Cyber Warfare Brian Connett, LCDR, USN US NAVAL ACADEMY
Cyber “A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability to accomplish defense missions today and in the future.” - 2010 Quadrennial Defense Review “… four key characteristics of cyber space: open to innovation, secure enough to earn people’s trust, globally interoperable, and reliable.” -2011 International Strategy for Cyberspace US Strategic Command US Cyber Command US Fleet Cyber Command US 10th Fleet …
Cyberspace Defined • Ubiquitous, overlapping domains • “A global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the internet, telecommunications networks, computer systems, and embedded processors and controllers…” • “… common usage of the term also refers to the virtual environment of information and interactions between people.” National Security Presidential Directive 54/Homeland Security Presidential Directive 23 (NSPD-54/HSPD-23)
Signals Intelligence Collection of foreign intelligence from communications and information systems Use the information to help protect our troops, support our allies, fight terrorism, combat international crime and narcotics, support diplomatic negotiations, and advance many other important national objectives SIGINT comes from various sources, including foreign communications, radar and other electronic systems This information is frequently in foreign languages and dialects, is protected by codes and other security measures, and involves complex technical characteristics The goal is to collect and understand the information, interpret it, and get it to our customers in time for them to take action.
Oversight • The U.S. Constitution, federal law, executive order, and regulations of the Executive Branch govern our activities • WE operate under the authority of the Department of Defense(US Code 10) • Our activities are subject to strict scrutiny and oversight both from the outside the DoDand from within. • External bodies provide oversight to ensure adherence to U.S. laws and regulations • House Permanent Select Committee on Intelligence (HPSCI) • Senate Select Committee on Intelligence (SSCI) • President's Intelligence Oversight Board • Foreign Intelligence Surveillance Court • Department of Justice • The Office of the Inspector General conducts inspections, audits, and investigations to make certain that we operate with integrity, efficiency, and effectiveness, while the Office of the General Counsel provides legal advice • You will be given powerful tools which require that you know, understand, and obey to the fullest, the laws of the nation.
POTUS EO Executive Order 12333 (EO 12333) authorizes agencies of the Intelligence Community to obtain reliable intelligence information, consistent with applicable Federal law and EO 12333, with full consideration of the rights of U.S. persons Pursuant to EO 12333, NSA is authorized to collect, process, analyze, produce, and disseminate signals intelligence information and data for foreign intelligence and counterintelligence purposes to support national and departmental missions, and to provide signals intelligence support for the conduct of military operations Most importantly this EO prohibits the collection, retention, or dissemination of information about U.S. persons except pursuant to procedures specifically established by branch leadership and approved by the Attorney General.
C5I is the COP • Communication • Combat Systems • Robotics • Mobile Robot Design • Cyber Physical Systems • Weapons • Intelligence • Engineering Economics • Emerging Technologies • Command & Control • Digital Control Systems • Optimal Control and Estimation • Autonomous Vehicles • Robotics • Computer Vision • Computers • Embedded Microcontroller Systems Integration • Embedded Microcontroller System Applications • Cyber Physical Systems • Computer Vision
EM and Cyber Environments J.W. Greenert, ADM, USN • Failing to use these effectively will be the difference between victory and defeat • Environments are merging • Commanding the new environment • Monitor and be aware of the environment • Manage our emissions • Discretely communicate • Find, track and defeat threats • Conduct attacks • Surface and Subsurface, Air and Space Dominance
Cyber Conflict v. Cyber War • Sun Tzu and Plato • Philosophical imperative • Self knowledge • Cyber Warfare • Not about how the cyber system works, its more about how it fails • Productive failure will only provide strategic success
Stuxnet and Shamoon • Oil and Energy sector • Exploits shared hard drives • Supervisory Control and Data Acquisition • Man-in-the-middle attack • STUXNET • 1st publicly known malicious cyber weapon from bytes to physical sabotage • Cyber Conflict Era begins • Fire and Forget • Children of Stuxnet – tailored DNA swarm