Post on 08-Jul-2020
1
AFCEA Hawaii Chapter
14 APR 2015
James H. Mills, CAPT, USN
Discla imer: The views presented here are those of the speaker and do not necessarily represent the views of the DoD or DoN.
This briefing is unclassified.
Command Mission Snapshot
Context of the naval environment
The maritime strategy big picture
Maritime challenges
Trends and Game Changers
Strategic relevance of cyberspace
Cyberspace imperatives
Cyberspace as a domain of warfare
Trends and implications
Enterprise priorities
Way Forward
2
Voyage plan for this presentation…
“Eyes and ears” of the Pacific Fleet Support Fleet and National
Information Warfare and cryptologic missions Training, Direct Support,
Electronics Support, Planning Signals Intelligence, I&W, Signals
Analysis Information Operations Cyberspace operations
3
NIOC HI Mission Snapshot
NIOC Hawaii - Excellence in Action
Man, train, and equip Pacific elements of the Cyber Mission Force
Support SIGINT, IO, and cyberspace missions PACFLT, C7F, C3F COMFLTCYBERCOM, C10F,
JFHQ-Cyber COMNAVIDFOR – TYCOM
Continued evolution since 2009
2014 NAVIDFOR, JFHQ-Cyber role
Enterprise focus
Operate the Network as a WarfightingPlatform
Conduct tailored Signals Intelligence
Deliver warfighting effects through cyberspace
Create shared Cyber situational awareness
Establish and mature Navy’s Cyber Mission Force
4
FCC/C10F Strategic Vantage
AFCEA West 2015: VADM Tighe,Answering the Evolving Threat on YouTube
Globalization
Migration
Natural resources competition
Arctic opening
Piracy
Smuggling
Regional competitors
HADR impact
5
Trends in the Maritime
The Maritime commons is the lifeblood of the global economic system.
Trends
Rise in volume of digitized data
Dynamic threat
Weak control of intellectual property
Lower “system” confidence (assurance, trust, resilience)
Insufficient cadre of expertise
Cyber Domain Challenges
Social & economic cyber dependency
Finding right mix of kinetic & cyber
Fiscal constraints
Organizational churn
Technology change outpaces acquisition
Seams emerging at the tactical edge
Rise of peer competitors
Environmental Challenges
Revitalize investment in cadre of expertise
Cultivate acquisition agility
Attain unity of effort
Ensure “Assured C2”
Build in “trust” and “resilience”
Indicators Imply…
Disruptive Technologies• Cloud Computing
• Virtualization
• Autonomous Vehicles
• Augmented Reality
• Data center advances
• Plastic Electronics
• Social Computing
• Mobility & Pervasive Sensing
• Machine Learning
• Hull innovation
• New warship class
7
“Game Changers”
Steam Propulsion
Torpedo Ironclads
Dreadnoughts
Coal
Carrier aviation
Over the Horizon
Submarine warfare
Amphibious warfare
Nuclear power
Precision Guided Munitions
Network Centric Warfare
Autonomous systems
?
8
Cyberspace: Military Imperative
“Enemies in the future, however, need not destroy our aircraft, ships, or tanks to reduce our conventional and even nuclear effectiveness. A well-timed and executed cyber attack may prove just as severe and destructive as a conventional attack.”
General James N. Mattis (USMC), Commander, United States Joint Forces Command
National Military Strategy for Cyberspace Operations (2006) (declassified 2008)
DoD’s role:
Defense of the Nation
National incident response
Critical infrastructure protection
Strategic priorities:
Gain and maintain the initiative to operate within adversary decision cycles.
Integrate capabilities across full range of military operations using cyberspace.
Build capacity for cyberspace operations
Manage risk to cyberspace operations
9
Cyber Warfare: An armed conflict conducted in whole or part by cyber means. Military operations conducted to deny an opposing force the effective use of cyberspace systems and weapons in a conflict. It includes cyber attack, cyber defense, and cyber enabling actions.
(From Joint Terminology for Cyberspace Operations)
Cyber War Defined (2010)
10
“Cyber” as a Domain of Warfare
Another means of national power and influence
Use of Spectrum
Info Operations
Networks & NetOps
Command & Decision
Critical Infrastructure
Cyber Intelligence
Assurance & Trust
Supporting Most recent operations have had IW/IO/”Cyber” as a
supporting element
Disrupt/degrade: C2, IADS; MILDEC; CNE
IW/IO/”Cyber” continues in supporting role in military planning and execution
CNA/CNE largely at strategic level control
Tactics and organization mature
Supported Shift beginning where operation may be solely Cyber or a
supported Cyber operation
Value of non-kinetic greater as Cyber capabilities mature
Shift to allow more Cyber ops at operational and tactical levels of war
Tactics and organization still maturing
11
Supporting Supported
Modern combat systems, weapons and platforms are increasingly software intensive (F-22, JSF…)
Use of Cyberphysical(embedded network) systems growing in DoD
SCADA, machinery control, critical navigation, damage control
Supply chain increasingly from untrusted entities
Primary C2 systems rely on information networks
Data breaches degrade operations
12
Why should you care?
Case targets
microchips sold to
Navy
(Sep. 15, 2010)
2008 Buckshot Yankee (USB)
F-22 Squadron Shot Down by the
International Date Line (2007)
2010
Pentagon ‘Aware’ of China
Internet Rerouting (Nov. 2010)
Computer Spies Breach
Fighter-Jet Project
(April 21, 2009)
US Says Iran Hacked Navy
Computers (Sept. 27, 2013)
US Sanctions North Korea Over
Sony Hack (Jan. 2, 2015)TIME
Nature of Cyber Warfare We operate, attack and defend on the
same platform as the adversaries
Threat characterization and attribution are challenging
Offense and defense have similar features
Industry drives cyberspace technology
Public, high profile adversary successes will breed additional actors Inexpensive, anonymous and effective
Cyber operations require a force that lives “on-the-network”
Global Cyber Common Operational Picture
Predictive cyber threat/response capability
Integrated NetOps, Attack, Defense, Exploit operations
13State, Non-State Actors and Individuals All Operate Within Cyberspace
McAfee, November 2010
BBC, Visualising the Internet, January 2010
FLTCYBERCOM
Perspective
From RDML Leigher brief, 18NOV10, graphics updated.
14
Attack trends
Platform for Propaganda Hacktivism Arab / Israeli conflicts Terrorist recruitment
Political consequence US/China Hacker Wars Iran, Tunisia, Egypt social media North Korea
Disruption Estonia Stuxnet Aramco
Exploitation Operation Aurora Internet Hijacking
Decisive Effects (combined) Georgia, Ukraine 15
Political Aims in Cyber “War”
Rise in volume of digitized data
Dynamic threat
Weak control of intellectual property
Lower “system” confidence (assurance, trust, resilience)
Insufficient cadre of expertise
Cyber Domain Challenges
Example: Chinese Activity
16
Chinese embassy accidental bombing
EP-3E forced landing“Sino-US ‘Hacker War’”
Exploitation campaign
DoD program dataexfiltration
US Naval War College
Source: US-China Economic and Security Review Commission Report (2010)
Chinese Strategy PLA actively developing Computer Network Ops capabilities,
strategy and training
Open press reports of 60,000 in Cyber War corps
Achieve information dominance
Seize control of information flow and establish information dominance
Integrate network and electronic warfare
Coordinated network and EW effects
Focus on C2 and logistics
Non-kinetic first (degrade info systems) then force-on-force
Degrade civilian cyber infrastructure that supports military ops
Deny or degrade C2 (DDoS, false data, EW)
View of CNO as a strategic deterrent comparable to nuclear weapons
17Source: US-China Economic and Security Review Commission Report (2010)
“A victorious army first wins and then seeks battle. A defeated army first battles and then seeks victory.”
Sun Tzu, The Art of War
18
Defense: Layered, Adapt to Risk, Active
Traditional model of defense in depth (Liu/Ormaner)
Cyber Situational Awareness
Information Assurance &
SystemsEngineering
DefensiveManeuver
Force
Reducing Attack Surface(Patching, SW
currency, firewall
policies, etc)
Cyber Key Terrain
Protection & Assured C2
Community Info Sharing
Expert Workforc
e
Something to think about…AirSea Battle & A2/AD
Cyber dimension
19Source: Why AirSea Battle? Krepinevich, 2010.
20
How to Help Support local and enterprise STEM efforts
People are our competitive advantage
“Bake in security” vice “bolt on”
Invest in systems engineering expertise in design and acquisition
Develop a trusted supply chain and take a systems-wide resilience approach
Participate in cybersecurity sharing venues
Develop and deliver enhanced cyber situational awareness tools
Tune operations to cyber “attack” risk
Key terrain analysis
Continuity of Operations
Vital information protection
Questions?21
Information’s Global Commons
22
What is cyberspace?
(From TRADOC Cyberspace Operations Concept Capability Plan, 2010)
DoD defined, May 2008
Motivations:
Sponsored warfare (Assure, Dissuade, Deter, Defeat)
Terrorism (Propaganda, Influence)
Commercial interest ($, IP)
Criminal activity ($, corruption)
Hacking ($, challenge) 23
Network Attacks: Method & Adversaries
National Infrastructure attack surface and methods. (Amoroso)
Adversaries and exploitation points. (Amoroso)
Factors leading to breaches.(Liu, Cheng)
24
Terms of Reference• Computer Network Attack: A category of fires employed for offensive purposes in which actions are
taken through the use of computer networks to disrupt, deny, degrade, manipulate, or destroy information resident in the target information system or computer networks, or the systems / networks themselves.
• Computer Network Exploitation: Enabling operations and intelligence collection capabilities conducted through the use of computer networks to gather data about target or adversary automated information systems or networks.
• Counter-Cyber: A mission that integrates offensive and defensive operations to attain and maintain a desired degree of cyberspace superiority.
• Cyber Attack: A hostile act using computer or related networks or systems, and intended to disrupt and/or destroy an adversary’s critical cyber systems, assets, or functions.
• Cyber Defense: The integrated application of DoD or US Government cyberspace capabilities and processes to synchronize in real-time the ability to detect, analyze and mitigate threats and vulnerabilities, and outmaneuver adversaries, in order to defend designated networks, protect critical missions, and enable US freedom of action.
• Cyberspace Operations: The employment of cyber capabilities where the primary purpose is to achieve objectives in or through cyberspace.
• Cyberspace Superiority: The degree of dominance in cyberspace by one force that permits the secure, reliable conduct of operations by that force, and its related land, air, sea, and space forces at a given time and sphere of operations without prohibitive interference by an adversary.
• Cyber warfare: An armed conflict conducted in whole or part by cyber means.
• Network Operations (NetOps): Activities conducted to operate and defend the DoD’s Global Information Grid.
See “Joint Terminology for Cyberspace Operations” for complete and additional definitions.