USAF Cyber Command (catch all)

[selil]

Slashdot does not reflect the "hacker" culture but they most definitely reflect the YUG's (young uppity geeks). The "I can argue about Play Station, X-Box, and Wii, and PWN you", group is unfortunately where Air Force Cyber Command will likely start pulling recruits.

For the rest of us I'd look at the language of this and think about the "close air support" role end the effectiveness of the Air Force in dealing with other services. Then I would suggest to the higher up in each of the other forces to think about the Air Force determining the linkages of all the command and control (as in their words) they are the leader in cyber-space.

Enjoy the interview some of the questions are quite well thought out. Others show the standard audience of Slashdot (which includes me!!!)

For a view into the heck of geekdom follow the link.

Slashdot interview with Air Force General Link

[selil]

Military commanders should consider reports like this and think back to what does it mean if the enemy has access to all of your deepest military secrets. Consider the tightening of public disclosures of information and the rampant use of states secrets to secure data. Then balance that on the wholesale loss of control of massive amounts of data (or minimal dos it matter?).

Don't fall for the fear mongering that most security analysts would drive change or new initiatives with instead consider how simplistic the attacks are (trojan in an email for example). Almost no security service that does not degrade capability and uniformly degrade information technology services is going to work without people not doing stupid things.

When you think about all of the intersections between information technology services and the command and control infrastructure (technical or not) the issue rapidly becomes not when it will be attacked (peace or war), but how and how much it will be attacked. The same way telegraph wires were cut in WW1 (denial of service), the same way encryption was broken (confidentiality), and the same way that information operations injected errors in the enemy command and control (integrity).

I wonder where you can find people who know how to fight asymmetric attacks against large infrastructures and political organizations?



Original Article Here

On June 22, 2007, Defense Secretary Robert Gates acknowledged that the Pentagon's network had been successfully attacked the previous Wednesday, and that this attack was responsible for a disruption in email service to some 1,500 Pentagon employees. At the time, Gates downplayed the attack, saying that it affected only the OSD's (Office of the Secretary of Defense) non-classified e-mail service and that there was "no anticipated adverse impact on ongoing operations." It seems that the adverse impact of the June attack may have been much greater than Gates' early guidance implied. According to a top DoD technology official quoted at GovernmentExecutive.com, the thieves behind that attack seized an "amazing amount" of data.

New details on the attack itself have become available in the months since it occurred. According to Dennis Clem, CIO of the Pentagon and the OSD, the intrusion was first detected during an IT restructuring that was underway at the time. By the time it was detected, malicious code had been in the system for at least two months, and was propagating via a known Windows exploit. The bug spread itself by e-mailing malicious payloads from one system on the network to another. The messages themselves were spoofed and appeared to be legitimate missives from other employees. Once the recipient opened an infected e-mail, the worm sent that person's password and other login credentials back to home base.

The government isn't saying what, exactly, got stolen. There's no evidence to contradict Secretary Gates' claim that the classified e-mail system remained unaffected, but data that Clem describes as "sensitive" was accessed and encrypted before being transmitted to the hackers' location. As for where that location might be, unconfirmed reports point towards China's People's Liberation Army. China, of course, has vehemently denied any knowledge or responsibility. The Pentagon has stepped up its network protection since the intrusion, and added additional protection in the form of smart cards and digital signatures. Such security measures are the ultimate example of closing the barn door after the horse is gone, but should at least make further intrusions more difficult.

[Boot]

The PLA have a BN sized element (it may be more) dedicated to hacking other countries systems. One area at least in the Corps we seem to pay lots of lip service to but not actual action is cyber security. I can't count how many CO's on various operations "had" to have access to the internet for convience. Their day to day is only done on NIPR. Classified systems are secure because its a closed system, that is it connects to itself. In most cases any intrusion would have to physically come from the system itself, that is the hacker would phyically have to have access to it.
Back to unclass systems. Its attitudes and lack of training that usually allows these intrusions. One of my biggest rubs as a Comm type has always been the way the my fellow non-Comm. types viewed my specialty. In the Marine Corps at TBS its beat in your head that if your not combat arms your nothing. Many officers come up with that sort of mentality, and what I have seen is a perception that you are weak because your not a "meat eater". As far as the Pentagon goes I can't speak for them. Like I sai I'm willing to bet its a lack of enforcement and attitude (those computer guys are a pain in the butt) that probably led to this.
My last word on perceptions and attitudes; I knew a LtCol now Col, who was told by his base CG that he was the one of best officers he ever had, and even presented him with a pretty high medal. When that CG ranked him, he ranked him last. When the officer confronted his boss on this, his boss told him he doesn't have to talk to him, he's just a Commo...and those in manpower and leadership positions wonder why things like this happen and their best leave to go work for GD or NG.

[Stan]

The Capital Interview -
Greg Bruno, Staff Writer, April 1, 2008

...If you could, start out by talking about the Air Force’s Cyber Command structure, the mission of cyber command, and where we are today in terms of its capabilities.

Right now we’re in the nascent phase. We have a hundred and sixty folks who are assigned across about four different bases who are doing this work for me. As a provisional command, I have no forces. I’m not authorized to have any forces. So until this capability goes initial operational capability on the first of October, this really is a virtual command.

Have we been attacked?

Depends on what you call an attack. We certainly have had penetrations and we’ve been attacked by ourselves, if you will. If you define an attack as something that degrades your ability, yes we’ve been attacked. Sometimes we’re attacked by ourselves from our own acts of omission versus commission.

...How good are we? What can we do, what can’t we do, and are we the best out there?

Well, in this business, there are lots of peers because the price of admission is relatively low. With some technologically smart kids you can do a lot of damage. And the difference is this technology only requires you to have a connection and a laptop computer. So as the nature of warfare changes and the price of admission to the fight goes way down, you can have lots more players.

Much more at the link...

[selil]

The Air Force is pushing this hard. I support our new cyber-over-lords but I'm concerned about several implementations and failures at basic understanding of capability and reasonign I see occuring. When I met for a few minutes with Maj. Gen Elders of AF Cyber Command he was pretty impressive on his depth of understanding. Still having talked to the former project officer for related DARPA projects most everybody is worried about nuts and bolts and few know how to build a car.