Recently, I prepared a presentation that presented concepts and technology needed in a Cyber Warfare Infrastructure (CWI). While researching and developing the content it became clear this was what Defense Tech had been addressing for some time. The numerous comments and suggestions that readers of this blog have provided via comment postings and emails over the last fifteen months provided additional insight that was reflected in the document. In addition, the recent poll about who should head-up America's cyber security was incorporated in an updated version of the document. Since the bog contributed I thought it would be appropriate to at least provide a summary posting. The following is a high level summary (with sensitive information removed) of that whitepaper:
The United States reliance on computers and networks significantly increases the risks associated with cyber based attacks. This makes the role the Department of Homeland Security has in defending our information assets and infrastructure critical; however, they are just one of more than two dozen key stakeholders for the CWI. The cyber warfare infrastructure must create a Command, Control, Communications, Intelligence, Surveillance and Reconnaissance (C4ISR) and Information Operation Support infrastructure. This would be the first-of-its-kind cyber system that would require integrated collaboration with other C4ISR systems supporting traditional warfare.
Numerous technologies must come together to deliver the offensive/defensive as well as the intelligence/counter-intelligence capabilities. Also required are significant advances in three specific areas of technology. A high level definition of the three core technologies required to create a highly effective cyber warfare infrastructure is provided below:
- Intelligence Fusion and Collaboration (IFC) Technology -- IFC uses techniques that combine intelligence from multiple sources in order to achieve inferences, which will be more efficient and potentially more accurate than if decisions were based on a single source. Integrated into the intelligence repository is geospatial (GIS) information about the cyber aggressions discovered and analyzed.
- Adaptive Cyber Countermeasure (AC2M) Technology -- A countermeasure is a military system specifically designed to prevent cyber weapons from disrupting or destroying a target computer system. The CWI has the capability to counter attack an incoming threat thereby destroying/altering its ability in such a way that the intended effect on the target is majorly impeded.
- Cyber Surveillance and Target Acquisition (CSTA) Technology -- Clearly when one government agency reported that the frequency of successful cyber attacks (that were uncovered after the fact) were up nearly 40% in 2008 there is a clear need for advances in this area. New techniques and methods were identified that provides an exponential gain in the ability to detect systems compromise and assist in determining who was behind the attack. Both of these capabilities have been the greatest challenge in designing and delivering advanced systems to the Defense and Intelligence communities.
The integrated cyber weapons system inherent in the CWI stands to alter the "defense focused" initiatives currently used to guard against cyber aggression. With multiple offensive and intelligence capabilities, the United States would be well positions to defend against and respond to the millions of cyber attacks we see annually. A distributed cyber warfare infrastructure will create the ability to allocate specific cyber mission components across the various branches of the Department of Defense (DoD -Army, Navy, Air Force and Marines) as well as the Office of the Director of National Intelligence (ODNI) and the entire U.S. intelligence community.
A data warehouse and dashboard would focus on affecting the perceptions and behaviors of military and government leaders as well as decisions around responding to acts of cyber aggression. The insight and capabilities provided by the cyber warfare infrastructure will surely influence operations, employ new capabilities to affect behaviors, protect our forces and the nation, and rapidly communicate acts of cyber aggression to commanders with the intent to project accurate quantities information to achieve desired effects across the cyber space domain. Only after this infrastructure is in place will the United States be mission ready to defend against cyber aggressions.
While some may say developing this CWI could be seen as an aggressive action, it is important to remember that since 2004 we have been in a cyber arms race and we should the lessons learned from the last arms race (Cold War).