Cyber Warfare Infrastructure | Online Safety & Privacy | Cyberwarfare

STRATEGIC BRIEFING

Cyber Warfare Infrastructure

by

The Technolytics Institute

www.technolytics.com

Copyright 2001 – 2009 All Rights Reserved

STRATEGIC BRIEFING

Conflict

The Prussian philosopher Karl von Clauswitz theorized:

"Every age has its own kind of war, its own limiting conditions and its own peculiar preconceptions."

We live in an age of information focused warfare – Cyber Warfare!

www.technolytics.com

Copyright 2001 – 2009 All Rights Reserved

STRATEGIC BRIEFING

Introduction

Cyber attacks and cyber espionage are costing businesses billions of dollars a year and have now become a “National Security” issue! National security and cyber security experts believe the U.S. Government and its contractors are the targets of a growing cyber warfare effort that they suspect is being conducted by nation states and their proxies with the aim of stealing military and industrial secrets. It has been discovered that hackers and viruses infiltrated DHS and DoD systems, "exfiltrating" or copying and sending out data. This approach significantly reduces the exfiltration of data without disrupting intelligence gathering about the cyber attackers and their tools.

www.technolytics.com

Copyright 2001 – 2009 All Rights Reserved

3

STRATEGIC BRIEFING

Setting the Stage

Governments use vast amounts of information technology to conduct operations and to interface with citizens. Operations must be conducted securely and with an assurance that information is accurate and protected from unauthorized access and disclosure. Governments must also ensure the safety and security of its citizens and the nation. Information technology can aid in this area. This briefing examines the cyber warfare infrastructure that supports the defense and intelligence sectors.

www.technolytics.com

Copyright 2001 – 2009 All Rights Reserved

4

STRATEGIC BRIEFING

Thought Leadership

DEFENSE & INTEL COMMUNITY

Surprise cyber attackers with novel counter-measures.

Avoid standardization of cyber defenses.

Develop diverse overlapping cyber defense techniques.

www.technolytics.com

Copyright 2001 – 2009 All Rights Reserved

5

STRATEGIC BRIEFING

Warning

An image from al Qaeda's website features a "cracked" or broken computer which in our minds indicates a potential cyber attack!
Copyright 2001 – 2009 All Rights Reserved

www.technolytics.com

6

STRATEGIC BRIEFING

Background

• Cyber warfare is being waged on a massive scale the world over. Ostensibly friendly nations attack each others' electronic nervous systems frequently, and with reckless abandon.

– On a single day in 2008, the Pentagon was hit by would-be intruders 6 million times in a 24-hour period.

– In 2007 the Pentagon’s systems were hacked and reportedly between 20 and 27 terabytes of data was stole. Although China was “blamed” for the attack via indirect channels, there is no conclusive evidence that they were behind the breach.

www.technolytics.com

Copyright 2001 – 2009 All Rights Reserved

7

STRATEGIC BRIEFING

Background

The UK Ministry of Defense (MoD), the DoD equivalent in Britain, has begun to investigate what has been called the most significant cyber security breach after information and evidence surfaces that all emails sent from multiple Royal Air Force stations were sent to IP addresses traced back to Russia.

– Over 24 RAF bases and 75% of Royal Navy ships were impacted.

– Out of the 24 RAF stations it hit, some were recently used by the MoD to scramble fighter aircraft to head off Russian bombers testing British air defenses.

This security event resulted in the need to bring down systems and halt email communication across most, if not all, of the military.

www.technolytics.com

Copyright 2001 – 2009 All Rights Reserved

8

STRATEGIC BRIEFING

UK under Attack

Security minister Lord West told the House of Lords that the UK continues to be targeted by a "large number of attacks" and that the government is "taking action" to deal with those backed by hostile regimes. The government has said it is engaged in tackling ongoing state-sponsored cyber attacks on UK national infrastructure.

Lord West refused to confirm the nature or origin of these attacks but said cyber security is a "very dangerous area" and that the UK has become "more vulnerable as we become more connected.

www.technolytics.com

Copyright 2001 – 2009 All Rights Reserved

9

STRATEGIC BRIEFING

Cyber Weapons Evolution

High

Basic Research Early Adopters

Applied Research

Rapid Advancement

Basic Weapons
Transition

Advanced Weapons

Low

1994

1998

2002

2004

2008
Copyright 2001 – 2009 All Rights Reserved

2012

2020
10

www.technolytics.com

STRATEGIC BRIEFING

Advanced Weapons Analysis

These attacks were sophisticated. The hybrid exploit had several functions and features including:

– – – – – – – –

Self-defending Root level attacks Morphing every 35 seconds Phone home for instructions Each worm knows about other worms Programmed to work off peak operational hours Turning off computer defenses and changing settings Leverage a three part architecture like that of a missile.

Implications of advanced exploits

– – – – – –

Controlling 1 million hosts can cause enormous damage DDoS Attack Stealing and modifying data Can be leveraged for cyber-warfare Conducts pre-operational surveillance Worms can be used to gain such control in a very short period of time.
Copyright 2001 – 2009 All Rights Reserved

www.technolytics.com

11

STRATEGIC BRIEFING

Cyber Infrastructure Diagram

Cyber Countermeasures
Basic Intermediate

Offensive Cyber Weapons
Advanced

Network Connection
Cyber Reconnaissance Cyber Intelligence
Alerts

Cyber Command & Control

Traditional Command & Control
Technical Profile Enemy Profile

Cyber Analysis
Decision Support Dashboard

Cyber Warfare Infrastructure

Version: 1.25 Date: 02/12/09

What

When

Who

Where
Copyright 2001 – 2009 All Rights Reserved

Why
12

www.technolytics.com

STRATEGIC BRIEFING

Closing Thought

The United States must treat cyber security as one of the most important national security challenges it faces! This is a strategic issue on par with weapons of mass destruction and global jihad, where the government bears primary responsibility for defending our nation’s critical information infrastructure and information assets.

www.technolytics.com

Copyright 2001 – 2009 All Rights Reserved

13

STRATEGIC BRIEFING

QUESTIONS & ANSWERS

?

?
?

?
?

?

?
? ?

? ?

?

?

?
?

? ?
?

?

?

?
?
?
?

?

?
?

?
?
?

?
?

?
?

? ?

?

?
?
Copyright 2001 – 2009 All Rights Reserved

?

www.technolytics.com

?

14

STRATEGIC BRIEFING

About Technolytics
The Technolytics Institute (Technolytics) was established in 2000 as an independent executive think-tank. Our primary purpose is to undertake original research and develop substantive points of view on strategic issues facing executives in businesses, government and industry around the world. Our strategic goals focus on improving critical measures of performance, creating sustainable competitive advantage, delivering innovation and technology, and managing security and risk. We operate three centers: [Business & Commerce] – [Security & Intelligence] and [Science & Technology] and serve client in business, government and industry.

Kevin G. Coleman

4017 Washington Road Mail Stop #348 McMurray, PA 15317 P 888-650-0800 C 412-818-7656 F 412-260-2773 E kgcoleman@technolytics.com

Kevin G. Coleman is a highly skilled executive, management consultant and cyber warfare strategist with significant knowledge and experience in multiple industries. He currently holds an active security clearance with the Department of Defense and is a recognized authority in computer security, crime and cyber terrorism. A Certified Management Consultant (CMC), he is an expert in the technology and compliance areas. CMC is the certification marks awarded by the Institute of Management Consultants USA and represents evidence of the highest standards of consulting and adherence to the ethical canons of the profession. Fewer than 1% of all consultants have achieved this level of excellence. He has experience in security and compliance within multiple industries including: high technology, financial services, manufacturing, defense, retail/consumer products and energy.
Copyright 2001 – 2009 All Rights Reserved

www.technolytics.com

15

Sign up to vote on this title
UsefulNot useful