Amazon Price: N/A (as of October 20, 2017 22:15 –
Public government statements have cited cyber-attacks by terrorists as a major concern for national security. To date, no large-scale cyber-terrorist attack has been observed, but terrorists are known to be using the Internet for various routine purposes. The discovery of Stuxnet in 2010 was a milestone in the arena of cybersecurity because, although a malware attack on industrial control systems was long believed to be theoretically possible, it was different to see malware used in reality to cause real physical damage. Stuxnet demonstrated that a sufficiently determined adversary with sufficient resources might be able to damage U.S. critical infrastructure physically through a cyber attack. Did Stuxnet change the threat of cyber-terrorism?
This monograph examines cyberterrorism before and after Stuxnet by addressing three questions: 1) Motive—Are terrorists interested in launching cyber-attacks against U.S. critical infrastructures? 2) Means —Are terrorists building capabilities and skills for cyberattacks? and, 3) Opportunity—How vulnerable are U.S. critical infrastructures? Answers to these questions give a characterization of the post-Stuxnet cyberterrorism threat. The next question is why a major cyber-terrorist attack has not happened yet; this is explained from a cost-benefit perspective. Although cyberterrorism may not be an imminent threat, there are reasons to be concerned about the long-term threat and inevitability of cyberattacks. It is important to assess frequently the threat landscape and current government policies for enhancing the protection of national infrastructures.
Continue reading “Cyberterrorism After Stuxnet – Terrorist Cyberattacks, Distributed Denial of Service (DDoS), Motives, Critical U.S. Infrastructure Vulnerabilities, al-Qaeda Computer Capability, PC Attacks”
Amazon Price: N/A (as of October 20, 2017 14:55 –
This research paper analyzes the globalization trend and the effect it is having on the ability to conduct asymmetrical attacks against the United States and our Allies worldwide. This research is intended to provide insight into the way that globalization is allowing our potential adversaries to act on a global scale.
Globalization is having a tremendous effect on the ability of terrorist and criminal organizations to act on a global scale. These organizations are using asymmetrical means to target U.S. interests at home and abroad. The events of September 11th were the culminating effect of this trend that has played an increasingly greater role in the world in which we live. This research paper analyzes the globalization trend and the effect it is having on the ability to wage this new type of war. The negative effects of globalization have continued to create a large disenfranchised population primarily centered in the Middle East, Africa, and Asia. This disenfranchised population has become the recruitment pool and their countries have become training bases for the networked terrorist and criminal who take advantage of the tools of globalization. Those tools include the internet that provides secure means of communication, the technology that enables them to act, and the porous environment that allows one to move around the world undetected. The U.S. needs to develop a better National Security Structure to deal with this threat and solve longstanding foreign policy issues. This security structure would take advantage of a network architecture that would be much more suited to managing information which is the primary weapon in the globally connected world. Policy changes would address issues that only fuel resentment and hatred towards the U.S. and make it easier for our adversaries to plan and conduct asymmetrical attacks.
Continue reading “Globalization and Asymmetrical Warfare – Information and Technology, Media Effects, Merging of Defense and Commercial Technologies, Nuclear and Cyber Attack Threats to America, Force Structure”
Amazon Price: N/A (as of October 21, 2017 01:41 –
This excellent report has been professionally converted for accurate flowing-text e-book format reproduction. As the United States Air Force develops doctrine, education, and organization for cyberspace, we need to consider the traditional principles of war and how/if they apply to cyberspace, and under what situations, so we can develop a conceptual foundation for effective cyberspace warfighting doctrine. Most importantly, we should understand the cyberspace domain requires a new and different way of thinking to develop the most useful doctrine, education, and organizational structures. We must avoid falling into the trap of merely rewording existing air and space doctrine by simply replacing "air" or "space" with "cyber."
There are generally two predominant traditions for principles of war—the western view of Clausewitz and the eastern view of Sun Tzu. Clausewitz's western Newtonian world conceptualizes war using mass, objective, and maneuver among other principles in a state-on-state kinetic war for a political objective. However, Sun Tzu's eastern world conceptualizes war focusing on the criticality of intelligence, deception to defeat the mind of the enemy, and knowing that relationships between things matter most in the strategy of war. It is essential to examine which tradition is the best guide for developing cyber strategy; or do we need a combination?
Continue reading “Principles of War for Cyberspace – Cultures of Strategy in Cyberspace, Clausewitzian Cyberthink, Sun Tzu Cyberthink, Yin and Yang in Cyberspace, Doctrine and Education”
Amazon Price: N/A (as of October 20, 2017 15:36 –
Professionally converted for accurate flowing-text e-book format reproduction, this unique book discusses the realities of deterrence and retaliatory options to attacks in space and cyberspace.
Since the last years of the 20th Century, threats in space and cyberspace have become prominent, to the point where an attack can threaten state sovereignty and have regional, if not global consequences. These threats are emerging at the same time that the United States' reliance on its own space and cyber capabilities increases to maintain international diplomatic leadership and conventional military superiority. US national policy speaks to deterring and defending against such attacks, but a lack of international precedent and the legal limitations of war, specifically attribution, proportionality and discrimination, limit United States response options to an unprovoked attack in these domains. In order to establish an effective deterrence, the United States must move away from the Cold War model and fashion a global environment that fosters effective deterrent strategies. Building this new order requires the United States lead the international debate to define attacks in space and cyberspace and appropriate "self-defense" responses under Article 51 of the United Nations Charter. The United States must demonstrate the political will to take action unilaterally, if necessary, to set precedent, and erase the failures of past transgressions, including NATO's failure to respond to the Estonia cyber attacks in 2007. As deterrence is predicated on the ability to attribute in order to hold an adversary at risk, the United States must improve its ability to detect and attribute attacks in space and cyberspace. Finally, the United States must reduce its space and cyberspace vulnerabilities and prove to any potential adversary that its military can successfully fight through any degradation and win. Unless the United States takes prominent actions on these fronts and establishes an international recognized lexicon on space and cyberspace, any deterrent posture will likely fail and it will remain at risk to asymmetric attacks by adversaries emboldened by a veil of anonymity, who see the benefits of attacking the United States outweighing the risk of an unprovoked first strike.
Amazon Price: N/A (as of October 21, 2017 06:32 –
This anthology of cyber analogies will resonate with readers whose duties call for them to set strategies to protect the virtual domain and determine the policies that govern it. Our belief it that learning is most effective when concepts under consideration can be aligned with already-existing understanding or knowledge. Cyber issues are inherently tough to explain in layman's terms. The future is always open and undetermined, and the numbers of actors and the complexity of their relations are too great to give definitive guidance about future developments. In this report, historical analogies, carefully developed and properly applied, help indicate a direction for action by reducing complexity and making the future at least cognately manageable.
The Cyber Analogies Project was launched in 2012 to assist U.S. Cyber Command in identifying and developing relevant historical, economic, and other useful metaphors that could be used to enrich the discourse about cyber strategy, doctrine, and policy. The intent of the project is to provide useful insights, both for those with little technical background in or direct connection to cyberwar and cyber security and for those whose job it is to think about the spectrum of cyber-related issues every day. The project was conceived and carried out to help very senior, busy, responsible people understand topics and issues that are fast-moving and dynamic, and have potentially great consequences for society, security, and world affairs.
Continue reading “Cyber Analogies: Historical Parallels to Cyber Warfare, Cyber and Computer Security, Cyber Pearl Harbor Surprise Attack, Nuclear Scenarios, Internet and Web Attacks, Vulnerabilities”