Cyber Warfare

Brian Connett, LCDR, USNUS NAVAL ACADEMY

Cyber

“A failure by the Department to secure its systems in cyberspace would pose a fundamental risk to our ability to accomplish defense missions today and in the future.”

- 2010 Quadrennial Defense Review

“… four key characteristics of cyber space: open to innovation, secure enough to earn people’s trust, globally interoperable, and reliable.”

-2011 International Strategy for Cyberspace

US Strategic CommandUS Cyber Command

US Fleet Cyber CommandUS 10th Fleet

…

Cyberspace Defined Ubiquitous, overlapping domains “A global domain within the information

environment consisting of the interdependent network of information technology infrastructures, including the internet, telecommunications networks, computer systems, and embedded processors and controllers …”

“… common usage of the term also refers to the virtual environment of information and interactions between people.”

National Security Presidential Directive 54/Homeland Security Presidential Directive 23 (NSPD-54/HSPD-23)

Signals Intelligence Collection of foreign intelligence from communications and

information systems

Use the information to help protect our troops, support our allies, fight terrorism, combat international crime and narcotics, support diplomatic negotiations, and advance many other important national objectives

SIGINT comes from various sources, including foreign communications, radar and other electronic systems

This information is frequently in foreign languages and dialects, is

protected by codes and other security measures, and involves complex technical characteristics

The goal is to collect and understand the information, interpret it, and get it to our customers in time for them to take action.

Oversight The U.S. Constitution, federal law, executive order, and regulations of the

Executive Branch govern our activities

WE operate under the authority of the Department of Defense (US Code 10)

Our activities are subject to strict scrutiny and oversight both from the outside the DoD and from within.

External bodies provide oversight to ensure adherence to U.S. laws and regulations• House Permanent Select Committee on Intelligence (HPSCI) • Senate Select Committee on Intelligence (SSCI)• President's Intelligence Oversight Board• Foreign Intelligence Surveillance Court• Department of Justice

The Office of the Inspector General conducts inspections, audits, and investigations to make certain that we operate with integrity, efficiency, and effectiveness, while the Office of the General Counsel provides legal advice

You will be given powerful tools which require that you know, understand, and obey to the fullest, the laws of the nation.

POTUS EO Executive Order 12333 (EO 12333) authorizes agencies of the

Intelligence Community to obtain reliable intelligence information, consistent with applicable Federal law and EO 12333, with full consideration of the rights of U.S. persons

Pursuant to EO 12333, NSA is authorized to collect, process, analyze, produce, and disseminate signals intelligence information and data for foreign intelligence and counterintelligence purposes to support national and departmental missions, and to provide signals intelligence support for the conduct of military operations

Most importantly this EO prohibits the collection, retention, or dissemination of information about U.S. persons except pursuant to procedures specifically established by branch leadership and approved by the Attorney General.

C5I is the COP

Command & Control• Digital Control Systems• Optimal Control and

Estimation• Autonomous Vehicles• Robotics• Computer Vision

Computers• Embedded Microcontroller

Systems Integration• Embedded Microcontroller

System Applications• Cyber Physical Systems• Computer Vision

Communication

Combat Systems Robotics Mobile Robot Design Cyber Physical Systems Weapons

Intelligence Engineering Economics Emerging Technologies

EM and Cyber Environments

Failing to use these effectively will be the difference between victory and defeat

Environments are merging Commanding the new environment

• Monitor and be aware of the environment• Manage our emissions• Discretely communicate• Find, track and defeat threats• Conduct attacks

Surface and Subsurface, Air and Space Dominance

J.W. Greenert, ADM, USN

Cyber Conflict v. Cyber War

Sun Tzu and Plato• Philosophical imperative• Self knowledge• Cyber Warfare

Not about how the cyber system works, its more about how it fails

Productive failure will only provide strategic success

Oil and Energy sector• Exploits shared hard drives

Supervisory Control and Data Acquisition• Man-in-the-middle attack

STUXNET• 1st publicly known malicious cyber weapon from

bytes to physical sabotage• Cyber Conflict Era begins• Fire and Forget• Children of Stuxnet – tailored DNA swarm

Stuxnet and Shamoon

Cyber Physical Systems