National Defense Strategy – United States of America

National Defense Strategy - United States of AmericaThe United States, our allies, and our partners face a spectrum of challenges, including violent transnational extremist networks, hostile states armed with weapons of mass destruction, rising regional powers, emerging space and cyber threats, natural and pandemic disasters, and a growing competition for resources. The Department of Defense must respond to these challenges while anticipating and preparing for those of tomorrow. We must balance strategic risk across our responses, making the best use of the tools at hand within the U.S. Government and among our international partners. To succeed, we must harness and integrate all aspects of national power and work closely with a wide range of allies, friends and partners. We cannot prevail if we act alone.

As noted in the 2006 QDR, state actors no longer have a monopoly over the catastrophic use of violence. Small groups or individuals can harness chemical, biological, or even crude radiological or nuclear devices to cause extensive damage and harm. Similarly, they can attack vulnerable points in cyberspace and disrupt commerce and daily life in the United States, causing economic damage, compromising sensitive information and materials, and interrupting critical services such as power and information networks. National security and domestic resources may be at risk, and the Department must help respond to protect lives and national assets. The Department will continue to be both bulwark and active protector in these areas. Yet, in the long run the Department of Defense is neither the best source of resources and capabilities nor the appropriate authority to shoulder these tasks. The comparative advantage, and applicable authorities, for action reside elsewhere in the U.S. Government, at other levels of government, in the private sector, and with partner nations. DoD should expect and plan to play a key supporting role in an interagency effort to combat these threats, and to help develop new capacities and capabilities, while protecting its own vulnerabilities.

In the contemporary strategic environment, the challenge is one of deterring or dissuading a range of potential adversaries from taking a variety of actions against the U.S. and our allies and interests. These adversaries could be states or non-state actors; they could use nuclear, conventional, or unconventional weapons; and they could exploit terrorism, electronic, cyber and other forms of warfare. Economic interdependence and the growth of global communications further complicate the situation. Not only do they blur the types of threats, they also exacerbate sensitivity to the effects of attacks and in some cases make it more difficult to attribute or trace them. Finally, the number of potential adversaries, the breadth of their capabilities, and the need to design approaches to deterrence for each, create new challenges.

An underlying assumption in our understanding of the strategic environment is that the predominant near-term challenges to the United States will come from state and non-state actors using irregular and catastrophic capabilities. Although our advanced space and cyber-space assets give us unparalleled advantages on the traditional battlefield, they also entail vulnerabilities.

China is developing technologies to disrupt our traditional advantages. Examples include development of anti-satellite capabilities and cyber warfare. Other actors, particularly non-state actors, are developing asymmetric tactics, techniques, and procedures that seek to avoid situations where our advantages come into play.

Download National Defense Strategy – United States of America

The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability – CRS Report

The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability - CRS ReportIn September 2010, media reports emerged about a new form of cyber attack that appeared to target Iran, although the actual target, if any, is unknown. Through the use of thumb drives in computers that were not connected to the Internet, a malicious software program known as Stuxnet infected computer systems that were used to control the functioning of a nuclear power plant. Once inside the system, Stuxnet had the ability to degrade or destroy the software on which it operated. Although early reports focused on the impact on facilities in Iran, researchers discovered that the program had spread throughout multiple countries worldwide.

From the perspective of many national security and technology observers, the emergence of the Stuxnet worm is the type of risk that threatens to cause harm to many activities deemed critical to the basic functioning of modern society. The Stuxnet worm covertly attempts to identify and exploit equipment that controls a nation’s critical infrastructure. A successful attack by a software application such as the Stuxnet worm could result in manipulation of control system code to the point of inoperability or long-term damage. Should such an incident occur, recovery from the damage to the computer systems programmed to monitor and manage a facility and the physical equipment producing goods or services could be significantly delayed. Depending on the severity of the attack, the interconnected nature of the affected critical infrastructure facilities, and government preparation and response plans, entities and individuals relying on these facilities could be without life sustaining or comforting services for a long period of time. The resulting damage to the nation’s critical infrastructure could threaten many aspects of life, including the government’s ability to safeguard national security interests.

Iranian officials have claimed that Stuxnet caused only minor damage to its nuclear program, yet the potential impact of this type of malicious software could be far-reaching. The discovery of the Stuxnet worm has raised several issues for Congress, including the effect on national security, what the government’s response should be, whether an international treaty to curb the use of malicious software is necessary, and how such a treaty could be implemented. Congress may also consider the government’s role in protecting critical infrastructure and whether new authorities may be required for oversight.

Price: $0.99

Click here to buy from Amazon

Reverse Deception Organized Cyber Threat Counter-Exploitation

Reverse Deception Organized Cyber Threat Counter-ExploitationA complete guide to understanding and fighting advanced persistent threats—today's most destructive risk to enterprise security

Reverse Deception: Organized Cyber Threat Counter-Exploitation explains how to identify advanced persistent threats (APTs), categorize them according to risk level, and prioritize your actions accordingly by applying expert, field-tested private- and government-sector methods (NSA, FBI, and DOD).

APTs cannot be seen, spread invisibly, and then continue to live in an enterprise network, undetected. In this one-of-a-kind book, the authors explain how to get—and stay—ahead of today's well-organized and extremely persistent brand of network enemies. The book describes the characteristics of malware and botnets, how they can morph, evade detection, and spin off decoys that live in-network, while appearing to have been cleaned up and debugged. This detailed guide then reveals how to detect the appearance of malicious code, decode the types of enemies they originate from, and finally, how to extricate malcode and deflect its future entry into networks.

Reverse Deception: Organized Cyber Threat Counter-Exploitation features:

  • Full coverage of the #1 feared type of network attack today, the APT
  • Descriptions of cyber espionage tactics seen in the U.S. and internationally, with comparisons of the types of countermeasures permissible by law in the U.S. and Asia versus less strict countries in Europe, the Middle East, and Africa
  • Enthralling case studies and true stories from the authors' FBI, DOD, NSA, and private sector work
  • Foreword by Fred Feer, a security professional with 40 years’ experience with the U.S. Army counterintelligence, CIA, RAND, and independent consulting
  • Complete coverage of key aspects of deception, counter-deception, behavioral profiling, and security within the cyber realm
  • Cat-and-mouse strategies from the best in the game—explains how to implement deception and disinformation techniques against a variety of incoming threats aimed at enticing adversaries out into the open
  • A fresh perspective on innovative, field-tested ideas for successfully countering current digital threats—plus expected characteristics of the next threats to come
  • Legal explanations of capabilities, limitations, and requirements for assisting law enforcement investigations

Coverage includes:
Deception Throughout History to Today; The Applications & Goals of Cyber Counterintelligence; The Missions and Outcomes of Criminal Profiling; Legal & Ethical Aspects of Deception; Attack Tradecraft; Operational Deception; Tools, Tactics & Procedures; Attack Attribution; Black Hat Motivators; Understanding Advanced Persistent Threats; When & When Not to Act; Implementation & Validation Tactics

Price: $40.00

Click here to buy from Amazon

 

National Strategy of Defense – Peace and Security for Brazil

National Strategy of Defense - Peace and Security for BrazilBrazil is a peaceful country, by tradition and conviction. It lives in peace with its neighbors. It runs its international affairs, among other things, adopting the constitutional principles of non-intervention, defense of peace and peaceful resolution of conflicts. This pacifist trait is part of the national identity, and a value that should be preserved by the Brazilian people.
Brazil – a developing country – shall rise to the first stage in the world neither promoting hegemony nor domination. The Brazilian people are not willing to exert their power on other nations. They want Brazil to grow without reigning upon others.
This is perhaps the reason why Brazil has never conducted a wide discussion about its own defense affairs throughout its history. Periodically, governments used to authorize the acquisition or production of new defense products, and introduced specific reforms in the Armed Forces. However, a national strategy of defense has never been proposed to systematically guide the reorganization and reorientation of the Armed Forces; the organization of the defense industry in order to ensure the operational autonomy of the three service branches: the Navy, the Army and the Air Force; and the policies for the composition of their troops, moreover reconsidering the Mandatory Military Service.
However, if Brazil is willing to reach its deserved spot in the world, it will have to be prepared to defend itself not only from aggressions, but equally from threats.
Intimidation overrides good faith in the world where we live. Nothing substitutes the engagement of the Brazilian people in the debate and construction of their own defense.

The 6th National Strategy of Defense guideline:

“To strengthen three strategically important sectors: cybernetics, space and nuclear. This process of strengthening will ensure the fulfillment of the concept of flexibility. As a result of their own nature, these sectors transcend the border line between development and defense, between the civilian and the military. Both space and cybernetics sectors will, together, enable that the capacity to see one’s own country do not depend on foreign technology, and that the Armed Forces, together, can network supported by a monitoring system also space-based. Brazil is committed – as per the Federal Constitution and the Treaty on the Non-Proliferation of Nuclear Weapons – to the strictly peaceful use of nuclear energy. However, Brazil also asserts its strategic need to develop and master nuclear technology. The country needs to ensure the balance and the versatility of its energy matrix and advance in areas such as agriculture and health, which may benefit from nuclear energy technology. And carry out, among other initiatives that require technological independence in terms of nuclear energy, the nuclear-propelled submarine project.”

Download Estratégia Nacional de Defesa – Paz e segurança para o Brasil
Download National Strategy of Defense – Peace and security for Brazil
Download Estrategia Nacional de Defensa – Paz y seguridad para Brasil
Download Stratégie Nationale de Défense – Paix et Sécurité au Brésil

Cybersecurity: Public Sector Threats and Responses (Public Administration and Public Policy)

Cybersecurity: Public Sector Threats and Responses (Public Administration and Public Policy)The Internet has given rise to new opportunities for the public sector to improve efficiency and better serve constituents in the form of e-government. But with a rapidly growing user base globally and an increasing reliance on the Internet, digital tools are also exposing the public sector to new risks.

An accessible primer, Cybersecurity: Public Sector Threats and Responses focuses on the convergence of globalization, connectivity, and the migration of public sector functions online. It identifies the challenges you need to be aware of and examines emerging trends and strategies from around the world. Offering practical guidance for addressing contemporary risks, the book is organized into three sections:

 

  • Global Trends—considers international e-government trends, includes case studies of common cyber threats and presents efforts of the premier global institution in the field
  • National and Local Policy Approaches—examines the current policy environment in the United States and Europe and illustrates challenges at all levels of government
  • Practical Considerations—explains how to prepare for cyber attacks, including an overview of relevant U.S. Federal cyber incident response policies, an organizational framework for assessing risk, and emerging trends

 

Also suitable for classroom use, this book will help you understand the threats facing your organization and the issues to consider when thinking about cybersecurity from a policy perspective.

Price: $59.95

Click here to buy from Amazon