There WIll Be Cyberwar
-
Upload
richard-stiennon -
Category
Devices & Hardware
-
view
543 -
download
2
Transcript of There WIll Be Cyberwar
![Page 1: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/1.jpg)
There Will Be Cyberwar
Richard StiennonChief Research AnalystIT-Harvest
twitter.com/cyberwar
![Page 2: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/2.jpg)
twitter.com/cyberwar
http://www.amazon.com/There-Will-Be-Cyberwar-Network-Centric/dp/0985460784
![Page 3: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/3.jpg)
The Revolution in Military Affairs
• Roman centuries • Long bow and battle of Crecy• Napoleon’s staff command• Machine guns• Mechanized armor, blitzkrieg
![Page 4: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/4.jpg)
The Modern RMA
• Operation Desert Storm leads to:
• Russian assessment of precision weapons ISR, C&C as force multiplier, which leads to
• Andrew Marshall
![Page 5: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/5.jpg)
IT-Harvest Confidential
Andrew Marshall: Enigmatic Strategist
Andrew W. Marshall (born September 13, 1921) just retired director of the United States Department of Defense's Office of Net Assessment.
![Page 6: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/6.jpg)
1996 Taiwan Straits Crisis "Admiral Clemens was able to use e-mail, a very graphic-
rich environment, and video teleconferencing to achieve the effect he wanted", which was to deploy the carrier battle groups in a matter of hours instead of days.” -Arthur Cebrowski
USS Nimitz and USS Independence deployto Taiwan.
![Page 7: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/7.jpg)
Admiral Archie Clemins
Father of Network Centric Warfare
![Page 8: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/8.jpg)
Clemins’ Apple Powerbook 160
9.8 inch greyscale LCD Display
Up to 14 MB RAM (smaller than this slide deck)
40MB SCSI Hard Disk Drive
8 pounds
![Page 9: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/9.jpg)
USS Blue Ridge command ship of the US Navy 7th Fleet
![Page 10: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/10.jpg)
A Lasting LegacySame Inmarsat satellite constellation still in use
N21 initiative launched
Pentagon Office of Force Transformation led by Arthur Cebrowski
![Page 11: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/11.jpg)
Arthur Cebrowski: Evangelist
“Network Centric Warfare should be the cornerstone of transformation. If you are not interoperable you are not on the net.You are not benefiting from the information age”.
![Page 12: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/12.jpg)
The NCW Dream
Total Situational Awareness eliminates “the fog of war”
Red Team - Blue Team identification
Central Command and Control. Distributed battle command.(The Global Information Grid, or GIG)
Networked Intelligence, Surveillance Reconnaissance (ISR) -a sensor grid
![Page 13: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/13.jpg)
IT-Harvest Confidential
Network Centric Warfare
Everything connected (like the Internet)
Satellite-Planes-Drones-Ground-Sea based sensor grid
Instant communication over a Global Grid
![Page 14: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/14.jpg)
Deja vu all over again
We’ve seen this story payed out before in the enterprise.
First, network everything. Take advantage of connectivity and ubiquity to re-invent commerce, social interactions, and communications.
Second: succumb to attacks from hackers, cyber criminals, hacktivists, and nation states.
Finally: Layer in security
![Page 15: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/15.jpg)
How the Military Failed in Security
April 1, 2001 a Navy EP-3E was forced down and captured by China. Top secret OS compromised
In 2008 China blatantly flooded communication channels known to be monitored by the NSA with decrypted US intercepts, kicking off a major re-deployment. SEVEN years too late.
![Page 16: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/16.jpg)
How the Military Failed in SecurityFirst, the Pentagon email
servers p0wned 2007
Then terabytes of data exfiltrated to China from the Defense Industrial Base. The target? Joint Strike Fighter design data.
![Page 17: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/17.jpg)
Military IT Security Failures
The Wake Up Call
BUCKSHOT YANKEE
Agent.btz introduced via thumb drive in a forward operations command (Afghanistan?)
EVERY Windows machine re-imaged in the entire military (3 million +) at a cost of $1 Billion.
![Page 18: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/18.jpg)
Drone madness 1
![Page 19: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/19.jpg)
Drone madness 2
![Page 20: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/20.jpg)
Drone madness 3
![Page 21: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/21.jpg)
IT-Harvest Confidential
SATCOM Vulns
• “We uncovered what would appear to be multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms.” -IOActive
![Page 22: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/22.jpg)
Software Assurance maturity came after most new weapons platforms were sourced.
One Air Force study of 3 million lines of code revealed:
One software vulnerability per 8 lines of code
One high vulnerability per 31 lines of code
One critical vulnerability for 70 lines of code
![Page 23: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/23.jpg)
The F-35 Joint Strike Fighter
“JSF software development is one of the largest and most complex projects in DOD history.”
-Michael J. Sullivan, Director Acquisition and Sourcing Management for the DoD:
![Page 24: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/24.jpg)
The F-35 Joint Strike Fighter
• Nine million lines of onboard code could mean 128,000 critical vulns
• 15 million lines of logistics code could mean another 214,000 critical vulns
• What could possibly go wrong?
![Page 25: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/25.jpg)
Taiwan Straits Crisis. 2018?
GPS hacks deflect jets away from tankers
Mission tasking subverted
Communications intercepts mislead commander
Radar jamming masks enemy movement
Result? Military defeat
![Page 26: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/26.jpg)
A Working Definition of Cyberwar
The use of network and computer attack to support the operations of a military force.
![Page 27: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/27.jpg)
IT-Harvest Confidential
Cyber Pearl Harbor Defined
An overwhelming defeat of US forces due to
enemy information dominance.
![Page 28: There WIll Be Cyberwar](https://reader034.fdocuments.in/reader034/viewer/2022042507/55cb24f5bb61eb77508b4637/html5/thumbnails/28.jpg)
IT-Harvest Confidential