brian connett, lcdr, usn us naval academy. “a failure by the department to secure its systems in...
TRANSCRIPT
![Page 1: Brian Connett, LCDR, USN US NAVAL ACADEMY. “A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability](https://reader036.vdocuments.site/reader036/viewer/2022082610/56649ce45503460f949b08b9/html5/thumbnails/1.jpg)
Cyber Warfare
Brian Connett, LCDR, USNUS NAVAL ACADEMY
![Page 2: Brian Connett, LCDR, USN US NAVAL ACADEMY. “A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability](https://reader036.vdocuments.site/reader036/viewer/2022082610/56649ce45503460f949b08b9/html5/thumbnails/2.jpg)
Cyber
“A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability to accomplish defense missions today and in the future.”
- 2010 Quadrennial Defense Review
“… four key characteristics of cyber space: open to innovation, secure enough to earn people’s trust, globally interoperable, and reliable.”
-2011 International Strategy for Cyberspace
US Strategic CommandUS Cyber Command
US Fleet Cyber CommandUS 10th Fleet
…
![Page 3: Brian Connett, LCDR, USN US NAVAL ACADEMY. “A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability](https://reader036.vdocuments.site/reader036/viewer/2022082610/56649ce45503460f949b08b9/html5/thumbnails/3.jpg)
Cyberspace Defined Ubiquitous, overlapping domains “A global domain within the information
environment consisting of the interdependent network of information technology infrastructures, including the internet, telecommunications networks, computer systems, and embedded processors and controllers …”
“… common usage of the term also refers to the virtual environment of information and interactions between people.”
National Security Presidential Directive 54/Homeland Security Presidential Directive 23 (NSPD-54/HSPD-23)
![Page 4: Brian Connett, LCDR, USN US NAVAL ACADEMY. “A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability](https://reader036.vdocuments.site/reader036/viewer/2022082610/56649ce45503460f949b08b9/html5/thumbnails/4.jpg)
Signals Intelligence Collection of foreign intelligence from communications and
information systems
Use the information to help protect our troops, support our allies, fight terrorism, combat international crime and narcotics, support diplomatic negotiations, and advance many other important national objectives
SIGINT comes from various sources, including foreign communications, radar and other electronic systems
This information is frequently in foreign languages and dialects, is
protected by codes and other security measures, and involves complex technical characteristics
The goal is to collect and understand the information, interpret it, and get it to our customers in time for them to take action.
![Page 5: Brian Connett, LCDR, USN US NAVAL ACADEMY. “A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability](https://reader036.vdocuments.site/reader036/viewer/2022082610/56649ce45503460f949b08b9/html5/thumbnails/5.jpg)
Oversight The U.S. Constitution, federal law, executive order, and regulations of the
Executive Branch govern our activities
WE operate under the authority of the Department of Defense (US Code 10)
Our activities are subject to strict scrutiny and oversight both from the outside the DoD and from within.
External bodies provide oversight to ensure adherence to U.S. laws and regulations• House Permanent Select Committee on Intelligence (HPSCI) • Senate Select Committee on Intelligence (SSCI)• President's Intelligence Oversight Board• Foreign Intelligence Surveillance Court• Department of Justice
The Office of the Inspector General conducts inspections, audits, and investigations to make certain that we operate with integrity, efficiency, and effectiveness, while the Office of the General Counsel provides legal advice
You will be given powerful tools which require that you know, understand, and obey to the fullest, the laws of the nation.
![Page 6: Brian Connett, LCDR, USN US NAVAL ACADEMY. “A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability](https://reader036.vdocuments.site/reader036/viewer/2022082610/56649ce45503460f949b08b9/html5/thumbnails/6.jpg)
POTUS EO Executive Order 12333 (EO 12333) authorizes agencies of the
Intelligence Community to obtain reliable intelligence information, consistent with applicable Federal law and EO 12333, with full consideration of the rights of U.S. persons
Pursuant to EO 12333, NSA is authorized to collect, process, analyze, produce, and disseminate signals intelligence information and data for foreign intelligence and counterintelligence purposes to support national and departmental missions, and to provide signals intelligence support for the conduct of military operations
Most importantly this EO prohibits the collection, retention, or dissemination of information about U.S. persons except pursuant to procedures specifically established by branch leadership and approved by the Attorney General.
![Page 7: Brian Connett, LCDR, USN US NAVAL ACADEMY. “A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability](https://reader036.vdocuments.site/reader036/viewer/2022082610/56649ce45503460f949b08b9/html5/thumbnails/7.jpg)
C5I is the COP
Command & Control• Digital Control Systems• Optimal Control and
Estimation• Autonomous Vehicles• Robotics• Computer Vision
Computers• Embedded Microcontroller
Systems Integration• Embedded Microcontroller
System Applications• Cyber Physical Systems• Computer Vision
Communication
Combat Systems Robotics Mobile Robot Design Cyber Physical Systems Weapons
Intelligence Engineering Economics Emerging Technologies
![Page 8: Brian Connett, LCDR, USN US NAVAL ACADEMY. “A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability](https://reader036.vdocuments.site/reader036/viewer/2022082610/56649ce45503460f949b08b9/html5/thumbnails/8.jpg)
EM and Cyber Environments
Failing to use these effectively will be the difference between victory and defeat
Environments are merging Commanding the new environment
• Monitor and be aware of the environment• Manage our emissions• Discretely communicate• Find, track and defeat threats• Conduct attacks
Surface and Subsurface, Air and Space Dominance
J.W. Greenert, ADM, USN
![Page 9: Brian Connett, LCDR, USN US NAVAL ACADEMY. “A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability](https://reader036.vdocuments.site/reader036/viewer/2022082610/56649ce45503460f949b08b9/html5/thumbnails/9.jpg)
Cyber Conflict v. Cyber War
Sun Tzu and Plato• Philosophical imperative• Self knowledge• Cyber Warfare
Not about how the cyber system works, its more about how it fails
Productive failure will only provide strategic success
![Page 10: Brian Connett, LCDR, USN US NAVAL ACADEMY. “A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability](https://reader036.vdocuments.site/reader036/viewer/2022082610/56649ce45503460f949b08b9/html5/thumbnails/10.jpg)
Oil and Energy sector• Exploits shared hard drives
Supervisory Control and Data Acquisition• Man-in-the-middle attack
STUXNET• 1st publicly known malicious cyber weapon from
bytes to physical sabotage• Cyber Conflict Era begins• Fire and Forget• Children of Stuxnet – tailored DNA swarm
Stuxnet and Shamoon
![Page 11: Brian Connett, LCDR, USN US NAVAL ACADEMY. “A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability](https://reader036.vdocuments.site/reader036/viewer/2022082610/56649ce45503460f949b08b9/html5/thumbnails/11.jpg)
Cyber Physical Systems