USAF Cyber Command (catch all)

[AdamG]

WASHINGTON — Computer hackers have begun targeting power plants and other critical operations around the world in bold new efforts to seize control of them, setting off a scramble to shore up aging, vulnerable systems.

Cyber criminals have long tried, at times successfully, to break into vital networks and power systems. But last month, experts for the first time discovered a malicious computer code — called a worm — specifically created to take over systems that control the inner workings of industrial plants.

In response to the growing threat, the Department of Homeland Security has begun building specialized teams that can respond quickly to cyber emergencies at industrial facilities across the country.

http://www.google.com/hostednews/ap/...THizQD9HC86L80

[AdamG]

Now it is official: The most significant breach of U.S. military computers was caused by a flash drive inserted into a U.S. military laptop on a post in the Middle East in 2008.

In an article to be published Wednesday discussing the Pentagon's cyberstrategy, Deputy Defense Secretary William J. Lynn III says malicious code placed on the drive by a foreign intelligence agency uploaded itself onto a network run by the U.S. military's Central Command.

"That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control," he says in the Foreign Affairs article.

http://www.washingtonpost.com/wp-dyn...l?hpid=topnews

[anonamatic]

well for what it's worth... I do some work in this area, and I can tell you that this site overall is very important to what I'm doing. It's a critical resource for me.

These are multi-service problems, with domain specific problems layered on top of them. As such, there's plenty of room to play.

[AdamG]

Pentagon says global cyber war is just beginning

Washington, Oct. 6: The Pentagon and its NATO allies are looking at how to improve their defenses against a cyber war, but the basic question of how to define a cyber attack is complicating efforts. The Pentagon says it is rapidly preparing for cyber war in the face of alarming and growing threats. Senior defense officials said that the looming threat of sophisticated attacks has prompted them to take the striking step of investigating the feasibility of expanding NATO's collective defense tenet to include cyberspace. They, however, note that the military is struggling with some basics of warfare - including how to define exactly what, for starters, constitutes an attack, and what level of cyber attack warrants a cyber-reprisal.

*

Equally tricky, defense officials say, is how to pinpoint who is doing the attacking. And this raises further complications that go to the heart of the Pentagon's mission.

"If you don't know who to attribute an attack to, you can't retaliate against that attack," noted Lynn in a recent discussion at the Council on Foreign Relations. (ANI)

http://in.news.yahoo.com/139/2010100...r-is-ju_1.html

And SKYNET giggles.

[davidbfpo]

That once reluctant institution GCHQ, the UK's Sigint plus agency, has in recent years carefully spoken at private meetings and now for the first time the current Director has spoken in public, at IISS in London. On a quick skim nothing startling, although others may read more productively.

Link:http://www.iiss.org/recent-key-addre...obban-address/

The conclusion:

In conclusion I’d like to leave you with some key themes that come out of what I’ve just said.

Cyber is a real, live issue, bringing both threat and opportunity;
It’s not a narrow security issue for the spooks — but a wide economic issue that demands a holistic response.
Perhaps 80% of what we need to do is stuff we already know how to do — getting the basics of Information Assurance right will of itself raise the bar for malicious activity.
But ‘patch and pray’ will not be enough. At the national level, getting the rest of Cyber - the more difficult 20% - right will involve new technology, new partnerships, and investment in the right people.

Crucial elements within that will be:
a different approach to Government-industry partnership,
and work by academia to broaden our research base and establish the mechanisms that will develop a large body of genuine expertise in the UK.
But if we can get it right, then we have a real chance to keep our economy and our citizens secure. And, more than that, we can develop a world-class approach which potentially gives us a relative advantage — in security, military, and commercial spheres.

[AdamG]

Media's treatment of same -

LONDON – Countries are already using cyber warfare techniques to attack each other and need to be vigilant round the clock to protect computer systems, the head of Britain's communications spy agency says. Iain Lobban, the director of the Government Communications Headquarters (GCHQ), said British government systems are targeted 1,000 times each month. "Cyberspace is contested every day, every hour, every minute, every second," he said late Tuesday in a rare speech. His remarks, to a London audience, were published Wednesday. The internet lowered "the bar for entry to the espionage game," he said. Its expansion increased the risk of disruption to infrastructure such as power stations and financial services.

http://news.yahoo.com/s/nm/us_britai...liZXJ3YXJmYXJl

So, red pill or blue?

[AdamG]

Code-cracking agency expects it is compromised
That's the basis on which National Security Agency operates daily, official says
http://www.msnbc.msn.com/id/40707699...ence-security/

[selil]

The National Security Agency (NSA) is conducting a counterintelligence probe at its Fort Meade, Md., headquarters in a top-secret hunt for a Russian agent, according to a former intelligence official close to the agency.


This is really interesting to me. How do you trace a traitor?

[AdamG]

The National Security Agency (NSA) is conducting a counterintelligence probe at its Fort Meade, Md., headquarters in a top-secret hunt for a Russian agent, according to a former intelligence official close to the agency.


This is really interesting to me. How do you trace a traitor?

http://www.youtube.com/watch?v=QZ40WlshNwU

[AdamG]

As NPR's Tom Gjelten explained to ATC guest host Audie Cornish, cyberwar moved way up many people's lists of important foreign policy issues this year when the director of National Intelligence for the first time "identified the danger of cyber attacks on the United States as the single, the number one greatest security threat facing the country."

There was a U.S. Cyber Command created to address that threat. What's atop its agenda in 2011, Audie asked?

http://www.npr.org/blogs/thetwo-way/...private-sector

[AdamG]

A succession of multiple cyber-attacks could "become a full-scale global shock" on a par with a pandemic and the collapse of the world financial system, the report by the Organisation for Economic Co-operation and Development (OECD) said.

Contingency plans to recover systems should be put in place and cybersecurity policies should "encompass the needs of all citizens and not just central government facilities", the report said.

"What should concern policy-makers are combinations of events – two different cyber-events occurring at the same time, or a cyber-event taking place during some other form of disaster or attack," the report said.

"In that eventuality, 'perfect storm' conditions could exist."

http://www.telegraph.co.uk/technolog...tastrophe.html

[davidbfpo]

Hat tip to Carl Schneier:

A new report from the OECD says the threat of cyberwar has been grossly exaggerated.

Link to report:http://www.oecd.org/dataoecd/57/44/46889922.pdf

Also worth reading is this article on cyberwar hype and how it isn't serving our national interests, with some good policy guidelines:http://www.informit.com/articles/article.aspx?p=1662328

Not an area I have any expertise and little knowledge, there plenty here though!

[Allen Ford]

From the Wall Street Journal...
Is this what we need? Or are we just redrawing the organizational chart / rearranging chairs? On matters that I don't know much about... In Gates I Trust.

Thoughts on whether this new command will likely impact our preparedness and, if so, for the better?

-------------------------------------------------------------------------------------
We don't need another COCOM....we need another Service focused upon this domain versus it being a sideshow for the other 4 services.

[Cliff]

We don't need another COCOM....we need another Service focused upon this domain versus it being a sideshow for the other 4 services.

Allen-

I think this will proceed much like the USAF began as the US Army Air Corps- initially start as a "Cyber corps" of the USAF or of CYBERCOMM, then eventually split itself off when the doctrine is more mature.

V/R,

Cliff

[Allen Ford]

Allen-

I think this will proceed much like the USAF began as the US Army Air Corps- initially start as a "Cyber corps" of the USAF or of CYBERCOMM, then eventually split itself off when the doctrine is more mature.

V/R,

Cliff

------------------------------------------------------------------------------

Cliff I agree -- that said, will it take a "Billy Mitchell" figure or a Stuxnet type attack on our critical infrastructure to force such a change?

I see the Cyber Corps as a very different military --- one where "basing" is co-located within high-tech corridors/research parks, reduced PT-Grooming-Uniform standards, and possessing a significant telecommuting capability. In other words, an "extreme" functional service focused upon service to our nation, technical proficiency and adhering to core values required to maintain a security clearance. I also see a significant IG or Internal Affairs type capability given the sensitivies of their operations.

Maybe the Cyber Corps belongs in DHS? Their lone expeditionary forcible entry capability......

[Brett Patron]

-------------------------------------------------------------------------------------
We don't need another COCOM....we need another Service focused upon this domain versus it being a sideshow for the other 4 services.

If Cyberspace (for warfighting purposes) is actually a DOMAIN, then, yes, you need a Service. I don't think it is. I don't believe a new Combatant Command is needed either.

I think a "Cyber Corps" is an idea that has much more merit. Or, an existing COCOM (e.g. STRATCOM), properly empowered with some Title 10 Man, Train, Equip authorities, can probably fill the bill.

What is really needed first is cogent DOD wide doctrine, from which either the Services (CyberCorps) or a Combatant Command can organize, train, and execute. Without universal terms of reference, we don't know which organizing option is appropriate.

[selil]

I see the Cyber Corps as a very different military --- one where "basing" is co-located within high-tech corridors/research parks, reduced PT-Grooming-Uniform standards, and possessing a significant telecommuting capability.



Maybe the Cyber Corps belongs in DHS? Their lone expeditionary forcible entry capability......

I strongly disagree with much of this. First the grooming, PT standards stuff is completely off the mark. You're buying into a stereotype that if it ever was true likely isn't even close today. The former Sun Microsystems (now Oracle) in Boulder Colorado had more bike to work, runners, rock climbers, extreme athletes than you could imagine. They were also the high performers. Google in silicon valley is the same.

The pasty white albino Mt. Dew addict obviously is unhinged and likely bi-polar. They need not apply.

This stereotype is nearly as bad as the "I need me some young people to do this here cyber stuff" I hear general officers say. Why you want a crippled mental midget with poor math skills, fewer thinking strategies, and somebody who thinks they are a war veteran because they've payed Splinter Cell? I'd rather have a 40 something that knows where gasoline comes from, can change their spark plugs, has two or three kids, and a desire to learn. They at least have a clue and will inherently understand the soft underbelly of security systems.

I'm more concerned about net-centricity, signals, holistic security, distributed organizations, and the totality of the problem. We've done KSA assessments we know what is needed. We have training and education programs to reach that. I'm hear to tell you though a bunch of this stuff is bunkum. We protect against ancient threats that have long been disabled for battles we can't imagine with tools that are limited with processes that cripple us. The best denial of service on workers are the scripts that are run by the system administrators in your own organizations.

meh

[selil]

What is really needed first is cogent DOD wide doctrine, from which either the Services (CyberCorps) or a Combatant Command can organize, train, and execute. Without universal terms of reference, we don't know which organizing option is appropriate.

What you need is FM1 for cyber. Those of us who have attempted that feat are still wondering what in the world government is trying to do. I can walk you through the basics but everybody is still stuck with "cyber is different" rather than conflict is similar what are the similarities. How is naval, land, and air warfare the same? When we added space as a domain we didn't have a Marine Corps mission in space so it was different, but there were still similarities. Instead of trying to define how cyber is different how is it similar? We're asking a lot of the wrong questions and worried about the "computer" instead of the warrior. The model is all mixed up and people are chasing their tales like rabid dogs. Look here ->relax<- this is all you need to do to get it done. But, that would break a lot of vendor rice bowls and we can't have that.

If Cyber is a domain we can use standard doctrine to fill in the holes. I did that with FM-3-24 it should be possible with FM1. I've been looking at fleet tactics, but I don't have the experience to understand some of the discussion to find the patterns of conflict necessary.

[Cliff]

Cliff I agree -- that said, will it take a "Billy Mitchell" figure or a Stuxnet type attack on our critical infrastructure to force such a change?

I see the Cyber Corps as a very different military --- one where "basing" is co-located within high-tech corridors/research parks, reduced PT-Grooming-Uniform standards, and possessing a significant telecommuting capability. In other words, an "extreme" functional service focused upon service to our nation, technical proficiency and adhering to core values required to maintain a security clearance. I also see a significant IG or Internal Affairs type capability given the sensitivies of their operations.

Maybe the Cyber Corps belongs in DHS? Their lone expeditionary forcible entry capability......

Allen-

In short, yes, it probably would take some kind of catastrophic event to get real change in the cyber world. I don't think DHS is the right place - maybe for a domestic cyber agency but for the warfighting cyber functions they need to be in the DoD.


Brett-

The USAF already has doctrine - see AFDD 3-12 for USAF's cyber doctrine. Cyber is a domain according to the USAF doctrine, hence why I think there may end up being a "Cyber corps" - we'll have to see. The alternative is that it remains a core competency of the USAF - much as space has. We can debate the differences based on the different characteristics of the domains ad naseum, but I think for now we won't see a cyber service.

I agree with Selil, there shouldn't be different standards for cyber-warriors than in any other fight - after all, they're still warriors. Additionally, kinetic attacks are still a part of the toolbag in affecting the cyber realm- as in if someone seizes your computer facility, destroys your electrical system, or sets off an EMP device you lose your access to the cyber domain.

I personally think that one of the big problems with cyber is that it has been fenced off due to classification, leading to a similar situation to many of the ISR platforms during the Cold War- if you're always behind the green door, it's hard to work with the other warfighters in the joint fight.

Again, the USAF is trying to fix this by merging the comm (essentially the IT functions of cyber) and cyber career fields into cyber. It will be interesting to see what happens...

V/R,

Cliff

PS - Cyberspace does have a joint definition too.

[Allen Ford]

I strongly disagree with much of this. First the grooming, PT standards stuff is completely off the mark. You're buying into a stereotype that if it ever was true likely isn't even close today. The former Sun Microsystems (now Oracle) in Boulder Colorado had more bike to work, runners, rock climbers, extreme athletes than you could imagine. They were also the high performers. Google in silicon valley is the same.

The pasty white albino Mt. Dew addict obviously is unhinged and likely bi-polar. They need not apply.

This stereotype is nearly as bad as the "I need me some young people to do this here cyber stuff" I hear general officers say. Why you want a crippled mental midget with poor math skills, fewer thinking strategies, and somebody who thinks they are a war veteran because they've payed Splinter Cell? I'd rather have a 40 something that knows where gasoline comes from, can change their spark plugs, has two or three kids, and a desire to learn. They at least have a clue and will inherently understand the soft underbelly of security systems.

I'm more concerned about net-centricity, signals, holistic security, distributed organizations, and the totality of the problem. We've done KSA assessments we know what is needed. We have training and education programs to reach that. I'm hear to tell you though a bunch of this stuff is bunkum. We protect against ancient threats that have long been disabled for battles we can't imagine with tools that are limited with processes that cripple us. The best denial of service on workers are the scripts that are run by the system administrators in your own organizations.

meh

-------------------------------------------------------------------------------

- Understand and appreciate your concerns.

- Relaxed PT/Grooming Standards etc. The intent was to "cast a wider net" versus exclude the overwhelming number of Americans deemed unfit for either enlistment or commissioning. Furthermore, I totally agree that most folks in this field appreciate physical fitness and having a life --- this explains why "high tech corridors" are often found in Northern California, Pacific Northwest, Boulder, hip districts in NYC close to Central Park, and other "Outside" Magazine Top XX Places to Live etc. These areas may prove more attractive than 29 Palms CA, Barksdale LA, DC Metro Area etc. for those inclined with such skills.

- I'm not with you with respect to "mental midgets" -- many of these potential recruits may not understand Clausewitz or Mahan, but they definitely "get it" with respect to Jullan Assange and his global impact.