USAF Cyber Command (catch all)

[selil]

Trying to create a catch all thread.

[selil]

The ramp up and media blitz to justifying the Air Force Cyber command has began.

March 4, 2008 LINK TO STORY

(Media-Newswire.com) - 3/4/2008 - WASHINGTON ( AFPN ) -- Deputy Defense Secretary Gordon England is the latest government official to express concern about the United States' cyberspace vulnerabilities.

"Cyber warfare is already here," said Mr. England. "It's one of our major challenges."

Describing the new battlefront, the deputy secretary said, "I think cyber attacks are probably analogous to the first time, way back when people had bows and arrows and spears, and somebody showed up with gunpowder and everybody said, 'Wow. What was that?'"

Mr. England, speaking to an audience Mar. 3 gathered here for a Veterans of Foreign Wars conference, noted that President Bush addressed the threat by establishing a task force to coordinate U.S. government efforts to safeguard computers against cyber attacks.

In addition, the United States and other NATO allies are expected to address the issue of cyber defense when the 20th NATO summit convenes in Bucharest, Romania, in early April.

Estonia, a NATO member, was victimized by a series of data-flooding attacks last year that brought down the Web sites of several daily newspapers and forced Estonia's largest bank to shut down its online banking network.

"Estonia happens to be very advanced, in terms of networks in their country," Mr. England said. "So a strength was turned into a vulnerability."

Last week, the Pentagon's top intelligence official today told a Senate committee that cyber threats are contributing to the "unusually complex" security environment the United States faces.

"A global military trend of concern is ... the sophisticated ability of select nations and non-state groups to exploit and perhaps target for attack our computer networks," Army Lt. Gen. Michael D. Maples, director of the Defense Intelligence Agency, told the Senate Armed Services Committee on Feb. 27.

Joining the Pentagon's top intelligence official at the hearing on current and future threats facing the United States was the director of national intelligence, retired Navy Vice Adm. John M. "Mike" McConnell. Asked by senators about cyber threats, Admiral McConnell said, "We're not prepared to deal with it."

"The United States information infrastructure, including telecommunications and computer networks and systems, and most importantly the data that reside on these systems is critical to virtually every aspect of our modern life," he continued. "Threats to our intelligence infrastructure are an important focus of this community."

Admiral McConnell said China, Russia and possibly other nation-states have been assessed as being capable of collecting or exploiting data held on U.S. information systems.


More at the LINK

[selil]

This is an interesting take on propaganda and information warfare though titled cyber warfare. It is interesting to note the intersection of free speech and the Internet which has been becoming much more frequent.

Link to full story

Last week, a Chinese court sent Chen Shuqing, a dissident internet writer, to jail for four years on charges of subversion. Meanwhile, in the northern Russian city of Syktyvkar, 21-year-old blogger Savva Terentyev is looking at two years in prison for making a derogatory comment about the police in an online diary.

Two disparate cases, thousands of miles apart, that send a very clear message about how ruthlessly China and Russia are patrolling their internet borders. This vigilance could serve as useful preparation for cyber war, an increasingly important battlefield where the West risks being overwhelmed.
The internet is a conduit of free speech but also a weapons delivery system. Authoritarian regimes have had to develop defences against the internet to stem the flow of independent thought.

And having learnt how to defend themselves, these states are well- versed in techniques that can be deployed against other nations.

In China any politically sensitive material is blocked by a complex firewall called jindun gongcheng, the Golden Shield. It prevents Chinese citizens in internet cafes from logging onto anything potentially subversive, like a blog supporting independence in Tibet or Taiwan. Vietnam, Saudi Arabia and Tunisia use similar shields. China's shield is so sophisticated at blocking inbound traffic it could one day be used to block incoming cyber-attacks.

Link to full story

[selil]

It is interesting to note the kind of fear mongering and reliance on service disruption to describe cyber warfare. Few if any are looking at the other elements such as confidentiality being exploited. Imagine if all the politicos in Washington had their medical records exposed? Considering the security services any asymmetric attack against a nation using computers is going to have to be through more than one vector.

Link to full story

March 6, 2008

Australia will join global counter-terrorism war games to test the security of vital resources including dams, power stations, telephone exchanges and banks.

Attorney-General Robert McClelland will announce the federal government's involvement in Cyberstorm II.

"Governments that take national security seriously can't turn a blind eye to the threat of cyber-terrorism," Mr McClelland said.

Cyberstorm II will run from March 10 for five days and will also involve security officials and businesses from the US, UK, Canada and New Zealand.

"The exercise will be useful in identifying areas in Australia's national security architecture that may require further development," Mr McClelland said.

Confirmation of Australia's involvement in Cyberstorm II comes as the US Department of Defence ratchets up its concerns about cyber-terrorism.

"Cyber warfare is already here," Deputy Defence Secretary Gordon England said earlier this week.

"It's one of our major challenges."

"I think cyber attacks are probably analogous to the first time, way back when people had bows and arrows and spears, and somebody showed up with gunpowder and everybody said, 'Wow. What was that?'"

The first Cyberstorm drill in 2006 forced a host of international intelligence agencies to face multiple fictitious attacks at one time.

Washington's subway trains shut down. Seaport computers in New York went dark and a mysterious liquid was found on London's Tube.

The laundry list of fictional catastrophes, which included hundreds of people on "No Fly" lists arriving suddenly at US airport ticket counters, is significant because it suggests what kind of real-world trouble keeps allied security forces awake at night.

The $US3 million ($A3.22 million), invitation-only war game simulated what the US described as plausible attacks over five days in February 2006 against the technology industry, transportation lines and energy utilities by anti-globalisation hacker


Link to full story

[selil]

A good over view of Cyber Storm II and good read out on Cyber Storm 1. But ,unfortunately it will be primarily a table top exercise with limited real world problems (only a few systems according to the article will actually be attacked). The illuminates the issues of training in this type of environment. Few if any people would suggest soldiers should be sent into combat having never fired real bullets, never ran around the range, done a confidence course, or otherwise simulate combat environments. Yet when it comes to computers we do exactly that in the training and evaluation.




More at the LINK

WASHINGTON, March 10 (UPI) -- Officials from 18 federal agencies, nine states, four foreign governments and more than three dozen private companies will take part in a cyberwar exercise staged by the U.S. Department of Homeland Security this week.

The war game, codenamed Cyber Storm II, will run Monday to Thursday, based at U.S. Secret Service headquarters in Washington. It is the second DHS biannual cyber-exercise, designed to test the ability of federal agencies and their partners in state, local and foreign governments and the private sector to respond to and recover from cyberattacks on their computer networks.

"The goal of Cyber Storm II is to examine the processes, procedures, tools, and organizational response to a multi-sector coordinated attack through, and on, the global cyber infrastructure," says a fact sheet from the department.

Details of the planning for the event are closely held, in part to avoid tipping off participants. The fact sheet says only that the exercise -- the culmination of more than 18 months of planning led by DHS' National Cyber Security Division -- will simulate a series of coordinated physical and cyberattacks on IT and communications systems and chemical, rail and pipeline infrastructure.

The attacker is not identified, but has "a specific political and economic agenda," says the fact sheet. In the last Cyber Storm exercise in 2006, the enemy was an anarchistic coalition of "hacktivists" -- politically motivated hackers -- called the Worldwide Anti-Globalization Alliance, joined by a number of "independent actors."

In the scenario, the attackers penetrated state health records' databases, attacked Federal Aviation Administration systems and defaced newspaper sites.

"Key elements of the hacker attack plan were to strike at trusted cyber systems that were used to control both physical infrastructures and digital commerce and services," says the DHS' after-action report, released in September 2006. "The attackers focused on maximizing economic harm and fomenting general distrust of big business and government by disrupting services and misleading news media and other information outlets."

The choice of adversary -- which the report stressed "was neither a forecast of any particular threats … currently existing nor an expression of any specific concerns" -- raised some eyebrows. Among U.S. military planners, nation states, and in particular China, are considered the actually existing adversaries with the most significant capabilities to launch attacks on, or through, the Internet.

One report, by Washington Post blogger Brian Krebs, said Cyber Storm II will feature a nation-state attacker, but a DHS official familiar with the planning said only that this was "a possibility."

The official added that the adversary was "more sophisticated" than in 2006. The scenario was "designed to examine the response to some of the threats that are out there in the real world," he said.

Having a nation-state adversary would make sense, former DHS preparedness chief George Foresman told UPI.

"The top candidates for adversaries would be states, terrorist groups and criminal enterprises" as they were in the real world, said Foresman, who was only involved in the very early stages of planning the event.

As in 2006, the attacks this week will be simulated on special systems set up for the exercise "and will not impact any live networks," says the fact sheet.

Participants in the exercise, which consists of a series of detailed scenarios unfolding according to a strict timetable, will learn of developments via more than 1,700 pre-scripted "injects" in the form of phone calls or e-mails from exercise managers, or through a mock TV news channel set up for the event.

But some of what players will learn from the channel will be bogus, former DHS official Jerry Dixon told Krebs' Security Fix blog.

"They'll inject some red herring attacks and information to throw intelligence analysts and companies off the trail of the real attackers," said Dixon, who helped plan the exercise.

The $6 million event will involve thousands of participants across the world, including from departments of the Australian, British, Canadian and New Zealand governments, and from U.S. agencies including the Department of Defense, CIA, National Security Agency and FBI.

More at the LINK

[selil]

The hyperbole continues and will likely increase further as we get closer to October 1, 2008. This article (short as it is), starts to link kinetic damage to cyber damage, and brings in the transnational aspects of cyber warfare. Still nobody seems to really be getting the doctrinal issues and that that fighting cyber warfare isn't like dropping bombs, or other stand off weapons. Cyber warfare in my opinion is like counter insurgency.


From the following page

If you don’t think cyber warfare could be a major problem in the future, then NATO would like to change your mind.

At a conference in London last week, Suleyman Anil, the man charged with guarding NATO from cyber attacks, told the Guardian,
"Cyber defense is now mentioned at the highest level along with missile defence and energy security. We have seen more of these attacks and we don't think this problem will disappear soon. Unless globally supported measures are taken, it can become a global problem."

Anil told the E-Crime congress that it was costing less for hackers to mount attacks, while the amount of damage they could inflict was increasing. The biggest trend of recent years is cyber terrorism, as shown by the attacks on Estonian government sites last year.

But there have been many attacks, including those on government sites in Australian and Britain and on the Pentagon. American officials believe they’re the work of a Chinese-sponsored group which they’ve dubbed Titan Rain.
Of course, identifying the shadowy people behind the attacks is almost impossible. But people in power do understand how real the threat is – the US government has allocated $6 billion to strengthen systems against attack.

[selil]

This article is interesting. I thought it might be a lot like the Bin Laden interview by 60 minutes right before 9/11. We've gone, seen the enemy, and he looks a lot like a bunch of kids.

What is interesting is the capitalistic nature of the hacking. They aren't just doing it for political intrigue they are getting paid. That is more worrisome as the fiduciary incentive will outlast political motivations.

More importantly if the allegations are true then you have almost a "letters of marquis" or buccaneer of the internet kind of relationship between the hackers and government. That is an interesting threat.

More at the LINK

HOUSHAN, China (CNN) -- They operate from a bare apartment on a Chinese island. They are intelligent 20-somethings who seem harmless. But they are hard-core hackers who claim to have gained access to the world's most sensitive sites, including the Pentagon.

In fact, they say they are sometimes paid secretly by the Chinese government -- a claim the Beijing government denies.

"No Web site is one hundred percent safe. There are Web sites with high-level security, but there is always a weakness," says Xiao Chen, the leader of this group.

"Xiao Chen" is his online name. Along with his two colleagues, he does not want to reveal his true identity. The three belong to what some Western experts say is a civilian cyber militia in China, launching attacks on government and private Web sites around the world.

If there is a profile of a cyber hacker, these three are straight from central casting -- young and thin, with skin pale from spending too many long nights in front of a computer.

One hacker says he is a former computer operator in the People's Liberation Army; another is a marketing graduate; and Xiao Chen says he is a self-taught programmer.

"First, you must know about the Web site you want to attack. You must know what program it is written with," says Xiao Chen. "There is a saying, 'Know about both yourself and the enemy, and you will be invincible.'"

CNN decided to withhold the address of these hackers' Web site, but Xiao Chen says it has been operating for more than three years, with 10,000 registered users. The site offers tools, articles, news and flash tutorials about hacking.

Private computer experts in the United States from iDefense Security Intelligence, which provides cybersecurity advice to governments and Fortune 500 companies, say the group's site "appears to be an important site in the broader Chinese hacking community."

Arranging a meeting with the hackers took weeks of on-again, off-again e-mail exchanges. When they finally agreed, CNN was told to meet them on the island of Zhoushan, just south of Shanghai and a major port for China's navy.

The apartment has cement floors and almost no furniture. What they do have are three of the latest computers. They are cautious when it comes to naming the Web sites they have hacked.

On camera, Xiao Chen denies knowing anyone who has targetted U.S. government Web sites. But off-camera, in conversations over three days, he claims two of his colleagues -- not the ones with him in the room -- hacked into the Pentagon and downloaded information, although he wouldn't specify what was gleaned. CNN has no way to confirm if his claim is true.

More at the LINK

[selil]

The Chief Master Sgt. follows several of the points I've been making about war fighting domains (though I call them terrains). This is more of the media blitz leading up to the new cyber command (provisional) opening up. He also appears to notice the skills/support gap for troops that are doing this kind of work.

What is missing is a tactical road map and a good idea about the trans national nature of this new form of warfighting (sic). I wonder where we could find people skilled in dealing with models of insurgency?

If anybody knows Chief Master Sgt Kabalan I'd like to meet him or the commanding officer of Cyber Command.

From a story posted here

3/11/2008 - SHEPPARD AIR FORCE BASE, Texas (AFPN) -- The Air Force is leading the way in controlling the warfighting domain of the 21st century, and the formation of the newest Air Force major command is progressing well, the command chief of Air Force Cyber Command (Provisional) said during a March 4 visit here.

"Cyberspace is a warfighting domain -- that's all there is to it," Chief Master Sgt. Todd Kabalan told a group of commanders, chiefs and first sergeants at the Sheppard Club.

"We've got to be able to operate in this domain efficiently and effectively," he said.

To illustrate the point, Chief Kabalan referenced a number of terrorist attacks, including the 1996 Khobar Towers and the Sept. 11, 2001, attacks, in which the cyber domain played a key role. He also referred to last year's cyber attack on the country of Estonia that nearly shut down government agencies and private organizations like banks, media outlets and other companies.

"We're already fighting in this domain, and have been for a while," the chief said. "Air Force Cyber Command will enable us to fight better."

When Air Force Cyber Command officially stands up Oct. 1, it will be structured like other MAJCOMs -- with a numbered Air Force and several operational wings. But it's not just a matter of building staffs and setting up organizational charts; it's about changing our culture and the way we think, Chief Kabalan said.

"For example, we tend to think of our (client support administrators) as support troops. That's why they're currently 'three-alphas,'" he said. "But in the cyber domain, they're operators -- and that's why we're making them one-bravos. They're operators in this warfighting domain."

The chief also talked about the need to think differently about how the Air Force trains, employs and retains cyber warriors.

"In order to fight effectively in the cyber domain, we need Airmen with specific skills and expertise, and we need the flexibility to use them where they have the most impact," he said. "At the same time, these skills make our Airmen very, very valuable in the civilian sector, so we have to think creatively about how to keep them."

Sheppard Air Force Base was the chief's first stop in a planned tour to educate the force on what Air Force Cyber Command (Provisional) is doing, and why it's important. Provisional commands are formed for a specific purpose -- in this case, to prepare for the stand-up of a fully functional major command.

From a story posted here

[Stan]

Michael Chertoff, homeland security chief has made a heartfelt plea to Silicon Valley workers to stand up and be counted in the fight to secure the cyber highway. He invoked the attacks of 9/11 as he sought to galvanise IT professionals and security experts.

'Desire to serve'

... "the best thing you can do for your country"

Mr Chertoff pointed out that securing the nation's internet highways and byways was a job the federal government could not do alone.

Appealing to the private sector, the homeland security boss reached out and simply said: "Please send some of your brightest and best to do service in the government."

[Stan]

From Wired's blog... "Chertoff's talk shed precious little light on the details of the Bush administration's cyber security plans...Its contents are classified, but the U.S. Director of National Intelligence has said he wants the NSA to monitor America's internet traffic and Google searches for signs of cyber attack."

-- The federal government has launched a cyber security "Manhattan Project"... because online attacks can be a form of "devastating warfare", and equivalent in damage to "physical destruction of the worst kind." Chertoff cited last year's denial-of-service attacks against Estonia, and hypothetical hack attacks on financial networks and air traffic control systems, as proof that a federal strategy was needed.

"Imagine, if you will, a sophisticated attack on our financial systems that caused them to be paralyzed," Chertoff said. "It would shake the foundation of trust on which our financial system works."

[selil]

From Wired's blog... "Chertoff's talk shed precious little light on the details of the Bush administration's cyber security plans...Its contents are classified, but the U.S. Director of National Intelligence has said he wants the NSA to monitor America's internet traffic and Google searches for signs of cyber attack."

His comments were like scragly finger nails on a chalkboard. It showed a complete non-understanding of the issues of cyber-warfare. He's using the hyped up term of "cyber-warfare" to suggest more domestic surveillance when the aren't necessarily related. Google searches have nothing to do with availability and integrity attacks against systems.

[Stan]

Sorry Sam, looks like the Army is moving in on USAF territory

The battle for a population's state of mind demands a sophisticated information operations campaign that responds more rapidly than terrorists and insurgent groups to exploit the virtual battlefield. "There was a day when we were operating at foot speed," said Army Col. Wayne Parks, who directs the service's Computer Network Operations and Electronic Warfare at Fort Leavenworth, Kan. "Now we're moving at cyber speed."

Recent surveys conducted by the Center for Army Lessons Learned at Fort Leavenworth on operations in Iraq and Afghanistan found that the service's training and officers' past combat experience left them "ill-prepared" for the "interactive complexity" of information operations.

The service now must find a way to "maneuver around" a potential enemy's information campaign..., the military also hacks into jihadi Web sites to try to stop the spread of enemy propaganda.

[selil]

Sorry Sam, looks like the Army is moving in on USAF territory

I think they are all moving into the space that NSA should be holding down, but that is my pathetic opinion. The Internet contrary to popular belief has always been owned by civilians, operated by civilians, and managed maintained by civilians. None of the services (including DHS) has the longevity of service to really train a cadre when 25 percent turn over at the 4 year mark is a miracle, and 20 years and out is an expectation for life long.

I'm ranting sorry.

[Steve Blair]

I think they are all moving into the space that NSA should be holding down, but that is my pathetic opinion. The Internet contrary to popular belief has always been owned by civilians, operated by civilians, and managed maintained by civilians. None of the services (including DHS) has the longevity of service to really train a cadre when 25 percent turn over at the 4 year mark is a miracle, and 20 years and out is an expectation for life long.

I'm ranting sorry.

Gotta agree with you here, Sam. It worries me that the AF has gone stampeding in (right down to reusing the SAC insignia) with its cybercommand. Their internal networking is just this side of horrific, and it shows signs of getting much worse before it gets better. NSA seems a more logical choice to me, too.

[marct]

"There was a day when we were operating at foot speed," said Army Col. Wayne Parks, who directs the service's Computer Network Operations and Electronic Warfare at Fort Leavenworth, Kan. "Now we're moving at cyber speed."

Excuse me if I snicker here. Steve's comment about the USAF's internal networking capabilities and some of the pithier comments I've heard from Army folks makes me feel just ducky (as in sitting ).

[George Raihala]

I think they are all moving into the space that NSA should be holding down, but that is my pathetic opinion.

This just does not seem like a core competency of an Air Force. What is even more worrying to me is that the USAF is putting electronic warfare under Cyber Command as well. EW in the USAF has been ignored ever since they decided it was part of "information operations" and not simply a part of the overall offensive counter-air campaign. Now we can't even figure out how to field a stand-off jammer, and legacy EW suites languish. I can't believe that this is going to help matters at all.

George