Category Archives: CND

We live in a world where a few top-quality hackers can accomplish a considerable amount of damage at the national and strategic level.

Cyberwar Case Study: Georgia 2008 ( http://smallwarsjournal.com/blog/journal/docs-temp/639-hollis.pdf )

Read the whole thing, then come back and think about:

. . . There was another historically unique and critical aspect to the fighting – the emergence of synchronized cyberspace domain actions as an intelligence indicator for strategic, operational, and tactical level military operations. Unlike the (alleged) Russian cyberattack upon Estonia in 2007, the (alleged) Russian cyberattack on Georgia was accompanied by physical domain combat between Russian and Georgian military forces. The (alleged) Russian network attack operations in virtual cyberspace occurred prior to hostilities and later mirrored (apparently synchronized with) Russian combat operations in the land warfighting domain.7 These attacks included various distributed denial of service (DDOS) attacks to deny/disrupt communications and information exfiltration activities conducted to accumulate military and political intelligence from Georgian networks. These attacks also included web site defacement for Russian propaganda purposes.8 One of the first elements of Georgian society that were attacked was a popular hacker forum – by attempting to take out Georgian hackers, Russian-supported hacker militia preemptively tried to forestall or mitigate a counter-attack (or returning fire) from Georgian hackers.9 What is not widely known is that pro-Georgian hackers made limited but successful network counter-attacks against Russian targets.10 Hacker wars between (often quite talented) patriotic amateur hackers, cyber militias, and organized criminal gangs have become a widely accepted de facto form of nation-state conflict over the past twenty years (for example: Israeli vs Arab/Muslim (Sept 2000), India vs Pakistan, US vs China (April-May 2001), Russian vs Estonia (April-May 2007), etc…). These non-governmental national assets are generally used for the traditional purposes of imposing one nation’s will and conditions upon another.

Two and a half years later and we can only allege? That’s the plausible deniability irregular information operators offer.

One of the first targets of enemy Civilian Irregular Information Operators will be friendly Civilian Irregular Information Operators.

What are some of the operational and intelligence lessons that can be drawn from these conclusions? First, for Russia or China to employ their people’s patriotic ‘hacker militia’ to conduct a network attack against a target nation-state, they must engage them first – to motivate and ‘sell’ them on the concept; steer them toward appropriate targets; synchronize those cyberspace operations with combat activity in the physical realm; and discuss the most effective cyberspace tactics, techniques and procedures (TTPs) to be used. The patriotic hackers and cyber militias need to be focused by the aggressor government against the opponent‟s center of gravity and their activities to be synchronized with attacks against that center of gravity from the other domains. These hackers and cyber militias need to understand the opponent‟s center of gravity in order to develop cyberspace domain approaches and techniques to effectively attack it. These preliminary cyberspace activities often create an identifiable signature that can be tracked and monitored in advance of combat operations. Nations need to monitor hacker chat rooms and communications of potential aggressor nations in order to intercept and understand this activity.

How would the United States employ our people’s patriotic ‘hacker militia’?
What arm of the fedgov.mil octopus could engage them, motivate and ‘sell’ them on the concept, steer them toward appropriate targets; synchronize those cyberspace operations with combat activity in the physical realm; and discuss the most effective cyberspace tactics, techniques and procedures (TTPs) to be used?

Nobody in our .gov/.mil could overtly engage them without suffering political retribution from Legislative/Executive branch elements that do not want American patriotic hacker militias engaged. That leaves former or retired .gov/.mil beyond the reach of retribution, and contractors that don’t get much political oversight.

Russian-oriented hackers/militia took out news and local government web sites specifically in the areas that the Russian military intended to attack in the ground and air domains. The Federal and local Georgian governments, military, and local news agencies were unable to communicate with Georgian citizens that were directly affected by the fighting. This provided an intelligence indicator of the ground and air attack locations. It created panic and confusion in the local populace, further hindering Georgian military response. This effect also provides a future aggressor nation with an opportunity to conduct military deception operations via feints and ruses to mislead the target nation population, government, and military. A sudden „blackout’ of cyberspace activities in a specific region may provide an indicator of a tactical or operational level conventional attack. Or it could be used as a sophisticated cyberspace operation as part of a larger deception plan, creating a feint in the cyberspace domain to lure opposing forces into believing an attack is imminent in another warfighting domain. Use of patriotic hackers and cyberspace militia themselves might be a deception effort to attract the target nation‟s attention away from the aggressor nation‟s top-quality military and intelligence community cyberspace operators that quietly conduct the main effort in the overall cyberspace domain operation.

Are we even allowed to use MILDEC anymore? Could any U. S. MILDEC’ers work by, with and through American patriotic hackers and cyberspace militia?

In future combat, aggressor nation patriotic hacker militia can be called upon to conduct cyberspace fire & maneuver operations performed directly in support of forces in other domains, They could also be extensively utilized to conduct deception efforts in cyberspace in support of operations in the other domains or to act as a distraction for other cyberspace operations conducted by government professionals against target nation high value targets (HVT).

UPDATE 012911: This Week at War: Lessons from Cyberwar I

5 Comments

Filed under CNA, CND, Info Warriors, IW, PSYOP Auxiliaries

Estonian Civilian Irregular Information Defense Group

Volunteer Cyber Army Emerges In Estonia

Maybe it won’t be an all-volunteer Cyber Army.

Conscripting Cyber Experts to Protect IT Infrastructure

There is enough national unity in Estonia to have a Cyber Defense League. In America, the usual suspects would beat it to death through PSYOP in the media and LAWFARE in the courts.

Small Wars Council discussion here.

Comments Off on Estonian Civilian Irregular Information Defense Group

Filed under CND, Info Warriors, IW, Lawfare, PSYOP

Cyber guerrillas can help US

http://www.ft.com/cms/s/0/d3dd7c40-ff15-11df-956b-00144feab49a.html#axzz179p6Blrv

Evgeny Morozov’s “cyber guerrillas” are referred to as Civilian Irregular Information Operators on this blog, but we are both talking about non-state actors. 

Morozov essentially wants somebody to persuade, change and influence the sophomoric Julian Assange to collaborate with traditional media, redact sensitive files, and offer those in a position to know about potential victims of releases the chance to vet the data and turn Wikileaks into a new Transparency International.

I want him dead.

Morozov thinks that would create a global movement of anti-American politicised geeks clamouring for revenge.

Possibly.

Are there enough pro-American politicised geeks to counter vengeful anti-American politicised geeks?

Are there any U. S. .mil /.gov Information Operators capable of  countering vengeful anti-American politicised geeks working by, with and through pro-American politicised geeks?  No real way of knowing.  Bound to be some who are capable of it, but of those, how many are willing to risk their careers associating with politically incorrect  pro-American politicised geeks?

6 Comments

Filed under CNA, CND, IA, Idea War, IW, Morale Operations, PSYOP Auxiliaries, Resisters

Utah Data Center

Balfour Beatty/DPR/Big-D, Salt Lake City, Utah, was awarded on Sept. 24 a $479,000,000 firm-fixed-price construction contract for the Utah Data Center. The Utah Data Center is an Office of the Director of National Intelligence military construction project. The project will consist of building a data center and all associated ancillary requirements. Work is to be performed in Camp Williams, Utah, with an estimated completion date of Jan. 15, 2014. Bids were solicited on the World Wide Web with no bids received. U.S. Army Corps of Engineers, Baltimore District, Baltimore, Md., is the contracting activity (W912DR•10•C•0094)

Camp Williams?

Army-funded Utah data center to be used by NSA for cybersecurity operations

UPDATE 01042011 Thursday ceremony to begin construction at $1.2 billion NSA center

Comments Off on Utah Data Center

Filed under CND, G-2

Cyber Operations Planner 2

This is the kind of job .mil is seeking contractors to do for them. Not the point of contact, so don’t ask this disgruntled former employee of that particular component of the Military-Industrial Complex for help getting this gig. Blogged here because civilian contractors hired to be cyber operations planners for Regulars are Civilian Irregular Information Operators.

Works as an Operations Analyst at the Army’s Regional Computer Emergency Response Team located at Ft. Gordon, Ga. Responsible for functions pertaining to planning, coordinating, executing, tracking, and reporting of unit operations. Supports the deployment of teams on short-notice and preplanned missions in response to computer security events at Army posts, camps, and stations around the world. Supports the development and maintenance of Tactics, Techniques and Procedures and Standard Operating Procedures. Coordinates vertically and horizontally across internal and external organizations. Responsible for matters that concern training, planning, coordination of missions, operations and plans.
Coordination based on customer needs and requirements. Evaluate and recommend uses of resources required by customer missions in order to complete successfully.

Essential Functions: Preparation, coordination, authentication and distribution of SOP, Operations Plans, Operations Orders, fragmentary orders (FRAGOs), warning orders, review of plans and orders of other departments. Reviews, disseminates and explains plans and orders of other departments to team members. Reviews customer OPLANs and OPORDs for completeness. Ensures necessary support requirements are provided when and where required for the customer. Will be responsible to complete various reports, status updates, and conduct briefings on a variety of subjects. Mission planning and data entry utilizing various mission planning and reporting software applications.

Basic Qualifications:

Exceptional communication skills, strong writing skills. Experience with Military Staff organization and operations policies and procedures is desired. Microsoft Office expertise, Military Decision Making Process (MDMP), and the Joint Operation Planning Process (JOPP), Strong customer interface skills required. Demonstrated ability to schedule and manage support requirements in a dynamic work environment. Secret Clearance required and must be clearable to TS/SCI. Bachelors Degree and 2 years experience, Masters degree and 0 years of experience, or 6 years of relevant experience in lieu of a degree.

Preferred Qualifications:

Experience in performing duties as Battle Captain are highly desired. Functional experience in S3 Operations with experience in developing Operation Orders (OPORDs), Operation Plans (OPLANs), FragmentaryOrders (FRAGOs), and Warning Orders (WARNOs) is desired. Experience with Military Staff organization and operations policies and procedures is desired. Bachelors Degree and 2 years experience, or Masters degree and 0 years of experience preferred

A Department of the Army Civilian GS-13 doing this exact same job would be a Civilian Regular Information Operator, likely a member of Local 2017, American Federation of Government Employees, AFL-CIO, and damn hard to be shed of once his services are no longer required.

1 Comment

Filed under CNA, CND, IA, Info Warriors

Beam Me Up, Scotty

New Air Force Cyberspace badge guidelines released

The Air Force’s Chief of Warfighting Integration and Chief Information Officer said the new badge reflects the importance of cyber operations. “The Air Force’s cyberspace operators must focus on operational rigor and mission assurance in order to effectively establish, control, and leverage cyberspace capabilities. The new cyberspace operator badge identifies our cyberspace professionals with the requisite education, training, and experience to operate in this new critical domain. The badge symbolizes this new operational mindset and the Air Force’s commitment to operationalize the cyberspace domain,” said Lt Gen William T. Lord.

And there really are Cyber Space Cadets.

Comments Off on Beam Me Up, Scotty

Filed under CNA, CND, InfoWarriors

National Defense University Blogging About Civilian Irregular Information Operators

Deterring Chinese Cyber Militias with Freedom Militias

US defenses are insufficient to stop Chinese cyber attacks. The US-China Economic and Security Review Commission estimates that Chinese cyber attacks cost the US hundreds of billions of dollars annually. By way of comparison, this is substantially more than the entire Chinese military budget.
What is needed is a threat that is both capable of forcing China to take notice and that it will believe the United States would execute. Such a threat exists. While China’s regime does not appear willing to be deterred by conventional diplomatic or legal complaints, it has demonstrated considerable concern about threats to its censorship apparatus.
The most effective way to threaten Chinese censorship would be for US and partner nations to develop their own cyber militias. Rather than stealing intellectual property and disabling public institutions, however, Western militias would aim at finding ways to bypass Chinese firewalls to spread internet freedom.

There already are American cyber militias. Pretty much the entire Psychological Operation effort intended for the American domestic target audience is entrusted to them. American cyber militia Computer Network Exploitation is a specialty of Internet Anthropologist Think Tank.

The Jawa Report are outstanding American cyber militia Computer Network Attackers and counterpropagandists, specializing in monitoring and taking down Jihadi websites.

Most of the conservative and libertarian blogosphere would love to be involved in disseminating information that annoys the Chicoms and spreads internet freedom behind the Great Firewall. But who amongst the .gov/.mil Regulars dares to work by, with and through Irregular Information Operators in the current political environment?

Also at GlobalSecurity.org

Countering the Cyber Jihad, 2006/04/28

Geek Battalion, 2006/05/01

Virtual Cyber Militias Must Run with the Ball OGAs Dropped, 2007/09/15

The Unorganized Cyber Militia of the United States, 2007/09/26

Wedges and Mauls, 2007/09/30

Irregular Restrictive Measures — Blogospheric Computer Network Attack, 2007/10/11

Plausibly Deniable Cat Herders, 2007/10/19

People’s Information Support Team, 2008/02/24

Fuzzy Bunny Slippers IO — The Rise of Pajamahadeen, Virtual Militias, and Irregular Information Operators, 2008/05/22

Red Chinese Cyber-Militia, 2008/05/29

Civilian Irregular Auxiliary Counterprogandists Contributed To Victory, 2008/11/22

Public Affairs and Information Operations, 2008/12/31

eResistance in Moldova, 2009/04/07

The amateurization of cyberwarfare, 2009/08/09

3 Comments

Filed under CNA, CND, IA, Info Warriors, Pamphleteers, PSYOP Auxiliaries