Cyberwarfare Archives - A Cyber Fellow
Currently viewing the tag: "Cyberwarfare"

cyber_attacks_610x444Cyberwarfare (Cyber War Definition or Cyber Attack Definition – sometimes written in error as Cyber War Fare) can be defined as actions by a nation-state to penetrate another nation’s computers, networks, and information systems for the purposes of causing damage or disruption.  This damage and destruction can range from tactical to strategic impacts.

Further Reading:

Navy Cyber Power 2020 (NCP 2020)

Navy Information Dominance Corps Human Capital Strategy 2012-2017

Navy Strategy for Achieving Information Dominance 2013-2017

 

Incoming search terms:

cyber battle definition, cyber effect on c2, cyber warfare definition, cyber warfighting

Download (PDF, 1.57MB)

Navy Cyber Power 2020 (NCP 2020)

navy-cyber-power-2020Navy Cyber Power 2020 identifies distinct qualities the Navy must possess to succeed, and introduces methods to build a relevant and extremely capable Navy Cyber warfighting force for the future. This strategy examines cyberspace operations from multiple vectors, and considers challenges and influencing factors beyond traditional operational aspects. The way we acquire systems, train cyber professionals, and choose technologies to meet our requirements directly impacts our ability to deliver credible capabilities to deter or contain conflict, and fight and win wars. Implementation and sustainment of this strategy will operationalize cyberspace with capabilities that span all warfighting domains and provide superior awareness and control when and where we need it. Executing this strategy will be hard work and will take a concerted effort at all echelons.

Navy Vision for Cyberspace Operations - The vision to achieve Navy Cyber Power 2020, is that Navy cyberspace operations provide Navy and Joint commanders with an operational advantage by:

  • Assuring access to cyberspace and confident Command and Control (C2)
  • Preventing strategic surprise in cyberspace
  • Delivering decisive cyber effects

The focus areas and their desired End-States of Navy Cyber Power 2020 are:

  • Integrated Operations -Fully integrate Navy cyberspace operations in support of achieving Joint Force objectives.
    1. Define Cyber Information Needs
    2. Evolve Doctrine and OPLANS
    3. Routinely Exercise and Assess
  • Optimized Cyber Workforce – Drive Navy and Joint cyberspace operations with an effectively recruited, trained, and positioned workforce.
    1. Provide an Adaptive Navy Force Model
    2. Change the Culture
    3. Strengthen Navy Cyber Knowledge
  • Technology Innovation – Leverage industry, academia, and Joint partners to rapidly update Navy cyberspace capabilities to stay ahead of the threat.
    1. Deliver Cyber Situational Awareness (SA)
    2. Lead Joint Cyber Modeling, Simulation, and Analysis
    3. Pilot New Technology
  • PPBE & Acquisition Reform – Enhance cyber budgeting and acquisition to meet the Navy’s cyber operational needs.
    1. Integrate Cyber Requirements
    2. Integrate Cyber funding Across Navy budget
    3. Advance Acquisition to pace Industry

The Secretary of Defense’s strategic guidance (DSG) highlights the critical role cyberspace operations play in the success of the Joint Force across all mission areas; the documents below focus on the Cyber Warfare aspect of the DSG. The Nation’s success in the maritime domain depends upon our ability to project power and prevail in cyberspace. Navy Cyber Power 2020 strategic initiatives provide the ways and means to achieve and sustain the Navy’s advantage in cyberspace.

We will issue a supporting roadmap detailing lead and support organizations for each strategic initiative and the major actions necessary to accomplish them. However, as cyberspace evolves the Navy’s leadership will periodically assess the strategy of Navy Cyber Power 2020, to ensure it effectively guides the Navy’s efforts to maintain an operational advantage in cyberspace. Furthermore, the Navy will institute a comprehensive set of strategic performance measures to track the Navy’s progress and ensure that our actions are having the desired effect. When necessary, we will adjust course to respond to, if not anticipate, change that continues apace. Our success in cyberspace requires an “all hands” effort, from the Pentagon to the deck plate.

Navy Cyber Power 2020 supports the Navy Strategy for Achieving Information Dominanceadditional related supporting documents include: the Navy Information Dominance Roadmap, 2013-2028; the Navy IDC Human Capital Strategy, 2012-2017; the Naval Intelligence Strategy, 2013-2020; and, the 2013 Navy Space Strategy. Within this integrated framework, the Navy begins in earnest the process of marshaling its resources, galvanizing the workforce, and aligning Navy’s Information Dominance capabilities to fully enable the Navy’s primary tenet of Warfighting First.

[via TENTH FLEET]

Incoming search terms:

navy information dominance roadmap, cyberspace strategy pdf, cyber 2020, cyber power 2020, joint force enterprises, navy cyber forces strategic goals, navy cyber strategy, Cyber power2020

 

fireeye-threat-report-2012

FireEye, Inc. has released its Advanced Threat Report for the First Half of 2012 and the findings aren’t in your favor.  Unfortunately the trend of the attacker getting stronger – defenses getting weaker has continued.  The main report consists of 5 overall findings which are quite alarming:

  • Finding 1: Explosion in Advanced Malware Bypassing Traditional Signature-Based Defenses.  What this means to you is that the Anti-virus, Anti-Malware, Intrusion Detection, and Intrusion Prevention capabilities on your devices are becoming less effective compared to the progress which attackers are making in getting around them.
  • Finding 2: Patterns of Attacks Vary Substantially by Industry—Attacks on Healthcare up 100%, 60% in Energy/Utilities.  The attackers are shifting toward different industries differently.  Often we as humans like to think of everything being uniform.  If I got attacked and you got attacked… then we got attacked the same way… or at least we’d like to think so.  This is often no longer the case.  Attackers in Cyberspace are quite adept at profiling you and customizing an attack to fit your individual vulnerabilities.  The importance of Internet security to secure our data and information continues to increase as more and more of ever industry becomes more dependent upon the Internet.
  • Finding 3: The Intensified Dangers of Email-Based Attacks, Both Via Links and Attachments.  Checking your email is now more dangerous than ever!  If it wasn’t bad enough that most of us sit sedentary for way to long checking the stuff.  There is a noted role reversal with malicious Links within emails now becoming more common then malicious attachments.  Yet both vectors still represent significant vulnerabilities to our network security, data, and systems.  This challenge also has a very wide spread business sector creating part of the problem.  More and more businesses are opening Affiliate programs.  These programs pay individuals a small share of any sale made.  Enter the malicious and devious attacker and you have a very easy manner in which to achieve monetary gain.
  • Finding 4: Increased Prevalence of Limited-Use Domains in Spear Phishing Attacks. We are seeing custom built, single use, email accounts being used to Spear Phish individuals.  Have you left that Facebook Friends list open to the public?  Did someone just email you that hasn’t in years (the name will be in the exact format from their Facebook account).  Usually this can easily be spotted by examining the email address of the sender to expose an actual email address that has been created just to attack you.  For example the email address will look like “John Smith” but the email might be from a0023836@somedomain.com.  You know that “Jon Smith” doesn’t have an email like that… and of course there will be some form of payload in the email like Finding 3 notes – probably a Link or even an attachment.
  • Finding 5: Increased Dynamism of Email Attachments.  Simply put the ability of protective systems to examine all forms of email attachments continues to be more important.  Simply looking at EXE, DOC, DOCX, PDF, etc. is no longer enough.  Every file requires inspection and potential action.

About FireEye, Inc.

FireEye is the leader in stopping advanced targeted attacks that use advanced malware, zero-day
exploits, and APT tactics. The FireEye solutions supplement traditional and next-generation firewalls,
IPS, anti-virus, and gateways, which cannot stop advanced threats, leaving security holes in networks.
FireEye offers the industry’s only solution that detects and blocks attacks across both Web and email
threat vectors as well as latent malware resident on file shares. It addresses all stages of an attack
lifecycle with a signature-less engine utilizing stateful attack analysis to detect zero-day threats. Based
in Milpitas, California, FireEye is backed by premier financial partners including Sequoia Capital, Norwest
Venture Partners, and Juniper Networks.

[via FireEye]