will allow the naval commander to project power by the application of force in or through cyberspace

    Proportionality and its Applicability in the Realm of Cyber Attacks

    Get PDF
    With an ever-increasing reliance on State cyber-attacks, the need for an international treaty governing the actions of Nation-States in the realm of cyberwarfare has never been greater. States now have the ability to cause unprecedented civilian loss with their cyber actions. States can destroy financial records, disrupt stock markets, manipulate cryptocurrency, shut off nuclear reactors, turn off power grids, open dams, and even shut down air traffic control systems with the click of a mouse. This article argues that any cyber-attack launched with a reasonable expectation to inflict “incidental loss of civilian life, injury to civilians, or damage to civilian objects,” must be subject to the existing laws of proportionality. This article further examines the broader concept of proportionality, and the difficulties associated with applying a proportionality analysis to an offensive cyber-strike. This paper asserts that the ambiguities and complexities associated with applying the law of proportionality—in its current state and within a cyber context—will leave civilian populations vulnerable to the aggressive cyber actions of the world’s cyber powers. Consequently, this article stresses the necessity of developing a proportionality standard within a unified international cyberwarfare convention and asserts that such a standard is required in order to prevent the creation of a pathway towards lethal cyber aggressions unrestrained by the laws of war

    Positioning diplomacy within a strategic response to the cyber conflict threat

    Get PDF
    Background. Nation states unleash cyber attacks targeting other nation states (e.g. WannaCry, SolarWinds), termed “offensive cyber operations”. When such aggressions are deemed, according to the UN Charter, to constitute a threat to the peace, breach of the peace, or act of aggression towards a nation state, governments might choose to respond. Responses can range from silence all the way to retaliation, at the other end of the scale. The emergence of cyber diplomacy suggests a less militant and potentially powerful response option. Barrinha and Renard [5] explain that the rise of cyber diplomacy has coincided with “a growing contestation of the values, institutions and power dynamics of the liberal-created cyberspace”. (p.3). The question is: how could cyber diplomacy fit into a strategic threat management plan?Aim. To position cyber diplomacy within a strategic response to nation state offensive cyber operations.Method. To help us to position cyber diplomacy’s role in this domain, we first examine historical cyber conflicts, and governments’ responses to these, as well as testing the factors that might explain response choice. We then review a number of proposed options for managing cyber conflicts.Results. We propose a comprehensive “Five D’s” strategic framework to manage the threat of offensive cyber operations. Cyber diplomacy is included, acknowledging its emerging and potentially powerful role in managing cyber conflicts in the future.Conclusions. Cyber diplomacy has recently emerged and it has not yet been widely deployed. We show how it can be positioned within a strategic framework for managing the threat of offensive cyber operations from other nation states
    corecore