Hack Attack

Posted on November 1, 2008 by David Tashji

Greetings Professor Falken . . .

New Cyber Warriors Pursue Electromagnetic
Spectrum Dominance

According to Deputy Defense Secretary Gordon England and a growing number of government officials, “Cyber warfare is already here.” Pentagon officials and military commands have expressed significant concerns regarding cyberspace vulnerabilities declaring “It’s one of our major challenges.” The Pentagons’ top intelligence official recently told a Senate committee that cyber threats are contributing to the “unusually complex” security environment that must be monitored and protected.

The highly advanced information infrastructure including telecommunications and computer networks and systems (and most importantly the data that reside on these systems) is critical to virtually every aspect of military and civil affairs in modern countries. The exceedingly developed nature of these systems is precisely what makes them attractive targets to adversaries.

In our brief analysis, we will explore the arrival of cyber warfare within the arsenal of modern conflict and the interdependency of the physical and virtual worlds that define the modern battle space.

Lead Photo Caption: While accessing the NORAD Missile Defense W.O.P.R network at Cheyenne Mountain with a backdoor password (Joshua) based on the name of the son of the lead engineer (Steven Falken) may work for David Lightman (played by Mathew Broderick in the 1983 Hollywood classic – War Games); in the real world, DODD 5000.02 Acquisition T&E activities including the Milestone B Test Evaluation Master Plan (TEMP) would reveal any breach of program baseline at the EOA, OA, IOT&E, & FOT&E for any ACAT IA or ACAT I acquisition program well before any LRIP deployment.

See First, Understand First, Act First

Today the conventional, low intensity conflict, and counter insurgency (COIN) war fighter is provided with a growing number of data collection and information fusion assets. These are employed within the broad concept of ISTAR (Intelligence, Surveillance, Target Acquisition, and Reconnaissance). ISTAR is a practice that links several battlefield functions together to assist a combat force in employing its sensors and managing the information they gather. Within this framework is the United States Air Force airborne battle management and command and control (C2) platform primarily enabled by the E-8 Joint Surveillance Target Attack Radar System aircraft (Joint STARS).

Joint STARS provides dedicated support to ground and air theater commanders by conducting ground surveillance to develop situational awareness and to support targeting & attack operations. Data collected by JSTARS is transmitted to the Common Ground Station (CGS) where it undergoes further analysis, validation, fusion and conversion into an intelligence product. That intelligence or targeting product is then disseminated to joint command units using Multifunctional Information Distribution System (MIDS) standard Tactical Data Link (TDL) transmission formats such as Link 16, the new TDL NATO standard in ground, airborne, and sea-based air defense platforms and select fighter and multi-role aircraft.

Copyright 2008 Tashji And Associates. All Rights Reserved. No Unauthorized Reproduction without Prior Written Permission.

The modern conventional, low intensity and COIN battle space now includes a wide array of rapidly emerging unmanned aircraft systems (UAS or UAV or UCAV) designed primarily for unit (squad, platoon, company), area of operations (battalion, brigade, division), and theatre level (corps, army, army group) reconnaissance that provides invaluable battlefield intelligence. Recently, these unmanned systems have also been employed for high-risk combat missions requiring attack capability. These systems (air vehicle, ground controller and data processing and transmission equipment) are organized into capability tiers by service requirements as in the example in figure one.

FIGURE ONE: United States Air Force Unmanned Air System Tiers (service example)

These unmanned intelligence collection and dissemination systems are increasingly moving towards a net-centric information sharing capability with their larger, legacy platform cousins such as E-8C Joint STARS, E-3 AWACS, E-2 Hawkeye, and the U2 Dragon Lady (examples) as part of the broader Joint Stars airborne battle management and command and control (C2) platform. This capability is being developed through modifications in the Link 16 TDL standard, providing support for Internet protocol
(IP) addresses assigned to individual assets and the non-line-of-site transmission of data over a secure battle space network.

Vulnerabilities within the Construct

As the U.S military pursues their ambitions to securely network the modern battlefield, they are simultaneously reaching out to government, academia and industry for help in developing capabilities for protecting the nation’s cyber infrastructure.

The DoD Cyber-fusion-center is depicted in this controversial public-relations image According to Colonel Wayne A. Parks, Electronic Warfare Proponent Director of Computer Network Operations and Training at the Combined Arms Center, Fort Leavenworth, KS, “Our understanding of the science of cyber-electronics is relatively immature at this point.” The military is working with interagency partners to officially define its way ahead with regard to defending areas of the financial, travel and related industries that operate across nation-state and cyber-state boundaries. The same collaborative approach applies to fielding technologies to support the war fighter, wherein the military has developed the mind set to work in concert within a joint services collaboration concept.

“A global military trend of concern is … the sophisticated ability of select nations and non-state groups to exploit and perhaps target for attack our computer networks,” Army Lt. Gen. Michael D. Maples, director of the Defense Intelligence Agency, told the Senate Armed Services Committee.

China, Russia and possibly other nation-states have been assessed as being capable of collecting or exploiting data held on U.S. information systems. “The threat that also concerns us a great deal, and maybe even more so, is if someone has the ability to enter information in systems, they can destroy data,” he added. “And the destroyed data could be something like money supply, electric power distribution, transportation sequencing and that sort of thing.”

As modern societies become ever more dependent on cyberspace as an interoperable component of their physical infrastructure, both nation states and non-state actors continue to seek methods to counter the advantages created from the use of information and to turn those same advantages against their adversaries in both conventional and unconventional ways.

A New Era in Warfare

GEORGIA BOUND: A U.S. Air Force C-17 Globemaster III transports Georgian soldiers from Iraq to Georgia, Aug. 12, 2008. The C-17 Globemaster III is assigned to the 14th Airlift Squadron, Charleston Air Force Base, S.C. U.S. Air Force photo by Staff Sgt. Aaron Allmon II (released) As Russian tanks rolled over the borders of South Ossetia in August, coordinated cyber attacks hit Georgian government virtual infrastructure including government web sites. As hostilities between the two adversaries escalated on the ground, virtual assets were subjected to persistent denial of service (DDOS) cyber attacks. The afflicted sites included the central government website, the home pages of the Ministry of foreign affairs and the Ministry of Defense, and the official website of Mikheil Saakasvili, the President of Georgia.

Military analysts have proclaimed the coordinated assault as the dawn of a new age in warfare where conventional attacks were supported by cyber attacks of the opposition forces.

In another example, the tiny nation of Estonia (a NATO member) was simultaneously victimized by a series of data-flooding attacks from 26 April to 18 May 2007 that brought down the web sites of several media organizations and forced Estonia’s largest bank to shut down its online banking network.

An analysis of the episode revealed widespread use of botnets – a network of thousands of infected computers that flood Internet traffic to a cyberspace target in order to incapacitate, take it off-line, or mask a more sophisticated covert virus attack.

Estonian Minister of Defense Jaak Aaviksoo (left) expresses his views on the threat of cyber terrorism during his discussions with Secretary of Defense Robert M. Gates in the Pentagon on Nov. 28, 2007. DoD photo by R. D. Ward (Released) “Estonia happens to be very advanced, in terms of networks in their country,” remarked Gordon England. “So her strength was turned into vulnerability.” The attacks have been attributed to a dispute concerning the relocation of a World War II Memorial in the city of Tallinn.

Military planners at the Pentagon have also examined the impact of a massive and coordinated Chinese Cyber attack on Civil and Military Cyber Infrastructure. The effects have been described as “having an effect equal to the magnitude of a weapon of mass destruction” according to a statement by General James Cartwright, Vice Chairman of the US Joint Chiefs of Staff.

These remarks came on the heels of an annual DoD report to Congress that asserted China’s military had engaged in numerous intrusions of cyber assets around the world, inclusive of the US Government. The report elaborated how the People’s Liberation Army (PLA) was heavily investing in computer network operations (CNO) including network attack and exploitation as the foundation of new war fighting doctrine aimed at obtaining “electromagnetic dominance” in the early stages of armed conflict.

According to the DoD report “The PLA has established information warfare units to develop viruses to attack enemy computer systems and networks. As early as 2005 the PLA began to incorporate offensive CNO into military exercises, primarily in first strikes against enemy networks”.

The report elaborated how the People’s Liberation Army (PLA) was heavily investing in computer network operations (CNO) including network attack and exploitation as the foundation of new war fighting doctrine aimed at obtaining “electromagnetic dominance” in the early stages of armed conflict.

In addition to the military threat, China has emerged as the largest global security menace to commercial cyberspace with a young and highly skilled labor force. According to a former US military intelligence analyst, there are about 280,000 to 300,000 individual hackers in China belonging to about 250 cyber crime organizations.

Tantamount to a worldwide wake-up call, these examples are indicative of a broader trend requiring the reshaping of force structure and doctrine to enable an effective defense.

Answers from the GWOT?

As the military faces down new counter insurgency challenges in Iraq and Afghanistan, progress is being made with electronic warfare that has improved operations and reduced injury and deaths in theater. This is especially so in the need to defeat roadside bombs (IED), and has spurred the Army to speed development of near-term solutions. Simultaneous research and development has continued on mid to long-term electronic warfare capabilities with the goal of keeping pace on both the tactical and strategic levels.

Given the nearly limitless scope of the virtual world, this is a huge challenge. Cyber-electronics could include or have distinct relationships between things that we call network operations, network warfare, computer network operations, space superiority, electronic warfare and electromagnetic spectrum operations. Each represents a different slice of the cyber-electronic continuum within which different capabilities must exist.

Quick reaction antenna gets a wave guide detector adjistment 

Quick Reaction Antenna Adjustment
US Air Force Staff Sergeant Jaroslaw Kostecki adjusts the wave guide detector for a OE-361 quick reaction antenna. SSGT Kostecki is the assistant Noncommissioned Officer of Satellite Communications for the 31st Air Expeditionary Force Package, 31st Communication Squadron, Aviano Air Base, Italy. The 31st AEFCP is deployed to Sidi Slimane Air Base, Morocco, to provide Siprnet, DSN, Internet and Intrasite communications capabilities from air to ground to land mobile radio during Exercise AFRICAN EAGLE. African Eagle is a bi-annual exercise designed to practice dissimilar air to air training with the Royal Moroccan Air Force.

At the strategic level, the military’s main responsibilities are maintaining its internal capabilities and networks, to be able to rapidly deploy around the world and defending the United States’ borders, air space, sea lanes and land mass.

However, Cyberspace has no distinct, physical borders. There is no nation-state border where we’re communicating now (within an Internet dialogue). There are nation-state sponsors, and we have to look at it in terms of nation-state sponsors, as well as those who are not nation-state sponsors — you might call them cyber-state sponsors — who are really developing on their own out there.


Cyber Agencies Stand Up

Overall accountability of the cyber-defense of the United States resides with the Department of Homeland Security working in collaboration with other cyber defense elements of the government. This includes a variety of Department of Defense commands that encompass information assurance within their core mission.

While AFCYBER (currently a provisional unit embedded with the 8th Air Force at Barksdale AFB Louisiana) has emerged as the predominant cyber defense service, Joint Chiefs of Staff Admiral Mike Mullen has expressed a desire to see a greater level of jointness across the service command structure, in spite of the 2006 National Military Strategy for Cyberspace Operations initiatives undertaken by the Air Force.

Cyber Command officials define unit's scope

Cyber Command officials define unit’s scope
Lt. Col. Tim Sands (from left), Capt. Jon Smith and Lt. Col. John Arnold monitor a simulated test in the Central Control Facility at Eglin Air Force Base, Fla. They use the Central Control Facility to oversee electronic warfare mission data flight testing. Portions of their missions may expand under the new Air Force Cyber Command. Colonel Sands is the 53th Electronic Warfare Group AFCYBER Transition Team Chief, Captain Smith is the 36th Electronic Warfare Squadron Suppression of Enemy Air Defenses test director, and Colonel Arnold is the 36th Electronic Warfare Squadron commander. (U.S. Air Force photo/Capt. Carrie Kessler – RELEASED)

These agencies are engaged in a two-fold effort; devising protections for cyberspace assets that enable mission assurance and war fighting capabilities while simultaneously developing cyber attack attribution capabilities to support a deterrence posture against any cyber aggressor.


The Cyber-Electronic Future

At the recent Air Force Cyberspace Symposium, Marine Corps Gen. James E. Cartwright asserted that “the services need to experiment in cyber warfare to figure out how to use technology effectively on the battlefield. One of the other challenges is building a force of cyber warriors. The military has to figure out the appropriate skills, schools and rank structure to build a force capable of both the “defend and operate skills” and the “exploit and attack skills.” The general said that cyber organizations must be integrated into an air operations center, just like a bomber or fighter unit, even though it’s inherently different because, unlike an air or ground war, “we invented this battle space.”

As the Internet increases its presence as a component of an integrated construct for how the military addresses the proliferation of challenges it faces, cyberspace has become the latest technological frontier for state sponsored acts of war.

About the Author
I am an accomplished advanced and disruptive technology analyst. I help organizations manage their overall marketing strategy and efforts including market analysis, identification of business opportunities and risks, strategic alliances and partnering, systems engineering and customer requirements, business development programs and marketing, advertising and communications initiatives & plans.

For office hours and contact information, please use this sites contact form.

Technorati Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
This entry was posted in Military Strategy. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s