Page 1 of 8 123 ... LastLast
Results 1 to 20 of 151

Thread: USAF Cyber Command (catch all)

  1. #1
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default Air Force moving ahead with Cyber Command

    The Air Force is moving ahead with work on the cyber command (LINK).


    Air Force moving ahead with Cyber Command

    The Air Force is moving ahead on establishing its new Cyber Command, searching for permanent facilities and planning meetings to establish rules by which it will operate, according to Air Force officials.

    In September, the Air Force announced it would establish a Cyber Command to prepare for fighting wars in cyberspace by defending national computer networks running critical operations and to attack adversaries computer networks.

    The Air Force now operates a Provisional Cyberspace Command at Barksdale Air Force Base in northwest Louisiana. Its vice commander, Col. Anthony Buntyn, said the provisional command is solely involved with "standing up the permanent command," meaning it is developing a structure, finding a location for the base and hiring and training staff. Buntyn spoke this week at the Armed Forces Communications and Electronics Association's annual Air Force IT Day in Vienna, Va.
    Besides the fact they are going to be having a meeting at Maxwell AFB a site of dubious consideration (see other posts in SWC for more on this), the Air Force is standing up this command in a vacuum. We have the NSA, the FBI, the CIA, and a host of other federal agencies and councils that deal with cyber warfare. I'm not suggesting this is a bad idea, but it is a strange idea. I really wish they would drop the word cyber from warfare too.

    Besides the obvious overlap and repetition of effort the military is an interesting entity to be attempting the most flexible thinking form of war in repelling a cyber attack. The article refers to suits and ties being more prevalent when Mountain Dew and "Mountain Man Chocolate" would be more appropriate.

    Cyber warfare by definition is almost always an asymmetric form of warfare. Cyber warfare draws on all of the thinking of perpetrating and protecting from an insurgent or guerilla form of warfare. The attacker in cyber-warfare uses the enemies strengths and tools to defeat him. The counter insurgent is required to assess the goals and methods of the attacker and close if not disrupt the patterns of attack. Due to the asymmetric nature of this form of warfare doctrinal and normal warfare strategies will fail to stop the insurgent.

    In an interesting twist the Westphalian concept of a nation state will come back to haunt those nations when the cyber adversary has the means and will to attack the nation state. The concepts of Westphalian peace specifically set roles for nations that hamper specifying a particular person as an enemy rather than the nation-state sponsor. When there is no nation state sponsor the treaties and agreements fall like a house of cards. (I have a paper pending on this topic).

    Cyber warfare as a militarized arm promotes an idea that the nation may be at war (as constitutionally mandated) when instead it is at odds with a variety of assailants some of whom may be totally unaware. Since infrastructures can be taken over and used without the knowledge of the owner (including countries) a huge political issues exists. Here again the concepts of counter insurgency inform us for the future on how to deal with non-state actors operating out of friendly or victimized countries. Diplomacy is a sliding scale of force and persuasion. We have to work with the people who possibly may have harmed us as unwitting dens of insurgent operations.

    We as a nation don’t have a good “rules of engagement” in cyber warfare and our understanding of the international relations and climate is severely hampered by our current conflicts. The military does have some good people at the different academies who can inform them on technical aspects of cyber warfare. There are people at the NSA sanction NSF funded Centers of Academic Excellence. Historically though few academics have studies offensive weaponization of cyber space and even fewer understand the military mind set.

    It will be interesting to follow the different aspects of this story as it moves forward.
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  2. #2
    Council Member Stan's Avatar
    Join Date
    Dec 2006
    Location
    Estonia
    Posts
    3,817

    Default

    Great catch, Sam !
    The Estonians will be working with the 8th Air Force and pointed me to this site for Cyberspace Trust, Careers, Battlespace and Cyberspace


    Quote Originally Posted by selil View Post
    The Air Force is moving ahead with work on the cyber command (LINK).

  3. #3
    Moderator Steve Blair's Avatar
    Join Date
    Oct 2005
    Location
    Montana
    Posts
    3,195

    Default

    I knew this was in the works, since one of our NCOs is trying to get back to Barksdale to join the provisional command. Interesting stuff.
    "On the plains and mountains of the American West, the United States Army had once learned everything there was to learn about hit-and-run tactics and guerrilla warfare."
    T.R. Fehrenbach This Kind of War

  4. #4
    Council Member slapout9's Avatar
    Join Date
    Dec 2005
    Posts
    4,818

    Default

    Besides the fact they are going to be having a meeting at Maxwell AFB a site of dubious consideration (see other posts in SWC for more on this), Posted by selil

    I keep telling you guys Slapout,Al. is the Cultural Center of The Universe If you think 4GW is something wait till you SBW... Slapout Based Warfare
    Last edited by slapout9; 12-08-2007 at 07:33 PM. Reason: fix quote

  5. #5
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default

    The Air Force is way ahead of everybody else on this. Though I have two army LT's that are being asked if they want to go visit USAF brethern (Their both information security specialists).
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  6. #6
    Council Member slapout9's Avatar
    Join Date
    Dec 2005
    Posts
    4,818

    Default

    Another article on AF Cyber warfare.

    http://www.afa.org/magazine/nov2007/1107edit.asp

  7. #7
    Banned
    Join Date
    Jun 2007
    Location
    Poulsbo, WA
    Posts
    252

    Default

    Quote Originally Posted by selil View Post
    The Air Force is way ahead of everybody else on this. Though I have two army LT's that are being asked if they want to go visit USAF brethern (Their both information security specialists).
    "New Cyber Command to be Huge Business Opportunity"

    "There's going to be a huge contracting requirement," said Maj. Gen. Charles Ickes II, Air National Guard special assistant to the deputy chief of staff for operations, plans and requirements.

    "I don't think anyone can tell you how big," he told the Northern Virginia chapter of the Armed Forces Communications and Electronics Association's Air Force information technology conference Dec. 5."

    "Ickes, Santee and Col. Anthony Buntyn, the cyber command vice chief who is expecting his first star, said the Air Force will look to industry to provide "tools" for "real-time" processing and dissemination of attack information."

  8. #8
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default Cyber Warfare and the New Airforce Command (COIN ON THE INTERNET)

    Trying to create a catch all thread.
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  9. #9
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default Cyber warfare a major challenge, DOD official says

    The ramp up and media blitz to justifying the Air Force Cyber command has began.

    March 4, 2008 LINK TO STORY

    (Media-Newswire.com) - 3/4/2008 - WASHINGTON ( AFPN ) -- Deputy Defense Secretary Gordon England is the latest government official to express concern about the United States' cyberspace vulnerabilities.

    "Cyber warfare is already here," said Mr. England. "It's one of our major challenges."

    Describing the new battlefront, the deputy secretary said, "I think cyber attacks are probably analogous to the first time, way back when people had bows and arrows and spears, and somebody showed up with gunpowder and everybody said, 'Wow. What was that?'"

    Mr. England, speaking to an audience Mar. 3 gathered here for a Veterans of Foreign Wars conference, noted that President Bush addressed the threat by establishing a task force to coordinate U.S. government efforts to safeguard computers against cyber attacks.

    In addition, the United States and other NATO allies are expected to address the issue of cyber defense when the 20th NATO summit convenes in Bucharest, Romania, in early April.

    Estonia, a NATO member, was victimized by a series of data-flooding attacks last year that brought down the Web sites of several daily newspapers and forced Estonia's largest bank to shut down its online banking network.

    "Estonia happens to be very advanced, in terms of networks in their country," Mr. England said. "So a strength was turned into a vulnerability."

    Last week, the Pentagon's top intelligence official today told a Senate committee that cyber threats are contributing to the "unusually complex" security environment the United States faces.

    "A global military trend of concern is ... the sophisticated ability of select nations and non-state groups to exploit and perhaps target for attack our computer networks," Army Lt. Gen. Michael D. Maples, director of the Defense Intelligence Agency, told the Senate Armed Services Committee on Feb. 27.

    Joining the Pentagon's top intelligence official at the hearing on current and future threats facing the United States was the director of national intelligence, retired Navy Vice Adm. John M. "Mike" McConnell. Asked by senators about cyber threats, Admiral McConnell said, "We're not prepared to deal with it."

    "The United States information infrastructure, including telecommunications and computer networks and systems, and most importantly the data that reside on these systems is critical to virtually every aspect of our modern life," he continued. "Threats to our intelligence infrastructure are an important focus of this community."

    Admiral McConnell said China, Russia and possibly other nation-states have been assessed as being capable of collecting or exploiting data held on U.S. information systems.


    More at the LINK
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  10. #10
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default Repressive regimes are prepared for cyberwar

    This is an interesting take on propaganda and information warfare though titled cyber warfare. It is interesting to note the intersection of free speech and the Internet which has been becoming much more frequent.

    Link to full story

    Last week, a Chinese court sent Chen Shuqing, a dissident internet writer, to jail for four years on charges of subversion. Meanwhile, in the northern Russian city of Syktyvkar, 21-year-old blogger Savva Terentyev is looking at two years in prison for making a derogatory comment about the police in an online diary.

    Two disparate cases, thousands of miles apart, that send a very clear message about how ruthlessly China and Russia are patrolling their internet borders. This vigilance could serve as useful preparation for cyber war, an increasingly important battlefield where the West risks being overwhelmed.
    The internet is a conduit of free speech but also a weapons delivery system. Authoritarian regimes have had to develop defences against the internet to stem the flow of independent thought.

    And having learnt how to defend themselves, these states are well- versed in techniques that can be deployed against other nations.

    In China any politically sensitive material is blocked by a complex firewall called jindun gongcheng, the Golden Shield. It prevents Chinese citizens in internet cafes from logging onto anything potentially subversive, like a blog supporting independence in Tibet or Taiwan. Vietnam, Saudi Arabia and Tunisia use similar shields. China's shield is so sophisticated at blocking inbound traffic it could one day be used to block incoming cyber-attacks.

    Link to full story

    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  11. #11
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default E-games to test infrastructure security

    It is interesting to note the kind of fear mongering and reliance on service disruption to describe cyber warfare. Few if any are looking at the other elements such as confidentiality being exploited. Imagine if all the politicos in Washington had their medical records exposed? Considering the security services any asymmetric attack against a nation using computers is going to have to be through more than one vector.

    Link to full story

    March 6, 2008

    Australia will join global counter-terrorism war games to test the security of vital resources including dams, power stations, telephone exchanges and banks.

    Attorney-General Robert McClelland will announce the federal government's involvement in Cyberstorm II.

    "Governments that take national security seriously can't turn a blind eye to the threat of cyber-terrorism," Mr McClelland said.

    Cyberstorm II will run from March 10 for five days and will also involve security officials and businesses from the US, UK, Canada and New Zealand.

    "The exercise will be useful in identifying areas in Australia's national security architecture that may require further development," Mr McClelland said.

    Confirmation of Australia's involvement in Cyberstorm II comes as the US Department of Defence ratchets up its concerns about cyber-terrorism.

    "Cyber warfare is already here," Deputy Defence Secretary Gordon England said earlier this week.

    "It's one of our major challenges."

    "I think cyber attacks are probably analogous to the first time, way back when people had bows and arrows and spears, and somebody showed up with gunpowder and everybody said, 'Wow. What was that?'"

    The first Cyberstorm drill in 2006 forced a host of international intelligence agencies to face multiple fictitious attacks at one time.

    Washington's subway trains shut down. Seaport computers in New York went dark and a mysterious liquid was found on London's Tube.

    The laundry list of fictional catastrophes, which included hundreds of people on "No Fly" lists arriving suddenly at US airport ticket counters, is significant because it suggests what kind of real-world trouble keeps allied security forces awake at night.

    The $US3 million ($A3.22 million), invitation-only war game simulated what the US described as plausible attacks over five days in February 2006 against the technology industry, transportation lines and energy utilities by anti-globalisation hacker


    Link to full story
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  12. #12
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default Analysis: DHS stages cyberwar exercise

    A good over view of Cyber Storm II and good read out on Cyber Storm 1. But ,unfortunately it will be primarily a table top exercise with limited real world problems (only a few systems according to the article will actually be attacked). The illuminates the issues of training in this type of environment. Few if any people would suggest soldiers should be sent into combat having never fired real bullets, never ran around the range, done a confidence course, or otherwise simulate combat environments. Yet when it comes to computers we do exactly that in the training and evaluation.




    More at the LINK

    WASHINGTON, March 10 (UPI) -- Officials from 18 federal agencies, nine states, four foreign governments and more than three dozen private companies will take part in a cyberwar exercise staged by the U.S. Department of Homeland Security this week.

    The war game, codenamed Cyber Storm II, will run Monday to Thursday, based at U.S. Secret Service headquarters in Washington. It is the second DHS biannual cyber-exercise, designed to test the ability of federal agencies and their partners in state, local and foreign governments and the private sector to respond to and recover from cyberattacks on their computer networks.

    "The goal of Cyber Storm II is to examine the processes, procedures, tools, and organizational response to a multi-sector coordinated attack through, and on, the global cyber infrastructure," says a fact sheet from the department.

    Details of the planning for the event are closely held, in part to avoid tipping off participants. The fact sheet says only that the exercise -- the culmination of more than 18 months of planning led by DHS' National Cyber Security Division -- will simulate a series of coordinated physical and cyberattacks on IT and communications systems and chemical, rail and pipeline infrastructure.

    The attacker is not identified, but has "a specific political and economic agenda," says the fact sheet. In the last Cyber Storm exercise in 2006, the enemy was an anarchistic coalition of "hacktivists" -- politically motivated hackers -- called the Worldwide Anti-Globalization Alliance, joined by a number of "independent actors."

    In the scenario, the attackers penetrated state health records' databases, attacked Federal Aviation Administration systems and defaced newspaper sites.

    "Key elements of the hacker attack plan were to strike at trusted cyber systems that were used to control both physical infrastructures and digital commerce and services," says the DHS' after-action report, released in September 2006. "The attackers focused on maximizing economic harm and fomenting general distrust of big business and government by disrupting services and misleading news media and other information outlets."

    The choice of adversary -- which the report stressed "was neither a forecast of any particular threats … currently existing nor an expression of any specific concerns" -- raised some eyebrows. Among U.S. military planners, nation states, and in particular China, are considered the actually existing adversaries with the most significant capabilities to launch attacks on, or through, the Internet.

    One report, by Washington Post blogger Brian Krebs, said Cyber Storm II will feature a nation-state attacker, but a DHS official familiar with the planning said only that this was "a possibility."

    The official added that the adversary was "more sophisticated" than in 2006. The scenario was "designed to examine the response to some of the threats that are out there in the real world," he said.

    Having a nation-state adversary would make sense, former DHS preparedness chief George Foresman told UPI.

    "The top candidates for adversaries would be states, terrorist groups and criminal enterprises" as they were in the real world, said Foresman, who was only involved in the very early stages of planning the event.

    As in 2006, the attacks this week will be simulated on special systems set up for the exercise "and will not impact any live networks," says the fact sheet.

    Participants in the exercise, which consists of a series of detailed scenarios unfolding according to a strict timetable, will learn of developments via more than 1,700 pre-scripted "injects" in the form of phone calls or e-mails from exercise managers, or through a mock TV news channel set up for the event.

    But some of what players will learn from the channel will be bogus, former DHS official Jerry Dixon told Krebs' Security Fix blog.

    "They'll inject some red herring attacks and information to throw intelligence analysts and companies off the trail of the real attackers," said Dixon, who helped plan the exercise.

    The $6 million event will involve thousands of participants across the world, including from departments of the Australian, British, Canadian and New Zealand governments, and from U.S. agencies including the Department of Defense, CIA, National Security Agency and FBI.

    More at the LINK
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  13. #13
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default NATO considers cyber warfare as being as great a threat as a missile attack, official

    The hyperbole continues and will likely increase further as we get closer to October 1, 2008. This article (short as it is), starts to link kinetic damage to cyber damage, and brings in the transnational aspects of cyber warfare. Still nobody seems to really be getting the doctrinal issues and that that fighting cyber warfare isn't like dropping bombs, or other stand off weapons. Cyber warfare in my opinion is like counter insurgency.


    From the following page


    If you don’t think cyber warfare could be a major problem in the future, then NATO would like to change your mind.

    At a conference in London last week, Suleyman Anil, the man charged with guarding NATO from cyber attacks, told the Guardian,
    "Cyber defense is now mentioned at the highest level along with missile defence and energy security. We have seen more of these attacks and we don't think this problem will disappear soon. Unless globally supported measures are taken, it can become a global problem."

    Anil told the E-Crime congress that it was costing less for hackers to mount attacks, while the amount of damage they could inflict was increasing. The biggest trend of recent years is cyber terrorism, as shown by the attacks on Estonian government sites last year.

    But there have been many attacks, including those on government sites in Australian and Britain and on the Pentagon. American officials believe they’re the work of a Chinese-sponsored group which they’ve dubbed Titan Rain.
    Of course, identifying the shadowy people behind the attacks is almost impossible. But people in power do understand how real the threat is – the US government has allocated $6 billion to strengthen systems against attack.
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  14. #14
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default Chinese hackers: No site is safe

    This article is interesting. I thought it might be a lot like the Bin Laden interview by 60 minutes right before 9/11. We've gone, seen the enemy, and he looks a lot like a bunch of kids.

    What is interesting is the capitalistic nature of the hacking. They aren't just doing it for political intrigue they are getting paid. That is more worrisome as the fiduciary incentive will outlast political motivations.

    More importantly if the allegations are true then you have almost a "letters of marquis" or buccaneer of the internet kind of relationship between the hackers and government. That is an interesting threat.

    More at the LINK


    HOUSHAN, China (CNN) -- They operate from a bare apartment on a Chinese island. They are intelligent 20-somethings who seem harmless. But they are hard-core hackers who claim to have gained access to the world's most sensitive sites, including the Pentagon.

    In fact, they say they are sometimes paid secretly by the Chinese government -- a claim the Beijing government denies.

    "No Web site is one hundred percent safe. There are Web sites with high-level security, but there is always a weakness," says Xiao Chen, the leader of this group.

    "Xiao Chen" is his online name. Along with his two colleagues, he does not want to reveal his true identity. The three belong to what some Western experts say is a civilian cyber militia in China, launching attacks on government and private Web sites around the world.

    If there is a profile of a cyber hacker, these three are straight from central casting -- young and thin, with skin pale from spending too many long nights in front of a computer.

    One hacker says he is a former computer operator in the People's Liberation Army; another is a marketing graduate; and Xiao Chen says he is a self-taught programmer.

    "First, you must know about the Web site you want to attack. You must know what program it is written with," says Xiao Chen. "There is a saying, 'Know about both yourself and the enemy, and you will be invincible.'"

    CNN decided to withhold the address of these hackers' Web site, but Xiao Chen says it has been operating for more than three years, with 10,000 registered users. The site offers tools, articles, news and flash tutorials about hacking.

    Private computer experts in the United States from iDefense Security Intelligence, which provides cybersecurity advice to governments and Fortune 500 companies, say the group's site "appears to be an important site in the broader Chinese hacking community."

    Arranging a meeting with the hackers took weeks of on-again, off-again e-mail exchanges. When they finally agreed, CNN was told to meet them on the island of Zhoushan, just south of Shanghai and a major port for China's navy.

    The apartment has cement floors and almost no furniture. What they do have are three of the latest computers. They are cautious when it comes to naming the Web sites they have hacked.

    On camera, Xiao Chen denies knowing anyone who has targetted U.S. government Web sites. But off-camera, in conversations over three days, he claims two of his colleagues -- not the ones with him in the room -- hacked into the Pentagon and downloaded information, although he wouldn't specify what was gleaned. CNN has no way to confirm if his claim is true.

    More at the LINK
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  15. #15
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default Command chief outlines future of cyber warfare

    The Chief Master Sgt. follows several of the points I've been making about war fighting domains (though I call them terrains). This is more of the media blitz leading up to the new cyber command (provisional) opening up. He also appears to notice the skills/support gap for troops that are doing this kind of work.

    What is missing is a tactical road map and a good idea about the trans national nature of this new form of warfighting (sic). I wonder where we could find people skilled in dealing with models of insurgency?

    If anybody knows Chief Master Sgt Kabalan I'd like to meet him or the commanding officer of Cyber Command.

    From a story posted here

    3/11/2008 - SHEPPARD AIR FORCE BASE, Texas (AFPN) -- The Air Force is leading the way in controlling the warfighting domain of the 21st century, and the formation of the newest Air Force major command is progressing well, the command chief of Air Force Cyber Command (Provisional) said during a March 4 visit here.

    "Cyberspace is a warfighting domain -- that's all there is to it," Chief Master Sgt. Todd Kabalan told a group of commanders, chiefs and first sergeants at the Sheppard Club.

    "We've got to be able to operate in this domain efficiently and effectively," he said.

    To illustrate the point, Chief Kabalan referenced a number of terrorist attacks, including the 1996 Khobar Towers and the Sept. 11, 2001, attacks, in which the cyber domain played a key role. He also referred to last year's cyber attack on the country of Estonia that nearly shut down government agencies and private organizations like banks, media outlets and other companies.

    "We're already fighting in this domain, and have been for a while," the chief said. "Air Force Cyber Command will enable us to fight better."

    When Air Force Cyber Command officially stands up Oct. 1, it will be structured like other MAJCOMs -- with a numbered Air Force and several operational wings. But it's not just a matter of building staffs and setting up organizational charts; it's about changing our culture and the way we think, Chief Kabalan said.

    "For example, we tend to think of our (client support administrators) as support troops. That's why they're currently 'three-alphas,'" he said. "But in the cyber domain, they're operators -- and that's why we're making them one-bravos. They're operators in this warfighting domain."

    The chief also talked about the need to think differently about how the Air Force trains, employs and retains cyber warriors.

    "In order to fight effectively in the cyber domain, we need Airmen with specific skills and expertise, and we need the flexibility to use them where they have the most impact," he said. "At the same time, these skills make our Airmen very, very valuable in the civilian sector, so we have to think creatively about how to keep them."

    Sheppard Air Force Base was the chief's first stop in a planned tour to educate the force on what Air Force Cyber Command (Provisional) is doing, and why it's important. Provisional commands are formed for a specific purpose -- in this case, to prepare for the stand-up of a fully functional major command.

    From a story posted here
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  16. #16
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default Success of AFCYBER Depends on ESC Team

    This is an interesting article. When I started reading it I thought 'Ah a don't forget me I support Cyber!' but I don't think that is what it says. I think what it says besides a really good summation of cyber warfare at the beginning is that the acquisition for the new command all future equipment is going to be "new". That is an understatement. Invoking Moore (a really great guy) doesn't impress but knowing that flexibility beyond pandering to the word will be a key strategy.

    Unfortunately I'm seeing a huge monster bureaucracy being created and in this cyber world where asymmetry is key I see large army, large air force, type thinking starting to take hold. I don't think the Air Force is seeing the hypocrisy of trying to solve an "insurgency" type conflict with "carpet bombing" thinking.


    From a story posted HERE

    The U.S. Air Force Electronic Systems Center issued the following commentary:

    By Col. George Kramlinger

    AFCYBER (P) OL-A

    The Electronic Systems Center here and it's predecessors have always played a key role in defending the nation. With an ominous threat to the nation emerging on the cyberspace frontier, ESC is once again poised to play a key role in defending the Republic.

    The United States increasingly depends on cyberspace to maintain our way of life and employ the instruments of national power. Control of essential processes in manufacturing, utilities, banking, health care, public safety, communications and national security now rely on networked computer systems.

    This trend toward networked cyber systems continues to expand. Consequently, our economy and national security are fully dependent on the cyberspace infrastructure. Unfortunately, resources for exploiting the vulnerabilities in cyberspace are widely available and inexpensive.

    Our adversaries - even those considered unsophisticated - actively seek to exploit this vulnerable center of gravity by developing capabilities to cripple our military forces, critical infrastructure, and commerce. As a result, cyber warfare is emerging as the preferred asymmetrical means to strike the United States.

    With the advent of Air Force Cyber Command, the USAF will present cyber warfighting forces and capabilities to U.S. Strategic Command, geographical combatant commanders, and joint task force commanders. AFCYBER will organize, train, and equip to: deter and prevent cyberspace attacks against vital U.S. interests; rapidly respond to attacks and reconstitute networks; integrate cyber power into the full range of global and theater effects; defeat adversaries operating through cyberspace; ensure freedom of action in cyberspace for US and Allied commanders; and maintain persistent cyberspace awareness.

    AFCYBER will work through the joint force to rapidly engage, degrade, or destroy an enemy's networks and network attack systems. We will provide the means to render an enemy deaf, mute, and blind in the first hours of a conflict, making it impossible for that enemy to effectively challenge U.S. and allied forces. Dominating the cyberspace domain makes it possible to paralyze an adversary before the first kinetic engagement. Thus, cyber paralysis is a critical element of 21st century warfare.

    In 1965 Gordon Moore, co-founder of Intel, observed that that the number of transistors per square inch had doubled every year since the inception of the integrated circuit. Over time, his observation morphed into the theory commonly known as "Moore's law". This theory suggests almost every measure of digital electronics improves by an order of magnitude every 18 months.

    Unfortunately, "Moore's law" drives a cyber technology refresh rate that seriously challenges the USAF in a fiscally constrained environment. Thus, USAF dominance in the rapidly changing cyberspace domain requires an agile acquisition strategy to rapidly field new systems that easily integrate with existing capability. Avoiding stove piped systems creates synergy and enhances freedom of action in cyberspace. Fortunately, ESC has the requisite expertise to partner with AFCYBER and overcome the challenges of Moore's law.

    In December 2006, Air Force Materiel Command gave ESC primary responsibility to acquire and sustain USAF cyberspace systems. In this capacity ESC manages program objectives and executes total life cycle responsibility for assigned cyberspace systems. ESC program managers develop acquisition strategies then manage cost, schedule, and performance. This framework combined with ESC's disciplined Systems Engineering approach creates integrated solutions that can quickly deliver high-quality, affordable, and sustainable capabilities. However, acquisition does not occur in a vacuum.

    AFCYBER will lead the requirements management process throughout the entire cyber acquisition and system life cycle in coordination with warfighters, MAJCOMs, ESC, and the Air Staff. In addition, AFCYBER will lead development and submission of the integrated cyberspace program objective memorandum in collaboration with appropriate stake holders to capture life cycle costs, ensure sustainment, and develop a sound investment strategy.

    Furthermore, we will lead development of the USAF cyberspace roadmap as part of the USAF Capability Review and Risk Assessment process to identify gaps, shortfalls, and recommended courses of action. With an eye toward the horizon, AFCYBER will lead development of future cyberspace concept of operations to guide science, technology, and experimentation. Finally, we will provide a cyberspace "hot bench" for integration and developmental testing, procedures development, and proof of concept evaluation for emerging technology.

    Unfortunately, the urgent genesis of cyberspace capability, dynamic evolution of AFCYBER, and ownership of the cyber "hot bench" may generate fog and friction between AFCYBER and ESC relating to experimentation, testing, and demonstrations.

    However, fog and friction are easily overcome by formalized communication that seeks to deconflict, coordinate, and synchronize overlapping areas of responsibility especially relating to the smooth transition of initiatives into sustainable systems of record.

    Regular communication will enhance ESC's ability to rapidly deliver cutting edge, integrated, and open architecture capability to the warfighter without wasting time, effort, or money. The Global Cyberspace Integration Center - formerly the Air Force Command Control, and Intelligence Surveillance and Reconnaissance Center - now part of AFCYBER (P), has successfully collaborated with ESC on numerous programs and initiatives over the last seven years.

    Of particular note is the success our organizations have had working together on the Air Operations Center weapon system, Joint Expeditionary Force Experiment and Coalition Warrior Interoperability Demonstration. These examples in particular highlight the capability to successfully transition emerging, newly created, or existing technology into systems of record that meet warfighter requirements.

    The cyber domain follows the exponential change of Moore's law and therefore requires innovative processes to thoroughly identify requirements then rapidly field systems that integrate across the breadth and depth of this new frontier. The success of AFCYBER - and our dominance of cyberspace - is heavily dependant on the AFCYBER relationship with ESC.

    AFCYBER will execute a disciplined and responsive requirements process while at the same time providing a cyber "hot bench" to test new initiatives and technologies early in the development cycle.

    Given the intellectual and technical prowess that characterize all Airmen, the partnership between ESC and AFCYBER gives the USAF a distinct advantage over any potential adversary in the cyber domain just as it has in air and space.

    AFCYBER in partnership with ESC will create a dynamic warfighting enterprise that integrates capabilities, systems, and warfighters to establish the cross domain dominance necessary to fly, fight, and win in cyberspace.

    From a story posted HERE

    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  17. #17
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default Clarke sharply criticizes Bush cyber-security plans

    This could have been a much better story if it wasn't dropping into the realm of scare tactics. Though the criticism is likely warranted, with all the money that has spent, the paradigm of information assurance and security hasn't changed much.

    Though simplistic the analogy is we designed the auto industry, but we've fallen behind everybody else who are now driving George Jetson air scooters.

    I hate to say it but some of the under current of this article supports the idea that maybe culturally we will never be able to secure of utilize cyber space it is just to much of a change at this time.

    More at the link

    Former White House cyber-security and anti-terrorism advisor Richard Clarke isn't known as a fan of the current administration, but political loyalties aside, the expert claims that the president's new initiative aimed at bolstering the nation's electronic infrastructure is fundamentally flawed.

    Speaking at the inaugural Source Boston security conference, Clarke expressed his concerns over the national electronic security initiative signed by Bush on Jan. 8.

    While the measure has yet to be detailed by the White House publicly, the Washington rumor mill is already circulating many details of the strategy and Clarke said the plan won't have the effect that the president's advisors are hoping for.

    The two major thrusts of the Bush mandate, according to Clarke, are aimed at better securing the government's own computing and communications networks, and adopting a more proactive approach to engaging in cyber-warfare.

    In both cases, the plan may in fact serve to weaken U.S. security and privacy efforts, he said.

    As Clarke sees it, the biggest flaw in the portion of the measure devoted to protecting government computing operations is a lack of recognition that most of those systems run on the same infrastructure, and through the same carriers, as the rest of the nation's Internet traffic.

    "There's the idea that somehow these are government networks that we're talking about, but they really aren't, all these government sites are running through the same network of routers and the same fiber channels as everything else, there's no segmentation on these carrier networks," Clarke said. "This means that [the plan's authors] either don't know that and merely think they need to reinforce security on state-owned servers, or data in their own facilities, in which case thy are missing most of the problem, or that they plan to do monitoring of everything going through the carriers' systems."

    If it is the latter, than Americans will need to prepare for a world where they have far less privacy in terms of their ability to access the Web without the potential for government observation, he said.

    Much more HERE
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  18. #18
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default Air Force Cyber Command General Answers Slashdot Questions

    Slashdot does not reflect the "hacker" culture but they most definitely reflect the YUG's (young uppity geeks). The "I can argue about Play Station, X-Box, and Wii, and PWN you", group is unfortunately where Air Force Cyber Command will likely start pulling recruits.

    For the rest of us I'd look at the language of this and think about the "close air support" role end the effectiveness of the Air Force in dealing with other services. Then I would suggest to the higher up in each of the other forces to think about the Air Force determining the linkages of all the command and control (as in their words) they are the leader in cyber-space.

    Enjoy the interview some of the questions are quite well thought out. Others show the standard audience of Slashdot (which includes me!!!)

    For a view into the heck of geekdom follow the link.

    Slashdot interview with Air Force General Link
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  19. #19
    i pwnd ur ooda loop selil's Avatar
    Join Date
    Sep 2006
    Location
    Belly of the beast
    Posts
    2,112

    Default Pentagon attack last June stole an "amazing amount" of data

    Military commanders should consider reports like this and think back to what does it mean if the enemy has access to all of your deepest military secrets. Consider the tightening of public disclosures of information and the rampant use of states secrets to secure data. Then balance that on the wholesale loss of control of massive amounts of data (or minimal dos it matter?).

    Don't fall for the fear mongering that most security analysts would drive change or new initiatives with instead consider how simplistic the attacks are (trojan in an email for example). Almost no security service that does not degrade capability and uniformly degrade information technology services is going to work without people not doing stupid things.

    When you think about all of the intersections between information technology services and the command and control infrastructure (technical or not) the issue rapidly becomes not when it will be attacked (peace or war), but how and how much it will be attacked. The same way telegraph wires were cut in WW1 (denial of service), the same way encryption was broken (confidentiality), and the same way that information operations injected errors in the enemy command and control (integrity).

    I wonder where you can find people who know how to fight asymmetric attacks against large infrastructures and political organizations?



    Original Article Here

    On June 22, 2007, Defense Secretary Robert Gates acknowledged that the Pentagon's network had been successfully attacked the previous Wednesday, and that this attack was responsible for a disruption in email service to some 1,500 Pentagon employees. At the time, Gates downplayed the attack, saying that it affected only the OSD's (Office of the Secretary of Defense) non-classified e-mail service and that there was "no anticipated adverse impact on ongoing operations." It seems that the adverse impact of the June attack may have been much greater than Gates' early guidance implied. According to a top DoD technology official quoted at GovernmentExecutive.com, the thieves behind that attack seized an "amazing amount" of data.

    New details on the attack itself have become available in the months since it occurred. According to Dennis Clem, CIO of the Pentagon and the OSD, the intrusion was first detected during an IT restructuring that was underway at the time. By the time it was detected, malicious code had been in the system for at least two months, and was propagating via a known Windows exploit. The bug spread itself by e-mailing malicious payloads from one system on the network to another. The messages themselves were spoofed and appeared to be legitimate missives from other employees. Once the recipient opened an infected e-mail, the worm sent that person's password and other login credentials back to home base.

    The government isn't saying what, exactly, got stolen. There's no evidence to contradict Secretary Gates' claim that the classified e-mail system remained unaffected, but data that Clem describes as "sensitive" was accessed and encrypted before being transmitted to the hackers' location. As for where that location might be, unconfirmed reports point towards China's People's Liberation Army. China, of course, has vehemently denied any knowledge or responsibility. The Pentagon has stepped up its network protection since the intrusion, and added additional protection in the form of smart cards and digital signatures. Such security measures are the ultimate example of closing the barn door after the horse is gone, but should at least make further intrusions more difficult.
    Sam Liles
    Selil Blog
    Don't forget to duck Secret Squirrel
    The scholarship of teaching and learning results in equal hatred from latte leftists and cappuccino conservatives.
    All opinions are mine and may or may not reflect those of my employer depending on the chance it might affect funding, politics, or the setting of the sun. As such these are my opinions you can get your own.

  20. #20
    Council Member Boot's Avatar
    Join Date
    Dec 2007
    Posts
    87

    Default

    The PLA have a BN sized element (it may be more) dedicated to hacking other countries systems. One area at least in the Corps we seem to pay lots of lip service to but not actual action is cyber security. I can't count how many CO's on various operations "had" to have access to the internet for convience. Their day to day is only done on NIPR. Classified systems are secure because its a closed system, that is it connects to itself. In most cases any intrusion would have to physically come from the system itself, that is the hacker would phyically have to have access to it.
    Back to unclass systems. Its attitudes and lack of training that usually allows these intrusions. One of my biggest rubs as a Comm type has always been the way the my fellow non-Comm. types viewed my specialty. In the Marine Corps at TBS its beat in your head that if your not combat arms your nothing. Many officers come up with that sort of mentality, and what I have seen is a perception that you are weak because your not a "meat eater". As far as the Pentagon goes I can't speak for them. Like I sai I'm willing to bet its a lack of enforcement and attitude (those computer guys are a pain in the butt) that probably led to this.
    My last word on perceptions and attitudes; I knew a LtCol now Col, who was told by his base CG that he was the one of best officers he ever had, and even presented him with a pretty high medal. When that CG ranked him, he ranked him last. When the officer confronted his boss on this, his boss told him he doesn't have to talk to him, he's just a Commo...and those in manpower and leadership positions wonder why things like this happen and their best leave to go work for GD or NG.

Similar Threads

  1. Leadership of Cyber Warriors: Enduring Principles and New Directions
    By SWJ Blog in forum Media, Information & Cyber Warriors
    Replies: 0
    Last Post: 07-11-2011, 02:41 PM
  2. Replies: 51
    Last Post: 01-08-2011, 07:42 PM
  3. Information Operations
    By SWJED in forum Media, Information & Cyber Warriors
    Replies: 152
    Last Post: 08-28-2009, 09:47 AM
  4. Question 5: Cyber space (oh you know I had to ask at least one of these)
    By selil in forum TRADOC Senior Leaders Conference
    Replies: 7
    Last Post: 08-14-2009, 03:27 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •