Intertwining Cyber And Electronic Warfare (In The US Army)

With cyber playing a critical role in conflict going forward, the Army has begun to recognize the need to have organic cyber planners within a brigade’s staff to offer commanders options related to cyber as well as electronic warfare.

Cyber and Electromagnetic Activities, or CEMA cells, have been stood up in each brigade acting as planners to provide targeting options and capabilities to get at commander objectives just as an artillery planner would offer the commander choices related to their field for a pending operation.

At the tactical level, these two disciplines – cyber and electronic warfare – have become intertwined.

“When I talk to Army commanders and staffs, I try to make the point that I want you to worry less about whether it’s a cyber or EW effect,” Lt. Col. Christopher Walls, deputy director for strategy and policy, at the Army’s Cyber Directorate within the G-3/5/7, said at the C4ISRNET Conference in May.

For example, Walls said for a river crossing mission, a commander might say he needs to buy a few hours to get a battalion across. The CEMA cell, in turn, would look across the capability sets in its portfolio and come up with a course of action.

These cells potentially have the ability to allow the commander to target local internet service providers or local routers and prevent opposing forces from using them. The teams may also have an electronic warfare capability that can jam local area network protocols. Finally, these teams might know where mobile switching centers are by digitally geolocating them allowing physical strikes to take them out, Walls said.

“I don’t want the commander to worry about which of those three things, I just want him to talk to me in terms of desired objective and effects and then us, along with the staff, will determine which capability makes sense,” Walls said. “That’s kind of the way we’re thinking about the tactical fight.”

The best choice comes down to understanding the commander’s objectives and intent in order to offer the best solution.

“What I would do is understand his intent, what effect he wants and what I’ll do is submit that in a formal request and I’ll let the higher echelons determine if they can provide that effect,” Capt. Daniel Oconer, brigade CEMA officer, told C4ISRNET during a recent visit to the National Training Center.

“In general, all I really need to know for my planning processes is understand what the maneuver force wants to do,” he added. “How do tanks and Bradleys [move], how are the troops on the ground moving. Then, what is their mission? What is their objective? What is the commander’s intent? Once I understand that I throw some CEMA flavor, so to say, onto it and then enable them to accomplish their mission.”

Oconer is currently billeted as a 29 series electronic warfare officer. The Army will begin to transition these individuals into the cyber branch, or 17 series, so they will all eventually be cyber planners in the CEMA cell.

“The way that we’re transforming our electronic warfare professionals is they will become cyber operators. They will be the face inside our brigade combat teams and our maneuver formations for cyber operational planning,” Maj. Gen. John Morrison, commander of the Cyber Center of Excellence, said during a May speech. “They’re complimentary. You cannot look at electronic warfare professionals and cyber operators in isolation.”

Holding on to the US Air Force’s cyber workers

Senators have long been worried about the future of the Air Force’s cyber workforce.

“Out of the 127 Air Force cyber officers that completed their first tour on the cyber mission force, none went back to a cyber-related job,” Sen. John McCain, R-Ariz., said during a May 2017 hearing.

“That is unacceptable and suggests a troubling lack of focus. It should be obvious that the development of steady pipeline of talent and retention of the ones we’ve trained already is essential of the success of the cyber mission force.”

“Something along the order of a third should stay with [CYBERCOM], the rest we should look [at] how do we put them elsewhere within the cyber enterprise to build the cyber level of expertise across the entire department,” Adm. Michael Rogers, then commander of U.S. Cyber Command, told the committee.

He also clarified that these officers weren’t cycling out of the cyber mission force into non-cyber-related jobs.

“The experience we’re seeing is they’re taking officers that are rolling out of the cyber mission force … and employing them in other areas in cyber in the department,” Rogers added.

“That’s why I say one of the challenges, if you’re a service, is you have a wide spectrum of cyber requirements beyond what Cyber Command is responsible for.”

The cyber mission force

The cyber mission force comprises the 133 teams that each service is proportionally providing to CYBERCOM — while some teams will be retained by each service’s cyber component — that will address high-level cyber problem sets.

The Air Force is responsible for providing CYBERCOM with 39 of the 133 cyber mission force teams, including offensive and defensive.

On the active-duty side, the Air Force has roughly 2,500 cyber officers, according to Maj. Gen. Patrick Higby, director of Air Force cyber strategy, who spoke to Fifth Domain in a 2017 interview. Those 2,500 cyber officers must fill the requirement of the cyber mission force, as well as exclusive Air Force cybersecurity requirements.

Officials have said 24th Air Force’s cyber mission force personnel on the 39 teams will equal roughly 1,700 individuals.

“Air Force cyber operations officers have been undermanned in terms of the number of billets that we have to fill across the Air Force versus how many officers we have in the inventory,” Higby said.

In 2014, the Air Force made a deliberate decision to provide back-to-back assignments for those officers in any 24th Air Force, or Air Force Cyber, unit, according to Higby.

When it comes to retention rates in the Air Force for cyber, Higby said, the cyber mission force is manned at 100 percent, meaning the 39 Air Force teams will get 100 percent of their staffing from an Air Force perspective. The service has to take risks in other areas across the force to reach those levels.

While the Air Force is retaining about 75 percent of cyber workers, the problem for the field is that the service — and the cyber field across the nation — is “chronically undermanned,” and the Air Force must retain officers at 90 percent to keep all manpower lines looking healthy. This means the service must “do some exceptional things to retaining at a higher-than-average rate,” Higby said.

 

from: https://www.fifthdomain.com/dod/air-force/2018/06/20/holding-on-to-the-air-forces-cyber-workers/

 

 

“Five Eyes” Nations aim to win the race for quantum computing supremacy

Since China started quantum computing research in 2004, it has invested over 30 times more than America in this revolutionary technology. In 2017 China announced that it was creating an $11 billion, 4 million-square-foot national quantum laboratory in the city of Hefei. This lab will accelerate China’s research into various applications of quantum computing, but particularly quantum hacking.

To protect against this growing threat to their data and security, Americans should look to their country’s oldest intelligence allies: the Five Eyes.

The Five Eyes alliance was originally formed to pool intelligence between the U.S. and the UK during WWII, and expanded to include Australia, New Zealand and Canada. Since then, the Five Eyes framework has evolved to share the strengths and exploit the weaknesses of emerging technologies — first radio transmissions, then satellites and, most recently, the internet. Quantum computing is the next step in this progression.

Quantum computers use elementary particles like photons to make calculations far more rapidly than a traditional “classical” computer. Unlike the binary “bits” of classical computers (0s and 1s), these particles — or “qubits” — can act as a 0 or a 1 at the same time. This allows them to do two calculations at once, and means that their power scales exponentially with the number of qubits, rather than linearly like a classical computer.

One result of such super-charged processing power is the ability to hack into encrypted data.

Modern encryption, like that used for bank accounts, typically works by multiplying two large prime numbers to form an even bigger “semi-prime” number of more than 600 digits. Yet, unlike classical computers, a quantum computer would be able to reverse factor all the numerical possibilities almost instantly, cracking the encryption. The first nation to develop one may be able to easily gain access to enormous amounts of protected data — including credit card information, health records and possibly classified government intelligence.

Despite a vibrant quantum private sector, the U.S. should approach quantum research as an emerging area of critical national security rather than as a simple tech transition. It should also prevent sensitive quantum data from becoming the latest example of China’s intellectual property theft. The best tool to achieve both of these ends is the unique structure of the Five Eyes alliance.

For prior emerging technologies the Five Eyes have coordinated at the operations, intelligence and leadership levels. However, the most useful security applications of quantum computers are still unclear. Therefore, the allies should take a “bottom up” approach to applying this new technology, first ensuring that they understand the fundamentals of how it can be used before moving on to a wider strategy.

This process should start on the Five Eyes’ shared platforms. Each ally shares digital intelligence tools that they’ve developed with the other four. In the PRISM program, the U.K. was granted access to data the National Security Agency (NSA) had intercepted from U.S. internet companies. In STATEROOM, Australian embassies in Asia were bugged and the information gathered from foreign diplomats was passed on to allies.

But the most relevant shared platform for quantum cooperation is the STONE GHOST program. This is a database that acts as both a platform for sharing intelligence software and a forum for Top Secret communications. The use of this system could allow critical quantum research to be shared quickly and securely, preventing incidents like China’s theft of 50 gigabytes of classified data from the F-35 program in 2016.

With a more robust model of how to use quantum technology effectively, the Five Eyes could then test and implement their shared quantum capabilities against critical developing situations. Joint quantum operations could be either defensive or offensive. They could follow the model of the 2012 London Olympics, where the National Geospatial-Intelligence Agency worked with British authorities to map security vulnerabilities at venues and transport routes. Or they could resemble Operation RAMPANT LION 2 in Afghanistan, where U.S. and U.K. intelligence agencies supported Canadian troops in real time.

Leadership coordination would be the final step in creating an integrated quantum strategy. Fortunately, this is one of the Five Eyes’ greatest strengths. Each nation’s heads of defense intelligence and national assessments meet with their counterparts at least annually, if not more frequently. They analyze each other’s performance and plan the alliance’s future activity. In a field developing as rapidly as quantum computing, this high-level collaboration will allow the allies to be both proactive and reactive in gaining an advantage from quantum capabilities.

The major role of the U.S. in maintaining global security means its defense funding is stretched thin. There are limited economic and human resources that America can spend to confront a new security threat as serious as quantum computing. Collaborating with the Five Eyes alliance offers the clearest path to maximize these resources and maintain American technological supremacy.

 

from: https://www.c4isrnet.com/opinion/2018/06/18/how-the-five-eyes-can-win-the-race-for-quantum-computing-supremacy/

 

 

US Defense Innovation Unit Experimental (DIUx) extends contract for Marines counterdrone tech

The Marine Corps Warfighting Laboratory (MCWL) has extended a prototype contract with Sensofusion for an additional year to develop a system that would give troops advanced warning of threats from drones.

The contract was extended to “innovate and implement new capabilities within signal intelligence,” a June 6 press release said.

The contract with Sensofusion is through the Defense Innovation Unit Experimental (DIUx), which is an upstart Department of Defense organization that contracts commercial solutions to solve national defense problems.

Sensofusion’s partnership with the Marine Corps and DIUx launched in March 2017 with a one-year contract and the goal of developing a ground-based mobile counter-UAS solution based on Sensofusion’s core product, AIRFENCE.

According to a DIUx quarterly report, “Sensofusion can automatically detect, locate, track, and take over UAS controls, as well as locate a UAS operator with pinpoint accuracy in real-time.”

AIRFENCE is already used by law enforcement and government leaders.

DIUx has focused on counterdrone technologies in the past. In July 2017, CNN reported that DIUx signed a $1.5 million contract with SkySafe, a company that develops technology to disable rogue drones.

As commercial drones become increasingly available, government and military leaders have expressed safety concerns. “We know that terrorists are using drones overseas to advance plots and attacks,” Department of Homeland Security Secretary Kirstjen Nielsen said.

A study by New America reported several non-state actors who have used commercially available drones, including ISIS and the Houthi rebel group in Yemen.

According to a data sheet from the Center for the Study of the Drone at Bard College, the Department of Defense counterdrone budget rose from from $528 million in fiscal year 2018 to $1.05 billion in the fiscal year 2019 proposal.

“Given the proliferation of commercially-available UAS and the increasingly dangerous threat they post, a force protection capability like that provided by AIRFENCE will be an essential part of any integrated air defense system for the foreseeable future,” Major J.B. Persons at MCWL said in a 2017 release.

Working with the Marine Corps, Sensofusion developed a single sensor AIRFENCE which is beneficial for use in a mobile convoy scenario. AIRFENCE can also be used for fixed installations like military bases or prisons that need counterdrone technology.

Working with DIUx, Sensofusion integrated radar and optics into a counter-UAS system that can be either fixed or mobile and can operate in extreme weather conditions, according to a press release.

Bitcoin und Ethereum Geldautomat in Flughafen Amsterdam Schiphol aufgestellt

Der elftgrößte Flughafen der Welt, Amsterdam Schiphol, hat testweise einen Bitcoin-Geldautomaten aufgestellt, um den Bedürfnissen der Reisenden zu dienen. An der Maschine können sowohl Bitcoin als auch Ethereum erlangt werden.

In einer Pressemitteilung von gestern teilte der Betreiber des Flughafen Amsterdam Schiphol mit, dass ein Automat installiert wurde, an dem sowohl Bitcoin als auch Ethereum für Reisende angeboten werden. Schiphol wird damit der erste europäische Flughafen, der über einen Geldautomaten Möglichkeiten zum Austausch von Kryptowährungen anbietet. Reisende sollen laut Information des Flughafens damit die Möglichkeit erhalten, ihre verbleibenden Euro für Bitcoin oder Ethereum an der Maschine umzutauschen.

In der Pressemitteilung heißt es:

Schiphol arbeitet kontinuierlich an Innovationen und bietet einen optimalen Service für die Passagiere. Wir hoffen, dass wir mit der Bitcoin-Maschine den Reisenden dienen können, weil sie einfach „lokale“ Euros gegen den „globalen“ Bitcoin oder Ethereum eintauschen können. Dies kann nützlich sein, weil sie in ihrem Heimatland keinen Euro mehr nutzen können.

Der ATM in Schiphol ist eine Teststellung von sechs Monaten. Es soll untersucht werden, ob dieser Service die Bedürfnisse der Reisenden erfüllt. Die Maschine befindet sich in der Ankunftshalle 2 am Eingang der Abflughallen 1 und 2. Viele abfliegende Passagiere sollen daran vorbeikommen.

Die Teststellung ist ein Joint Venture zwischen Schiphol und der niederländischen Firma ByeleX Data Solutions BV, The Byecoin Company. Bylex-Direktor Herman Vissia erklärte (frei übersetzt):

Wir freuen uns, dass Schiphol mit uns zusammenarbeiten möchte, um eine neue Kryptorealität für Reisende einzuführen.

In den Niederlanden ist die Maschine der 20. betriebsfähige Kryptowährungs-Geldautomat gemäß CoinATMRadar. In Europa liegt die Niederlande damit auf einem 9. Platz. Der 1. Platz geht an Österreich, wo 198 ATMs aufgestellt sind. Immerhin noch 153 Kryptowährungs-Geldautomaten hat Großbritannien. Auf Platz 3 in Europa liegt Spanien mit 57 ATMs. In Deutschland gibt es laut CoinATMRadar keine Automaten. Insgesamt steht etwa ein Fünftel aller Kryptowährungs-Geldautomaten weltweit in Europa, die große Mehrheit steht aber in Nordamerika.

Darüber hinaus plant die Odyssey-Gruppe in Argentinien 4.000 BitcoinAutomaten aufzustellen, nachdem die Zentralbank der Argentinischen Republik (BCRA) im Mai die Vorschriften für Geldautomaten im Land gelockert hat. Die neuen Regelungen enthalten zwar keine direkte Bezugnahme auf Bitcoin oder Kryptowährung. Sie ermöglichen allerdings die Installation von Geldautomaten in Nicht-Bankbetrieben wie Supermärkten, Einkaufszentren und Kinos.

 

from: https://coin-hero.de/bitcoin-und-ethereum-geldautomat-in-flughafen-amsterdam-schiphol-aufgestellt/

 

 

Can a new DISA ‘eApp’ help solve the 710,000 security clearance backlog?

Workers with a security clearance are in high demand throughout the US federal government.

 

The federal government faces a substantial security clearance backlog, so the Defense Information Systems Agency has announced a potential solution.

An electronic application, eApp, will be used to submit background security clearance investigation forms. The application debuted at the Armed Forces Communications and Electronics Association Defensive Cyber Operations Symposium in Baltimore in May.

DISA’s eApp is designed to replace and improve upon the current portal for security clearance check processing, called e-QIP. Using eApp, the subject of the investigation will enter the initial information. DISA said that eApp’s interface will improve user experience through “reworked navigation” and it will include requirements grouped into 10 sections and a section counter to track application progress.

The eApp was announced by the National Background Investigation System Program Office, part of the National Background Investigations Bureau that currently conducts security clearance background investigations.

More than 4 million federal and contract jobs require some level of security clearance and NBIB currently faces more than 710,000 applications waiting to be processed.

In January the Government Accountability Office added security clearance reform to its high-risk list of federal areas in need of reform. “Governmentwide measures for the quality of background investigations have not yet been established, and there have been significant delays in completing some key reform efforts,” a GAO news release said.

In March the Senate Intelligence Committee held a hearing on the issue.

During the Senate hearing in March, NBIB director Charles S. Phalen, Jr. attributed the backlog of security clearance investigations, in part, to the loss of 4,500 investigators with the termination of a contract in 2014 with US Investigation Services, an investigation services company.

The Professional Services Council Foundation — a trade association that advocates for government contractors — has advocated for reform of the security clearance investigation system. In May, PSC formed a security clearance strategic advisory group to assess the federal security clearance process.

DISA said that 1,000 Army users will soon test eApp for usability. A gradual rollout of the app is planned for September or October 2018.

 

from: https://www.c4isrnet.com/disa/2018/06/15/can-a-new-disa-app-help-solve-the-security-clearance-dilemma/

 

 

 

 

CYBER GEEK RECRUITING: top US Marine says cyber warriors must get more flexibility

Commandant of the Marine Corps Gen. Robert B. Neller
called for a futuristic vision of the service that embraces digital fighting.
(Sgt. Olivia G. Ortiz/Marine Corps)

 

The Marine Corps (USMC) must be “more flexible” when it comes to retaining cyber warriors, its top officer said, a recognition that the service needs to bolster its recruiting effort for the digital fight.

During a June 12 speech, Marine Corps Commandant Gen. Robert Neller said that cyber fighters may follow a different career trajectory than traditional recruits.

“If you get qualified as a cyber Marine, you ain’t ever leaving, unless you want to. If you want to stay there and do ones and zeros” that’s fine, Neller said.

The recruitment effort laid out during the 69th Current Strategy Forum at the U.S. Naval War College in Newport, R.I. was part of a futuristic vision for the Marines that embraced digital war-fighting. The speech served as a rejection a force that will rely solely on bullets and bombs. Instead, he highlighted a Marine Corps that will also battle in ones and zeroes. He portrayed the Corps as in the middle of a digital battle, “in phase 2.5 against potential countries and adversaries,” an apparent reference to different stages of combat.

“Every infantry squad in the Marine Corps is going to fly their own quad-copter and their own UAV,” Neller said, using an acronym for unmanned aerial vehicles.

It was a strategy speech that at times crossed over into the realm of popular culture. Neller asked listeners to remember the 2018 Winter Olympics opening ceremony that featured more than 500 automated drones flying in unison. Imagine those same drones but armed. “What happens if 500 mini-drones all weaponized come ‘zorching’ out of the sky, what are you going to do to shoot them down?” Neller asked.

Beyond defeating UAV attacks, Neller said that the Corps is “looking at autonomous ways to resupply ourselves. We are looking at pallets that fly.”

He appeared frustrated at the Marine’s acquisition process and acted out a more aggressive negotiation process that he has with defense contractors. When meeting with a vendor selling drones or a piece of equipment that he hopes to stock for the Corps of the future, Neller may ask them if they use 3D printing for their products.

“Oh yeah,” the vendor will typically say, according to Neller.

“Then why aren’t I printing it? Why am I paying you if I can print it?” Neller will respond, pushing the contractor about why their equipment is needlessly expensive. “I’ll pay you for the tech data package. I’ll pay you for the rights because that’s your intellectual property. But I don’t want the parts from you.”

Neller admitted his response does not always sit well with the high-powered defense contractors with dollar signs in their eyes.

“The room gets real quiet,” he said.

The commandant also warned China may soon dominate the South China Sea.

“Sadly, I don’t see us doing a whole lot to contest that. (The Chinese) are out there putting their marbles down, and we’ve got no marbles,” Neller said, an anecdote for how China is gobbling up territory in the ocean. “We’ve got old marbles, but pretty soon there isn’t going to be a place to put down marbles if they don’t start doing something.”

 

from: https://www.fifthdomain.com/dod/marine-corps/2018/06/14/top-marine-says-cyber-warriors-must-get-more-flexibility/

 

 

‘Quads for Squads’ grounded over cyber concerns

U.S. Marine Corps 2nd Lt. Michael Francica, with Combat Logistics Battalion 8, Combat Logistics Regiment 2, 2nd Marine Logistics Group, pilots an InstantEye quadcopter during an operations check for Marine Corps Warfighting Laboratory as part of Integrated Training Exercise 3-18 on Marine Corps Air Ground Combat Center, Twentynine Palms, Calif., April. 29. (Lance Cpl. Scott Jenkins/ Marine Corps)

 

The Corps is being forced to ground commercial drones it has been fielding to infantry units because of a recent Department of Defense policy memo.

The policy memo, released at the end of May and signed by Deputy Secretary of Defense Patrick Shanahan, bans the purchase and use of commercial off-the-shelf, or COTS, drones, citing cybersecurity concerns.

“The DoD Inspector General found that the DoD has not implemented an adequate process to assess cybersecurity risks associated with using commercial-off-the-shelf (COTS) Unmanned Aerial Systems,” the memo reads.

The Corps has been rapidly issuing small Instant Eye quadcopters to every rifle squad as part of a program called ‘Quads for Squads.’

To date, the Corps has given out roughly 600 of the small tactical drones and another 200 are pending, Capt. Pena, a Marine spokesman, told Marine Corps Times.

 

Lance Cpl. Cesar Salinas, an infantry Marine with 3rd Battalion, 5th Marine Regiment, assists his squad by providing reconnaissance with an Instant Eye at Marine Corps Base Camp Pendleton, California, July 13, 2016. (Marine Corps)

 

Those drones are now grounded “until the DoD identifies and fields a solution to mitigate known cybersecurity risks,” the memo states.

The Corps plans to submit a waiver “requesting an exemption,” Pena added.

However, Shanahan is the only authority authorized to approve exemptions and any waivers will be reviewed on a “case by case basis, to support urgent needs,” according to the memo.

The recent DoD memo will not interrupt the shipping of the remaining drones, Pena added.

The Commandant of the Marine Corps Gen. Robert B. Neller has been pushing to equip grunts with the small drones to aid in battlefield situational awareness.

And recently, the top Marine cut the size of the Marine rifle squad from 13 to 12 while also adding a new drone systems operator role.

The grounding of the Marine drones was first reported by Military.com.

 

from: https://www.marinecorpstimes.com/news/your-marine-corps/2018/06/15/quads-for-squads-grounded-over-cyber-concerns/

 

 

 

Israeli National Cyber Security Authority Outsources: White Hat and White Knight Combat Cyberattacks

This post is also available in: heעברית (Hebrew)

 

Cyber threats on Israeli companies, organizations, and infrastructure grow daily. The Israeli National Cyber Security Authority has been concentrating its efforts to thwart this threat using sub-contractors, cyber companies that each one deals with the defense of a different critical sector.

One of these companies is White Hat. The company’s CEO, Sharon Nimirovski, says hackers prefer to attack industrial installations through component suppliers and services providers, e.g. accountants and lawyers.

The Tel-Aviv company founded an elite intelligence unit that supplies cybersecurity to private organizations, and in the future to states as well. “Our intelligence center monitors all sorts of threats and in all levels. We operate with this regard as a military elite unit for the prevention of cyberattacks”, said the CEO in an interview to iHLS.

He added that currently, hackers are capable of inflicting damages in property and lives just as armies, using a variety of weapons. “Hackers can nowadays cause various faults to chemical industries which store large quantities of dangerous agents, thus causing widespread disasters.”

According to Nimirovski, Israel has been challenged by various threats due to the situation in the region and the conflicting forces. He said that threats have been growing from week to week, and each time the company’s experts meet new kinds of threats. “This invisible enemy is sophisticated and uses a wide variety of ways for causing damage.”

He added that currently, private companies help the National Cyber Security Authority established by the Israeli government in the detection and prevention of evolving threats. “We were assigned to deal with a certain sector. Of course, I cannot reveal which one, however, this sector has a great potential for damages.”

The company CEO said that sometimes an evolving threat is detected but the problem is that it is not clear when and where it will be executed. “We are dealing with a realm where many things are not immediately clear, so an intelligence array has to be established in order to decrease uncertainty, which might be critical in this case.”

He added that his team detects threats that are already in the “backyard” of the threatened customer. “Through the intelligence operations room, we are capable of alerting the customer that someone is about to attack him through a certain vulnerability.”

All this is executed, according to Nimirovski, by a complete system of attack simulations that expose the customer’s vulnerabilities in each of his online systems.

“We do not sit and wait that something happens in order to learn lessons. Rather, we try to take preventive steps, as attacks in this field might be very painful and cause tremendous damage.”

Currently, White Hat operates a threat detection array called White Knight. This system is active in the social media, detecting threats even at the stage of planning. “The problem is the huge amounts of information. This is why our system is an advanced big data system that knows how to expose the relevant information.”

For the purpose of social media activity, the company operates human intelligence, which is, in fact, technological means that pretend to be human-based intelligence.

“Each of our employees operates such kind-of-human agents that roam around the net trying to detect preliminary signs to a hostile cyber activity.”

He explained that one of the methods frequently employed by hackers is an attack through companies’ subsuppliers. “The suppliers have got the most sensitive information and it is through them that assailants can get to the critical crossroads.”

The company CEO added that “in case of a state-sponsored attack, in most cases, it will be impossible to identify it. The amount of resources invested in it is so great that many resources will be required for hiding it.”

 

from: https://i-hls.com/archives/83530

 

 

 

 

CNO: Bundeswehr-Hacker bereit zum Hackback

Seit Jahren streiten Politiker, ob Deutschland nach einem Hackerangriff auch im Netz zurückschlagen darf. Nach SPIEGEL-Informationen hat die Bundeswehr nun erstmals gemeldet, dass sie dazu in der Lage wäre.

Samstag, 16.06.2018

Die Cybertruppe der Bundeswehr könnte im Fall eines Hackerangriffs auf deutsche Rechner und Netze mit einem sogenannten Hackback zurückschlagen. In einem internen Bericht vom April schreibt das Verteidigungsressort erstmals, die Hacker des gerade erst aufgestellten Zentrums Cyberoperationen seien mittlerweile “in der Lage, aktiv im Cyberraum aufzuklären und zu wirken”.

Der unscheinbare Satz markiert für Kenner eine neue Qualität. So versteckt sich hinter dem schlichten Wort “wirken” im Militär-Deutsch nicht weniger als ein offensiver Angriff, in diesem Fall statt mit Bomben oder Artillerie eben mit Cyberwaffen durch Hacker in Uniform.

Bundeswehr-Hackertruppe soll aufgestockt werden

Bisher hatte die in Grafschaft bei Bonn stationierte Bundeswehreinheit Gegenschläge im Netz – sogenannte Hackbacks – praktisch nur in Planspielen und abgetrennt vom Internet getestet. Ebenso gelang es den Hackern, die bis zum April in der Einheit Computer Network Operations (CNO) agierten, in einem Geiselfall in die Server eines afghanischen Mobilfunkbetreibers einzudringen.

 

Ob der Bundeswehr echte Gegenschläge – also zum Beispiel das Ausschalten eines Servers, von dem eine Attacke ausgeht – erlaubt werden sollen, wird in der Politik kontrovers diskutiert. Die vorige Bundesregierung hatte das heikle Thema mehrmals im Bundessicherheitsrat erörtert, ein Rechtsgutachten bestellt, die Entscheidung aber am Ende vertagt.

Trotzdem betont das Verteidigungsministerium, wie wichtig die neue Fähigkeit der Bundeswehr ist. Der Ausbau der offensiven Mittel der Cybertruppe, so das als Verschlusssache eingestufte Papier, sei ein “essenzieller Beitrag zur gesamtstaatlichen Sicherheitsvorsorge”, betont das Ministerium. Deshalb soll die Hacker-Truppe nach SPIEGEL-Informationen von knapp 100 auf 300 Mann aufgerüstet werden.

Künftige Bedrohung: Quantencomputer

Das Ministerium warnt in seinem Papier zudem davor, dass der technologische Fortschritt etwa durch Quantencomputing zu “einer neuen, vielleicht sogar kritischen Bedrohungslage” führen könne. Quantencomputer könnten dereinst “sämtliche derzeit üblichen asymmetrischen Kryptoverfahren” zur Verschlüsselung überwinden.

Zwar wird seit Jahren, nicht zuletzt in Europa, an Verschlüsselungsverfahren geforscht, die heutige Algorithmen ersetzen könnten und auch Quantencomputer vor praktisch unlösbare Probleme stellen würden. Die Analysten sparen dennoch nicht mit düsteren Warnungen. Durch die neuen Computer könne eine “fundamentale Bedrohung wesentlicher kritischer Infrastrukturen” entstehen – etwa im Banken-, Bahn- oder Flugverkehr.

Quantencomputer sind beim Lösen bestimmter Probleme erheblich leistungsstärker als herkömmliche Rechner; Prototypen waren 100 Millionen Mal schneller als aktuelle Computer. Die US-Konzerne IBM, Microsoft und Google liefern sich ein Wettrennen in der Entwicklung mit chinesischen Wettbewerbern wie Baidu. Die EU-Kommission legt eine “Quanten-Flaggschiff”-Initiative im Wert von einer Milliarde Euro auf, China baut gerade ein Quantenlabor für zehn Milliarden Dollar.

Eine Studie des Bundesamts für Sicherheit in der Informationstechnik warnt vor der rasanten Entwicklung der Quantencomputer und plädiert für “eine starke nationale Cybersicherheitsbehörde”.

 

from: http://www.spiegel.de/netzwelt/netzpolitik/bundeswehr-hacker-sind-bereit-zum-hackback-a-1213192.html

 

 

 

Cyber rules: how information advantage will help win future conflicts

In future conflicts, information will reign supreme. Gone are the days when the winner of a conflict will be the one that brings the most capacity and breaks the most things.

Rather, “future conflicts are probably going to be decided by the side with an information advantage,” US Air Force Brig. Gen. Chance Saltzman, director of current operations, deputy chief of staff for operations, said at the Space Computing Conference hosted by MITRE on June 6.

“It might be the [sides] that find exactly the right thing to break or the exact right pressure point, and that’s going to be about information advantage.”

Underpinning this information advantage is what the US Air Force is calling multidomain command and control. This can be summed up best as independently generating effects across space, air and cyber — not in support of just air operations — to create multiple and continuous dilemmas for adversaries.

 

from: https://www.c4isrnet.com/c2-comms/2018/06/12/how-information-advantage-will-help-win-future-conflicts/

 

 

 

By continuing to use this site, you agree to the use of cookies. Please be aware this site uses Google Analytics to measure traffic. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close