Rules of engagement -- Defense Systems

TransTracker 's personal annotations on this page

Transtracker bookmarked on 2009-02-27 cyberwar cyber command

A great piece from Defense Systems IT about current DoD cyberwar efforts.

In the face of an increasingly dangerous collection of network-enabled terrorists, politically and economically motivated hackers, and potentially adversarial countries flexing their muscle in the cyber realm, the Defense Department is in the process of creating a doctrine for waging — and preventing — war in cyberspace.

Also in this report

Cyber criminals: Digital mercenaries and arms dealers

That effort has included the creation of command structures to equip and train a new class of cyber operators. The most visible of those efforts was the Air Force’s provisional Cyber Command, now destined to be a numbered Air Force under the umbrella of the Air Force Space Command. The Army also has established a cyber warfare unit, the provisional Army Network Warfare Battalion at Fort Meade, Md., created in July 2008.
At the same time, DOD has been wrestling with the question of how to conduct operations in a realm that is fraught with complexity, developing theory and doctrine for cyber warfare. When is an attack in cyberspace a criminal act, and when is it an act of war? How can the source of cyberattacks be attributed when most methods of attack easily screen the identity of the responsible party? How is deterrence possible in a world where a single person can launch an attack that does millions of dollars of financial damage or compromises national security in a way that aids enemies in taking lives? Those are all questions that DOD is seeking to answer.
While Russian forces prepared to invade Georgia, hackers were mounting a propaganda attack on the Georgian president’s Web site. After the fighting began, the cyberattacks elevated, cutting off access to many of Georgia’s government and media Web sites.

“What was really unique with Georgia was that it was the first time we had kinetic and nonkinetic attacks going on at the same time,” said Mark Hall, director of information assurance policy and strategy at the Office of the Assistant Secretary of Defense.
- Transtracker on 2009-02-27
  
  Not really. We saw cyber attacks alongside kinetic attacks as far back as 2001 in the "cyber intifada," that other "first war in cyberspace."
Criminal organizations such as the Russian Business Network (RBN), terrorists and politically motivated hacker groups — known as hacktivists — use cyberattacks to support their causes. Security experts attribute much of the cyberattacks on Georgia to a server controlled by RBN, and pro-Russian and pro-Ossetian hacktivists were also involved in the denial-ofservice attacks on Georgia.

DOD also has been the target of hacktivism, particularly from China following the 1999 NATO bombing of the Chinese embassy during the Kosovo Conflict and during the April 2001 detention of a Navy EP-3 patrol aircraft after a collision with a Chinese fighter aircraft.

“We had a lot of attacks by Chinese hacktivists, mostly Web defacements,” Hall said.

Hall said he sees hacktivism as a major ongoing issue. “Hacktivists are someone we need to worry about and concentrate on as well. Are we monitoring these sites? Are we developing our ability to deal with that threat vector as well? A nation can influence their activity while also denying culpability. And we haven’t seen any sort of restraint in these communities to keep them from carrying out these attacks.”
- Transtracker on 2009-02-27
  
  In Dorothy Denning's original model, hactivists were explicitly not seen as the same as cyber terrorists or cyber warfighters. As we see here, however, members of the U.S. defense community are increasingly speaking of hactivists, defacement, and denial of service as "attacks," acts of terrorism or warfare.
DOD is making moves to narrow the gap identified in the 2006 Quadrennial Defense Review (QDR). The review called for the development of “capabilities to shape and defend cyberspace.” “Cyber is absolutely critical to everything we do,” Lt. Gen. Robert Elder, commander of the 8th Air Force, told the audience at the Air Force Cyberspace Symposium in June 2008.

You can’t just be an air or space operator anymore, he said. “If you can’t control and ensure your cyberspace and you haven’t been prepared to deal with the fact that it will come under attack, then you will not be successful as a military operator.”
- Transtracker on 2009-02-27
  
  But do denial of service or defacement "attacks" against public websites really threaten the military's ability to do its job on the battlefield, in the same way that more traditional, kinetic attacks would? Maybe. I'm willing to believe it is possible. But only ever pointing to DDoS and defacements against public-facing government or military websites doesn't make a convincing argument.
One factor DOD needs to consider is how the cyber domain interacts with the other domains in which air, sea and ground forces operate, said Jim Lewis, director of the technology and public policy program at the Center for Strategic and International Studies.

“We’re at a place now [with cyberspace] that the military was with the airplane in 1914,” he said. “They know it’s probably important and could be useful, but they are trying to figure out how to integrate it with other tasks.” But the No. 1 issue might be deciding when a cyber conflict is occurring and when U.S. forces are authorized to do something about it, he said.
- Transtracker on 2009-02-27
  
  An attempt to define a "cyber domain" on par with air, sea, land, and space. Successfully defining cyberspace in such a way would help justify both defining cyber "attacks" as acts of war, but also responses to "attacks" in the "cyber domain" that eminate from the other domains--i.e. responding to a cyber "attack" with retaliatory airstrikes against the "attackers" information infrastructure.
DOD has weathered several major cyberattacks by Chinese hacktivists and others in this decade
- Transtracker on 2009-02-27
  
  Again, hacktivists are being portrayed as a major military threat.
What if Russia did say it was responsible for the Estonian attacks and that it launched them to teach Estonia a lesson, asked Dan Kuehl, a professor at the National Defense University’s Information Resources Management College.

“What lines would be crossed by that, even if the [cyber] actions included knocking down some major Estonian civilian or military capability?” he asked. “There is by no means any form of consistent agreement on what that means.”
- Transtracker on 2009-02-27
  
  Here we have a tacit admission that the attacks on Estonia did not in fact have major impacts upon the government or military of Estonia. Like the Georgia case, the Estonia case is often used (as it is here) as an object lesson about the potential dangers of cyberwar. But in both cases, the scariness factor always seems to fall short.

This link has been bookmarked by 1 people . It was first bookmarked on 27 Feb 2009, by TransTracker.

27 Feb 09

TransTracker
A great piece from Defense Systems IT about current DoD cyberwar efforts.

cyberwar cyber command
- In the face of an increasingly dangerous collection of network-enabled terrorists, politically and economically motivated hackers, and potentially adversarial countries flexing their muscle in the cyber realm, the Defense Department is in the process of creating a doctrine for waging — and preventing — war in cyberspace.
  
  Also in this report
  
  Cyber criminals: Digital mercenaries and arms dealers
  
  That effort has included the creation of command structures to equip and train a new class of cyber operators. The most visible of those efforts was the Air Force’s provisional Cyber Command, now destined to be a numbered Air Force under the umbrella of the Air Force Space Command. The Army also has established a cyber warfare unit, the provisional Army Network Warfare Battalion at Fort Meade, Md., created in July 2008.
- At the same time, DOD has been wrestling with the question of how to conduct operations in a realm that is fraught with complexity, developing theory and doctrine for cyber warfare. When is an attack in cyberspace a criminal act, and when is it an act of war? How can the source of cyberattacks be attributed when most methods of attack easily screen the identity of the responsible party? How is deterrence possible in a world where a single person can launch an attack that does millions of dollars of financial damage or compromises national security in a way that aids enemies in taking lives? Those are all questions that DOD is seeking to answer.
- 6 more annotations...
- - While Russian forces prepared to invade Georgia, hackers were mounting a propaganda attack on the Georgian president’s Web site. After the fighting began, the cyberattacks elevated, cutting off access to many of Georgia’s government and media Web sites.
    
    “What was really unique with Georgia was that it was the first time we had kinetic and nonkinetic attacks going on at the same time,” said Mark Hall, director of information assurance policy and strategy at the Office of the Assistant Secretary of Defense.
    TransTracker on 2009-02-27
    
    Not really. We saw cyber attacks alongside kinetic attacks as far back as 2001 in the "cyber intifada," that other "first war in cyberspace."
  - Criminal organizations such as the Russian Business Network (RBN), terrorists and politically motivated hacker groups — known as hacktivists — use cyberattacks to support their causes. Security experts attribute much of the cyberattacks on Georgia to a server controlled by RBN, and pro-Russian and pro-Ossetian hacktivists were also involved in the denial-ofservice attacks on Georgia.
    
    DOD also has been the target of hacktivism, particularly from China following the 1999 NATO bombing of the Chinese embassy during the Kosovo Conflict and during the April 2001 detention of a Navy EP-3 patrol aircraft after a collision with a Chinese fighter aircraft.
    
    “We had a lot of attacks by Chinese hacktivists, mostly Web defacements,” Hall said.
    
    Hall said he sees hacktivism as a major ongoing issue. “Hacktivists are someone we need to worry about and concentrate on as well. Are we monitoring these sites? Are we developing our ability to deal with that threat vector as well? A nation can influence their activity while also denying culpability. And we haven’t seen any sort of restraint in these communities to keep them from carrying out these attacks.”
    TransTracker on 2009-02-27
    
    In Dorothy Denning's original model, hactivists were explicitly not seen as the same as cyber terrorists or cyber warfighters. As we see here, however, members of the U.S. defense community are increasingly speaking of hactivists, defacement, and denial of service as "attacks," acts of terrorism or warfare.
  - DOD is making moves to narrow the gap identified in the 2006 Quadrennial Defense Review (QDR). The review called for the development of “capabilities to shape and defend cyberspace.” “Cyber is absolutely critical to everything we do,” Lt. Gen. Robert Elder, commander of the 8th Air Force, told the audience at the Air Force Cyberspace Symposium in June 2008.
    
    You can’t just be an air or space operator anymore, he said. “If you can’t control and ensure your cyberspace and you haven’t been prepared to deal with the fact that it will come under attack, then you will not be successful as a military operator.”
    TransTracker on 2009-02-27
    
    But do denial of service or defacement "attacks" against public websites really threaten the military's ability to do its job on the battlefield, in the same way that more traditional, kinetic attacks would? Maybe. I'm willing to believe it is possible. But only ever pointing to DDoS and defacements against public-facing government or military websites doesn't make a convincing argument.
  - One factor DOD needs to consider is how the cyber domain interacts with the other domains in which air, sea and ground forces operate, said Jim Lewis, director of the technology and public policy program at the Center for Strategic and International Studies.
    
    “We’re at a place now [with cyberspace] that the military was with the airplane in 1914,” he said. “They know it’s probably important and could be useful, but they are trying to figure out how to integrate it with other tasks.” But the No. 1 issue might be deciding when a cyber conflict is occurring and when U.S. forces are authorized to do something about it, he said.
    TransTracker on 2009-02-27
    
    An attempt to define a "cyber domain" on par with air, sea, land, and space. Successfully defining cyberspace in such a way would help justify both defining cyber "attacks" as acts of war, but also responses to "attacks" in the "cyber domain" that eminate from the other domains--i.e. responding to a cyber "attack" with retaliatory airstrikes against the "attackers" information infrastructure.
  - DOD has weathered several major cyberattacks by Chinese hacktivists and others in this decade
    TransTracker on 2009-02-27
    
    Again, hacktivists are being portrayed as a major military threat.
  - What if Russia did say it was responsible for the Estonian attacks and that it launched them to teach Estonia a lesson, asked Dan Kuehl, a professor at the National Defense University’s Information Resources Management College.
    
    “What lines would be crossed by that, even if the [cyber] actions included knocking down some major Estonian civilian or military capability?” he asked. “There is by no means any form of consistent agreement on what that means.”
    TransTracker on 2009-02-27
    
    Here we have a tacit admission that the attacks on Estonia did not in fact have major impacts upon the government or military of Estonia. Like the Georgia case, the Estonia case is often used (as it is here) as an object lesson about the potential dangers of cyberwar. But in both cases, the scariness factor always seems to fall short.

Public Stiky Notes

TransTracker on 2009-02-27

Not really. We saw cyber attacks alongside kinetic attacks as far back as 2001 in the "cyber intifada," that other "first war in cyberspace."
TransTracker on 2009-02-27

In Dorothy Denning's original model, hactivists were explicitly not seen as the same as cyber terrorists or cyber warfighters. As we see here, however, members of the U.S. defense community are increasingly speaking of hactivists, defacement, and denial of service as "attacks," acts of terrorism or warfare.
TransTracker on 2009-02-27

But do denial of service or defacement "attacks" against public websites really threaten the military's ability to do its job on the battlefield, in the same way that more traditional, kinetic attacks would? Maybe. I'm willing to believe it is possible. But only ever pointing to DDoS and defacements against public-facing government or military websites doesn't make a convincing argument.
TransTracker on 2009-02-27

An attempt to define a "cyber domain" on par with air, sea, land, and space. Successfully defining cyberspace in such a way would help justify both defining cyber "attacks" as acts of war, but also responses to "attacks" in the "cyber domain" that eminate from the other domains--i.e. responding to a cyber "attack" with retaliatory airstrikes against the "attackers" information infrastructure.
TransTracker on 2009-02-27

Again, hacktivists are being portrayed as a major military threat.
TransTracker on 2009-02-27

Here we have a tacit admission that the attacks on Estonia did not in fact have major impacts upon the government or military of Estonia. Like the Georgia case, the Estonia case is often used (as it is here) as an object lesson about the potential dangers of cyberwar. But in both cases, the scariness factor always seems to fall short.

Would you like to comment?

Join Diigo for a free account, or sign in if you are already a member.

Other bookmarks from the site defensesystems.com »

Rules of engagement -- Defense Systems - The Diigo Meta page

TransTracker 's personal annotations on this page

Also in this report

Also in this report

Would you like to comment?

Check out another URL