Cyber Challenges in a Hierarchical Culture
-
Upload
joshua-l-davis -
Category
Technology
-
view
790 -
download
2
description
Transcript of Cyber Challenges in a Hierarchical Culture
System Architectures Laboratory
Apr 8, 2023 1
Cyber Challengesin a
Hierarchical Society
Military Open Source SoftwareWorkshop Two
Lt Gen Robert Elder, USAF (Retired)Research Professor
August 3, 2010
System Architectures LaboratoryApr 8, 2023 2
Overview
Cyberspace as a global domain
Military Cyber Operations
Mission Assurance (Resilience)
Civilian Cyber Operations
Cyber Deterrence
Issues and Opportunities
System Architectures Laboratory
ATTRIBUTESAnonymityAlter Egos
Time & DistanceVirtual PresenceInfo Commodity
Smart Agents
Cyberspace Importance
Apr 8, 2023 3
Infrastructure
Political
EconomicMilitary
InformationSocial
System Architectures Laboratory
Cyberspace Domain Elements
Apr 8, 2023 4
Infrastructure
Electrom
agnetic
Environm
entElectronics
PhysicalNetwork
Modify, store,
exchange data
Encapsulation
System
Code
DataLogical (Virtual) Network
Cyberspace is a domain with characteristics comparable to the air, space, and maritime domains.
Produce or use data
Perceptio
ns Knowledge
User Relationships
USER(Social)Network
Share information & knowledgeMake & implement decisions
System Architectures LaboratoryApr 8, 2023 5
Cyberspace Functional Areas
Warfightin
g
& Commerce
Cyber domain importance is increasing
Cyber
Ops
Establish the Domain- Form Cyber Networks- Secure Cyber Networks
Defend the Domain- Passive Defense- Active Defense
Use the Domain- Legacy Augmentation- Cross-domain Operations- Participatory Services
System Architectures Laboratory
Key Cyber Functional Elements
Data CollectionKnowledge Creation(Info Management)
Network OpsNetwork Security
(Communications)
Force EnhancementIntegrated X-domain Ops
Ops SupportMission Assurance
(Operations)
Actions in & through Cyberspace
System Architectures Laboratory
Cyber Organizational Model
Hierarchical Model Cyber Model
Apr 8, 2023 7
Hierarchy Level ---- Power ---- ConnectionsHierarchy Level ---- Value ----- Contribution
System Architectures Laboratory
PMESII in a Hierarchical World
Apr 8, 2023 8
Infrastructure
Political
Economic
Military
Information
Social
Diplomatic
Military
Information
Economic
Non-gov’t
System Architectures Laboratory
PMESII in a Cyber World
Apr 8, 2023 9
Infrastructure
Political
Economic
Military
Information
Social
Diplomatic
Military
Information
Economic
Non-gov’t
Cyber/Social Networks
System Architectures LaboratoryApr 8, 2023 10
National Military Strategyfor Cyberspace Ops (NMS-CO)
Ways: Information Operations Network Operations Kinetic Actions Law Enforcement Counterintelligence
Enablers: Science & Technology Partnering Intelligence Support Law and policy Trained personnel
Joint Capability Areas: Battlespace Awareness
Force Generation
Command and Control
Information Operations
Net-centric Operations
Global Deterrence
Homeland Defense
Interagency Integration
Non-governmental organization coordination
System Architectures Laboratory
Integrate cyber to achieve functional & theater effects: COCOMs
Tactical cyber integration: Service Components
Defend DoD GIG: STRATCOM (CYBERCOM)
Deter cyber weapons of mass effect: STRATCOM
Integrate cyber to achieve global effects: STRATCOM
Homeland Defense: NORTHCOM
Defense Support to Civil Authorities (DSCA): NORTHCOM
Defense Industrial Base Protection (HSPD 7): Services
Clandestine Cyber Ops: Intel Community (IC)
Intelligence collection, processing, and sharing: IC
Cyber Domain Military Missions
Apr 8, 2023 11
System Architectures Laboratory
Military Cyberspace Activities
Network Ops Activities Comm Infrastructure Network Maintenance Network Security Network Defense (CND) Network Attack (CNA) Intel Processes (CNE) Self Defense (User) Defensive Influence Ops Packet Interdiction DSCA (civil authorities) HSPD 7 Support to DIB Ops Support (Log/Admin)
Integrated Cyber Ops Activities Infrastructure Protection EM defense measures Infrastructure Attack Offensive Influence Ops Electronic Attack Network Defense (Active) Kinetic/non-Kinetic integration Global/Theater Integration Force Enhancement (C2) EW Support (Cyber-OPE) Deter/Dissuade Ops Mission Assurance
Apr 8, 2023 12
System Architectures LaboratoryApr 8, 2023 13
Foundation: Network Operations
Global Expeditionary Cyber Ops - Physical Networks- Wireless Networks- Logical Networks
Establish “User” Networks- Data/Voice/VTC- Command & Control
Physical Network Security
Logical Network Security
Fly - Fight - Win
Establish, maintain, and secure the cyber domain
System Architectures LaboratoryApr 8, 2023 14
Degraded Cyberspace
Observe
AirSpaceLandSea
Cognitive “Space”
Sensors DataIntegration
OpsIntegration
Effects(Integrated Actions)
InfluenceOps
Conventional Ops
Intelligence
Application:Integrated Joint Operations
Logistics
Cyber
Orient
DecideAct
Situational Awareness
Linked Air Ops CentersEffects-based Operations
System Architectures LaboratoryApr 8, 2023 15
Cyber Attack
Observe
AirSpaceLandSea
Cognitive “Space”
DisruptSensors
Alter orInterdict Data
ImpairCollaboration
DegradeAction Integration
InfluenceOps
Conventional Ops
Intelligence
Logistics
Cyber
Orient
DecideAct
DenyCmd & Ctrl
System Architectures LaboratoryApr 8, 2023 16
2007 Air Force Cyber Study
Cyber will continue to be a contested environment.
The infrastructure on which the Air Force depends is controlled by both military and commercial entities and is vulnerable to attacks and manipulation.
Operations in the cyber domain have the ability to impact operations in other war-fighting domains.
Air Force must maintain capability to operate when the processing of vital information is challenged.
Nation must defend against data manipulation and denial of service; it’s not just an issue of data theft
System Architectures Laboratory
Operationsin Contested Cyberspace
Apr 8, 2023 17
Human Organization
Mission Layer
App/Session Layer
OS/Network Layer
HW/Systems Layer
Devices & Linkages
DisinformationConfusionC2 DisruptionAlter Behaviors
InaccuraciesInduced FailuresDenial of ServiceData Exfiltration
MalfunctionsPerformance lossLost Comms
ATTACKS TARGETS EFFECTS
Insider Attacks;Social engineering
Data and policyCorruption
Worms, virusesFlooding
Backdoor Implants
Physical Destruction
Code ManipulationMalware
2008 Air Force Cyber Study:
System Architectures LaboratoryApr 8, 2023 18
PhysicalNetworks
PhysicalNetworks
Defend the Cyber Domain
Electronics (& Infrastructure)
Elec
trom
agne
tic S
pect
rum
Digital D
ata
Cyber Use
Force Protection
Elect
roni
c
Prote
ctio
nD
ata/Code
Protection
InfluenceProtection
Physical Attack(includes Directed Energy)
DigitalAttack
ElectromagneticSpectrumAttack
Influence Attack
LogicalNetworks
WirelessNetworks
Cyber Effects:• Denial of Service• Confidential Data Loss • Data Manipulation• System Integrity Loss
Social Networks
System Architectures Laboratory
Major Cyberspace Players
Defense
Law Enforcement
Intelligence Community
Homeland Security
Counterintelligence
Military
Industry Consortiums
Regulatory Agencies
Commercial Providers
Potential Adversaries
Organized Crime
International Terrorists
Domestic Terrorists
Nation-State Intelligence
Nation-State Military
Industrial Intelligence
Cyber “Vandals”
Apr 8, 2023 19
System Architectures Laboratory
Mission Assurance (Resilience)
Apr 8, 2023 20
Infrastructure
Electrom
agnetic
Environm
entElectronics
PhysicalNetwork
Encapsulation
System
Code
DataLogical (Virtual) Network
Perceptio
ns Knowledge
User Relationships
USER(Social)Network
InformationAssurance(NETOPS)
MissionAssurance
(Net-enabled Ops)“Fight Through
the Attack”
Infrastructure ProtectionElectronic Protection
(Physical Security)
System Architectures Laboratory
Resiliency Study—C3 View
UAS Ctrl
AOC
ASOC
FusionCenter
SensorData
SensorData (in)
IntelInfo (out)
IntelInfo
Intel InfoCmd Input
GndStation
Cmd Out(Gnd Cdr)
Control (in)Data (out)
Cmd Out(Air Cdr)
Control (out)Sensor (in)
Sensor(Out)
CoordAOC/ASOC
CoordAOC/ASOC
Coord
AOC-UAS Terrestrial
Sensors
UAS: Unmanned Aerial SystemAOC: Air Operations CenterASOC: Air Support Operations Center
Target
System Architectures Laboratory
Resiliency Study—Ops View
UAS Ctrl ASOC
FusionCenter
GndStation
AOC
SensorData
Sensors
Intel Info
SensorData (in)
IntelInfo (out)
Control (out)Sensor (in)
Sensor(Out)
Coord
Control (in)Data (out)
AOC/ASOCCoord
AOC-UAS Terrestrial
Black dotted lines denote operational connections
UAS: Unmanned Aerial SystemAOC: Air Operations CenterASOC: Air Support Operations Center
Target
System Architectures LaboratoryApr 8, 2023 23
The National Strategy to Secure Cyberspace (DHS lead)
Establish a public-private architecture for national response Provide for the development of tactical and strategic analysis of
cyber attacks and vulnerability assessments Encourage the development of a private sector capability to
share a synoptic view of the health of cyberspace Expand the Cyber Warning and Information Network to support
DHS cyberspace crisis management Improve national incident management Coordinate voluntary participation in national
public-private continuity and contingency plans Exercise cyber security continuity plans for federal systems Improve and enhance public-private information sharing
involving cyber attacks, threats, and vulnerabilities
System Architectures Laboratory
Use Domain: Civilian Cyberspace
Establish Networks -- TELECOMs Maintain Networks (Security) – Information Officers Defend Networks (Business) – Associations? Business Ops Assurance – COO function? Ops through Cyber – Business Enhancement Ops through Cyber – Marketing/Sales Ops through Cyber – Knowledge Management Ops in Cyber – Virtual Travel Ops in Cyber – Virtual Presence Ops in Cyber – Producer/Consumer Dialogue
Apr 8, 2023 24
System Architectures Laboratory
Value Chain in a Hierarchical World
Apr 8, 2023 25
Ou
tbo
un
dL
og
isti
cs
Inb
ou
nd
Lo
gis
tics
Op
erat
ion
s
Mar
keti
ng
& S
ales
Ser
vice
Procurement
Technology
Human Resources
Infrastructure
Marg
in
Primary Activities
Su
pp
ort
Act
ivit
ies
Porter, 1985
System Architectures Laboratory
Value Chain in a Cyber World
OPPORTUNITIES Shopper Dialogue Information
Sharing Synchronized
Production Integrated
Logistics Sustainability Company Cyber
Culture
Apr 8, 2023 26
Consumer isa Partner
Quality isa commodity
OpenNetworkrules
ConsumerBehavior
Prod
uct
Flow
Information
Flow
FutureValueChain
GCI Initiative, 2008
System Architectures Laboratory
United States Cyber Defense
Cyberspace Typology Private/Open Commercial Regulated Commercial Government (.gov) Military (Admin) Military (Ops) First Responders Economic Security Public Safety WMD/E Defense/I&W
Apr 8, 2023 27
Glo
bal
In
form
atio
n G
rid
and
DO
D N
etw
ork
sU
S G
ove
rnm
ent
Cyb
ersp
ace
US
In
tere
sts
in C
yber
spac
e OtherCyberspace
&Associated
CyberInfrastructure
System Architectures Laboratory
Deterrence
Apr 8, 2023 28
Impose Cost
Messaging
ExplainActions
Encourage Restraint
Deny Benefits
ForcePosturing
DemonstrateReadiness
VisibleActivities
DemonstrateCapabilities
(Attack Attribution)
(Mission Assurance)
(Identify Actions & Behaviors to Deter)
Cyber
Cyber Deterrence Operations
System Architectures Laboratory
Cyber Deterrence Building Blocks
Apr 8, 2023 29
Network and User Security
“Lock Doors”
UnderstandCritical Infrastructure
Vulnerabilities
Critical InfrastructureProtection
Internet ConnectionNorms & Protocols
International Regimesfor national cyber activity oversight
Law EnforcementActivities
Military OpsActivities
Non-military Government
Activities (DImE)
Visible, credible deterrence activities
System Architectures LaboratoryApr 8, 2023 30
Issues and Opportunities
Issues Increased cyber dependence
Supply chain vulnerabilities
Infrastructure vulnerabilities
Electronics vulnerabilities
Sensor disruption & spoofing
Increased wireless use
More complex attack vectors
Growth in cyber crime
Encryption vulnerabilities
Opportunities Mission Assurance
Attack Attribution
Voluntary LE Enabling Tools
Smart Network Nodes
Sensory Augmentation
Virtual Office & Social Spaces
Knowledge Mgmt Services
Artificial Intelligence Apps
Interactive Smart Agents
System Architectures LaboratoryApr 8, 2023 31
Support the “Smart User”
User Behavior Analysis (User Recognition) Application Wrapping & Monitoring (Adaptive Filters) Centralized Systems Configuration Management Software Diversity (for critical systems) Database Clustering (Enterprise Service Units) Application Clustering (Area Processing Centers) Application Tampering Detection (Hash registration) User Self-defense Tools (“Cyber Sidearm”) Packet Assurance Checking (“Packet Escort”) Application/System Hardening ("Cyber Body Armor")
System Architectures Laboratory
Challenge: Hierarchical Thinking
Hierarchical Model Cyber Model
Apr 8, 2023 32
Hierarchy Level ---- Power ---- ConnectionsHierarchy Level ---- Value ----- Contribution