The Air Force is moving ahead with work on the cyber command (LINK) (http://www.govexec.com/story_page.cfm?articleid=38771&sid=60).



Air Force moving ahead with Cyber Command

The Air Force is moving ahead on establishing its new Cyber Command, searching for permanent facilities and planning meetings to establish rules by which it will operate, according to Air Force officials.

In September, the Air Force announced (http://afp.google.com/article/ALeqM5iO7DxqVJSIF7gp_uJduaZ8Aptyjw) it would establish a Cyber Command to prepare for fighting wars in cyberspace by defending national computer networks running critical operations and to attack adversaries computer networks.

The Air Force now operates a Provisional Cyberspace Command at Barksdale Air Force Base in northwest Louisiana. Its vice commander, Col. Anthony Buntyn, said the provisional command is solely involved with "standing up the permanent command," meaning it is developing a structure, finding a location for the base and hiring and training staff. Buntyn spoke this week at the Armed Forces Communications and Electronics Association's annual Air Force IT Day in Vienna, Va.

Besides the fact they are going to be having a meeting at Maxwell AFB a site of dubious consideration (see other posts in SWC for more on this ( http://council.smallwarsjournal.com/showpost.php?p=33846&postcount=84)), the Air Force is standing up this command in a vacuum. We have the NSA, the FBI, the CIA, and a host of other federal agencies and councils that deal with cyber warfare. I'm not suggesting this is a bad idea, but it is a strange idea. I really wish they would drop the word cyber from warfare ( http://selil.com/?p=91) too.

Besides the obvious overlap and repetition of effort the military is an interesting entity to be attempting the most flexible thinking form of war in repelling a cyber attack. The article refers to suits and ties being more prevalent when Mountain Dew and "Mountain Man Chocolate" would be more appropriate.

Cyber warfare by definition is almost always an asymmetric form of warfare. Cyber warfare draws on all of the thinking of perpetrating and protecting from an insurgent or guerilla form of warfare. The attacker in cyber-warfare uses the enemies strengths and tools to defeat him. The counter insurgent is required to assess the goals and methods of the attacker and close if not disrupt the patterns of attack. Due to the asymmetric nature of this form of warfare doctrinal and normal warfare strategies will fail to stop the insurgent.

In an interesting twist the Westphalian concept of a nation state will come back to haunt those nations when the cyber adversary has the means and will to attack the nation state. The concepts of Westphalian peace specifically set roles for nations that hamper specifying a particular person as an enemy rather than the nation-state sponsor. When there is no nation state sponsor the treaties and agreements fall like a house of cards. (I have a paper pending on this topic).

Cyber warfare as a militarized arm promotes an idea that the nation may be at war (as constitutionally mandated) when instead it is at odds with a variety of assailants some of whom may be totally unaware. Since infrastructures can be taken over and used without the knowledge of the owner (including countries) a huge political issues exists. Here again the concepts of counter insurgency inform us for the future on how to deal with non-state actors operating out of friendly or victimized countries. Diplomacy is a sliding scale of force and persuasion. We have to work with the people who possibly may have harmed us as unwitting dens of insurgent operations.

We as a nation don’t have a good “rules of engagement” in cyber warfare and our understanding of the international relations and climate is severely hampered by our current conflicts. The military does have some good people at the different academies who can inform them on technical aspects of cyber warfare. There are people at the NSA sanction NSF funded Centers of Academic Excellence. Historically though few academics have studies offensive weaponization of cyber space and even fewer understand the military mind set.

It will be interesting to follow the different aspects of this story as it moves forward.

Great catch, Sam !
The Estonians will be working with the 8th Air Force (http://www.af.mil/news/story.asp?id=123030505) and pointed me to this site for Cyberspace Trust, Careers, Battlespace and Cyberspace :eek:



The Air Force is moving ahead with work on the cyber command (LINK) (http://www.govexec.com/story_page.cfm?articleid=38771&sid=60).

I knew this was in the works, since one of our NCOs is trying to get back to Barksdale to join the provisional command. Interesting stuff.

Besides the fact they are going to be having a meeting at Maxwell AFB a site of dubious consideration (see other posts in SWC for more on this ( http://council.smallwarsjournal.com/showpost.php?p=33846&postcount=84)), Posted by selil

I keep telling you guys Slapout,Al. is the Cultural Center of The Universe:D If you think 4GW is something wait till you SBW... Slapout Based Warfare:D

The Air Force is way ahead of everybody else on this. Though I have two army LT's that are being asked if they want to go visit USAF brethern (Their both information security specialists).

Another article on AF Cyber warfare.

http://www.afa.org/magazine/nov2007/1107edit.asp

The Air Force is way ahead of everybody else on this. Though I have two army LT's that are being asked if they want to go visit USAF brethern (Their both information security specialists).

"New Cyber Command to be Huge Business Opportunity" (http://www.aviationweek.com/aw/generic/story.jsp?id=news/CYBER120607.xml&headline=New%20Cyber%20Command%20To%20Be%20'Huge'% 20Business%20Opportunity&channel=defense)

"There's going to be a huge contracting requirement," said Maj. Gen. Charles Ickes II, Air National Guard special assistant to the deputy chief of staff for operations, plans and requirements.

"I don't think anyone can tell you how big," he told the Northern Virginia chapter of the Armed Forces Communications and Electronics Association's Air Force information technology conference Dec. 5."

"Ickes, Santee and Col. Anthony Buntyn, the cyber command vice chief who is expecting his first star, said the Air Force will look to industry to provide "tools" for "real-time" processing and dissemination of attack information."

Trying to create a catch all thread.

The ramp up and media blitz to justifying the Air Force Cyber command has began.

March 4, 2008 LINK TO STORY (http://media-newswire.com/release_1061875.html)


(Media-Newswire.com) - 3/4/2008 - WASHINGTON ( AFPN ) -- Deputy Defense Secretary Gordon England is the latest government official to express concern about the United States' cyberspace vulnerabilities.

"Cyber warfare is already here," said Mr. England. "It's one of our major challenges."

Describing the new battlefront, the deputy secretary said, "I think cyber attacks are probably analogous to the first time, way back when people had bows and arrows and spears, and somebody showed up with gunpowder and everybody said, 'Wow. What was that?'"

Mr. England, speaking to an audience Mar. 3 gathered here for a Veterans of Foreign Wars conference, noted that President Bush addressed the threat by establishing a task force to coordinate U.S. government efforts to safeguard computers against cyber attacks.

In addition, the United States and other NATO allies are expected to address the issue of cyber defense when the 20th NATO summit convenes in Bucharest, Romania, in early April.

Estonia, a NATO member, was victimized by a series of data-flooding attacks last year that brought down the Web sites of several daily newspapers and forced Estonia's largest bank to shut down its online banking network.

"Estonia happens to be very advanced, in terms of networks in their country," Mr. England said. "So a strength was turned into a vulnerability."

Last week, the Pentagon's top intelligence official today told a Senate committee that cyber threats are contributing to the "unusually complex" security environment the United States faces.

"A global military trend of concern is ... the sophisticated ability of select nations and non-state groups to exploit and perhaps target for attack our computer networks," Army Lt. Gen. Michael D. Maples, director of the Defense Intelligence Agency, told the Senate Armed Services Committee on Feb. 27.

Joining the Pentagon's top intelligence official at the hearing on current and future threats facing the United States was the director of national intelligence, retired Navy Vice Adm. John M. "Mike" McConnell. Asked by senators about cyber threats, Admiral McConnell said, "We're not prepared to deal with it."

"The United States information infrastructure, including telecommunications and computer networks and systems, and most importantly the data that reside on these systems is critical to virtually every aspect of our modern life," he continued. "Threats to our intelligence infrastructure are an important focus of this community."

Admiral McConnell said China, Russia and possibly other nation-states have been assessed as being capable of collecting or exploiting data held on U.S. information systems.


More at the LINK (http://media-newswire.com/release_1061875.html)

This is an interesting take on propaganda and information warfare though titled cyber warfare. It is interesting to note the intersection of free speech and the Internet which has been becoming much more frequent.

Link to full story (http://www.thefirstpost.co.uk/?storyID=8300)



Last week, a Chinese court sent Chen Shuqing, a dissident internet writer, to jail for four years on charges of subversion. Meanwhile, in the northern Russian city of Syktyvkar, 21-year-old blogger Savva Terentyev is looking at two years in prison for making a derogatory comment about the police in an online diary.

Two disparate cases, thousands of miles apart, that send a very clear message about how ruthlessly China and Russia are patrolling their internet borders. This vigilance could serve as useful preparation for cyber war, an increasingly important battlefield where the West risks being overwhelmed.
The internet is a conduit of free speech but also a weapons delivery system. Authoritarian regimes have had to develop defences against the internet to stem the flow of independent thought.

And having learnt how to defend themselves, these states are well- versed in techniques that can be deployed against other nations.

In China any politically sensitive material is blocked by a complex firewall called jindun gongcheng, the Golden Shield. It prevents Chinese citizens in internet cafes from logging onto anything potentially subversive, like a blog supporting independence in Tibet or Taiwan. Vietnam, Saudi Arabia and Tunisia use similar shields. China's shield is so sophisticated at blocking inbound traffic it could one day be used to block incoming cyber-attacks.

Link to full story (http://www.thefirstpost.co.uk/?storyID=8300)

It is interesting to note the kind of fear mongering and reliance on service disruption to describe cyber warfare. Few if any are looking at the other elements such as confidentiality being exploited. Imagine if all the politicos in Washington had their medical records exposed? Considering the security services any asymmetric attack against a nation using computers is going to have to be through more than one vector.

Link to full story (http://news.theage.com.au/egames-to-test-infrastructure-security/20080306-1xnn.html)

March 6, 2008


Australia will join global counter-terrorism war games to test the security of vital resources including dams, power stations, telephone exchanges and banks.

Attorney-General Robert McClelland will announce the federal government's involvement in Cyberstorm II.

"Governments that take national security seriously can't turn a blind eye to the threat of cyber-terrorism," Mr McClelland said.

Cyberstorm II will run from March 10 for five days and will also involve security officials and businesses from the US, UK, Canada and New Zealand.

"The exercise will be useful in identifying areas in Australia's national security architecture that may require further development," Mr McClelland said.

Confirmation of Australia's involvement in Cyberstorm II comes as the US Department of Defence ratchets up its concerns about cyber-terrorism.

"Cyber warfare is already here," Deputy Defence Secretary Gordon England said earlier this week.

"It's one of our major challenges."

"I think cyber attacks are probably analogous to the first time, way back when people had bows and arrows and spears, and somebody showed up with gunpowder and everybody said, 'Wow. What was that?'"

The first Cyberstorm drill in 2006 forced a host of international intelligence agencies to face multiple fictitious attacks at one time.

Washington's subway trains shut down. Seaport computers in New York went dark and a mysterious liquid was found on London's Tube.

The laundry list of fictional catastrophes, which included hundreds of people on "No Fly" lists arriving suddenly at US airport ticket counters, is significant because it suggests what kind of real-world trouble keeps allied security forces awake at night.

The $US3 million ($A3.22 million), invitation-only war game simulated what the US described as plausible attacks over five days in February 2006 against the technology industry, transportation lines and energy utilities by anti-globalisation hacker


Link to full story (http://news.theage.com.au/egames-to-test-infrastructure-security/20080306-1xnn.html)

A good over view of Cyber Storm II and good read out on Cyber Storm 1. But ,unfortunately it will be primarily a table top exercise with limited real world problems (only a few systems according to the article will actually be attacked). The illuminates the issues of training in this type of environment. Few if any people would suggest soldiers should be sent into combat having never fired real bullets, never ran around the range, done a confidence course, or otherwise simulate combat environments. Yet when it comes to computers we do exactly that in the training and evaluation.




More at the LINK (http://www.upi.com/International_Security/Emerging_Threats/Analysis/2008/03/10/analysis_dhs_stages_cyberwar_exercise/1908/)


WASHINGTON, March 10 (UPI) -- Officials from 18 federal agencies, nine states, four foreign governments and more than three dozen private companies will take part in a cyberwar exercise staged by the U.S. Department of Homeland Security this week.

The war game, codenamed Cyber Storm II, will run Monday to Thursday, based at U.S. Secret Service headquarters in Washington. It is the second DHS biannual cyber-exercise, designed to test the ability of federal agencies and their partners in state, local and foreign governments and the private sector to respond to and recover from cyberattacks on their computer networks.

"The goal of Cyber Storm II is to examine the processes, procedures, tools, and organizational response to a multi-sector coordinated attack through, and on, the global cyber infrastructure," says a fact sheet from the department.

Details of the planning for the event are closely held, in part to avoid tipping off participants. The fact sheet says only that the exercise -- the culmination of more than 18 months of planning led by DHS' National Cyber Security Division -- will simulate a series of coordinated physical and cyberattacks on IT and communications systems and chemical, rail and pipeline infrastructure.

The attacker is not identified, but has "a specific political and economic agenda," says the fact sheet. In the last Cyber Storm exercise in 2006, the enemy was an anarchistic coalition of "hacktivists" -- politically motivated hackers -- called the Worldwide Anti-Globalization Alliance, joined by a number of "independent actors."

In the scenario, the attackers penetrated state health records' databases, attacked Federal Aviation Administration systems and defaced newspaper sites.

"Key elements of the hacker attack plan were to strike at trusted cyber systems that were used to control both physical infrastructures and digital commerce and services," says the DHS' after-action report, released in September 2006. "The attackers focused on maximizing economic harm and fomenting general distrust of big business and government by disrupting services and misleading news media and other information outlets."

The choice of adversary -- which the report stressed "was neither a forecast of any particular threats … currently existing nor an expression of any specific concerns" -- raised some eyebrows. Among U.S. military planners, nation states, and in particular China, are considered the actually existing adversaries with the most significant capabilities to launch attacks on, or through, the Internet.

One report, by Washington Post blogger Brian Krebs, said Cyber Storm II will feature a nation-state attacker, but a DHS official familiar with the planning said only that this was "a possibility."

The official added that the adversary was "more sophisticated" than in 2006. The scenario was "designed to examine the response to some of the threats that are out there in the real world," he said.

Having a nation-state adversary would make sense, former DHS preparedness chief George Foresman told UPI.

"The top candidates for adversaries would be states, terrorist groups and criminal enterprises" as they were in the real world, said Foresman, who was only involved in the very early stages of planning the event.

As in 2006, the attacks this week will be simulated on special systems set up for the exercise "and will not impact any live networks," says the fact sheet.

Participants in the exercise, which consists of a series of detailed scenarios unfolding according to a strict timetable, will learn of developments via more than 1,700 pre-scripted "injects" in the form of phone calls or e-mails from exercise managers, or through a mock TV news channel set up for the event.

But some of what players will learn from the channel will be bogus, former DHS official Jerry Dixon told Krebs' Security Fix blog.

"They'll inject some red herring attacks and information to throw intelligence analysts and companies off the trail of the real attackers," said Dixon, who helped plan the exercise.

The $6 million event will involve thousands of participants across the world, including from departments of the Australian, British, Canadian and New Zealand governments, and from U.S. agencies including the Department of Defense, CIA, National Security Agency and FBI.

More at the LINK (http://www.upi.com/International_Security/Emerging_Threats/Analysis/2008/03/10/analysis_dhs_stages_cyberwar_exercise/1908/)

The hyperbole continues and will likely increase further as we get closer to October 1, 2008. This article (short as it is), starts to link kinetic damage to cyber damage, and brings in the transnational aspects of cyber warfare. Still nobody seems to really be getting the doctrinal issues and that that fighting cyber warfare isn't like dropping bombs, or other stand off weapons. Cyber warfare in my opinion is like counter insurgency.


From the following page (http://news.digitaltrends.com/news/story/15996/nato_sees_cyber_warfare_threat)



If you don’t think cyber warfare could be a major problem in the future, then NATO would like to change your mind.

At a conference in London last week, Suleyman Anil, the man charged with guarding NATO from cyber attacks, told the Guardian,
"Cyber defense is now mentioned at the highest level along with missile defence and energy security. We have seen more of these attacks and we don't think this problem will disappear soon. Unless globally supported measures are taken, it can become a global problem."

Anil told the E-Crime congress that it was costing less for hackers to mount attacks, while the amount of damage they could inflict was increasing. The biggest trend of recent years is cyber terrorism, as shown by the attacks on Estonian government sites last year.

But there have been many attacks, including those on government sites in Australian and Britain and on the Pentagon. American officials believe they’re the work of a Chinese-sponsored group which they’ve dubbed Titan Rain.
Of course, identifying the shadowy people behind the attacks is almost impossible. But people in power do understand how real the threat is – the US government has allocated $6 billion to strengthen systems against attack.

This article is interesting. I thought it might be a lot like the Bin Laden interview by 60 minutes right before 9/11. We've gone, seen the enemy, and he looks a lot like a bunch of kids.

What is interesting is the capitalistic nature of the hacking. They aren't just doing it for political intrigue they are getting paid. That is more worrisome as the fiduciary incentive will outlast political motivations.

More importantly if the allegations are true then you have almost a "letters of marquis" or buccaneer of the internet kind of relationship between the hackers and government. That is an interesting threat.

More at the LINK (http://www.cnn.com/2008/TECH/03/07/china.hackers/index.html?iref=newssearch)




HOUSHAN, China (CNN) -- They operate from a bare apartment on a Chinese island. They are intelligent 20-somethings who seem harmless. But they are hard-core hackers who claim to have gained access to the world's most sensitive sites, including the Pentagon.

In fact, they say they are sometimes paid secretly by the Chinese government -- a claim the Beijing government denies.

"No Web site is one hundred percent safe. There are Web sites with high-level security, but there is always a weakness," says Xiao Chen, the leader of this group.

"Xiao Chen" is his online name. Along with his two colleagues, he does not want to reveal his true identity. The three belong to what some Western experts say is a civilian cyber militia in China, launching attacks on government and private Web sites around the world.

If there is a profile of a cyber hacker, these three are straight from central casting -- young and thin, with skin pale from spending too many long nights in front of a computer.

One hacker says he is a former computer operator in the People's Liberation Army; another is a marketing graduate; and Xiao Chen says he is a self-taught programmer.

"First, you must know about the Web site you want to attack. You must know what program it is written with," says Xiao Chen. "There is a saying, 'Know about both yourself and the enemy, and you will be invincible.'"

CNN decided to withhold the address of these hackers' Web site, but Xiao Chen says it has been operating for more than three years, with 10,000 registered users. The site offers tools, articles, news and flash tutorials about hacking.

Private computer experts in the United States from iDefense Security Intelligence, which provides cybersecurity advice to governments and Fortune 500 companies, say the group's site "appears to be an important site in the broader Chinese hacking community."

Arranging a meeting with the hackers took weeks of on-again, off-again e-mail exchanges. When they finally agreed, CNN was told to meet them on the island of Zhoushan, just south of Shanghai and a major port for China's navy.

The apartment has cement floors and almost no furniture. What they do have are three of the latest computers. They are cautious when it comes to naming the Web sites they have hacked.

On camera, Xiao Chen denies knowing anyone who has targetted U.S. government Web sites. But off-camera, in conversations over three days, he claims two of his colleagues -- not the ones with him in the room -- hacked into the Pentagon and downloaded information, although he wouldn't specify what was gleaned. CNN has no way to confirm if his claim is true.

More at the LINK (http://www.cnn.com/2008/TECH/03/07/china.hackers/index.html?iref=newssearch)

The Chief Master Sgt. follows several of the points I've been making about war fighting domains (though I call them terrains). This is more of the media blitz leading up to the new cyber command (provisional) opening up. He also appears to notice the skills/support gap for troops that are doing this kind of work.

What is missing is a tactical road map and a good idea about the trans national nature of this new form of warfighting (sic). I wonder where we could find people skilled in dealing with models of insurgency?

If anybody knows Chief Master Sgt Kabalan I'd like to meet him or the commanding officer of Cyber Command.

From a story posted here (http://www.af.mil/news/story.asp?id=123089618)



3/11/2008 - SHEPPARD AIR FORCE BASE, Texas (AFPN) -- The Air Force is leading the way in controlling the warfighting domain of the 21st century, and the formation of the newest Air Force major command is progressing well, the command chief of Air Force Cyber Command (Provisional) said during a March 4 visit here.

"Cyberspace is a warfighting domain -- that's all there is to it," Chief Master Sgt. Todd Kabalan told a group of commanders, chiefs and first sergeants at the Sheppard Club.

"We've got to be able to operate in this domain efficiently and effectively," he said.

To illustrate the point, Chief Kabalan referenced a number of terrorist attacks, including the 1996 Khobar Towers and the Sept. 11, 2001, attacks, in which the cyber domain played a key role. He also referred to last year's cyber attack on the country of Estonia that nearly shut down government agencies and private organizations like banks, media outlets and other companies.

"We're already fighting in this domain, and have been for a while," the chief said. "Air Force Cyber Command will enable us to fight better."

When Air Force Cyber Command officially stands up Oct. 1, it will be structured like other MAJCOMs -- with a numbered Air Force and several operational wings. But it's not just a matter of building staffs and setting up organizational charts; it's about changing our culture and the way we think, Chief Kabalan said.

"For example, we tend to think of our (client support administrators) as support troops. That's why they're currently 'three-alphas,'" he said. "But in the cyber domain, they're operators -- and that's why we're making them one-bravos. They're operators in this warfighting domain."

The chief also talked about the need to think differently about how the Air Force trains, employs and retains cyber warriors.

"In order to fight effectively in the cyber domain, we need Airmen with specific skills and expertise, and we need the flexibility to use them where they have the most impact," he said. "At the same time, these skills make our Airmen very, very valuable in the civilian sector, so we have to think creatively about how to keep them."

Sheppard Air Force Base was the chief's first stop in a planned tour to educate the force on what Air Force Cyber Command (Provisional) is doing, and why it's important. Provisional commands are formed for a specific purpose -- in this case, to prepare for the stand-up of a fully functional major command.

From a story posted here (http://www.af.mil/news/story.asp?id=123089618)

This is an interesting article. When I started reading it I thought 'Ah a don't forget me I support Cyber!' but I don't think that is what it says. I think what it says besides a really good summation of cyber warfare at the beginning is that the acquisition for the new command all future equipment is going to be "new". That is an understatement. Invoking Moore (a really great guy) doesn't impress but knowing that flexibility beyond pandering to the word will be a key strategy.

Unfortunately I'm seeing a huge monster bureaucracy being created and in this cyber world where asymmetry is key I see large army, large air force, type thinking starting to take hold. I don't think the Air Force is seeing the hypocrisy of trying to solve an "insurgency" type conflict with "carpet bombing" thinking.


From a story posted HERE (http://www.mbtmag.com/articleXml/LN758121176.html)


The U.S. Air Force Electronic Systems Center issued the following commentary:

By Col. George Kramlinger

AFCYBER (P) OL-A

The Electronic Systems Center here and it's predecessors have always played a key role in defending the nation. With an ominous threat to the nation emerging on the cyberspace frontier, ESC is once again poised to play a key role in defending the Republic.

The United States increasingly depends on cyberspace to maintain our way of life and employ the instruments of national power. Control of essential processes in manufacturing, utilities, banking, health care, public safety, communications and national security now rely on networked computer systems.

This trend toward networked cyber systems continues to expand. Consequently, our economy and national security are fully dependent on the cyberspace infrastructure. Unfortunately, resources for exploiting the vulnerabilities in cyberspace are widely available and inexpensive.

Our adversaries - even those considered unsophisticated - actively seek to exploit this vulnerable center of gravity by developing capabilities to cripple our military forces, critical infrastructure, and commerce. As a result, cyber warfare is emerging as the preferred asymmetrical means to strike the United States.

With the advent of Air Force Cyber Command, the USAF will present cyber warfighting forces and capabilities to U.S. Strategic Command, geographical combatant commanders, and joint task force commanders. AFCYBER will organize, train, and equip to: deter and prevent cyberspace attacks against vital U.S. interests; rapidly respond to attacks and reconstitute networks; integrate cyber power into the full range of global and theater effects; defeat adversaries operating through cyberspace; ensure freedom of action in cyberspace for US and Allied commanders; and maintain persistent cyberspace awareness.

AFCYBER will work through the joint force to rapidly engage, degrade, or destroy an enemy's networks and network attack systems. We will provide the means to render an enemy deaf, mute, and blind in the first hours of a conflict, making it impossible for that enemy to effectively challenge U.S. and allied forces. Dominating the cyberspace domain makes it possible to paralyze an adversary before the first kinetic engagement. Thus, cyber paralysis is a critical element of 21st century warfare.

In 1965 Gordon Moore, co-founder of Intel, observed that that the number of transistors per square inch had doubled every year since the inception of the integrated circuit. Over time, his observation morphed into the theory commonly known as "Moore's law". This theory suggests almost every measure of digital electronics improves by an order of magnitude every 18 months.

Unfortunately, "Moore's law" drives a cyber technology refresh rate that seriously challenges the USAF in a fiscally constrained environment. Thus, USAF dominance in the rapidly changing cyberspace domain requires an agile acquisition strategy to rapidly field new systems that easily integrate with existing capability. Avoiding stove piped systems creates synergy and enhances freedom of action in cyberspace. Fortunately, ESC has the requisite expertise to partner with AFCYBER and overcome the challenges of Moore's law.

In December 2006, Air Force Materiel Command gave ESC primary responsibility to acquire and sustain USAF cyberspace systems. In this capacity ESC manages program objectives and executes total life cycle responsibility for assigned cyberspace systems. ESC program managers develop acquisition strategies then manage cost, schedule, and performance. This framework combined with ESC's disciplined Systems Engineering approach creates integrated solutions that can quickly deliver high-quality, affordable, and sustainable capabilities. However, acquisition does not occur in a vacuum.

AFCYBER will lead the requirements management process throughout the entire cyber acquisition and system life cycle in coordination with warfighters, MAJCOMs, ESC, and the Air Staff. In addition, AFCYBER will lead development and submission of the integrated cyberspace program objective memorandum in collaboration with appropriate stake holders to capture life cycle costs, ensure sustainment, and develop a sound investment strategy.

Furthermore, we will lead development of the USAF cyberspace roadmap as part of the USAF Capability Review and Risk Assessment process to identify gaps, shortfalls, and recommended courses of action. With an eye toward the horizon, AFCYBER will lead development of future cyberspace concept of operations to guide science, technology, and experimentation. Finally, we will provide a cyberspace "hot bench" for integration and developmental testing, procedures development, and proof of concept evaluation for emerging technology.

Unfortunately, the urgent genesis of cyberspace capability, dynamic evolution of AFCYBER, and ownership of the cyber "hot bench" may generate fog and friction between AFCYBER and ESC relating to experimentation, testing, and demonstrations.

However, fog and friction are easily overcome by formalized communication that seeks to deconflict, coordinate, and synchronize overlapping areas of responsibility especially relating to the smooth transition of initiatives into sustainable systems of record.

Regular communication will enhance ESC's ability to rapidly deliver cutting edge, integrated, and open architecture capability to the warfighter without wasting time, effort, or money. The Global Cyberspace Integration Center - formerly the Air Force Command Control, and Intelligence Surveillance and Reconnaissance Center - now part of AFCYBER (P), has successfully collaborated with ESC on numerous programs and initiatives over the last seven years.

Of particular note is the success our organizations have had working together on the Air Operations Center weapon system, Joint Expeditionary Force Experiment and Coalition Warrior Interoperability Demonstration. These examples in particular highlight the capability to successfully transition emerging, newly created, or existing technology into systems of record that meet warfighter requirements.

The cyber domain follows the exponential change of Moore's law and therefore requires innovative processes to thoroughly identify requirements then rapidly field systems that integrate across the breadth and depth of this new frontier. The success of AFCYBER - and our dominance of cyberspace - is heavily dependant on the AFCYBER relationship with ESC.

AFCYBER will execute a disciplined and responsive requirements process while at the same time providing a cyber "hot bench" to test new initiatives and technologies early in the development cycle.

Given the intellectual and technical prowess that characterize all Airmen, the partnership between ESC and AFCYBER gives the USAF a distinct advantage over any potential adversary in the cyber domain just as it has in air and space.

AFCYBER in partnership with ESC will create a dynamic warfighting enterprise that integrates capabilities, systems, and warfighters to establish the cross domain dominance necessary to fly, fight, and win in cyberspace.

From a story posted HERE (http://www.mbtmag.com/articleXml/LN758121176.html)

This could have been a much better story if it wasn't dropping into the realm of scare tactics. Though the criticism is likely warranted, with all the money that has spent, the paradigm of information assurance and security hasn't changed much.

Though simplistic the analogy is we designed the auto industry, but we've fallen behind everybody else who are now driving George Jetson air scooters.

I hate to say it but some of the under current of this article supports the idea that maybe culturally we will never be able to secure of utilize cyber space it is just to much of a change at this time.

More at the link (http://weblog.infoworld.com/zeroday/archives/2008/03/cyber_warfare_b.html)



Former White House cyber-security and anti-terrorism advisor Richard Clarke isn't known as a fan of the current administration, but political loyalties aside, the expert claims that the president's new initiative aimed at bolstering the nation's electronic infrastructure is fundamentally flawed.

Speaking at the inaugural Source Boston security conference, Clarke expressed his concerns over the national electronic security initiative signed by Bush on Jan. 8.

While the measure has yet to be detailed by the White House publicly, the Washington rumor mill is already circulating many details of the strategy and Clarke said the plan won't have the effect that the president's advisors are hoping for.

The two major thrusts of the Bush mandate, according to Clarke, are aimed at better securing the government's own computing and communications networks, and adopting a more proactive approach to engaging in cyber-warfare.

In both cases, the plan may in fact serve to weaken U.S. security and privacy efforts, he said.

As Clarke sees it, the biggest flaw in the portion of the measure devoted to protecting government computing operations is a lack of recognition that most of those systems run on the same infrastructure, and through the same carriers, as the rest of the nation's Internet traffic.

"There's the idea that somehow these are government networks that we're talking about, but they really aren't, all these government sites are running through the same network of routers and the same fiber channels as everything else, there's no segmentation on these carrier networks," Clarke said. "This means that [the plan's authors] either don't know that and merely think they need to reinforce security on state-owned servers, or data in their own facilities, in which case thy are missing most of the problem, or that they plan to do monitoring of everything going through the carriers' systems."

If it is the latter, than Americans will need to prepare for a world where they have far less privacy in terms of their ability to access the Web without the potential for government observation, he said.

Much more HERE (http://weblog.infoworld.com/zeroday/archives/2008/03/cyber_warfare_b.html)

Slashdot does not reflect the "hacker" culture but they most definitely reflect the YUG's (young uppity geeks). The "I can argue about Play Station, X-Box, and Wii, and PWN you", group is unfortunately where Air Force Cyber Command will likely start pulling recruits.

For the rest of us I'd look at the language of this and think about the "close air support" role end the effectiveness of the Air Force in dealing with other services. Then I would suggest to the higher up in each of the other forces to think about the Air Force determining the linkages of all the command and control (as in their words) they are the leader in cyber-space.

Enjoy the interview some of the questions are quite well thought out. Others show the standard audience of Slashdot (which includes me!!!)

For a view into the heck of geekdom follow the link.

Slashdot interview with Air Force General Link (http://interviews.slashdot.org/interviews/08/03/12/1427252.shtml)

Military commanders should consider reports like this and think back to what does it mean if the enemy has access to all of your deepest military secrets. Consider the tightening of public disclosures of information and the rampant use of states secrets to secure data. Then balance that on the wholesale loss of control of massive amounts of data (or minimal dos it matter?).

Don't fall for the fear mongering that most security analysts would drive change or new initiatives with instead consider how simplistic the attacks are (trojan in an email for example). Almost no security service that does not degrade capability and uniformly degrade information technology services is going to work without people not doing stupid things.

When you think about all of the intersections between information technology services and the command and control infrastructure (technical or not) the issue rapidly becomes not when it will be attacked (peace or war), but how and how much it will be attacked. The same way telegraph wires were cut in WW1 (denial of service), the same way encryption was broken (confidentiality), and the same way that information operations injected errors in the enemy command and control (integrity).

I wonder where you can find people who know how to fight asymmetric attacks against large infrastructures and political organizations?



Original Article Here (http://arstechnica.com/news.ars/post/20080306-pentagon-attack-last-june-stole-an-amazing-amount-of-data.html)



On June 22, 2007, Defense Secretary Robert Gates acknowledged (http://arstechnica.com/news.ars/post/20070622-pentagon-e-mail-pwned-by-hackers.html) that the Pentagon's network had been successfully attacked the previous Wednesday, and that this attack was responsible for a disruption in email service to some 1,500 Pentagon employees. At the time, Gates downplayed the attack, saying that it affected only the OSD's (Office of the Secretary of Defense) non-classified e-mail service and that there was "no anticipated adverse impact on ongoing operations." It seems that the adverse impact of the June attack may have been much greater than Gates' early guidance implied. According to a top DoD technology official quoted (http://www.govexec.com/story_page.cfm?articleid=39456) at GovernmentExecutive.com, the thieves behind that attack seized an "amazing amount" of data.

New details on the attack itself have become available in the months since it occurred. According to Dennis Clem, CIO of the Pentagon and the OSD, the intrusion was first detected during an IT restructuring that was underway at the time. By the time it was detected, malicious code had been in the system for at least two months, and was propagating via a known Windows exploit. The bug spread itself by e-mailing malicious payloads from one system on the network to another. The messages themselves were spoofed and appeared to be legitimate missives from other employees. Once the recipient opened an infected e-mail, the worm sent that person's password and other login credentials back to home base.

The government isn't saying what, exactly, got stolen. There's no evidence to contradict Secretary Gates' claim that the classified e-mail system remained unaffected, but data that Clem describes as "sensitive" was accessed and encrypted before being transmitted to the hackers' location. As for where that location might be, unconfirmed reports point (http://arstechnica.com/news.ars/post/20070903-chinese-military-accused-of-hacking-pentagon-computers.html) towards China's People's Liberation Army. China, of course, has vehemently denied any knowledge or responsibility. The Pentagon has stepped up its network protection since the intrusion, and added additional protection in the form of smart cards and digital signatures. Such security measures are the ultimate example of closing the barn door after the horse is gone, but should at least make further intrusions more difficult.

The PLA have a BN sized element (it may be more) dedicated to hacking other countries systems. One area at least in the Corps we seem to pay lots of lip service to but not actual action is cyber security. I can't count how many CO's on various operations "had" to have access to the internet for convience. Their day to day is only done on NIPR. Classified systems are secure because its a closed system, that is it connects to itself. In most cases any intrusion would have to physically come from the system itself, that is the hacker would phyically have to have access to it.
Back to unclass systems. Its attitudes and lack of training that usually allows these intrusions. One of my biggest rubs as a Comm type has always been the way the my fellow non-Comm. types viewed my specialty. In the Marine Corps at TBS its beat in your head that if your not combat arms your nothing. Many officers come up with that sort of mentality, and what I have seen is a perception that you are weak because your not a "meat eater". As far as the Pentagon goes I can't speak for them. Like I sai I'm willing to bet its a lack of enforcement and attitude (those computer guys are a pain in the butt) that probably led to this.
My last word on perceptions and attitudes; I knew a LtCol now Col, who was told by his base CG that he was the one of best officers he ever had, and even presented him with a pretty high medal. When that CG ranked him, he ranked him last. When the officer confronted his boss on this, his boss told him he doesn't have to talk to him, he's just a Commo...and those in manpower and leadership positions wonder why things like this happen and their best leave to go work for GD or NG.

The Capital Interview - (http://www.cfr.org/publication/15899/capital_interview.html)
Greg Bruno (http://www.cfr.org/bios/13554/greg_bruno.html), Staff Writer, April 1, 2008


...If you could, start out by talking about the Air Force’s Cyber Command structure, the mission of cyber command, and where we are today in terms of its capabilities.

Right now we’re in the nascent phase. We have a hundred and sixty folks who are assigned across about four different bases who are doing this work for me. As a provisional command, I have no forces. I’m not authorized to have any forces. So until this capability goes initial operational capability on the first of October, this really is a virtual command.

Have we been attacked?

Depends on what you call an attack. We certainly have had penetrations and we’ve been attacked by ourselves, if you will. If you define an attack as something that degrades your ability, yes we’ve been attacked. Sometimes we’re attacked by ourselves from our own acts of omission versus commission.

...How good are we? What can we do, what can’t we do, and are we the best out there?

Well, in this business, there are lots of peers because the price of admission is relatively low. With some technologically smart kids you can do a lot of damage. And the difference is this technology only requires you to have a connection and a laptop computer. So as the nature of warfare changes and the price of admission to the fight goes way down, you can have lots more players.


Much more at the link...

The Air Force is pushing this hard. I support our new cyber-over-lords but I'm concerned about several implementations and failures at basic understanding of capability and reasonign I see occuring. When I met for a few minutes with Maj. Gen Elders of AF Cyber Command he was pretty impressive on his depth of understanding. Still having talked to the former project officer for related DARPA projects most everybody is worried about nuts and bolts and few know how to build a car.

Michael Chertoff, homeland security chief (http://news.bbc.co.uk/2/hi/technology/7335930.stm) has made a heartfelt plea to Silicon Valley workers to stand up and be counted in the fight to secure the cyber highway. He invoked the attacks of 9/11 as he sought to galvanise IT professionals and security experts.


'Desire to serve'

... "the best thing you can do for your country"

Mr Chertoff pointed out that securing the nation's internet highways and byways was a job the federal government could not do alone.

Appealing to the private sector, the homeland security boss reached out and simply said: "Please send some of your brightest and best to do service in the government."

From Wired's blog... (http://blog.wired.com/27bstroke6/2008/04/feds-cyber-cent.html) "Chertoff's talk shed precious little light on the details of the Bush administration's cyber security plans...Its contents are classified, but the U.S. Director of National Intelligence has said he wants the NSA to monitor America's internet traffic and Google searches for signs of cyber attack."


-- The federal government has launched a cyber security "Manhattan Project"... because online attacks can be a form of "devastating warfare", and equivalent in damage to "physical destruction of the worst kind." Chertoff cited last year's denial-of-service attacks against Estonia, and hypothetical hack attacks on financial networks and air traffic control systems, as proof that a federal strategy was needed.

"Imagine, if you will, a sophisticated attack on our financial systems that caused them to be paralyzed," Chertoff said. "It would shake the foundation of trust on which our financial system works."

From Wired's blog... (http://blog.wired.com/27bstroke6/2008/04/feds-cyber-cent.html) "Chertoff's talk shed precious little light on the details of the Bush administration's cyber security plans...Its contents are classified, but the U.S. Director of National Intelligence has said he wants the NSA to monitor America's internet traffic and Google searches for signs of cyber attack."

His comments were like scragly finger nails on a chalkboard. It showed a complete non-understanding of the issues of cyber-warfare. He's using the hyped up term of "cyber-warfare" to suggest more domestic surveillance when the aren't necessarily related. Google searches have nothing to do with availability and integrity attacks against systems.

Sorry Sam, looks like the Army is moving in on USAF territory :cool:


The battle for a population's state of mind demands a sophisticated information operations campaign that responds more rapidly than terrorists and insurgent groups to exploit the virtual battlefield (http://govexec.com/dailyfed/0408/040808g1.htm). "There was a day when we were operating at foot speed," said Army Col. Wayne Parks, who directs the service's Computer Network Operations and Electronic Warfare at Fort Leavenworth, Kan. "Now we're moving at cyber speed."

Recent surveys conducted by the Center for Army Lessons Learned at Fort Leavenworth on operations in Iraq and Afghanistan found that the service's training and officers' past combat experience left them "ill-prepared" for the "interactive complexity" of information operations.

The service now must find a way to "maneuver around" a potential enemy's information campaign..., the military also hacks into jihadi Web sites to try to stop the spread of enemy propaganda.

Sorry Sam, looks like the Army is moving in on USAF territory :cool:

I think they are all moving into the space that NSA should be holding down, but that is my pathetic opinion. The Internet contrary to popular belief has always been owned by civilians, operated by civilians, and managed maintained by civilians. None of the services (including DHS) has the longevity of service to really train a cadre when 25 percent turn over at the 4 year mark is a miracle, and 20 years and out is an expectation for life long.

I'm ranting sorry.

I think they are all moving into the space that NSA should be holding down, but that is my pathetic opinion. The Internet contrary to popular belief has always been owned by civilians, operated by civilians, and managed maintained by civilians. None of the services (including DHS) has the longevity of service to really train a cadre when 25 percent turn over at the 4 year mark is a miracle, and 20 years and out is an expectation for life long.

I'm ranting sorry.

Gotta agree with you here, Sam. It worries me that the AF has gone stampeding in (right down to reusing the SAC insignia) with its cybercommand. Their internal networking is just this side of horrific, and it shows signs of getting much worse before it gets better. NSA seems a more logical choice to me, too.

"There was a day when we were operating at foot speed," said Army Col. Wayne Parks, who directs the service's Computer Network Operations and Electronic Warfare at Fort Leavenworth, Kan. "Now we're moving at cyber speed."

Excuse me if I snicker here. Steve's comment about the USAF's internal networking capabilities and some of the pithier comments I've heard from Army folks makes me feel just ducky (as in sitting :eek:).

Hey Marc !


Excuse me if I snicker here. Steve's comment about the USAF's internal networking capabilities and some of the pithier comments I've heard from Army folks makes me feel just ducky (as in sitting :eek:).

And to think I was gonna get a rise outta of Sam this evening :D


Paint the Picture: A term used to gather information and assess the situation. Usually asked by senior leaders to junior leaders. Usually invoked after the senior leader has gotten sleep and knows absolutely nothing of the tactical situation, while the battle captain has been up all night.

The Cyber Defence Management Authority (CDMA) will co-ordinate cyber-defence among Nato allies after its formation was backed by members at a Nato summit in Bucharest last week.

Nato creates cyber-defence command (http://news.zdnet.co.uk/security/0,1000000189,39382597,00.htm)


Nato allies have pledged to help each other deal with major attacks similar to the distributed denial-of-service attack that took down key banking and state systems in Estonia in 2007.

It is a shift away from Nato's policy of mainly focusing on the defence of its own internal systems, using the Nato Computer Incident Response Capability (NCIRC) unit.

The Brussels-based CDMA will strengthen nation states' cyber-defences by reinforcing the best ways to protect national systems and forging new policies to deal with future threats.

A centre of excellence set up in Estonia will train Nato's extensive civilian and military staff in cyber-defence.

The April 21st 2008 Issue of Business Week (http://www.businessweek.com/magazine/content/08_16/b4080032218430.htm?chan=search) carries the following article:


The e-mail message addressed to a Booz Allen Hamilton executive was mundane—a shopping list sent over by the Pentagon of weaponry India wanted to buy. But the missive turned out to be a brilliant fake. Lurking beneath the description of aircraft, engines, and radar equipment was an insidious piece of computer code known as "Poison Ivy" designed to suck sensitive data out of the $4 billion consulting firm's computer network.

Forbes - SAN FRANCISCO, CALIF. (http://www.forbes.com/2008/04/10/cyber-security-initiative-cx_tech_security_cx_ag_0410cyber_print.html) -There's a problem facing the Bush administration: It has $30 billion to spend over the next five to seven years to keep the U.S. safe from hackers and cyberspies.


The Bush administration's cyber initiative, signed by the president in early January, aims to increase surveillance of government networks, which have suffered multiple major intrusions in recent years. But the vulnerability of critical infrastructure systems, mostly owned by the private sector, has slowly emerged as a real threat to national security. Over the past two years, cybercriminals extorted hundreds of millions of dollars from critical infrastructure companies, according to Alan Paller, director of the SANS Institute, an organization that hosts a crisis center for hacked companies. (See: America's Hackable Backbone (http://www.forbes.com/security/2007/08/22/scada-hackers-infrastructure-tech-security-cx_ag_0822hack.html)). In January, a CIA official told a conference of cybersecurity professionals that power outages affecting multiple non-U.S. cities had been the work of hackers. (See: Hackers Cut Cities' Power (http://www.forbes.com/technology/2008/01/18/cyber-attack-utilities-tech-intel-cx_ag_0118attack.html)).

Laura Sweeney, a DHS spokesperson, countered that it's still too early to judge how the cyber initiative deals with the private sector--the project is still focused on securing government networks, she argued. But she pointed to NIPP as evidence that the government can successfully work with private industry, even when trading in classified data. "For now we're focused on getting our own house in order," she said. "But we've realized that the private sector will be an incredibly important partner moving forward."

But the disconnect between the private sector and government is a familiar problem, says Howard Schmidt, a former Air Force and DHS official who has also held jobs at eBay and Microsoft. "When I was working with a corporation, I would hear from the government about a new attack pattern, and because it was classified, I wouldn't be able to share it with my IT people," he says. "It's a very real problem."

Despite Chertoff's comments about private sector partnership and Project 12's initial attempt to open communication, that old problem of overclassification still afflicts the cyber initiative, says Schmidt. "When I think about what I would do to secure government networks--things like intrusion protection, strong authentication, event correlation and data analysis--none of it would be classified," he says. "This decision about what to classify is a very big deal, and it's something that the government has got to fix."
See also

Show Me Your Cyberspies, I'll Show You Mine (http://www.forbes.com/security/2008/03/07/nsa-hacking-security-tech-security-cx_ag_0307cyberspies.html)

One of the most mature instances of a cyberwarfare attack was an assault on Internet networks in Estonia in late April and early May of 2007. The Russian government was suspected of participating in -- if not instigating -- the attack, which featured some of the key characteristics of cyberwarfare, including decentralization and anonymity. Part of a series on cyberspace as battlespace (http://www.stratfor.com/theme/cyberwarfare).

Note: Stratfor membership required

Who ever is writing for STATFOR really doesn't get it. I don't know what their credentials are but saying "One of the most mature instances of a cyberwarfare attack was an assault on Internet networks in Estonia in late April and early May of 2007." doesn't do much for their credibility. They're going to look at simplistic denial of service as a "mature" example? When you consider Titan Rain, and a host of other more insidious attacks the Estonia example is really a drop in a much larger bucket. Slammer, I love you, and others were not "hostile" and did not meet the requirements for war, but they were more pervasive and much larger than Estonia.

Radarix.com, a self-styled private detective web site registered in the United States, claims to carry three terabytes of personal data on citizens of Russia and former Soviet republics.


Time was when getting your hands on an individual's income, property and telephone numbers required a trip to a nearby kiosk to buy pirated discs containing illegal databases.

But now one web site is offering a one-stop (http://www.moscowtimes.ru/article/600/42/362275.htm), online database providing extensive confidential information about Russian citizens to anyone with a computer and an Internet connection.

Radarix.com, a self-styled private detective web site registered in the United States, claims to carry three terabytes of personal data on citizens of Russia and former Soviet republics.

"Our area of activity is extensive. It does not stop with helping people search for their relatives and close friends, which by itself is invaluable," reads an e-mail sent to users who register with the site. "Only our system can help many people avoid the fate of victims of deception and criminal machinations."

The e-mail is signed by Serzh Kovalenko, identified as the development director for Radarix Group.

The site, which as recently as last week was providing individuals' home and cell phone numbers, license plate numbers and tax numbers, among other data, has sparked outrage among senior lawmakers and highlights the government's tenuous ability to keep citizens' private data from seeping into the public domain.

But at least two individuals were off-limits for web surfers: President Vladimir Putin and President-elect Dmitry Medvedev.

Radarix.com, a self-styled private detective web site registered in the United States, claims to carry three terabytes of personal data on citizens of Russia and former Soviet republics.

Anyone with half a reason could get the info on those with whom those two deal with the most and backtrack to identify most of the same info so I guess their really not off limits either.

Your known by the company you keep. For Reel:eek:

"That's the beauty of asymmetric warfare. You don't need a lot of money, or an army of people. You can do it from the comfort of your living room, with a beer in your hand."



The experts were members of the infamous "Hackers Panel" which convened in London this week at the Info Security Europe conference (http://news.bbc.co.uk/2/hi/technology/7366995.stm).

"If someone wants to have a pop at the UK, they are unlikely to go for the government web servers. They will go for the lower hanging fruit - companies which are seen as good representatives of the country.

Later, he told the BBC that the rise in cyber attacks originating in China was a convenient cloak for western countries to disguise their own cyber espionage activities.

"It's too easy to blame China," he said. "In fact, legitimate countries are bouncing their attacks through China. It's very easy to do, so why not?

"My evil opinion is that some western governments are already doing this."

I think they are all moving into the space that NSA should be holding down, but that is my pathetic opinion.

This just does not seem like a core competency of an Air Force. What is even more worrying to me is that the USAF is putting electronic warfare under Cyber Command as well. EW in the USAF has been ignored ever since they decided it was part of "information operations" and not simply a part of the overall offensive counter-air campaign. Now we can't even figure out how to field a stand-off jammer, and legacy EW suites languish. I can't believe that this is going to help matters at all.

George

Written by Kenneth Geers (http://www.internetevolution.com/bloggers.asp#Kenneth_Geers), U.S. Rep to the Cyber Center of Excellence in Tallinn, Estonia

National security leadership must dramatically improve its understanding of the technology, law, and ethics of cyber attack and defense, so that it can competently factor cyber warfare into all stages of national security planning.


Strategy

1. The Internet is vulnerable
2. High return on investment
3. The Inadequacy of cyber defense
4. Plausible deniability
5. Participation of non-state actors

Tactics

1. Espionage
2. Propaganda
3. Denial-of-service
4. Data modification
5. Infrastructure manipulation

National critical infrastructures, most of which are in private hands, are increasingly connected to the Internet. However, because instant response is often required, and associated hardware may have insufficient computing resources, security may not be robust. The management of electricity may be especially important for national security planners to evaluate, because electricity has no substitute, and all other infrastructures depend on it.

All political and military conflicts now have a cyber dimension, whose size and impact are difficult to predict. The amplifying power of the Internet means that future victories in cyberspace could translate into victories on the ground, creating new, critical questions for national security planners to answer.

Much more at the links...

The cyber security (http://blog.foreignpolicy.com/node/9311) issue is a tricky one. For lack of a better option, the job of protecting government computer systems has fallen to the Department of Homeland Security (DHS), although the Air Force is an active player. The Navy and the Army also have their own programs.


So far, CNCI has been criticized for being too secretive, though the initiative is a step forward overall. In fact, it's good news that someone is finally starting to take this seriously. Both presidential candidates have expressed a committment to improving cyber security.

Knowing just who is supposed to be in charge of cyber security would be a good start.

I'm really, really surprised. Though I shouldn't be.


The Air Force on Monday suspended all efforts related to development of a program to become the dominant service in cyberspace, according to knowledgeable sources. Top Air Force officials put a halt to all activities related to the establishment of the Cyber Command, a provisional unit that is currently part of the 8th Air Force at Barksdale Air Force Base in Louisiana, sources told Nextgov.

Anybody have any idea where this will go?

http://www.nextgov.com/nextgov/ng_20080812_7995.php

I too am quite surprised given the recent symposium activity. However, maybe there is a silver lining. We (i.e. the AF) need to get our ducks in a row in other areas before tackling stuff like this. Just my .02. Let me know if you hear anything.

I'm really, really surprised. Though I shouldn't be.



Anybody have any idea where this will go?

http://www.nextgov.com/nextgov/ng_20080812_7995.php

Although one would think it might also be about remembering not to place all of ones fish in one barrel. Much easier to figure out which barrel to tip than it is to figure out which one holds the most fish.

. . . just might want to review the bidding. Given the series of holes he has to dig the AF out of, he might think it wise to hold off on new initiatives until he has a better handle on the whole picture. BTW, AFCYBER was not really going anywhere until the FY10 budget process got finished anyway.

LawVol, Dunlap emailed me after the symposium pointing my towards his recent article, he is a pretty nice guy to talk to by the way. I had a response I worked up last week and just deleted it. The air war in Georgia kind of makes his case. Darn it.

I blogged the article I'll see what crawls out of the woodwork.

I expected a pause due to the leadership changes, but nothing would have prepared me for cessation of activities until an undetermined date. Looking for more information at this point.

I blogged the article I'll see what crawls out of the woodwork.

I expected a pause due to the leadership changes, but nothing would have prepared me for cessation of activities until an undetermined date. Looking for more information at this point.

Very nice job on the site, Sam ! I especially enjoyed the Georgia/Russia Cyber article.

I recently ran into a former NCO of mine now working for the IBF :cool: Cyber Division. I'm real interested in their take on this issue, and will see what I can shake outta him.

Regards, Stan

. . . just might want to review the bidding. Given the series of holes he has to dig the AF out of, he might think it wise to hold off on new initiatives until he has a better handle on the whole picture. BTW, AFCYBER was not really going anywhere until the FY10 budget process got finished anyway.

The AF has also been having some serious issues getting its own cyber-stuff in order. They still have a hard time dealing with remote locations and operations that aren't directly linked to a base network of some kind. I'm honestly not sure if they're ready to handle an operation of cyber-command's size. That and they pissed a bunch of people off when they tried to grab SAC's insignia and give it to cybercommand....:eek:

Foreign Policy, posted August 2008 (http://www.foreignpolicy.com/story/cms.php?story_id=4429)
Shadowy hackers in Moscow and St. Petersburg? Old news. Get ready for the next generation of Russian cyberwarriors.


Much of the public argument for a harsh response among Russians rested on Kremlin-backed reports of extremely high casualties among South Ossetia’s soldiers and the civilian population, which Georgians fervently denied. This lack of clarity and factual evidence only ratcheted up the speculative nature of most discussions.

Those skeptical of the official statistics argued that the government could have fabricated the figures. In response, a group of Russian bloggers sent a public letter to SUP, ... They asked it to impose curbs on free speech and censor anyone seeking to undermine Russia’s war effort by expressing pro-Georgian sentiment. “Regular laws of peaceful times do not apply; we are at war!” read their somewhat hysterical letter. (Thankfully, SUP ignored their demands.)


It started as a fairly predictable digital conflict, mimicking the one in the real world and displaying no shortage of “conventional” cyberwarfare: Web pages were attacked, comments were erased, and photos were vandalized.

As Russian tanks lumbered southward over mountainous Ossetian terrain, Russian netizens were seeking to dominate the digital battlefield.

But sophomoric pranks and cyberattacks were only the first shots of a much wider online war in which Russian bloggers willingly enlisted as the Kremlin’s grass-roots army.

For Russian netizens, “unconventional” cyberwarfare—...

Managing information seemed all the more urgent as there were virtually no images from the first and the most controversial element in the whole war—the Georgian invasion of Tskhinvali, the capital of South Ossetia—and the destruction that, were one to believe the Kremlin’s account, followed shortly thereafter.

Much more at the link

Estonia has already sent around 50 army reservists to Georgia (though on a voluntary, non-uniformed basis) to conduct humanitarian work and now it has emerged that Estonia is also lending its cyber-warfare expertise (http://www.baltictimes.com/news/articles/21124/) to the Georgian cause.


The Estonian Foreign Ministry has confirmed that it is sending two of its leading cyber-defense experts to Tbilisi to help stave off cyber-attacks emanating in Russia. The experts are likely to be part of the new NATO cyber-defense center established in Tallinn, and if so, the move would be one of the strongest instances so far of NATO lending practical support to Georgia.

However, according to IT industry website Network World (www.networkworld.com), Estonian servers are now hosting the website of the Georgian Foreign Ministry, whose daily blog has become a key source of information in the propaganda war with Russia.

Commenting on the move on Network World, IT security specialist Richard Stiennon said: "For Russia to respond in any way to cyber defense experts being sent to Georgia it would have to acknowledge that it was directly supportive of, if not responsible for, the current attacks against Georgia’s cyber assets. Whether or not Russia reacts on the diplomatic front this cyber war has the potential of escalating rapidly if Estonia gets involved."

Other comments posted were fully supportive of the Estonian position, ranging from "Go Estonia!" to "Kudos to Estonia for sending those cyber security advisors to Georgia." Another post warned: "Russians in some of the forums are taking notice of this IP change also, let's see the outcome."

Nato's cyber defence warriors (http://news.bbc.co.uk/2/hi/europe/7851292.stm)


An Italian sergeant, who looks young enough to still be at school, is painstakingly scanning emails that have been automatically quarantined because they contain buzzwords like "Nato secret".

A glance over his shoulder reveals emails to and from Sarajevo, Baghdad and Kabul, evidence of Nato's newly expanded horizons.

They look innocuous enough and most of the time, explains the sergeant, it is a false alarm but sometimes even quite senior officers have transgressed and they get a serious talking to about online security.

Serious threats

When it comes to cyber espionage, Nato officials refuse to say who they think is behind the attacks, in fact our escorts can hardly wait to steer us off the subject.

Last year, the Russian Federation led the countries of the world as the source of spam messages that are filling up email boxes everywhere, just one of the ways in which computer operators in that country represent a threat to the users of the world wide web, according to the annual report of a leading Russian Internet monitoring organization.

http://windowoneurasia.blogspot.com/2009/02/window-on-eurasia-russia-becomes-world.html

Whats the line? If you're not target, you're target practice. This is no different than recon for the next wave of attack. Thanks for the story.

Russia - 3 wins and no loses in the cyerwar arena
http://www.guardian.co.uk/technology/2009/feb/05/kyrgyzstan-cyberattack-internet-access

In Cyber Command - Why Stop There? (http://usacac.leavenworth.army.mil/BLOG/blogs/djimo/archive/2009/03/07/cyber-command-why-stop-there.aspx) I pose for discussion the creation of a new force. A "CyberSpace Force", created from the other services for space and cyberspace operations, just as the Air Force was created in 1947.

The full article is too long to post here. An abridged excerpt is listed below - I encourage anyone interested in the topic to visit the Joint Chatter (http://usacac.leavenworth.army.mil/BLOG/blogs/djimo) blog and offer your comments.

---------------------

The Pentagon is likely to take the rare action of adding a new combatant commander, this one for cyber warfare.

Why stop there?

Why create just a cyber combatant command? Why not step back and consider whether a more substantial reorganization is needed?

Last year the term cyberspace was officially defined and last fall elevated to a new domain.

cyberspace - A global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. (CJCS CM-0363-08)

To further the discussion, it is also necessary to present the definition of another domain medium from the same publication:

space - A medium like the land, sea, and air within which military activities shall be conducted to achieve US national security objectives. (JP 3-14)

With all of the redundancies across the various services, why not consolidate them into a new service? Analogous to the National Security Act of 1947, which created the Air Force from the Army Air Force, a 21st century reorganization could create a CyberSpace Force. (The exact name is not significant, using CyberSpace Force as a generic moniker.) This new force, formed from components in all of the services, would concentrate the existing disparate and duplicative efforts into one organization. No service would lose capabilities, because we fight as a Joint team now. Personnel from the newly created force would join operations and command structures as dictated by mission requirements.

As it exists right now, each the services are devoting significant resources and efforts into solving the cyber challenges "in their own lane."

(Full blog article includes examples of redundancy)

In September 2001, a day prior to the terrorist attacks, Secretary Rumsfeld pointed out "Each service branch has its own surgeon general and medical operation. At the department level, four different agencies claim some degree of control over the delivery of military health care." in his Bureaucracy to Battlefield speech of 10 Sep 2001.

Similarly, why should each service recruit, organize, train and equip information assurance professionals and other related specialties?

Each of the services would resist this reorganization, just as the Army did over 60 years ago. Looking back, are there many today that would question the wisdom of having the Air Force as a separate service? (Funding issues and differences in MWR services aside...) :) In addition to eliminating redundancy, all the services would benefit in that they could each put more focus on their core mission.

I first asked this reorganization question seven years ago, while on a field trip staff ride to Colorado Springs, CO as part of a Space Operations elective. The general officer speaking to us answered along the lines of "it may happen eventually, but we're not there yet." That time it was more about a space reorganization. Last week, while in DC to attend Phoenix Challenge 2009, I asked a similar question regarding creating of a cyberspace force. Generally the response was "good idea, probably the right thing to do, but we can't afford it" and "maybe in 20 years." Others suggested that it should be an agency - incorporated into, or similar to, the National Security Agency.

If it's the right thing to do, why wait? The cumulative cost of duplicated efforts, followed by an eventual reorganization, surely exceeds the startup cost of doing the right thing now.

Additional Advantages

This new CyberSpace Force, if done right, could expand the pool of available personnel. Numerous reports over the last several years lament the shrinking percentage of high school graduates physically qualified for military service. Why does a programmer need to run 3 miles? We have an entire generation growing up comfortable using the complex controllers associated with Halo 3 and Guitar Hero, just to name a couple popular titles. Does it make sense to say to them, "Sorry, we can't use you to monitor and adjust the orbit of a satellite if you can't do 40 push-ups in two minutes?"

Consider the stereotypical images conjured up of "uber geeks", college IT support staff or attendees at a hackers convention (e.g. DEF CON): long (sometimes different colored) hair, may not pass a uniform inspection, may not even fit in a uniform. But does that mean we should keep them out of the cyber fight if they are willing to serve?

(Blog article includes links to images of DEFCON attendees)

Many Americans may choose to serve that otherwise would not consider traditional military service. As Noah Shachtman (Editor, Danger Room) said last week in his keynote speech at Phoenix Challenge: (paraphrasing) the military is not a popular option in Manhattan, but there a lot of people that want to feel like they are part of something.

This should be a service and not an agency. In our nation's defense we need the ability to send people where and when we need them - we can't afford to face the same challenges other departments have faced when necessary to send their personnel "down range."

Questions

What are the advantages and disadvantages of creating CYBERCOM as a new combatant command?

Is it time to perform a new reorganization of the Defense Department, creating a force focused on the Space and Cyberspace domains? What challenges would be faced in a large-scale reorganization? What opportunity costs do we continue to pay by a failure to address the root problems?

Further Reading

Additional references available in the full article (http://usacac.leavenworth.army.mil/BLOG/blogs/djimo/archive/2009/03/07/cyber-command-why-stop-there.aspx)

Interesting concept, I guess from your comment about going to your blog you aren't interested in comments here, but I'll take a swing. I'm not very well versed in this cyber stuff, but you know what the heck.

First, I guess I'd ask the question of who this combatant command is going to fight? As a military force what are the targets it will engage? If from Krzygistan, Georgia, and Estonia we can ascertain the non-state actors were in fact non-uniformed adversaries, are you going to use a military force to attack these non-state actors? Under what purview of just-war or law-of-war will this occur? I'm just curious after all it is likely nothing but an academic excercise.

Second, if what General Lord (Cyber command provisional) said about 70 percent of all attacks being generated from inside the United States (backed up by CSI/FBI stats) will this combatant command be attacking United States companies and citizens? What effect will that have on posse commitatus or should we simply dispense with that as trivial in these trying times? I wonder where you are going to find a force that can act as an international military, a state militia, a federal crime buster, a disaster response agent, and can be found in all territories and states?

Third, this CYBERCOM combatant command will use what tools as a method of waging war? I don't want to bring up mutually assured destruction, but there it is.... My gosh I wonder what nation in a battle of the bits and bytes has the most to lose in a cyber engagement? In fact if you think about small wars, insurgencies and guerilla actions (there is really great website that looks at all that stuff) you might find the concept of an adversary using their opponents tools against them. Some guy named Nagl talked about eating soup with a knife of something like that.

Fourth, since cyber space I guess defined, as ill and mistaken as only the department of defense can butcher a well understood concept, made up by a science fiction writer (in 1984), who unfortunately is still living to laugh about it, exists. I guess since cyber space exists and is part of that woefully misunderstood information world we might think about those hundred year old treaties that talk about neutrality of the telephone system. The long standing tradition of spying but not using the telephone system of friendly neighbors to wage war. The various telecommunication acts and laws that are currently on the books protecting citizens and friendly allies should just be tossed out as well. I mean, all is fair in love and war, right?

Fifth, when you dig down past the world wide web, and burrow into the Internet heading towards the gold, you end up looking at the world bottom up. There floating below the Internet you have the kinetic aspects of military action available to your digital fingers (redundant?) and wallowing in the morass of the data stream all telemetry is accessible. Think about that wonderful global information grid "GIG" (beer barrel) model the whimsical military throws up on power point slides from times to time. As an aside does the military have some perverse relationship with power point? I like that GIG concept. All the people, procedures, transmissions, telemetry, command and control floating around in more than a bit/byte internet protocol world.

What could I do with all those command and control circuits in air bag controller systems you find in cars programmed in foreign countries? What might I do with the phase controller circuits on generators and power transmission equipment attached to a variety of networks? How could I operationalize kinetic stored power thousands of times more powerful than a nuclear weapon stored behind a major dam that is remotely controlled by the lowest bid contractor? What legal resources do you have to fight attacks against targets with minimal evidence of attribution when we can't even find paperwork for foreclosed houses?

When you operate at the C2 layer and no longer see the Internet as some be all/end all those pesky effects based outcomes (oops some general will be angry using that little phrase) become easier to operationalize. I know what we should do! Let's have a 60 day cyber investigation because 30+ years of research, literature, and recommendations just isn't enough to make a relevant decision. We need 60 days more.

I'm not sure creating a strictly hierarchical organization (likely top heavy with officers because that is the Air Force way), so an entrenched bureaucracy can slow response time, and erode effectiveness as only large organization can do, is going to be a good idea. Of course, you could make it really really really big as a large highly hierarchical organization is exactly how you should fight an insurgency that is likely following a swarm networked model of attack by intention rather than direction. It is always highly effective to have a strict chain of control in those situations where flexibility is incredibly important.

If that isn't your cup-of-tea let the National Security Administration do it along with the rest of the intelligence community. They will refuse to tell us what they are doing but they will spend buckets of money doing it. I'm not sure how the intelligence community would interact with the corporate world except to refuse to talk to them. The corporate world being the largest target of opportunity.

I'm a bit of contrarian.

I'm a bit of contrarian.

But that little contrarian outburst of yours carries a couple of gems which better be looked at very carefully;)

The Pentagon is likely to take the rare action of adding a new combatant commander, this one for cyber warfare.

No such thing as Cyber "Warfare." Warfare is the conduct of war. There might be "Cyber Operations," but that is not war.


Why create just a cyber combatant command?

Why indeed. Doesn't the NSA already do this?


Similarly, why should each service recruit, organize, train and equip information assurance professionals and other related specialties?

If this was indeed correct, then for the same reason each has it's own AIR, EW, and Logistic support. They are domain specific.


Why does a programmer need to run 3 miles? We have an entire generation growing up comfortable using the complex controllers associated with Halo 3 and Guitar Hero, just to name a couple popular titles. Does it make sense to say to them, "Sorry, we can't use you to monitor and adjust the orbit of a satellite if you can't do 40 push-ups in two minutes?"

because a fit body is a fit mind, and if he hasn't got the self-control and determination to get to do 40 push ups, I don't want him walking my dog, let alone part of my army.


Consider the stereotypical images conjured up of "uber geeks", college IT support staff or attendees at a hackers convention (e.g. DEF CON): long (sometimes different colored) hair, may not pass a uniform inspection, may not even fit in a uniform. But does that mean we should keep them out of the cyber fight if they are willing to serve?

They probably look like that for a reason. If they want to serve why didn't they sign up?

Yes, I am being deliberately confrontational for constructive reasons. The armed forces is a not a place for the "physically and socially challenged" and Cyber is more than likely an EW activity and folks are already doing that.

I second the previous comments about the "Cyber" element - No Such Agency has the ball, let Congress hold their feet to the fire about performance, information sharing, operations, etc, and require them to cooperate and collaborate with the FBI for U.S. persons issues.

Re: The Space element - Tying Space (for the sake of a convienient definition from the ionosphere out ) to Cyber is as fallacious as tying submarines to aircraft. Yes, there is a connection, but it is not a natural or obvious one.

This being said, space is an operational environment waiting for its Billy Mitchell. And this bears considerable thought. Had that insubordinate, and arrogant fighter jock not made his case, the air force probably would have split off eight to ten years later and along TAC/SAC lines (with transport being divided similarly) rather than taking all armed fixed wing and almost all transport. If the services accept gracefully that a Space Fleet is a clear and unavoidable necessity, we can approach the organization logically rather than emotionally, proactively rather than reactively. For exactly the reasons Douhet cites for an independent air service to be organized along naval lines, plus the similiarities between a space craft with a crew of more than a dozen (and that seems like a logical possibility in the long term) and a maritime vessel, an independent space service should be organized along naval lines. Sadly, in the U.S. the more likely scenario will be like the air force. The Air Force split off the Army Air Corps as its main body, then made up the rest as it went. I suspect the Air Force Space Ops community will break off and then stumble through the rest of their requirements in a similar fashion.

And we need to get this one moving. Orbital kinetic bombardment has [I]sooo much potential [energy].

Interesting concept, I guess from your comment about going to your blog you aren't interested in comments here, but I'll take a swing. I'm not very well versed in this cyber stuff, but you know what the heck.

While I'd certainly appreciate comments on the original article, that is not mutually exclusive with comments here. I'll continue to follow this discussion.

Many of your points are irrespective of what organization does this. These type of operations are already occurring. So the questions you pose are beyond theoretical.

As far as Posse Comitatus, that Act had the intention of "substantially limiting the powers of the federal government to use the military for law enforcement." The oath taken by every military member includes the phrase "I will support and defend the Constitution of the United States against all enemies, foreign and domestic" (emphasis added)

There is a significant difference between enforcing the law and protecting the nation. I'll give you that our world is becoming more complex and it's getting more difficult to clearly identify those lines.

The intent of my article was not to address or question the legal issues. Rather, assuming this is going to happen anyway, what is the best way to accomplish the mission?


Tying Space [...] to Cyber is as fallacious as tying submarines to aircraft.

To a certain extent I agree with you, but the various specialties within the two fields have more in common than they do with most of the other military professions. I considered suggesting splitting off two services, but saw that as a "bridge too far" from our current organization.

Perhaps it could be organized as one at first, with an underlying premise that as manned spaceflight becomes more prevalent, a future split would follow?

An entire essay could be written just on the redundancies across all of the services in the area of space. I doubt the other services would stand idly by and agree to let their capabilities be absorbed by the Air Force, so creating a new force may be the only viable solution to streamlining space operations.


No such thing as Cyber "Warfare." Warfare is the conduct of war. There might be "Cyber Operations," but that is not war.

William - I understand your objection. That was a direct quote from the source article referenced. That subject of "[adjective] Warfare" and "[adjective] War" is central to ongoing discussions here at Small Wars Journal and our own CAC blogs at Fort Leavenworth. Example: The Nature of War: Has it Changed Fundamentally? (http://usacac.leavenworth.army.mil/BLOG/blogs/reflectionsfromfront/default.aspx) and On War Modifiers (updated) (http://smallwarsjournal.com/blog/2009/03/on-war-modifiers/)

Oh, someone might want to tell the Estonians! They have a very high profile conference coming up in June - Conference on Cyber Warfare (http://www.ccdcoe.org/99.html). The call for papers is long past, but it might not be too late for them to change the name. :)


...a fit body is a fit mind, and if he hasn't got the self-control and determination to get to do 40 push ups, I don't want him walking my dog, let alone part of my army. [....] They probably look like that for a reason. If they want to serve why didn't they sign up? [...] The armed forces is a not a place for the "physically and socially challenged"

This is where I vehemently disagree with you. First, they would not be in "your army" - they would be in some new organization, something completely unlike anything that currently exists.

Second, I know many people that are healthy - perhaps even "fit" - but that would never succeed in our current military due to their natural body composition. I utterly reject the "they have to look like me" mentality embraced by promotion and selection boards.

Third, our country and our military has changed over time. Minorities and women, widely represented throughout all our services and rank structures, were not always welcome.

I'm not suggesting changing the mold. I'm suggesting creating an entirely new one, with a new purpose and with a broader net.

To all - thanks for the discussion thus far.

William - I understand your objection. That was a direct quote from the source article referenced. That subject of "[adjective] Warfare" and "[adjective] War" is central to ongoing discussions here at Small Wars Journal and our own CAC blogs at Fort Leavenworth.

...and I have been part of that discussion for the last 18 months. My views are pretty well known. War is war. It does not change. If no one dies, or no one is killing, it simply isn't warfare. Technologies and societies evolve, but war stays fundamentally unchanged.

Attacking a military network is an EW skills sub-set. My guess is the same for a civilian one. This is fairly well trodden since 1999.


This is where I vehemently disagree with you. First, they would not be in "your army" - they would be in some new organization, something completely unlike anything that currently exists.
Why? They would be EW operators. They would be part of an existing force, and they would have to conform to military discipline, and standards of behaviour.


Second, I know many people that are healthy - perhaps even "fit" - but that would never succeed in our current military due to their natural body composition. I utterly reject the "they have to look like me" mentality embraced by promotion and selection boards.
I am not looking to exclude skilled folks on the grounds of body type, but having trained recruits I can tell you that there are few fit folk who cannot get fitter. I am far more concerned about the mental attitude, which produces someone who wants to "fight," virtually or not, but lacks the discipline to get in shape to sustain his mental acuity. Doing 27 hours shifts at a desk, in an OPS room requires you to be physically fit.


I'm not suggesting changing the mold. I'm suggesting creating an entirely new one, with a new purpose and with a broader net.
Again, why? It's already being done by Military EW and NSA/GCHQ/CANAUSUS, for the all the "civilian" entities. Why do we want yet another entity that brings nothing new to the party?

LTC Conti (Ph.D. Computer Science, U.S. Military Academy) provided the link to his new article (January 2009) after I emailed him regarding this blog post.

For anyone interested in this subject, his Is it Time for a Cyberwarfare Branch of Military? (http://www.rumint.org/gregconti/publications/2009_IAN_12-1_conti-surdu.pdf) is in the "must read" category.


Army, Navy, Air Force, and Cyber—Is it Time for a Cyberwarfare Branch of Military? (http://www.rumint.org/gregconti/publications/2009_IAN_12-1_conti-surdu.pdf)
LTC Gregory Conti and COL John “Buck” Surdu
IAnewsletter (http://iac.dtic.mil/iatac) Vol 12 No 1 Spring 2009

Excerpts:

"The cultures of today’s military services are fundamentally incompatible with the culture required to conduct cyberwarfare."

"To understand the culture clash evident in today’s existing militaries, it is useful to examine what these services hold dear—skills such as marksmanship, physical strength, and the ability to jump out of airplanes and lead combat units under enemy fire. Accolades are heaped upon those who excel in these areas. Unfortunately, these skills are irrelevant in cyberwarfare."

"Ultimately, the role of fighting and winning in cyberspace is a military mission, which demands a military organization—one that can recruit, train, and retain highly qualified cyberwarfare combatants."

"Ultimately, the role of fighting and winning in cyberspace is a military mission, which demands a military organization—one that can recruit, train, and retain highly qualified cyberwarfare combatants."In fact, I'm pretty sure it's wrong on several levels.

I also submit that if we elect that route, it will adversely affect both the Armed Forces and our ability to rapidly react to and block or defeat cyber threats or, conversely, to pose a cyber threat to others.

Have you talked to and observed your DCSIM folks lately... ;)

You are going to have a hard sell to a HIC military basically a LIC problem when you add an entire new terrain. I can give you a 100 kinetic effects via cyber delivery using primarily the principles of small wars. They will be ignored. The HIC world will simply not accept the parasitic losses on their c2 structures. I value the commentary of Col. Gentile highly as his arguments against COIN are the foil of cyber too.

Have you talked to and observed your DCSIM folks lately... ;)

Ken - By DCSIM, I presume you are referring to Fort Leavenworth's DOIM?


I also submit that if we elect that route, it will adversely affect both the Armed Forces and our ability to rapidly react to and block or defeat cyber threats or, conversely, to pose a cyber threat to others.

Why? I don't understand. All of the functions currently performed would still be accomplished, but with "slices" or support teams from the core cyber service.

Ken - By DCSIM, I presume you are referring to Fort Leavenworth's DOIM?Those folks have a different drummer. That's not an insult, just a simple statement of fact. Ponder that for a second and hold the thought.
Why? I don't understand. All of the functions currently performed would still be accomplished, but with "slices" or support teams from the core cyber service.I Have watched the armed forces add a number of ancillary functions over a good many years. Most of those functions, if they have a political element have been detrimental to the services. Each of those functions that entailed an erosion of focus by the services invariably ended up adversely affecting competence at core missions.

Thus I think that the loose attitude required for cyber efforts would adversely affect those military folks who came in contact with it -- innovation and initiative are desired traits in Soldiers and such but an excess is not going to fly (It really should but it won't). Selil's comment above is also appropriate.

The flip side of that is the far worse fact that the services would constrain the cyber hunters who need a license to prowl and no time constraints.

An old Cav Colonel was heard to say about reconnaissance "we don't have the patience to snoop; so we just go out looking for trouble..." I don't agree with him; patience can be taught -- the problem is not that the units don't have the patience, it is that some Commanders and a great many staff persons don't have the patience to wait for a good job and rush things. That wouldn't work in the cyber space battles...

I believe the services should be able to protect their own cyber resources and should be able to attack potential and actual opponents military cyber efforts. Any attacks on the civilian political or infrastructure and thus economic cyber activities of an actual opponent should be by a civilian organ under tight political control. Doing cyber battle comes under the heading of the old 'Be careful what you wish for; you may get it' rubric.

I believe the services should be able to protect their own cyber resources and should be able to attack potential and actual opponents military cyber efforts. Any attacks on the civilian political or infrastructure and thus economic cyber activities of an actual opponent should be by a civilian organ under tight political control. Doing cyber battle comes under the heading of the old 'Be careful what you wish for; you may get it' rubric.

How does one successfully compartmentalize and contain these things? Mutation/innovation rates are very high and last weeks fence may not be good enough for this week. Here's a biology example from Wired (http://blog.wired.com/wiredscience/2009/03/mutationrecord.html)


At the time, hypothesize scientists, the pinnacle of life was the RNA replicon: a chunk of ribonucleic acid that didn't copy itself by making proteins, as DNA does, but instead pulled them from the primordial ooze.

Whether hammerhead viroids are descended from replicons isn't known. But in a study published Thursday in Science, University of Valencia plant biologists led by Rafael Sanjuan say the viroids at least resemble that long-lost link in the evolutionary chian.

Their traits could explain how RNA learned to make proteins — the next critical step towards self-assembling DNA and the complex life that flowed from it. And no other hammerhead viroid trait is more remarkable than its mutation rate.

"It's extremely high," said Irene Chen, a Harvard University systems biologist who studies the evolution of molecules. Chen was not involved in the study . "It's right at the Eigen error threshold" — the mutation rate at which replication becomes intrinsically self-destructive because every copy is so error-ridden.

As for 'containing' the armed forces by restricting them to military targets, that's easy in principle and difficult in practice. The solution is to define the principle and stick to it with full acknowledgment that there will be occasions when the civilian agency will want the service effort directed to an economic or infrastructure target that the services have morphed into access and there will be occasions when the services need the civilian agency to do something specific to a military target. That's called cooperation so it seems to me that cooperation can contain compartmentalization and compartmentalization will entail cooperation to effect containment of the other folks efforts. Or something like that. ;)

The issue is that just as attacking the opponents population centers with iron bombs by an Air Force is no longer acceptable, cyber disruption of the civil side of things with the massive potential for physical civilian harm by a military force should not be acceptable.

Hybrid warfare will, regrettably, make likely that lack of acceptability a moot point and it may become a necessity even if undesirable but just as Britain's WW II SOE LINK (http://en.wikipedia.org/wiki/Special_Operations_Executive) used a mix of civilian and military assets to do a mix of civil and military tasks under firm civilian control, so the US Cyber Operations Executive should be under firm civilian control. That means non-DoD. Lest the bureaucracy stifle it...

"The cultures of today’s military services are fundamentally incompatible with the culture required to conduct cyberwarfare."

History would say otherwise, especially when it comes to the history of EV commencing in 1904, with the Japanese.


"To understand the culture clash evident in today’s existing militaries, it is useful to examine what these services hold dear—skills such as marksmanship, physical strength, and the ability to jump out of airplanes and lead combat units under enemy fire. Accolades are heaped upon those who excel in these areas. Unfortunately, these skills are irrelevant in cyberwarfare."
Actually not true. How does military intelligence function then? How does the EW world function? The military has tons of skills relevant to so called "cyber."

"Ultimately, the role of fighting and winning in cyberspace is a military mission, which demands a military organization—one that can recruit, train, and retain highly qualified cyberwarfare combatants."
No one in cyber warfare is a combatant. They are an operator. I agree it's a military mission, with military organisation (and discipline and dress standards), but the organisations to do this already exist.

If there is any evidence to the contrary, I'm all ears!

I agree with Wilf on all this, except that I think EW will eventually become a subdiscipline of so-called "cyber" operations and not the other way around.

What is the compelling reason/need for a new military service? I don't see one. I could see an argument for, perhaps, a new agency and, in fact, that's a debate that's taking place now. But a military service? Doesn't make any sense to me.

This being said, space is an operational environment waiting for its Billy Mitchell. And this bears considerable thought. Had that insubordinate, and arrogant fighter jock not made his case, the air force probably would have split off eight to ten years later and along TAC/SAC lines (with transport being divided similarly) rather than taking all armed fixed wing and almost all transport.

Mitchell was actually a bomber guy if memory serves...:D

I agree with Entropy and Van on this...cyber doesn't need a new "service," it needs someone to focus an existing agency (and NSA is a good fit) on the situation and develop it properly. NSA is already a hybrid of sorts, with lots of military folks working with civilians, so no need to reinvent a wheel. I don't happen to think cyber command is a good fit for the AF. They have enough issues in their core competencies without adding a new one.

Mitchell was actually a bomber guy if memory serves...:D

I agree with Entropy and Van on this...cyber doesn't need a new "service," it needs someone to focus an existing agency (and NSA is a good fit) on the situation and develop it properly. NSA is already a hybrid of sorts, with lots of military folks working with civilians, so no need to reinvent a wheel. I don't happen to think cyber command is a good fit for the AF. They have enough issues in their core competencies without adding a new one.

especially this



](and NSA is a good fit) on the situation and develop it properly. NSA is already a hybrid of sorts[/B]

In my opinion with a civilian head of the NSA (I know generals get posted there), and another directorate the NSA with appropriate scoped civilian (non-contractor), military, corporate, and law enforcement support might be able to stand up in this arena. I personally believe in inherent governmental activities and don't support contractors/mercenaries as war fighters regardless of the history. I worry that the NSA signal gathering intelligence activity would be decimated by taking on an offensive role unless those two missions had procedural barriers between them.

Though Mr. Owen blithely enacts his own sig quote by tossing cyber out the window it is regardless of his opinion a multi-faceted, cross-domain, deeply entrenched part of the modern world, capable of real world kinetic effects. I imagine that the analogy of our current position in cyber is some dark ages king sitting tidy in his besieged castle watching the building of all those new trebuchets wondering what all the hullabaloo is about. The evidence is all around you of the possibilities you just have to understand the context of that evidence.

Many fine scholars of cyber have failed to understand the nature of warfare in cyber space. I had it pointed out to me today that most don't understand the technology under-pinnings well enough to grasp the principles. Sort of like the marksman who can't clean his own rifle, or perhaps worse. I don't really have a dog in this fight though. The longer the military doesn't understand the more relevant my dissertation when completed.

Though Mr. Owen blithely enacts his own sig quote by tossing cyber out the window it is regardless of his opinion a multi-faceted, cross-domain, deeply entrenched part of the modern world, capable of real world kinetic effects.

Not quite sure what your implied gripe here is. I (Mr Owen) recognise "cyber" as important, in the same way I recognise EW as important. - and EW has a proven track record.

Now considering that networks are either transmitted in the electromagnetic spectrum or via physical links, then they use identical methods to those which the 100-year-old field of EW is well versed.

If you are talking about passive radar air defence networks being run off WIMAX linked Lap top computers, there is an obvious and real operational connection, which the EW community, with which I talk recognise, and are cognoscente of. So no big leap there.

Logically "Cyber" - silly word, - is merely an evolution of EW, in the same way that SIGINT evolved from COMINT, in the 1940s. Radar didn't change the EW game that much. It just gave them more to play with and I see "Cyber" as no different.

Playing the Devil's advocate here, wouldn't it make more sense to suck up "Cyber", EW, the NSA, DISA, and the rest of the DoD Comm infrastructure into a Communication Command, after the model of Joint TRANSCOM? At the end of the day cyber, voice, video, crypto, EW, etc are all about ones and zeros moving over RF (or legacy analog stuff readily interpreted by computers). They are part of our infrastructure, they are a target of the enemy's infrastructure, and similar and closely related skill sets are needed to maintain, protect, and attack them.

The downside of any centralization like this is that the users usually get screwed. You end up with engineers and (worse) managers of engineers "deciding" what users "really" need (what they decide users really need is what the engineer likes, even if it takes an engineering degree to use, or you get what gets the manager promoted whether or not it works). You get illusory economies by reducing support to the users. And the big organization s-l-o-w-s d-o-w-n as layers are added and fiefdoms develop.

Just what DoD needs. Another four star command.


Originally Posted by Steve Blair
Mitchell was actually a bomber guy if memory serves...
I was hasty, the characterization of Mitchell as a fighter jock comes from two sources; his book "Winged Defense", where Mitchell goes on at length about the roles of interceptors and the need for fighters; and the way fighter jocks idolize the insubordinate son-of-a-biscuit.

Van,

For an example of that, just look at the NRO. It started off great, but now it's a bureaucratic behemoth with all the downsides.

Playing the Devil's advocate here, wouldn't it make more sense to suck up Cyber, EW, the NSA, DISA, and the rest of the DoD Comm infrastructure into a Communication Command, after the model of Joint TRANSCOM?

Van, calling your devil's advocate position and raising you another: Why not?

Given all of the problems we've had over the years with communications between the services, perhaps it would also be beneficial to have a single set of communications personnel.

But you do raise a valid question. Looking for redundancies and suggesting mergers can be a slippery slope.

My suggestion is not that this is the right thing to do, merely that it should be analyzed. That analysis would answer questions like:

How many people in each service are performing space & cyberspace functions?

What are the redundant functions across the services and could they be consolidated or merged?

Consider the various commands, organizations and agencies listed below. I'm sure this is not an all inclusive list. All of this was found open source, with the search conducted from a non dot-mil domain. Feel free to add any that I missed. (Thanks in advance; I'll list you in the credits if I ever do a dissertation on this subject.) :)

Does anyone else see a lot of overlap?

Air Force Space Command

Deliver space and missile capabilities to America and its warfighting commands.

Taking the above mission statement literally, why would any other service need space commands?

Army Space and Missile Defense Command (SMDC)

SMDC/ARSTRAT conducts space and missile defense operations and provides planning, integration, control and coordination of Army forces and capabilities in support of US Strategic Command missions; serves as the Army specified proponent for space, high altitude, and ground-based midcourse defense; serves as the Army operational integrator for global missile defense; and conducts mission-related research and development in support of Army Title 10 responsibilities.

Navy Space and Naval Warfare Systems Command (SPAWAR)

Deliver FORCEnet by inventing, acquiring, developing, delivering and supporting integrated and interoperable C4ISR, Business IT and Space Capabilities in the interest of national defense.

Naval Network Warfare Command (NETWARCOM)

Deliver integrated cyber mission capabilities in Information Operations, Intelligence, Network Operations and Space that enable warfighters across the full range of military operations. Provide highly trained forces, interoperable and well maintained equipment, and clear processes and governance.

Naval Network Warfare Command (NETWARCOM) - Space

Commander, Naval Network Warfare Command (COMNAVNETWARCOM) has multiple duties as the Naval operational agent for Space: the Navy Functional Component for Space to US Strategic Command (USSTRATCOM); the Navy Space Type Commander (TYCOM) responsible for manning, training and equipping the fleet for space; the Navy Space Cadre Functional Authority responsible for developing, training, and tracking a cadre of Navy personnel with an expertise in space systems; and the Naval Space Campaign lead for US Fleet Forces Command (USFFC). NETWARCOM also supports a Space Watch Cell which maintains and disseminates space situational awareness and produces a space effects package for fleet users.

Naval Network Warfare Command (NETWARCOM) - Information Operations

NETWARCOM is responsible and accountable for coordination and direction on all matters for Information Operations (IO) and Signals Intelligence (SIGINT) to include Electronic Warfare (EW), Psychological Operations (PSYOP), Military Deception (MILDEC), Operations Security (OPSEC), and Computer Network Operations (CNO).

Naval Network Warfare Command (NETWARCOM) - Networks

NETWARCOM provides operational and technical direction of the Navy's Network Operations in support of Joint Forces and Service mission requirements, assesses Fleet Command and Control, Communications, Computers, Combat Systems and Intelligence, (C4I) readiness and system availability and direct follow-on action to resolve capability shortfalls. NETWARCOM coordinates with internal and external sources for delivery of C4I products and reachback services that support globally deployed Naval forces.

Navy Cyber Defense Operations Command (subordinate to NETWARCOM)

To coordinate, monitor, and oversee the defense of Navy computer networks and systems, including telecommunications and to be responsible for accomplishing Computer Network Defense (CND) missions as assigned by Commander, Naval Network Warfare Command and Commander, Joint Task Force - Global Network Operations (JTF-GNO).

U.S. Army Signal Center

The United States Army Signal Center of Excellence provides world class Soldiers and Leaders; trains, educates, and develops adaptive IT professionals; and plans, synchronizes, experiments, and implements Future Network capabilities.

Army 1st Information Operations Command (Land)

1st Information Operations Command (Land) deploys information operations support teams in order to provide IO planning support and vulnerability assessments in support of military forces and provides an IO reach-back capability to operational and tactical IO staffs as directed.

Army Network Warfare Battalion (July 2008)

This battalion formalizes and centralizes the Army's mission to provide rapid, increasing support to forces worldwide and will lead the Army in providing a larger and more robust network warfare capability.
REF: Army activates network warfare unit (http://www.army.mil/-newsreleases/2008/07/02/10569-army-activates-network-warfare-unit/)

Army Communications-Electronics Research, Development and Engineering Center

To develop and integrate Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance (C4ISR) technologies that enable information dominance and decisive lethality for the networked Warfighter.

Marine Corps Information Operation Center (MCIOC)

Set to stand-up in 2009 on Marine Corps Base Quantico, the MCIOC mission will be to provide the MAGTF a full spectrum and readily accessible Marine Corps IO resources. [...] The MCIOC will support the MAGTF staff by providing tactically focused, deployable, IO support teams who will assist in IO tactics development as well as formulating requirements including research and development priorities
REF: Corps to establish the Marine Corps Information Operation Center (http://www.quantico.usmc.mil/Sentry/StoryView.aspx?SID=1783)

Almost forgot the Coast Guard. They have the Coast Guard Telecommunications and Information Systems Command.

Defense Information Systems Agency

The Defense Information Systems Agency is a combat support agency responsible for planning, engineering, acquiring, fielding, and supporting global net-centric solutions to serve the needs of the President, Vice President, the Secretary of Defense, and other DoD Components, under all conditions of peace and war.

Global Cyberspace Integration Center (Air Force)

The Global Cyberspace Integration Center teams with major commands, joint and coalition partners, national agencies, industry and academia to develop, integrate and standardize air, space, and cyberspace components. The GCIC manages Command & Control and cyber innovation, experimentation, and transition efforts including Joint Expeditionary Force Experiment. The GCIC plans, programs, and guides enterprise-level capability-based planning, requirements, architectures, and integration of Air Force warfighting networks, combat support and C2 systems

National Security Agency

The NSA/CSS core missions are to protect U.S. national security systems and to produce foreign signals intelligence information.

The Information Assurance mission confronts the formidable challenge of preventing foreign adversaries from gaining access to sensitive or classified national security information. The Signals Intelligence mission collects, processes, and disseminates intelligence information from foreign signals for intelligence and counterintelligence purposes and to support military operations. This Agency also enables Network Warfare operations to defeat terrorists and their organizations at home and abroad, consistent with U.S. laws and the protection of privacy and civil liberties.

The above list does not include other service specific related areas, such as educational institutions.

Just one example:
Air Force Institute of Technology, Center for Cyberspace Research

Develop Air Force and DoD leaders in cyber operations expert in the use of doctrine, techniques, and technologies that ensure dominance and superiority in cyberspace

Given the items above, could it just be in the realm of the possible that we have too much overlap in this area across all of the services?

My suggestion is not that this is the right thing to do, merely that it should be analyzed. That analysis would answer questions like:

How many people in each service are performing space & cyberspace functions?

What are the redundant functions across the services and could they be consolidated or merged?

Consider the various commands, organizations and agencies listed below. I'm sure this is not an all inclusive list. All of this was found open source, with the search conducted from a non dot-mil domain. Feel free to add any that I missed. (Thanks in advance; I'll list you in the credits if I ever do a dissertation on this subject.) :)
(SNIP)
Given the items above, could it just be in the realm of the possible that we have too much overlap in this area across all of the services?

I hate to say it, but if you want to get rid of many of these organizations then you also need to get rid of the multi-service approach the US takes to defense. As long as one has more than one uniformed service, and as long as one has more than one civilian agency overseeing various aspects of what might be defense/homeland security. then one will have a proliferation of intervening command and control elements for each of those entities when they get rolled up under a "combined" leadership. When one works in matrix organizations, one still has parent organizations that are responsible for dealing with all the other stuff/functions that the matrix organization has no time, interest or capability to consider and oversee.

BTW, the provided list was really a bad oversimplification (and deceiving in that the NAVNETWAR entries are really just sub-elements of the bigger command I believe), and out of date to boot.
For what it's worth, we could develop a similar list for just about any function performed across the defense spectrum--from designing, acquiring and operating indirect fire systems to water transportation to chem-bio defense to building construction. C2 (Command and Control) systems or ISR systems happen to be my two personal favorites though.

BTW, the provided list was really a bad oversimplification (and deceiving in that the NAVNETWAR entries are really just sub-elements of the bigger command I believe), and out of date to boot.

Deceiving? I included the (NETWARCOM) moniker after each so that it was clear they were part of that larger organization. Originally I was not going to list them separately, but decided to as it better showed the overlapping mission statements.

As far as being out of date, with the exception of the two items referenced from new stories (links provided), all of the information came from publicly accessible official websites. Could you be more specific about which ones were out of date?

A recent SAMS monograph was brought to my attention this morning.

In National Department of Space (22 May 2008) (http://cgsc.cdmhost.com/cgi-bin/showfile.exe?CISOROOT=/p4013coll3&CISOPTR=2319&filename=2320.pdf) (PDF, 767 KB), Lt Col Kristine M. Shaffer (USAF) looks specifically at the consolidation of space functions into a core department. In her paper she recommends:


If the nation is serious about space, it should consider making a “drastic” change or transformation of the current space program. The current status quo program with multiple organizations with multiple missions without a single focus and a single “belly button” is hindering and strangling America’s space direction, domination and development. The organizations will merely look on space as an auxiliary and not as a principal business.

Shaffer's monograph includes an extensive bibliography of books, published articles, internet sources and other monographs on this same subject.

Source:

National Department of Space (http://cgsc.cdmhost.com/cgi-bin/showfile.exe?CISOROOT=/p4013coll3&CISOPTR=2319&filename=2320.pdf)
Lt Col Kristine M. Shaffer (USAF)
Command and General Staff College (CGSC), School of Advanced Military Studies (SAMS) Monograph

But I still fail to see the need to create an entire new service (AND new budget line, infighting, etc., etc.) when there are already acceptable alternatives (NSA, for one) available to manage and direct cyber issues.

But I still fail to see the need to create an entire new service (AND new budget line, infighting, etc., etc.) when there are already acceptable alternatives (NSA, for one) available to manage and direct cyber issues.

There may not be the need - I don't know the answer. I think the consolidation makes sense, but it would require a detailed analysis and assessment.

One answer could be to consolidate all space functions in the Air Force, since their space mission is: "Deliver space and missile capabilities to America and its warfighting commands." That sounds pretty comprehensive, assuming they could actually do it.

Where I see the need is in all of the overhead. All of those commands listed have staff, infrastructure, administrative overhead.

As we are increasingly asked to "do more with less", we should not rule out considering ways in which we may be able to do it more efficiently.

Not addressed to you specifically, but many of the responses thus far seem to fall into the "we've always done it that way" or "why should we change" categories.

I'm asking - why shouldn't we change? Is it possible we could create a more efficient organization? And, if so, would the expense - and any subsequent disadvantages (i.e. risks) - of creating that organization be worth it?

This is not a radical position. Consider the following:


“Future Steps”
Commission to Assess US National Security
Space Management and Organization, pp. 93-95


“. . . Once the realignment in the Air Force is complete, a logical step toward a Space Department could be to transition from the new Air Force Space Command to a Space Corps within the Air Force.” p. 93


“The timetable, which is not possible to predict, would be dictated by circumstances of the next five to ten years.” p. 94
(Comment - This report was finalized in early 2001. We are very near the end of the "five to ten year" timetable.)


“Finally, an evolution to a Space Corps could involve integration of the Air Force and NRO acquisition and operations activities for space systems.” p. 94

REF: Commission and Panel Recommendations (http://www.dtic.mil/ndia/2002spacepolicy/fitzgerald.pdf) (PDF, 1.3 MB)
Page numbers refer to Chapter VI, Organizing and Managing for the Future (http://www.fas.org/spp/military/commission/chapter6.pdf) (PDF, 0.6 MB), of the Commission's report.

And, from the Executive Summary (http://www.fas.org/spp/military/commission/executive_summary.pdf) (PDF, 2.8 MB) of The Commission to Assess United States National Security Space Management and Organization (http://www.fas.org/spp/military/commission/report.htm):


The Department of Defense requires space systems that can be employed in independent operations or in support of air, land and sea forces to deter and defend against hostile actions directed at the interests of the United States. In the mid term a Space Corps within the Air Force may be appropriate to meet this requirement; in the longer term it may be met by a military department for space. (emphasis added)

I don't consider consolidating cyber efforts within the NSA to be saying "we've always done it that way." Rather, I'd say that it's recognizing that we already have a combined military/civilian agency in place with a strong background in, and capability for, operations of that nature. Also, since it's an existing agency that is well-funded, you're not looking at a scenario where an entire new command needs to be spun up with the resulting infrastructure costs and other associated budget line items. Given the diverse nature of cyber-threats, I'm not convinced (for a number of reasons) that a purely military agency is the way to go when it comes to dealing with them.

Too many of the "new command or organization" proposals I've seen reek more of empire-building than they do efficient organization. It's also often seen as the easy way out...and in fact often turns out to be just the opposite of what's intended. I can see the need for some sort of separate space agency or command, but with cyber I think we're better served taking a realistic look at what we have and figuring out where it would best fit. From what I've seen, I'm not at all convinced that the AF is the best place for such an agency or command.

Deceiving? I included the (NETWARCOM) moniker after each so that it was clear they were part of that larger organization. Originally I was not going to list them separately, but decided to as it better showed the overlapping mission statements.

As far as being out of date, with the exception of the two items referenced from new stories (links provided), all of the information came from publicly accessible official websites. Could you be more specific about which ones were out of date?

By deception, I meant the inclusion of NAVNETWARCOM so often makes the list look a lot longer than it might otherwise, partly because of the inclusion of subordinate elements of one organization. It would be even longer were we to list out the various offices doing cyber work at CERDEC, or AFIT, AFRL or SMDC for example--or listing SDC (the product development organization subordinate to AFSPC) as well as AFSPC. PM also sent.

From the Wall Street Journal (http://online.wsj.com/article/SB124579956278644449.html)...

Defense Secretary Robert Gates created a new military command dedicated to cyber security on Tuesday, reflecting the Obama administration's plans to centralize and elevate computer security as a major national-security issue...

Defense Secretary Robert Gates's budget envisions training more than 200 cyber-security officers annually...

The decision follows President Barack Obama's announcement last month that he will establish a new cyber-security office at the White House...

The Pentagon initiative will reshape the military's efforts to protect networks from attacks by hackers, especially those from China and Russia. It also consolidates the largest concentration of cyber warriors and investigators in the government under one military command, exacerbating concerns of some experts who worry about military control of civilian computer systems...

The command is meant to begin working by October and to be fully operating by October 2010...

The Pentagon, which is already receiving the vast majority of new government spending on cybersecurity, has thousands of cyber warriors, many of whom are expected to be housed under the new command, which is likely to be next door to the NSA's Ft. Mead, Md., campus...Is this what we need? Or are we just redrawing the organizational chart / rearranging chairs? On matters that I don't know much about... In Gates I Trust.

Thoughts on whether this new command will likely impact our preparedness and, if so, for the better?

I still think something like this should be folded under NSA. It's too early to tell (IMO) if it will make things better or worse. Sam might have some better insight into this...:cool:

I still think something like this should be folded under NSA. It's too early to tell (IMO) if it will make things better or worse. Sam might have some better insight into this...:cool:

Just noticed this comment near the end of the article...


Rod Beckstrom, former chief of the National Cyber Security Center, which is charged with coordinating cyber-security activities across the U.S. government, quit in March, warning in his resignation letter that the growing reliance on the NSA was a "bad strategy" that poses "threats to our democratic processes."

I don't know if this is ACLU-type hysteria or if he knows of some legitimate concern. I have to think that, given his position, he is sane. But, on the other hand, there's just something about NSA and DoD that doesn't quite worry me when it comes to privacy issues. IRS or DoJ - now that might concern me. Maybe I'd feel a little more threatened by it if I were not a white Christian man whose ancestors arrived in this country from England in the 1700s. I'm curious what, specifically, his concern is and how credible it is.

I don't know if this is ACLU-type hysteria or if he knows of some legitimate concern. I have to think that, given his position, he is sane. But, on the other hand, there's just something about NSA and DoD that doesn't quite worry me when it comes to privacy issues. IRS or DoJ - now that might concern me. Maybe I'd feel a little more threatened by it if I were not a white Christian man whose ancestors arrived in this country from England in the 1700s. I'm curious what, specifically, his concern is and how credible it is.

I've talked a bit with Beckstrom about this and he has some good points. The NSA is NOT in the information dissemination business. Regardless of competing philosophies there are a few facts.

1) United States infrastructure including Department of Defense networks all run on commercial carrier infrastructure. Any Department of Defense effort MUST also be a civilian LED effort.

2) The cyber infrastructure is a largely logical network with strange relationships resulting in chaotic hierarchy of company and government partnerships nested on top of a brittle physical infrastructure primarily owned by very few companies. Now the Department of Defense wants to add their acquisition system to this mix.

3) NSA wants this mission as they trade on a reputation more than evidence of their capability. The NSA is not in the information sharing business and prefers dictating the terms of agreements. This results in abject failure and wariness by watchdog groups. The AT&T network tap debacle shows the relative weakness of this approach.


4) A DOD cyber command as suggested is a failure at all levels if it does not reflect a war fighting mission. Intelligence is a support entity not the actual combatant. Placing a cyber command into a counter intelligence role only suggests to me that they are not serious about defense or offense. I suggest this is fact based on what other domains would you say this is true about?

I am not a fan of the current direction. It looks to me as the NSA is making a power grab and that is worrisome. There appears to be a lot of money on the line but it is all coming out of somebody else's pocket so everybody wants to make sure they are getting money not losing money. It is easy to throw out epithets like ACLU worry warts, but that ignores critical elements of this plan often ignored. The NSA has engaged in political spying including forcing a congressman to vote the way NSA wanted based on the congressman's illegal engagement with AIPAC. The entirety of the US cyber infrastructure is a shared civilian/government infrastructure. Finally because the NSA is a secret organization they are not in the business of disseminating information. Their information assurance directorate is even worse at getting information out than NIST.

I'll be honest I'm not a fan of this plan. I think it is wrong. I think this is a scary way of doing business.

Worse. I'm usually a fan of the NSA I like what they do. I would like to see them keep doing it. I don't think this mission belongs with them. I don't think this mission belongs within ANY intelligence organization. It should be with a combatant command or the government simply is not taking it seriously.

I guess less facts and more opinion but there it is. As an aside I've been asked by [redacted] to write a policy paper (Amici Curiae) on this.

NSA needs to do what they do.

The intensive mixing of many civilian and many government entities that is today's cyberworld is going to require a new approach. DoD and all its agencies and departments couldn't provide a new approach if they had to; the bureaucracy wouldn't allow it. Opposed as I ordinarily am to new bureaucracies, I think this needs one.

I do not necessarily agree this it is a bad thing or that this mission doesn't belong in an organization led by an intelligence type. However, putting this under an existing intelligence monolith may not be the best COA. Sam is right, NSA is not known for their ability to share and play well with others. But BL, some capabilities and capacities that can be leveraged to get this off the ground are already resident within NSA and it makes stand up easier and faster.

To be honest, I don't care what tribe specifically runs in (ops/intel/comm/whatever). I am more concerned with:

1. What authorities will they actually have to do something?
2. What guidance and intent have they been given for their role?
3. Do we have the right leader in charge? (And by this I am not talking herbivore versus carnivore...in the end, all successful endeavors are about leadership. Oh, and personalities matter...)
4. What is the command's vision for cyber and how are we gonna get there?
...etc...

There mutiple great examples of how just because someone is an ops type, they do not corner the market on leadership, vision, creativity, initiative, etc... I've seen good and bad leadership from all types. Key is to get the right person in there empowered with the authorities necessary to act. In the end, it's all about leadership...and should have very little to do with tribalism.

PINT

To be honest, I don't care what tribe specifically runs in (ops/intel/comm/whatever). I am more concerned with:

...(And by this I am not talking herbivore versus carnivore...in the end, all successful endeavors are about leadership. Oh, and personalities matter...)

...and should have very little to do with tribalism.While I agree that tribalism is unnecessary, unwanted, undesirable and three or four other un-s, I'm not at all sure you can avoid it if you populate an organization with humans. Leadership is key -- but personalities do matter and they tend to gather in tribal groups. Leaders come and leaders go, some good and some bad through luck of the draw, however, tribes endure.

While I'd like to see no tribalism because I'm anti tribal, I've noticed that most people are not; they like to join tribes -- so I think it's a given that a tribe will do the job. Perhaps another idea is to use the human proclivity to form tribes to our advantage in determining what to do. i.e. select or form the right tribe for the job...

Not that I have much faith that any ideas expressed here will sway the process... :wry:

Not that I have much faith that any ideas expressed here will sway the process... :wry:

I get way more attention from foreign governments on my ideas about cyber warfare than I do from my own government. I'm quite disenchanted with the process and several of the people involved. They seem to be more worried with power and money and handing it out to contractors than actually taking care of what is an inherent government task (waging war). It's not bullets and bombs so they are not serious about offensive measures.

I get way more attention from foreign governments on my ideas about cyber warfare than I do from my own government. I'm quite disenchanted with the process and several of the people involved. They seem to be more worried with power and money and handing it out to contractors than actually taking care of what is an inherent government task (waging war). It's not bullets and bombs so they are not serious about offensive measures.the fact that Congress, absent an existential threat * is always going to be more concerned with power and money and handing it out to contractors than caring about inherent government tasks.

Government employees, uniformed and not, vote but they aren't a monolithic vote and they can be be -- and are -- controlled by Congress. They also are not, other than the employee Unions, big contributors to Congressional campaigns. Contractors (and bomb and bullet manufacturers) OTOH are huge contributors. Mega huge. Thus, power and money outweigh the national interest every time. Get past that and then Party loyalty trumps loyalty to the Nation. Pathetic crew...

You do know that any US DoD overseas bound cargoes cannot legally be carried by MSTS if there is a US civilian ship available? That Army and Navy stevedores -- and even military Postal units -- cannot work for training in the US legally? They might compete with the Stevedores Unions (or the APWU). Congress passes laws like that which are NOT in the national interest and that preclude inherent government tasks being done by elements of the government at the behest of contractors and business. Just as the State legislatures pass laws protecting the big business interests in the State. Live in Florida and want to pay off a lease on a car? Even if the lender is in another State, in Florida you have to pay through a Dealer so he can make money off your payoff. That's not unfettered Capitalism -- it's crooked legislators. At all levels.

That's unlikely to change until Congress is reformed. That's why I tell everyone, every election -- vote the Bastards out! All of them, both parties are totally corrupt, don't ever vote for an incumbent. Only way they'll get the message.

So what you say is distressing but not surprising. :rolleyes:

* Even during the Civil War, existential threat if there ever was one and WW II, big national effort if not really existential, Congressional venality was apparent and little checked. :mad:

Not that I have much faith that any ideas expressed here will sway the process... :wry:

What are you talking about?!? I think all of our opinions will be IMMENSELY critical to shaping the course of this and all other human events, tribal or otherwise. :rolleyes: :D

It all boils down to leadership and personalities matter...because I guarantee if you put a terrible leader in charge with an inability to build the right team, articulate a coherent vision, leverage the resources appropriately and execute -this (and any other effort) will fail. :(

It all boils down to leadership and personalities matter...because I guarantee if you put a terrible leader in charge with an inability to build the right team, articulate a coherent vision, leverage the resources appropriately and execute -this (and any other effort) will fail. :(the opposite? Insure a good leader and that his or her replacements will also be good and not just connected or due for their turn?

Or figure a way to leverage resources in the milieu that is the US government? I won't even aim for articulating a coherent vision pertaining to warfare, even cyber warfare, in this era of political correctness (or, more correctly, political foolishness). :wry:

Not saying it shouldn't be as you say; it should be. However, as the Docs say, the prognosis is not good. Mediocrity is our forte; virtually mandatory due to statutory constraints decreeing 'level playing fields' and 'concern for the taxpayer's dollar.' Not to worry, fortunately, the kids generally make up for their leaders shortfalls and most of the world most of the time is even less proficient than we are so it generally works out okay. :cool:

1) United States infrastructure including Department of Defense networks all run on commercial carrier infrastructure. Any Department of Defense effort MUST also be a civilian LED effort.

That was always something that I thought was a glaring security problem that, while expensive, would be correctable. Why doesn't the DoD have a separate internet that is physically disconnected from the rest of the internet? My understanding is that even our classified networks retain some connection to the infrastructure used by everyone in the civilian world. Is that too big of an undertaking? Or is it rendered moot now that we cloud compute?*


Not that I have much faith that any ideas expressed here will sway the process... :wry:

Dang. I thought that I brought enough gravitas so that someone would notice the thread.


* - That rhymes

here when I said that... ;)

We be on track now... :D

I told all of my friends about it. They are both reading it now.:D

but I don't think what was related in a press release is necessarily the extent/scope of this new unified command's mission...

placing it under STRATCOM is just about right... warfighter, but without an AOR (unless you call everything an AOR)...

Will it stumble, bumble, and otherwise struggle to figure out how it relates to the endless number of stakeholders... yep, it's inevitable... but a joint/unified approach that deliberately explores the cyber realm as operational domain is decades late, but...

better late than never...

To the sceptics, where else would you put Cyber Command if you buy into the notion that cyberspace is an operational domain?

Have fun storming the castle... I mean firewall:D

http://www.npr.org/templates/story/story.php?storyId=128574055&ps=cprs


There may be no country on the planet more vulnerable to a massive cyberattack than the United States, where financial, transportation, telecommunications and even military operations are now deeply dependent on data networking.

What's worse: U.S. security officials say the country's cyberdefenses are not up to the challenge. In part, it's due to a severe shortage of computer security specialists and engineers with the skills and knowledge necessary to do battle against would-be adversaries. The protection of U.S. computer systems essentially requires an army of cyberwarriors, but the recruitment of that force is suffering.

WASHINGTON — Computer hackers have begun targeting power plants and other critical operations around the world in bold new efforts to seize control of them, setting off a scramble to shore up aging, vulnerable systems.

Cyber criminals have long tried, at times successfully, to break into vital networks and power systems. But last month, experts for the first time discovered a malicious computer code — called a worm — specifically created to take over systems that control the inner workings of industrial plants.

In response to the growing threat, the Department of Homeland Security has begun building specialized teams that can respond quickly to cyber emergencies at industrial facilities across the country.

http://www.google.com/hostednews/ap/article/ALeqM5h7lX0JoE1AGngQoEfWWmCM6THizQD9HC86L80

Now it is official: The most significant breach of U.S. military computers was caused by a flash drive inserted into a U.S. military laptop on a post in the Middle East in 2008.

In an article to be published Wednesday discussing the Pentagon's cyberstrategy, Deputy Defense Secretary William J. Lynn III says malicious code placed on the drive by a foreign intelligence agency uploaded itself onto a network run by the U.S. military's Central Command.

"That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control," he says in the Foreign Affairs article.

http://www.washingtonpost.com/wp-dyn/content/article/2010/08/24/AR2010082406154.html?hpid=topnews

well for what it's worth... I do some work in this area, and I can tell you that this site overall is very important to what I'm doing. It's a critical resource for me.

These are multi-service problems, with domain specific problems layered on top of them. As such, there's plenty of room to play.

Pentagon says global cyber war is just beginning

Washington, Oct. 6: The Pentagon and its NATO allies are looking at how to improve their defenses against a cyber war, but the basic question of how to define a cyber attack is complicating efforts. The Pentagon says it is rapidly preparing for cyber war in the face of alarming and growing threats. Senior defense officials said that the looming threat of sophisticated attacks has prompted them to take the striking step of investigating the feasibility of expanding NATO's collective defense tenet to include cyberspace. They, however, note that the military is struggling with some basics of warfare - including how to define exactly what, for starters, constitutes an attack, and what level of cyber attack warrants a cyber-reprisal.

*

Equally tricky, defense officials say, is how to pinpoint who is doing the attacking. And this raises further complications that go to the heart of the Pentagon's mission.

"If you don't know who to attribute an attack to, you can't retaliate against that attack," noted Lynn in a recent discussion at the Council on Foreign Relations. (ANI)

http://in.news.yahoo.com/139/20101006/364/twl-pentagon-says-global-cyber-war-is-ju_1.html

And SKYNET giggles.

That once reluctant institution GCHQ, the UK's Sigint plus agency, has in recent years carefully spoken at private meetings and now for the first time the current Director has spoken in public, at IISS in London. On a quick skim nothing startling, although others may read more productively.

Link:http://www.iiss.org/recent-key-addresses/iain-lobban-address/

The conclusion:
In conclusion I’d like to leave you with some key themes that come out of what I’ve just said.

Cyber is a real, live issue, bringing both threat and opportunity;
It’s not a narrow security issue for the spooks — but a wide economic issue that demands a holistic response.
Perhaps 80% of what we need to do is stuff we already know how to do — getting the basics of Information Assurance right will of itself raise the bar for malicious activity.
But ‘patch and pray’ will not be enough. At the national level, getting the rest of Cyber - the more difficult 20% - right will involve new technology, new partnerships, and investment in the right people.

Crucial elements within that will be:
a different approach to Government-industry partnership,
and work by academia to broaden our research base and establish the mechanisms that will develop a large body of genuine expertise in the UK.
But if we can get it right, then we have a real chance to keep our economy and our citizens secure. And, more than that, we can develop a world-class approach which potentially gives us a relative advantage — in security, military, and commercial spheres.

Media's treatment of same -


LONDON – Countries are already using cyber warfare techniques to attack each other and need to be vigilant round the clock to protect computer systems, the head of Britain's communications spy agency says. Iain Lobban, the director of the Government Communications Headquarters (GCHQ), said British government systems are targeted 1,000 times each month. "Cyberspace is contested every day, every hour, every minute, every second," he said late Tuesday in a rare speech. His remarks, to a London audience, were published Wednesday. The internet lowered "the bar for entry to the espionage game," he said. Its expansion increased the risk of disruption to infrastructure such as power stations and financial services.

http://news.yahoo.com/s/nm/us_britain_cyber;_ylt=ApvQdngLT0hYjeoEKL2R.Z.s0NUE ;_ylu=X3oDMTNrZWpxMGNjBGFzc2V0A25tLzIwMTAxMDEzL3Vz X2JyaXRhaW5fY3liZXIEY2NvZGUDbW9zdHBvcHVsYXIEY3Bvcw M0BHBvcwMxBHB0A2hvbWVfY29rZQRzZWMDeW5faGVhZGxpbmVf bGlzdARzbGsDY3liZXJ3YXJmYXJl

So, red pill or blue?

Code-cracking agency expects it is compromised
That's the basis on which National Security Agency operates daily, official says
http://www.msnbc.msn.com/id/40707699/ns/technology_and_science-security/

The National Security Agency (NSA) is conducting a counterintelligence probe at its Fort Meade, Md., headquarters in a top-secret hunt for a Russian agent, according to a former intelligence official close to the agency. (http://www.washingtontimes.com/news/2010/dec/1/inside-the-ring-843880610/)


This is really interesting to me. How do you trace a traitor?

The National Security Agency (NSA) is conducting a counterintelligence probe at its Fort Meade, Md., headquarters in a top-secret hunt for a Russian agent, according to a former intelligence official close to the agency. (http://www.washingtontimes.com/news/2010/dec/1/inside-the-ring-843880610/)


This is really interesting to me. How do you trace a traitor?

http://www.youtube.com/watch?v=QZ40WlshNwU

As NPR's Tom Gjelten explained to ATC guest host Audie Cornish, cyberwar moved way up many people's lists of important foreign policy issues this year when the director of National Intelligence for the first time "identified the danger of cyber attacks on the United States as the single, the number one greatest security threat facing the country."

There was a U.S. Cyber Command created to address that threat. What's atop its agenda in 2011, Audie asked?

http://www.npr.org/blogs/thetwo-way/2010/12/29/132442673/next-on-cyber-commands-agenda-working-with-private-sector

A succession of multiple cyber-attacks could "become a full-scale global shock" on a par with a pandemic and the collapse of the world financial system, the report by the Organisation for Economic Co-operation and Development (OECD) said.

Contingency plans to recover systems should be put in place and cybersecurity policies should "encompass the needs of all citizens and not just central government facilities", the report said.

"What should concern policy-makers are combinations of events – two different cyber-events occurring at the same time, or a cyber-event taking place during some other form of disaster or attack," the report said.

"In that eventuality, 'perfect storm' conditions could exist."

http://www.telegraph.co.uk/technology/news/8262628/Cyber-attacks-could-cause-global-catastrophe.html

Hat tip to Carl Schneier:
A new report from the OECD says the threat of cyberwar has been grossly exaggerated.

Link to report:http://www.oecd.org/dataoecd/57/44/46889922.pdf

Also worth reading is this article on cyberwar hype and how it isn't serving our national interests, with some good policy guidelines:http://www.informit.com/articles/article.aspx?p=1662328

Not an area I have any expertise and little knowledge, there plenty here though!

From the Wall Street Journal (http://online.wsj.com/article/SB124579956278644449.html)...
Is this what we need? Or are we just redrawing the organizational chart / rearranging chairs? On matters that I don't know much about... In Gates I Trust.

Thoughts on whether this new command will likely impact our preparedness and, if so, for the better?

-------------------------------------------------------------------------------------
We don't need another COCOM....we need another Service focused upon this domain versus it being a sideshow for the other 4 services.

We don't need another COCOM....we need another Service focused upon this domain versus it being a sideshow for the other 4 services.

Allen-

I think this will proceed much like the USAF began as the US Army Air Corps- initially start as a "Cyber corps" of the USAF or of CYBERCOMM, then eventually split itself off when the doctrine is more mature.

V/R,

Cliff

Allen-

I think this will proceed much like the USAF began as the US Army Air Corps- initially start as a "Cyber corps" of the USAF or of CYBERCOMM, then eventually split itself off when the doctrine is more mature.

V/R,

Cliff

------------------------------------------------------------------------------

Cliff I agree -- that said, will it take a "Billy Mitchell" figure or a Stuxnet type attack on our critical infrastructure to force such a change?

I see the Cyber Corps as a very different military --- one where "basing" is co-located within high-tech corridors/research parks, reduced PT-Grooming-Uniform standards, and possessing a significant telecommuting capability. In other words, an "extreme" functional service focused upon service to our nation, technical proficiency and adhering to core values required to maintain a security clearance. I also see a significant IG or Internal Affairs type capability given the sensitivies of their operations.

Maybe the Cyber Corps belongs in DHS? Their lone expeditionary forcible entry capability......

-------------------------------------------------------------------------------------
We don't need another COCOM....we need another Service focused upon this domain versus it being a sideshow for the other 4 services.

If Cyberspace (for warfighting purposes) is actually a DOMAIN, then, yes, you need a Service. I don't think it is. I don't believe a new Combatant Command is needed either.

I think a "Cyber Corps" is an idea that has much more merit. Or, an existing COCOM (e.g. STRATCOM), properly empowered with some Title 10 Man, Train, Equip authorities, can probably fill the bill.

What is really needed first is cogent DOD wide doctrine, from which either the Services (CyberCorps) or a Combatant Command can organize, train, and execute. Without universal terms of reference, we don't know which organizing option is appropriate.

I see the Cyber Corps as a very different military --- one where "basing" is co-located within high-tech corridors/research parks, reduced PT-Grooming-Uniform standards, and possessing a significant telecommuting capability.



Maybe the Cyber Corps belongs in DHS? Their lone expeditionary forcible entry capability......

I strongly disagree with much of this. First the grooming, PT standards stuff is completely off the mark. You're buying into a stereotype that if it ever was true likely isn't even close today. The former Sun Microsystems (now Oracle) in Boulder Colorado had more bike to work, runners, rock climbers, extreme athletes than you could imagine. They were also the high performers. Google in silicon valley is the same.

The pasty white albino Mt. Dew addict obviously is unhinged and likely bi-polar. They need not apply.

This stereotype is nearly as bad as the "I need me some young people to do this here cyber stuff" I hear general officers say. Why you want a crippled mental midget with poor math skills, fewer thinking strategies, and somebody who thinks they are a war veteran because they've payed Splinter Cell? I'd rather have a 40 something that knows where gasoline comes from, can change their spark plugs, has two or three kids, and a desire to learn. They at least have a clue and will inherently understand the soft underbelly of security systems.

I'm more concerned about net-centricity, signals, holistic security, distributed organizations, and the totality of the problem. We've done KSA assessments we know what is needed. We have training and education programs to reach that. I'm hear to tell you though a bunch of this stuff is bunkum. We protect against ancient threats that have long been disabled for battles we can't imagine with tools that are limited with processes that cripple us. The best denial of service on workers are the scripts that are run by the system administrators in your own organizations.

meh

What is really needed first is cogent DOD wide doctrine, from which either the Services (CyberCorps) or a Combatant Command can organize, train, and execute. Without universal terms of reference, we don't know which organizing option is appropriate.

What you need is FM1 for cyber. Those of us who have attempted that feat are still wondering what in the world government is trying to do. I can walk you through the basics but everybody is still stuck with "cyber is different" rather than conflict is similar what are the similarities. How is naval, land, and air warfare the same? When we added space as a domain we didn't have a Marine Corps mission in space so it was different, but there were still similarities. Instead of trying to define how cyber is different how is it similar? We're asking a lot of the wrong questions and worried about the "computer" instead of the warrior. The model is all mixed up and people are chasing their tales like rabid dogs. Look here ->relax<- this is all you need to do to get it done. But, that would break a lot of vendor rice bowls and we can't have that.

If Cyber is a domain we can use standard doctrine to fill in the holes. I did that with FM-3-24 it should be possible with FM1. I've been looking at fleet tactics, but I don't have the experience to understand some of the discussion to find the patterns of conflict necessary.

Cliff I agree -- that said, will it take a "Billy Mitchell" figure or a Stuxnet type attack on our critical infrastructure to force such a change?

I see the Cyber Corps as a very different military --- one where "basing" is co-located within high-tech corridors/research parks, reduced PT-Grooming-Uniform standards, and possessing a significant telecommuting capability. In other words, an "extreme" functional service focused upon service to our nation, technical proficiency and adhering to core values required to maintain a security clearance. I also see a significant IG or Internal Affairs type capability given the sensitivies of their operations.

Maybe the Cyber Corps belongs in DHS? Their lone expeditionary forcible entry capability......

Allen-

In short, yes, it probably would take some kind of catastrophic event to get real change in the cyber world. I don't think DHS is the right place - maybe for a domestic cyber agency but for the warfighting cyber functions they need to be in the DoD.


Brett-

The USAF already has doctrine - see AFDD 3-12 (http://www.e-publishing.af.mil/shared/media/epubs/AFDD3-12.pdf) for USAF's cyber doctrine. Cyber is a domain according to the USAF doctrine, hence why I think there may end up being a "Cyber corps" - we'll have to see. The alternative is that it remains a core competency of the USAF - much as space has. We can debate the differences based on the different characteristics of the domains ad naseum, but I think for now we won't see a cyber service.

I agree with Selil, there shouldn't be different standards for cyber-warriors than in any other fight - after all, they're still warriors. Additionally, kinetic attacks are still a part of the toolbag in affecting the cyber realm- as in if someone seizes your computer facility, destroys your electrical system, or sets off an EMP device you lose your access to the cyber domain.

I personally think that one of the big problems with cyber is that it has been fenced off due to classification, leading to a similar situation to many of the ISR platforms during the Cold War- if you're always behind the green door, it's hard to work with the other warfighters in the joint fight.

Again, the USAF is trying to fix this by merging the comm (essentially the IT functions of cyber) and cyber career fields into cyber. It will be interesting to see what happens...

V/R,

Cliff

PS - Cyberspace does have a joint definition (http://integrator.hanscom.af.mil/2008/May/05292008/05292008-24.htm) too.

I strongly disagree with much of this. First the grooming, PT standards stuff is completely off the mark. You're buying into a stereotype that if it ever was true likely isn't even close today. The former Sun Microsystems (now Oracle) in Boulder Colorado had more bike to work, runners, rock climbers, extreme athletes than you could imagine. They were also the high performers. Google in silicon valley is the same.

The pasty white albino Mt. Dew addict obviously is unhinged and likely bi-polar. They need not apply.

This stereotype is nearly as bad as the "I need me some young people to do this here cyber stuff" I hear general officers say. Why you want a crippled mental midget with poor math skills, fewer thinking strategies, and somebody who thinks they are a war veteran because they've payed Splinter Cell? I'd rather have a 40 something that knows where gasoline comes from, can change their spark plugs, has two or three kids, and a desire to learn. They at least have a clue and will inherently understand the soft underbelly of security systems.

I'm more concerned about net-centricity, signals, holistic security, distributed organizations, and the totality of the problem. We've done KSA assessments we know what is needed. We have training and education programs to reach that. I'm hear to tell you though a bunch of this stuff is bunkum. We protect against ancient threats that have long been disabled for battles we can't imagine with tools that are limited with processes that cripple us. The best denial of service on workers are the scripts that are run by the system administrators in your own organizations.

meh

-------------------------------------------------------------------------------

- Understand and appreciate your concerns.

- Relaxed PT/Grooming Standards etc. The intent was to "cast a wider net" versus exclude the overwhelming number of Americans deemed unfit for either enlistment or commissioning. Furthermore, I totally agree that most folks in this field appreciate physical fitness and having a life --- this explains why "high tech corridors" are often found in Northern California, Pacific Northwest, Boulder, hip districts in NYC close to Central Park, and other "Outside" Magazine Top XX Places to Live etc. These areas may prove more attractive than 29 Palms CA, Barksdale LA, DC Metro Area etc. for those inclined with such skills.

- I'm not with you with respect to "mental midgets" -- many of these potential recruits may not understand Clausewitz or Mahan, but they definitely "get it" with respect to Jullan Assange and his global impact.

- I'm not with you with respect to "mental midgets" -- many of these potential recruits may not understand Clausewitz or Mahan, but they definitely "get it" with respect to Jullan Assange and his global impact.

And there you floundered. Julian Assange and WIkileaks is primarily a information operation. I know y'all in DOD link and re-link cyber to IO with CNA, CNE, CND but that is kind of like linking ISR to ground warfare. It is a tool used in a set of tactics, BUT if cyber is truly a new domain like sea, air, land then you have to expect some cross linkages.

The CNE of Assange and Wikileaks was a CD-R labeled Lady Gaga and a few hours unfettered at a terminal for a likely narcissistic sycophant.

That makes your primary people who "get it" with respect to Assange and his global impact the cyber equivalent of skateboarders who get a good rail or cute trick using the furniture poorly. That doesn't make them engineers or warriors on that terrain. If cyber is a new domain then we should expect people and their shenanigans but that isn't what fighting in that domain should look like. Graffiti exists in sea (changing the Chicago River to green on St. Patty's day), air (sky writing), land (ever see a Cargill rail road car?). And, on the web (defacement of webpages). That doesn't make those things cyber warfare or really about war fighting.

Cyber must break things, and kill people, and we need people in DOD who do those things through cyber means. Whether hybridized mass casualty events using an unassociated tech to kill via cyber engagement or something else. The key words are degrade, disrupt, or destroy and they are requirements. Disruption of social processes is information operations regardless of tools. Causing the nations corn to not grow because you hacked the Monsanto genomics database is cyber terrorism/warfare.

Unfortunately I see a lot of people hiding behind various doctrine documents that aren't very well thought out, and by do so are ignoring real world capabilities that aren't fear mongering.

Cyber is greatly about the sideways attack.

Brett-

The USAF already has doctrine - see AFDD 3-12 (http://www.e-publishing.af.mil/shared/media/epubs/AFDD3-12.pdf) for USAF's cyber doctrine. Cyber is a domain according to the USAF doctrine, hence why I think there may end up being a "Cyber corps" - we'll have to see. The alternative is that it remains a core competency of the USAF - much as space has. We can debate the differences based on the different characteristics of the domains ad naseum, but I think for now we won't see a cyber service.



The cited JP 1-02 definition of cyberspace makes clear that any "Service-only" view is way too narrow to be useful. There is no codified Joint doctrine, so Service doctrine is a nice idea that only applies to the Service. There is a "Joint Test Pub 3-12" roaming about, but is mired in stakeholder dispute.

By the way, the term "cyberspace operations" is defined thus: cyberspace operations (DOD) The employment of cyber capabilities where the primary purpose is to achieve objectives in or through cyberspace. Such operations include computer network operations and activities to operate and defend the Global Information Grid.

If you are involved in cyberspace operations, you'll know that there is (still) no codified lexicon (there are several attempts but still a good deal of acrimony among the various stakeholders).

For example: The legacy terms of "Computer Network Operations" and it's attendant terms "Computer Network Attack", "-Defense" and "-Exploitation" are being replaced, redefined or mulled for revision. Terms such as "Offensive Cyberspace Operations" (OCO), "Defensive Cyberspace Operations" (DCO), and "Defense of the Global Information Grid" (DGO) are in common (if inexact) use in USCYBERCOM, USSTRATCOM, and in other Combatant Command circles.

I stand to be corrected; but absent something that's been snuck through the process in the last 72 hours, I am comfortable saying there is no doctrine.

The cited JP 1-02 definition of cyberspace makes clear that any "Service-only" view is way too narrow to be useful. There is no codified Joint doctrine, so Service doctrine is a nice idea that only applies to the Service. There is a "Joint Test Pub 3-12" roaming about, but is mired in stakeholder dispute.

Where do you think joint doctrine comes from? Joint doctrine is normally a combination of the best the various services have to offer. After all, you can't get doctrine for the unified whole if the individual parts don't know what they are doing...


By the way, the term "cyberspace operations" is defined thus: cyberspace operations (DOD) The employment of cyber capabilities where the primary purpose is to achieve objectives in or through cyberspace. Such operations include computer network operations and activities to operate and defend the Global Information Grid.

If you are involved in cyberspace operations, you'll know that there is (still) no codified lexicon (there are several attempts but still a good deal of acrimony among the various stakeholders).

I would argue that anyone that uses a DoD computer is involved in Cyber Operations. I'm not a cyber guy by trade, though - never claimed to be.


For example: The legacy terms of "Computer Network Operations" and it's attendant terms "Computer Network Attack", "-Defense" and "-Exploitation" are being replaced, redefined or mulled for revision. Terms such as "Offensive Cyberspace Operations" (OCO), "Defensive Cyberspace Operations" (DCO), and "Defense of the Global Information Grid" (DGO) are in common (if inexact) use in USCYBERCOM, USSTRATCOM, and in other Combatant Command circles.

I stand to be corrected; but absent something that's been snuck through the process in the last 72 hours, I am comfortable saying there is no doctrine.

Brett, I said the Air Force has doctrine for cyber- I posted the link to the USAF doctrine. I get the feeling you don't like it... your words indicate that you dismiss it - "any "Service-only" view is way too narrow to be useful." Yet you then say that there is no joint doctrine. Is your preferred solution for the services to ignore this domain and wait for someone to deliver the joint doctrine?

I think that joint doctrine will follow from what the service doctrine brings in. This will likely take time and be influenced by the COCOMs that you cited. That said, I don't see any harm in the services trying to work their own doctrine in the meantime.

Finally, JP 6-0's (http://www.dtic.mil/doctrine/new_pubs/jp6_0.pdf) new (10 June 2010) edition contains some pretty specific doctrine on CND and GND. Is this doctrine invalid for some reason?

I take it by your post that you're a part of the cyber world, and like I said before I'm not a cyber professional, just a dumb operator. The tone of your post initially made me feel like you're dismissing my views as a result. I'm sure that's not your intent, but that leads me back to my last post - I think one of the best things for cyber will be to integrate it with the other warfighting functions. If Cyber folks try to separate themselves from the other warfighters it will be to the detriment of our joint forces. We all work more effectively when we understand each other's capabilities and leverage our strengths to fill in our weaknesses. This doesn't happen if we use doctrine or classification to avoid integration.

The USAF Weapons School has led the way on this in other domains - space being one of the most important. I think you'll see a USAF Weapons School Cyber Division in the next few years - which will go a long way to integrating these functions in the USAF. It will be interesting to see how that plays out in the joint world.

Again, my post was not an attempt to start an argument - the thread simply asked about doctrine, and I was attempting to point out the USAF's existing doctrine. Looking forward to hearing your thoughts.

V/R,

Cliff



Definitions in joint doctrine:

CND includes actions taken to protect, monitor, analyze, detect, and respond to unauthorized activity within DOD information systems and computer networks. JP 3-0, 17 September 2006 (Incorporating Change 1 13 February 2008), pg 3-27.

computer network defense. Actions taken to protect, monitor, analyze, detect, and respond to unauthorized activity within the Department of Defense information systems and computer networks. Also called CND. (JP 6-0) JP 3-0, 17 September 2006 (Incorporating Change 1 13 February 2008), pg GL-10.

Computer Network Defense (CND). Actions taken to protect, monitor, analyze, detect, and respond to unauthorized activity within DOD information systems and computer networks. CND also employs intelligence, counterintelligence, law enforcement, and other military capabilities to defend DOD information and computer networks. CND employs IA capabilities to respond to unauthorized activity within DOD information systems and computer networks in response to a CND alert or threat information. DOD’s CND mission is global and focuses on protection and defense of DOD’s interconnected systems and networks. To protect the communications system, CND measures are employed with a defense-in-depth strategy.
JP 6-0, Joint Communications System, 10 June 2010, pg I-11-I-12.

Cyberspace is a global domain within the information environment consisting of the interdependent network of information technology (IT) infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. Cyberspace threats are a real and imminent danger to GIG operations and information. Information is crucial to the success of joint and multinational operations. Information is also a critical instrument of national power, and the ability to achieve and maintain an advantage in cyberspace is crucial to national security. The GIG through cyberspace provides the valuable service of assured information transport, storage, and delivery for the owners and authorized users of the information. Networks and network operations (NETOPS) are the means by which DOD manages the flow of information over the GIG. Because all DOD components need the ability to operate unhindered in cyberspace, this presents a unique challenge. We are not the sole users or occupants of cyberspace nor is our participation isolated or without the presence of sophisticated adversaries who challenge us daily. Our joint forces, mission partners, and first responders demand communications that are not only secure, but also flexible enough to meet the ever-changing requirements demanded by joint and multinational operations.
JP 6-0, Joint Communications System, 10 June 2010, pg I-6-I-7.

Global Information Grid (GIG) Network Defense (GND) isn't in the definitions section but is discussed in JP 6-0, Pg 4-6.

- Assange's cyberattack left many dead or targeted in its wake with blood on his hands. If that's not ".... break[ing] things, and kill[ing] people .... through cyber means" then please provide a concrete example.

Cliff:
I'm in the process of talking to pretty much every stakeholder entity over the next few months. I am currently helping build curriculum for a Joint Cyberspace Operations Planners Course. The doctrine - and more importantly, the consensus on what doctrine should be - simply ain't there.

I am not a cyber "operator", per se (although I did serve as a Signal Officer for a good part of my career). I can say I'm pretty agnostic. It is fun to watch the constituencies maneuver to gain some degree of primacy in this burgeoning world. Whatever the final definitions are, they will carve out a rather challenging new field of endeavors.

Please don't recite the JP definitions unless you have the current context. If you read what I posted, you'd recall that those terms (currently codified in doctrine) are being challenged, rethought, and/or subsumed. The definitions were sufficient until it was decided to designate cyberspace a warfighting domain.

The problems are huge; the word "domain" as applied to cyberspace is creating all sorts of second and third order problems (from a JSCP/Unified Command Plan perspective). Important things such as authorities, lines of command and control, forces, what is "maneuver, etc are all being challeged and rethought. And this is an area where defense will be preeminent; with "offense" and "weapons" having to be rather significantly rethought as compared to traditional use. "Attack" and "response" have different meanings and different authorities.

It gets even more touchy when you discuss where IO ends and "cyberspace ops" begins. For example, how much of cyberspace ops is "content" vs merely technology? That's the stuff that is causing much venting of spleens and shoe-throwing in some quarters.

Where we agree:
Considering the Weapons Schools program is nascent - essentially just started this month - I'd hardly call that "out front". However, the programs that AFIT is running at Wright-Patterson AFB are probably the example that better makes your point.

I agree that that Cyberspace cannot be thought of monolithically. It may be that even DoD is too narrow a scope, but that's a conversation for a different day (preferably with adult beverages about). :)

Brett:

Great post....w/respect to your "problems are huge" laundry list: perhaps consider network O&M stakeholders.....the equivalent of an assigned AO! Best of luck w/your doctrine curriculum!

- Assange's cyberattack left many dead or targeted in its wake with blood on his hands. If that's not ".... break[ing] things, and kill[ing] people .... through cyber means" then please provide a concrete example.

What evidence to death or "blood on his hands" do you have? I'm not excusing his efforts just don't see the hysteria at this point.

You're also missing a critical point. If the cables had been published in the New York Times (al la Pentagon Papers) then you'd admit no cyber component. Though Wikileaks brushes up against cyber-espionage the mere use of the Internet does not/should not make it cyber war/terrorism. You could make the argument that the arrest of certain people are impacts of Wikileaks, but then how is it different from publishing them above the fold on the NYTimes?

I am fully aware that there is a logical fallacy in the previous. If you take it apart and look at terrain functional elements. If it exists in land warfare/espionage/on the front page of the New York Times, it should as an element also exist in cyber, and conversely the opposite is also likely required to be true (where the fallacy lies).

The question is... IS the effort to label Wikileaks as cyber warfare based on the effect or the tactics used? Would you label a really big explosion armor warfare, because it blew up like a tank would blow something up, even if none was involved?

Solar Sunrise is a really good idea of cyber-espionage rising to cyber-warfare as it directly impacted the plans for a possible war. Yet it was a couple of teenagers and a foreign national. The effect on national interests was much more dramatic than even Wikileaks yet nobody was calling it cyber warfare, and most unclass reports I've seen put it at the annoyance level.

You've identified a specific issue. If killing people and breaking things is the requirement (Parks, Duggan, and a bunch of others set that requirement not me) then cyber has some ways to go. There aren't very many examples we can talk about then.

Can't compete until I learn more about "Solar Sunrise" -- good stuff, thanks.

Can't compete until I learn more about "Solar Sunrise" -- good stuff, thanks.

That's the trap Allen. Don't get hung up on the super tech stuff. There are geeks for that.

The problem we have is the lack of real thinking about what is really new and what is merely additional capabilities.

This may be a good time to introduce the hydration/drinking game I've come up with as i've delved into this burgeoning Cyberspace thing...

As you read an article, book, or post on the topic and come across any word with the prefix or modified "cyber", take a drink (water, adult beverage, etc). It is guaranteed to keep you well hydrated (or get your blood-alcohol count up) in a jiffy. :D <The word "Cyberspace" itself is exempt.>

Right now, my favorite "cyber" appellation is "Cyber hygiene". :D

Can't compete until I learn more about "Solar Sunrise" -- good stuff, thanks.

Nothing to compete on. Here is a video done by the FBI on Solar Sunrise (YouTube 18 minutes) (http://www.youtube.com/watch?v=bOr5CtqYnsA).

That's the trap Allen. Don't get hung up on the super tech stuff. There are geeks for that.

The problem we have is the lack of real thinking about what is really new and what is merely additional capabilities.

From my discussions with COCOMS they want to know what threats exist, what the nature of those threats are (who, what, where, why), and what they need to mitigate those threats. Then if they have time they'd like to know what their real capabilities are going to be in response, in advantage, and how those integrate into situational awareness and tactical planning.

Now I'm not military or a DOD civilian. I'm a prof at a research institution so my perspective requires some translation. What I have done is work in industry at a global scale on what the military calls the GIG. I have seen different communities focus on specific aspects of the cyber arena because the whole picture is rather daunting. It leads to exploitation from side channels that they excluded, and often leads to surprises.

The information layer where cognitive and communicative processes are found is layered on to a logical layer, that then is layered on a physical layer, that then is dependent on a systems of systems layer (infrastructure support layer). Command and control activities, hacktivism, information operations, and much of what you find currently in doctrinal statements are all in that information layer of cyber space. No different than land and cohesively conjoined with land, air, sea and space activities.

The logical layer is where denial of service attacks and much of the "hacking" of systems for exploitation and espionage at the information layer occurs. It is a highly resilient networked structure that is inclusive of end point devices and conduits that effectively heal themselves as interruptions occur. Underlying that though is the physical layer which is extremely vulnerable. There are only so many landing points for undersea cables. That layer is then very dependent on the electrical grid, which is also dependent on the information layers way high above it. A toppling hierarchy of system of systems is the result.

So, if you're a COCOM talking to your spooky NSA or CIA guy about why they just don't hack the bad guy. It might be very hard to understand self degrading network access due to self imposed denial of service. Or, impacting intelligence gathering at the information layer through kinetic denial of service.

Then you have to explain the difference between an information operation, versus a CNA, CNE, CND effort and why none of these things work 100 percent of the time. What military maneuver, weapon system, or tactic works 100 percent of the time? Why do military leaders expect cyber to suddenly be perfect in a world of imperfection? The COCOMS seem to want to understand more of what is possible. The spooky guys aren't going to give up their tools easily, but they also don't want to express how hard CNE is when the N is an airgap.

Then there are internal military arguments over signals versus cyber versus electronic warfare versus information operations versus... well what ever stake holder is crying for money. In my world I can ignore all of those political frictions and focus on operational strategies and tactical capabilities. Which is exactly why so many attacks work against military targets and other hard targets that shouldn't work.

Lots of work for those who want it.

Hey gang... although this is my first post here (excluding my hail and farewell), I've been thinking, teaching, reading, and writing about many of these topics for the last 4-5 years now.

In that time, I've watched people argue (sometimes fanatically) about definitions (what is cyberspace, who is a cyber operator, etc.), organizational structures (who's in charge, or who should be), whether cyberspace is truly a domain (in the same sense as air, land, sea and space), and do we need a new military service specifically dedicated to cyberspace.

These discussions almost inevitably boil down to resources -- people, orgs and money. You can define cyberspace however you like, but as soon as your definition appears threatening to someone else, the antibodies all come out and start fighting.

Many Air Force leaders like to talk about how we are in the 1920s at the dawn of air power. Back then, air power advocates were developing theories about how wars might be fought in the air environment -- some of these theories panned out, while others didn't work out so well. But it wasn't until after WWII that the Air Force was recognized as a separate service. Unfortunately far too many "cyberspace debates" tend to revolve around who's in charge rather than "so how do we fight in this domain?"

One area in which we are woefully lacking is theory on how to wield power in cyberspace. As Brett said earlier, we really don't have much in the way of doctrine. Others have pushed back when I say this quoting me JP 3-13, Information Operations. But the focus of IO is on decision making and not about control of a domain. Gen Alexander had a good article on this several years ago in Joint Force Quarterly. The AF produced AFDD 3-12 specifically looking at cyberspace as a domain -- it is not a perfect document by any means, but it's a start. I am very curious to see what the other services come up with.

As Sam Liles wrote in one of his posts -- cyber is different, but conflict is similar. I could not agree more. How do principles of warfare apply in cyberspace? What about operational art -- maneuver, fires, key terrain, decisive points, interior/exterior lines, etc. -- do these concepts apply to cyberspace? Why or why not? What doctrinal nuggets and principles can we draw from the other domains as we figure out what a theory of cyber power might look like? I believe the Air Force is to some extent trying to make cyberspace fit into its air and space paradigm -- which is quite evident in AFDD 3-12. But perhaps there are similarities with the land and maritime domains that can be used to develop our understanding of cyberspace. Cyberspace is inherently a joint (and interagency) problem.

While I see cyberspace as a distinct domain, I also think you can't divorce it entirely from the other domains. We created cyberspace to enable business processes and improve our effectiveness in other domains. We did not build networks to employ IT people or to give us a new place in which to fight -- we built them to facilitate information processing. For this reason, I don't really see a new military service branch because all of the services care about cyberspace. It is both a warfighting and a utility domain, so ownership (however that is defined) will be shared to some extent.

One last point before I hit post and wait for the flaming arrows (as an academic, I've had to develop thick skin :))... One of my former students and I were trying to get a paper published on some approaches to operational targeting. The paper was rejected because a subject matter expert told the editor that our paper didn't describe "how they really do things." I thought that was quite interesting for a couple of reasons: (1) there was nothing in the open literature about "how they do things", (2) "how they do things" is apparently good enough, and there's no need to discuss further. Contrast this with the VOLUMES of articles talking about nuclear deterrence, strategic bombing, air campaign planning, land warfare, etc. We ultimately published the paper in a different venue and received good feedback. So even the experts disagree, which is why we need more academic research, publishing and discourse in these areas.

cheers
Bob

Nothing to compete on. Here is a video done by the FBI on Solar Sunrise (YouTube 18 minutes) (http://www.youtube.com/watch?v=bOr5CtqYnsA).
Thanks...I'll download and reengage.

RMILLS:

I agree with you in that making a bold move comes
..down to resources -- people, orgs and money. You can define cyberspace however you like, but as soon as your definition appears threatening to someone else, the antibodies all come out and start fighting.

This is precisely why I think a successful attack on our "Commercial" versus USG Critical Infrastructure would incite our nation's demand for either a military or USG service dedicated to this domain. WWII begot the Air Force, Eagle Claw begot SOCOM, 9/11 begot the DHS etc.

WWII begot the Air Force, Eagle Claw begot SOCOM, 9/11 begot the DHS etc.How have all those worked out for us... :D

Forgive the snark, too good to pass up. Snark aside, your assertion is almost certainly correct. CyCom has a nice ring to it.

How have all those worked out for us... :D

Forgive the snark, too good to pass up. Snark aside, your assertion is almost certainly correct. CyCom has a nice ring to it.

Funny. Unhelpful, but funny.

One the one hand we have one camp that takes itself too seriously, failing to remember past efforts and trying to recreate the wheel.

We have a second camp that is too smart by half, and everything is a joke. No constructive inputs - just waiting to defecate on any idea because that's what they do.

The problem, as I see it unfolding, is the word "domain" as applied by the military lexicon. That word begets far more things than either the zealots appreciate or the nay-sayers consider. Until there is useful doctrine, and an agreed-to lexicon, all these "cyber" discussions are so much unreclaimed hot air (and it's typing equivalent).

So many entities want to "do something" - yet they can't even define what it is they want to accomplish; just that they want the $$ and the control.

This is precisely why I think a successful attack on our "Commercial" versus USG Critical Infrastructure would incite our nation's demand for either a military or USG service dedicated to this domain. WWII begot the Air Force, Eagle Claw begot SOCOM, 9/11 begot the DHS etc.

(Emphasis added)

To properly address this, I would offer that it would have to be a Cabinet level position on par with State, DOD, etc. "Cyberspace" either transcends all the other domains (since it requires aspects of the other domains to exist), or it is actually merely a series of (very important, although different) tasks (i.e "cyberspace operations") which are executed simultaneously within each of the other domains. (For want of a term, a 4th Dimension, vice a 5th or 6th Generation, of "warfare" (sic).

BJP

The question is... IS the effort to label Wikileaks as cyber warfare based on the effect or the tactics used? Would you label a really big explosion armor warfare, because it blew up like a tank would blow something up, even if none was involved?
...

You've identified a specific issue. If killing people and breaking things is the requirement (Parks, Duggan, and a bunch of others set that requirement not me) then cyber has some ways to go. There aren't very many examples we can talk about then.

I consider it to be IO that borders on warfare. Assange's stated goals have been effects that are easily associated with warfare.

I take breaking things as a means to accomplish other goals. It's frequently a more effective method than just removing information to change things. Quite often, I'd say normally even, people do not think about the possibility of damage and ruin on hardware. Stuxnet has changed some of that `in the box' thinking, but less so than I expected too. It's a hard framework of thinking about technology to break though because frequently it's damned hard to get technology to do what you want, much less what's normally not wanted.

...

One last point before I hit post and wait for the flaming arrows (as an academic, I've had to develop thick skin :))... One of my former students and I were trying to get a paper published on some approaches to operational targeting. The paper was rejected because a subject matter expert told the editor that our paper didn't describe "how they really do things." I thought that was quite interesting for a couple of reasons: (1) there was nothing in the open literature about "how they do things", (2) "how they do things" is apparently good enough, and there's no need to discuss further. Contrast this with the VOLUMES of articles talking about nuclear deterrence, strategic bombing, air campaign planning, land warfare, etc. We ultimately published the paper in a different venue and received good feedback. So even the experts disagree, which is why we need more academic research, publishing and discourse in these areas.

cheers
Bob

Bob, one thing I can recommend is not to pay any attention to the "how they do things" people more than whatever content they offer. Way too often the reality is that they're speaking of how they think they might do things, not in fact how they actually do things. That because they never actually do any of it.

If they are really so good as they want to claim, why is it that it took my friends and I to literally invent hacktivism by way of one example. I will readily grant that I wish Assange wasn't a complete ass hat, but years of arguing about ethical extremism has been like arguing with a stone wall too. This is way more of a self-fulfilling prophecy than anyone seems to understand. The idea of 'what would you do if?' with respect to the more decent nations of the world is not a new question for the guy. Nor are the resulting arguments anything new to him either. Irrespective of the mess he's made, there's huge heaps of online activism going on that's missed by people distracted by other events. Most nations have been very, very slow to develop ways to facilitate useful hacktivism, as well as deal with hostile activity. It's clearly an area that the US for instance is still lurching around with, that over a decade after the first serious promotions of hacktivism were done.

Non-IO activities are in some respects in an equally sad state, and that's part of the reason why there's more focus on it now than ever before. So much of that "how they do things" BS has been flying around unchallenged for so long it's landed us in a very obviously woeful state. So when people come off with that completely self serving drivel, it's useful to note that they're the ones responsible for the very mess we're now trying to be more realistic about. Here's a clue though, no one gives a damn about the "how they do things" when they're your opponent. They care about what they can do, not what you're vaguely claiming you could do, but never will. These are NOT nuclear arms, and if you run around treating them as if they're some icon in a high temple that should never be removed from the altar, I'm going to laugh at your constant lack of results. The result of that sort of thinking & (in)action is that well now the US & other countries are stuck with a huge developmental deficit. The results of that kind of attitude do way more harm than good, and that at this point is a proven fact.

Nasdaq OMX, the global exchange operator, said it had been targeted by hackers who breached its system but did not compromise its trading operations.

The attack is the most recent in a string of worrying events, including attacks on Europe’s carbon trading market, but early evidence suggested that it was possibly related to corporate espionage rather than a cyberattack on the US financial market.

http://www.ft.comLink provided in next post

http://www.ft.com

Not in that url, but rather since, NASDAQ has stated that there was malware planted:
http://www.theregister.co.uk/2011/02/07/nasdaq_malware_breach/

We have a very long way to go to step up our game. From a national security perspective, this is made of fail. The sad thing is, this is how we do things. These are the results that are generated by how we do things. We need to change our culture, and change our strategies.

http://armedservices.house.gov/index.cfm/hearings?ContentRecord_id=90d8a16a-23b7-4b9c-a732-cb10ab20e579

I find it interesting that the witness panel only consists of industry and educational leaders. I would think that some other gov't reps would be there as well -- whether from DoD, DHS, FBI, etc. Granted, GEN Alexander has spent quite a bit of time on the Hill as part of his own confirmation hearings, so perhaps this is their attempt to get non-DoD perspectives.

I also wonder if a better question to be asked at this point is "what should be the Government's role" as opposed to DoD's role. National cyberspace defense will require a whole of gov't approach.

RMILLS:
This is precisely why I think a successful attack on our "Commercial" versus USG Critical Infrastructure would incite our nation's demand for either a military or USG service dedicated to this domain. WWII begot the Air Force, Eagle Claw begot SOCOM, 9/11 begot the DHS etc.

I suspect you are right, Allen. In my dream world, Governments would recognize risks and take action beforehand to mitigate them (e.g., strategy=ends, ways and means). Instead, we wait until something bad happens, point fingers, commission studies to look at the problem, create new organizations, and spend gobs of money after the fact (which is the antithesis of strategy).

I also wonder if a better question to be asked at this point is "what should be the Government's role" as opposed to DoD's role. National cyberspace defense will require a whole of gov't approach.

That, sir, is the spot-on question. Especially so, considering the listed slate of speakers. Curious how they are properly credentialed to answer so specific a question (like "DOD").

Yes, with a broad "Government" role defined, DODs role would properly derive.

I'd offer that it will require far more than merely an "approach". Rather, it will require a truly "all-hands-on-deck" orchestrated way of conducting business.

I'd offer that it will require far more than merely an "approach". Rather, it will require a truly "all-hands-on-deck" orchestrated way of conducting business.

I agree, but I'm not sure how to deal with some of the witless & tiresome turf battles that usually go with those types of efforts. We can't afford them anymore, and they're one aspect of dealing with these problems that's been pretty persistently an issue. The only thing I can come up with to deal with that aspect of the 'whole government' problem is to change the ground rules some to bias decisions in favor of provable examples of capacity for creating results with these problems. I know that type of approach would cut out some of the claims of being able to do everything while producing nothing, as well as probably cause some pain as ambitions & sugarplum visions hit the hard wall of 'what are your past results?'.

This is a realm where people respect the doing, not the fancy smack talking. We've had over a decade of a lot of talking without enough doing, without the results we need, and that has to change.

http://news.yahoo.com/s/ap/20110210/ap_on_hi_te/as_china_us_cyberattacks


BEIJING – Hackers operating from China stole sensitive information from Western oil companies, a U.S. security firm reported Thursday, adding to complaints about pervasive Internet crime traced to the country.
The report by McAfee Inc. did not identify the companies but said the "coordinated, covert and targeted" attacks began in November 2009 and targeted computers of oil and gas companies in the United States, Taiwan, Greece and Kazakhstan. It said the attackers stole information on operations, bidding for oil fields and financing.
"We have identified the tools, techniques, and network activities used in these continuing attacks — which we have dubbed Night Dragon — as originating primarily in China," said the report.

"We have identified the tools, techniques, and network activities used in these continuing attacks — which we have dubbed Night Dragon — as originating primarily in China," said the report.


Things are as usual getting fuzzy afterward though... You can see from the following urls there's spin & weaseling going on. Wen Weiping doesn't bother to address the issue of what types of malware were used, and that they were of Chinese origin, & popular there. That's obviously rather a bit too convenient.

http://english.cri.cn/6909/2011/02/12/1461s620380.htm

http://www.ibtimes.com/articles/111846/20110213/china-hacking-us-oil-companies-cyberspying-mcafee-report-government-sensitive-information-interllige.htm

WASHINGTON (AP) — The Pentagon's Cyber Command has shut down Defense Department workers' access to popular streaming video websites including YouTube, Amazon, and Googlevideo. Officials say the tremendous demand to see the Japan earthquake is eating up bandwidth already weakened by Internet problems in that part of the world.

http://hosted2.ap.org/apdefault/54828a5e8d9d48b7ba8b94ba38a9ef22/Article_2011-03-14-Pentagon-Websites/id-2a4bf06a43104049a4e1f0dd3fdd8b74?loc=interstitials kip

So, a natural disaster would be a good time to launch a sneak attack.

The threat of cyber-war (http://www.fastcompany.com/1738262/germany-goes-to-cyber-war)--and of a catastrophic hacker attack to Germany's industrial or military infrastructure--is spurring the creation of two new high-level government organizations.


The Federal Republic of Germany has just released a comprehensive cyber-security strategy (http://www.bmi.bund.de/SharedDocs/Downloads/DE/Themen/OED_Verwaltung/Informationsgesellschaft/cyber_eng.pdf?__blob=publicationFile) [PDF] that will create two high-level government agencies devoted exclusively to cyber-war. Germany's move to mobilize for cyber-war is one of the boldest Internet decisions made by a European power in years.

Stan,

KoW has comprehensively reviewed the proposal:http://kingsofwar.org.uk/2011/03/germanys-cyber-security-strategy/