SlideShare a Scribd company logo

The Revolution in Military Affairs has Set the Stage for Cyberwar

Richard Stiennon
Richard Stiennon

The document discusses how the Revolution in Military Affairs and push for network-centric warfare has left military networks vulnerable to cyber attacks. It outlines several past failures in securing military IT systems and networks that have allowed data theft and malware infections. The document warns that without improved security, future conflicts could involve crippling cyber attacks that undermine military communications, intelligence, and weapon systems like drones and the F-35 fighter. It defines cyberwar as using cyber attacks to support military force and outlines how a "Cyber Pearl Harbor" could involve defeating US forces through gaining information dominance in a conflict.

TechnologyBusinessNews & Politics
1 of 25
Download to read offline
The Revolution in Military Affairs has Set the Stage for Cyberwar
 Richard Stiennon Chief Research Analyst IT-Harvest ! Executive Editor securitycurrent.com ! twitter.com/cyberwar securitycurrent
! twitter.com/cyberwar securitycurrent
1996 Taiwan Straits Crisis "Admiral Clemens was able to use e-mail, a very graphic- rich environment, and video teleconferencing to achieve the effect he wanted", which was to deploy the carrier battle groups in a matter of hours instead of days.” -Arthur Cebrowski USS Nimitz and USS Independence deploy to Taiwan. securitycurrent

 The Revolution in Military Affairs • Roman centuries • Long bow and battle of Crecy • Napoleon’s staff command • Machine guns • Mechanized armor, blitzkrieg securitycurrent
The Modern RMA • Operation Desert Storm leads to: • Russian assessment of precision weapons ISR C&C securitycurrent
Andrew Marshall: Enigmatic Strategist securitycurrent Andrew W. Marshall (born September 13, 1921) is the director of the United States Department of Defense's Office of Net Assessment.

 Arthur Cebrowski: Evangelist securitycurrent “Network Centric Warfare should be the cornerstone of transformation. If you are not interoperable you are not on the net. You are not benefiting from the information age”.
The Dream securitycurrent Total Situational Awareness eliminates “the fog of war”! ! Red Team - Blue Team identification! ! Central Command and Control. Distributed battle command.! ! Networked Intelligence, Surveillance Reconnaissance (ISR)
Network Centric Warfare securitycurrent Everything connected (like the Internet) ! Satellite-Planes-Drones-Ground-Sea based sensor grid ! Instant communication over a Global Grid
IT-Harvest Confidential Deja vu all over again We’ve seen this story payed out before in the enterprise. ! ! First network everything. Take advantage of connectivity and ubiquity to re-invent commerce, social interactions, and communications. ! ! Second: succumb to attacks from hackers, cyber criminals, hacktivists, and nation states.! ! Finally: Layer in security
IT-Harvest Confidential How the Military Failed in Security April 1, 2001 a Navy EP-3E was forced down and captured by China. Top secret OS compromised! ! In 2008 China blatantly flooded communication channels known to be monitored by the NSA with decrypted US intercepts, kicking off a major re-deployment. SEVEN years too late. ! ! ! ! !
IT-Harvest Confidential How the Military Failed in Security Pentagon email servers p0wned 2007! ! Terabytes of data exfiltrated to China from the Defense Industrial Base. The target? Joint Strike Fighter design data.! ! ! !
IT-Harvest Confidential Military IT Security Failures The Wake Up Call ! ! BUCKSHOT YANKEE ! ! Agent.btz introduced via thumb drive in a forward operations command (Afghanistan?) ! ! EVERY Windows machine re-imaged in the entire military (3 million +) at a cost of $1 Billion.
IT-Harvest Confidential Drone madness 1
IT-Harvest Confidential Drone madness 2
IT-Harvest Confidential Drone madness 3
SATCOM Vulns securitycurrent • “We uncovered what would appear to be multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms.” - IOActive
Software Assurance maturity came after most new weapons platforms were sourced. securitycurrent One Air Force study of 3 million lines of code revealed: ! ! One software vulnerability per 8 lines of code ! ! One high vulnerability per 31 lines of code! ! One critical vulnerability for 70 lines of code
The F-35 Joint Strike Fighter securitycurrent ! “JSF software development is one of the largest and most complex projects in DOD history.” ! ! -Michael J. Sullivan, Director Acquisition and Sourcing Management for the DoD:!
The F-35 Joint Strike Fighter • Nine million lines of onboard code could mean 128,000 critical vulns • 15 million lines of logistics code could mean another 214,000 critical vulns • What could possibly go wrong? securitycurrent
Taiwan Straits Crisis. 2015? securitycurrent GPS hacks deflect jets away from tankers ! Mission tasking subverted ! Communications intercepts mislead commander ! Radar jamming masks enemy movement ! Result? ! Military defeat
A Working Definition of Cyberwar securitycurrent The use of network and computer attack to support the operations of a military force.
Cyber Pearl Harbor Defined securitycurrent An overwhelming defeat of US forces due to ! enemy information dominance.
securitycurrent
securitycurrent securitycurrent.com ! ! email: richard@it-harvest.com ! Twitter: twitter.com/cyberwar

Recommended

Governments As Malware Authors - Mikko Hypponen at Black Hat 2014
Governments As Malware Authors - Mikko Hypponen at Black Hat 2014Governments As Malware Authors - Mikko Hypponen at Black Hat 2014
Governments As Malware Authors - Mikko Hypponen at Black Hat 2014Mikko Hypponen
 
Self Learning Anti Drone System
Self Learning Anti Drone SystemSelf Learning Anti Drone System
Self Learning Anti Drone Systemyovist taufan
 
Drone it is
Drone it isDrone it is
Drone it isAshutosh Singh
 
Information security in the starbucks generation
Information security in the starbucks generationInformation security in the starbucks generation
Information security in the starbucks generationTony Lauro
 
White Paper - Countering Drones at Airports 2019 by DGS
White Paper - Countering Drones at Airports 2019 by DGSWhite Paper - Countering Drones at Airports 2019 by DGS
White Paper - Countering Drones at Airports 2019 by DGSDanielCHOU25
 
The dhahram patriot missile failure (1)
The dhahram patriot missile failure (1)The dhahram patriot missile failure (1)
The dhahram patriot missile failure (1)Madushan Sandaruwan
 
The rising chinese threat
The rising chinese threatThe rising chinese threat
The rising chinese threatelopez560
 
Manava project
Manava projectManava project
Manava projectgoutamsinghbisht
 

Recommended

Governments As Malware Authors - Mikko Hypponen at Black Hat 2014
Governments As Malware Authors - Mikko Hypponen at Black Hat 2014Governments As Malware Authors - Mikko Hypponen at Black Hat 2014
Governments As Malware Authors - Mikko Hypponen at Black Hat 2014Mikko Hypponen
 
Self Learning Anti Drone System
Self Learning Anti Drone SystemSelf Learning Anti Drone System
Self Learning Anti Drone Systemyovist taufan
 
Drone it is
Drone it isDrone it is
Drone it isAshutosh Singh
 
Information security in the starbucks generation
Information security in the starbucks generationInformation security in the starbucks generation
Information security in the starbucks generationTony Lauro
 
White Paper - Countering Drones at Airports 2019 by DGS
White Paper - Countering Drones at Airports 2019 by DGSWhite Paper - Countering Drones at Airports 2019 by DGS
White Paper - Countering Drones at Airports 2019 by DGSDanielCHOU25
 
The dhahram patriot missile failure (1)
The dhahram patriot missile failure (1)The dhahram patriot missile failure (1)
The dhahram patriot missile failure (1)Madushan Sandaruwan
 
The rising chinese threat
The rising chinese threatThe rising chinese threat
The rising chinese threatelopez560
 
Manava project
Manava projectManava project
Manava projectgoutamsinghbisht
 
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of AerospaceWIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of AerospaceSpace Foundation
 
Hacking
HackingHacking
HackingNarendraGadde2
 
Everyday Life UAV Drone Applications
Everyday Life UAV Drone ApplicationsEveryday Life UAV Drone Applications
Everyday Life UAV Drone ApplicationsUltimate UAV
 
"Hacking"
"Hacking""Hacking"
"Hacking"Ameesha Indusarani
 
Hacking
HackingHacking
Hackingkill4love
 
DRNE INVESTOR PRESENTATION
DRNE INVESTOR PRESENTATIONDRNE INVESTOR PRESENTATION
DRNE INVESTOR PRESENTATIONRedChip Companies, Inc.
 
Techno-Quiz Finals
Techno-Quiz FinalsTechno-Quiz Finals
Techno-Quiz FinalsPranshu Agarwal
 
Srlc brief
Srlc briefSrlc brief
Srlc briefRashidah Rahim
 
Img overview.2014
Img overview.2014Img overview.2014
Img overview.2014impactwithkangen
 
Mil soft company overview 2012 v2
Mil soft company overview 2012 v2Mil soft company overview 2012 v2
Mil soft company overview 2012 v2milsoftSDC
 
Bg bryant
Bg bryantBg bryant
Bg bryanticemsg
 
Session 8 - Next 100 Years
Session 8 - Next 100 YearsSession 8 - Next 100 Years
Session 8 - Next 100 YearsNavy Webmaster
 
Biz Model for pureLiFi
Biz Model for pureLiFiBiz Model for pureLiFi
Biz Model for pureLiFiJeffrey Funk Business Models
 
Nco Role In Battlefield Management
Nco Role In Battlefield ManagementNco Role In Battlefield Management
Nco Role In Battlefield ManagementNavneet Bhushan
 
There WIll Be Cyberwar
There WIll Be Cyberwar There WIll Be Cyberwar
There WIll Be Cyberwar Richard Stiennon
 
Education and Enculturation of Junior Officers in USN FORCEnet & Network Cen...
Education and Enculturation of Junior Officers in USN FORCEnet & Network Cen...Education and Enculturation of Junior Officers in USN FORCEnet & Network Cen...
Education and Enculturation of Junior Officers in USN FORCEnet & Network Cen...Mark Tempestilli
 
The “Predictive” Battlespace: Leveraging the Power of Event-Driven Architect...
The “Predictive” Battlespace: Leveraging the Power of Event-Driven Architect...The “Predictive” Battlespace: Leveraging the Power of Event-Driven Architect...
The “Predictive” Battlespace: Leveraging the Power of Event-Driven Architect...Nathaniel Palmer
 
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSSECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSMarco Lisi
 
Military, Defense and Public Safety Mesh Networks [MeshDynamics]
Military, Defense and Public Safety Mesh Networks [MeshDynamics]Military, Defense and Public Safety Mesh Networks [MeshDynamics]
Military, Defense and Public Safety Mesh Networks [MeshDynamics]MeshDynamics
 
Milcom10 T10 Optical Ethernet Sharma Davari 2010 11 01
Milcom10 T10 Optical Ethernet Sharma Davari 2010 11 01Milcom10 T10 Optical Ethernet Sharma Davari 2010 11 01
Milcom10 T10 Optical Ethernet Sharma Davari 2010 11 01Vishal Sharma, Ph.D.
 
Paul final voip
Paul final voipPaul final voip
Paul final voipPaul Fares
 
Bonchek -Lessons from Network Centric Warfare
Bonchek -Lessons from Network Centric WarfareBonchek -Lessons from Network Centric Warfare
Bonchek -Lessons from Network Centric WarfareMark Bonchek
 

More Related Content

What's hot

WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of AerospaceWIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of AerospaceSpace Foundation
 
Everyday Life UAV Drone Applications
Everyday Life UAV Drone ApplicationsEveryday Life UAV Drone Applications
Everyday Life UAV Drone ApplicationsUltimate UAV
 

What's hot (7)

WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of AerospaceWIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
WIA 2017 Conference Series -- Aerospace 2017: The Changing Face of Aerospace
 
Hacking
HackingHacking
Hacking
 
Everyday Life UAV Drone Applications
Everyday Life UAV Drone ApplicationsEveryday Life UAV Drone Applications
Everyday Life UAV Drone Applications
 
"Hacking"
"Hacking""Hacking"
"Hacking"
 
Hacking
HackingHacking
Hacking
 
DRNE INVESTOR PRESENTATION
DRNE INVESTOR PRESENTATIONDRNE INVESTOR PRESENTATION
DRNE INVESTOR PRESENTATION
 
Techno-Quiz Finals
Techno-Quiz FinalsTechno-Quiz Finals
Techno-Quiz Finals
 

Viewers also liked

Mil soft company overview 2012 v2
Mil soft company overview 2012 v2Mil soft company overview 2012 v2
Mil soft company overview 2012 v2milsoftSDC
 
Bg bryant
Bg bryantBg bryant
Bg bryanticemsg
 
Session 8 - Next 100 Years
Session 8 - Next 100 YearsSession 8 - Next 100 Years
Session 8 - Next 100 YearsNavy Webmaster
 
Nco Role In Battlefield Management
Nco Role In Battlefield ManagementNco Role In Battlefield Management
Nco Role In Battlefield ManagementNavneet Bhushan
 
Education and Enculturation of Junior Officers in USN FORCEnet & Network Cen...
Education and Enculturation of Junior Officers in USN FORCEnet & Network Cen...Education and Enculturation of Junior Officers in USN FORCEnet & Network Cen...
Education and Enculturation of Junior Officers in USN FORCEnet & Network Cen...Mark Tempestilli
 
The “Predictive” Battlespace: Leveraging the Power of Event-Driven Architect...
The “Predictive” Battlespace: Leveraging the Power of Event-Driven Architect...The “Predictive” Battlespace: Leveraging the Power of Event-Driven Architect...
The “Predictive” Battlespace: Leveraging the Power of Event-Driven Architect...Nathaniel Palmer
 
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSSECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSMarco Lisi
 
Military, Defense and Public Safety Mesh Networks [MeshDynamics]
Military, Defense and Public Safety Mesh Networks [MeshDynamics]Military, Defense and Public Safety Mesh Networks [MeshDynamics]
Military, Defense and Public Safety Mesh Networks [MeshDynamics]MeshDynamics
 
Milcom10 T10 Optical Ethernet Sharma Davari 2010 11 01
Milcom10 T10 Optical Ethernet Sharma Davari 2010 11 01Milcom10 T10 Optical Ethernet Sharma Davari 2010 11 01
Milcom10 T10 Optical Ethernet Sharma Davari 2010 11 01Vishal Sharma, Ph.D.
 
Paul final voip
Paul final voipPaul final voip
Paul final voipPaul Fares
 
Bonchek -Lessons from Network Centric Warfare
Bonchek -Lessons from Network Centric WarfareBonchek -Lessons from Network Centric Warfare
Bonchek -Lessons from Network Centric WarfareMark Bonchek
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect usLuis Borges Gouveia
 
Software technology in army defence
Software technology in army defenceSoftware technology in army defence
Software technology in army defenceShivam Jaiswal
 
Software technologies in defence ppt
Software technologies in defence pptSoftware technologies in defence ppt
Software technologies in defence pptSantosh Kumar
 

Viewers also liked (19)

Srlc brief
Srlc briefSrlc brief
Srlc brief
 
Img overview.2014
Img overview.2014Img overview.2014
Img overview.2014
 
Mil soft company overview 2012 v2
Mil soft company overview 2012 v2Mil soft company overview 2012 v2
Mil soft company overview 2012 v2
 
Bg bryant
Bg bryantBg bryant
Bg bryant
 
Session 8 - Next 100 Years
Session 8 - Next 100 YearsSession 8 - Next 100 Years
Session 8 - Next 100 Years
 
Biz Model for pureLiFi
Biz Model for pureLiFiBiz Model for pureLiFi
Biz Model for pureLiFi
 
Nco Role In Battlefield Management
Nco Role In Battlefield ManagementNco Role In Battlefield Management
Nco Role In Battlefield Management
 
There WIll Be Cyberwar
There WIll Be Cyberwar There WIll Be Cyberwar
There WIll Be Cyberwar
 
Education and Enculturation of Junior Officers in USN FORCEnet & Network Cen...
Education and Enculturation of Junior Officers in USN FORCEnet & Network Cen...Education and Enculturation of Junior Officers in USN FORCEnet & Network Cen...
Education and Enculturation of Junior Officers in USN FORCEnet & Network Cen...
 
The “Predictive” Battlespace: Leveraging the Power of Event-Driven Architect...
The “Predictive” Battlespace: Leveraging the Power of Event-Driven Architect...The “Predictive” Battlespace: Leveraging the Power of Event-Driven Architect...
The “Predictive” Battlespace: Leveraging the Power of Event-Driven Architect...
 
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSSECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
 
Military, Defense and Public Safety Mesh Networks [MeshDynamics]
Military, Defense and Public Safety Mesh Networks [MeshDynamics]Military, Defense and Public Safety Mesh Networks [MeshDynamics]
Military, Defense and Public Safety Mesh Networks [MeshDynamics]
 
Milcom10 T10 Optical Ethernet Sharma Davari 2010 11 01
Milcom10 T10 Optical Ethernet Sharma Davari 2010 11 01Milcom10 T10 Optical Ethernet Sharma Davari 2010 11 01
Milcom10 T10 Optical Ethernet Sharma Davari 2010 11 01
 
Paul final voip
Paul final voipPaul final voip
Paul final voip
 
Bonchek -Lessons from Network Centric Warfare
Bonchek -Lessons from Network Centric WarfareBonchek -Lessons from Network Centric Warfare
Bonchek -Lessons from Network Centric Warfare
 
4 g wfinal (2)
4 g wfinal (2)4 g wfinal (2)
4 g wfinal (2)
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect us
 
Software technology in army defence
Software technology in army defenceSoftware technology in army defence
Software technology in army defence
 
Software technologies in defence ppt
Software technologies in defence pptSoftware technologies in defence ppt
Software technologies in defence ppt
 

Similar to The Revolution in Military Affairs has Set the Stage for Cyberwar

The Internet of Military Things: There Will Be Cyberwar
The Internet of Military Things: There Will Be CyberwarThe Internet of Military Things: There Will Be Cyberwar
The Internet of Military Things: There Will Be CyberwarRichard Stiennon
 
Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Avirot Mitamura
 
Computer Attack Stratagems
Computer Attack StratagemsComputer Attack Stratagems
Computer Attack StratagemsKarl Wolfgang
 
Port security
Port securityPort security
Port securityborepatch
 
Surviving Cyber War April09
Surviving Cyber War April09Surviving Cyber War April09
Surviving Cyber War April09Richard Stiennon
 
Lesson2.9 m u2l6 secret keys
Lesson2.9 m u2l6 secret keysLesson2.9 m u2l6 secret keys
Lesson2.9 m u2l6 secret keysLexume1
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...Pukhraj Singh
 
The Stuxnet Virus FINAL
The Stuxnet Virus FINALThe Stuxnet Virus FINAL
The Stuxnet Virus FINALNicholas Poole
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsLove Steven
 
From SIMNET to the Metaverse - Why is it taking so long?
From SIMNET to the Metaverse - Why is it taking so long?From SIMNET to the Metaverse - Why is it taking so long?
From SIMNET to the Metaverse - Why is it taking so long?Andy Fawkes
 
Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Cisco Canada
 

Similar to The Revolution in Military Affairs has Set the Stage for Cyberwar (20)

The Internet of Military Things: There Will Be Cyberwar
The Internet of Military Things: There Will Be CyberwarThe Internet of Military Things: There Will Be Cyberwar
The Internet of Military Things: There Will Be Cyberwar
 
Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber war
 
Computer Attack Stratagems
Computer Attack StratagemsComputer Attack Stratagems
Computer Attack Stratagems
 
Port security
Port securityPort security
Port security
 
Surviving Cyber War April09
Surviving Cyber War April09Surviving Cyber War April09
Surviving Cyber War April09
 
Lesson2.9 m u2l6 secret keys
Lesson2.9 m u2l6 secret keysLesson2.9 m u2l6 secret keys
Lesson2.9 m u2l6 secret keys
 
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...In cyber, the generals should lead from behind - College of Air Warfare - Puk...
In cyber, the generals should lead from behind - College of Air Warfare - Puk...
 
The Stuxnet Virus FINAL
The Stuxnet Virus FINALThe Stuxnet Virus FINAL
The Stuxnet Virus FINAL
 
Cyberwar Update2010
Cyberwar Update2010Cyberwar Update2010
Cyberwar Update2010
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
 
Why Risk Management Fails
Why Risk Management FailsWhy Risk Management Fails
Why Risk Management Fails
 
Titan Rain
Titan RainTitan Rain
Titan Rain
 
Afcea cyber 11.2.2010_v1.0
Afcea cyber 11.2.2010_v1.0Afcea cyber 11.2.2010_v1.0
Afcea cyber 11.2.2010_v1.0
 
Cyber pakistan
Cyber pakistanCyber pakistan
Cyber pakistan
 
Exp r35
Exp r35Exp r35
Exp r35
 
technical disaster
technical disastertechnical disaster
technical disaster
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectors
 
From SIMNET to the Metaverse - Why is it taking so long?
From SIMNET to the Metaverse - Why is it taking so long?From SIMNET to the Metaverse - Why is it taking so long?
From SIMNET to the Metaverse - Why is it taking so long?
 
Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles
 

More from Richard Stiennon

Cyber security industry trends
Cyber security industry trendsCyber security industry trends
Cyber security industry trendsRichard Stiennon
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is ImpossibleRichard Stiennon
 
Stiennon Keynote at Trusted Computing Conference 2013, Orlando
Stiennon Keynote at Trusted Computing Conference 2013, OrlandoStiennon Keynote at Trusted Computing Conference 2013, Orlando
Stiennon Keynote at Trusted Computing Conference 2013, OrlandoRichard Stiennon
 
How the Surveillance State Changes IT Security Forever
How the Surveillance State Changes IT Security ForeverHow the Surveillance State Changes IT Security Forever
How the Surveillance State Changes IT Security ForeverRichard Stiennon
 
Cybercrime and Business Process Hacking
Cybercrime and Business Process HackingCybercrime and Business Process Hacking
Cybercrime and Business Process HackingRichard Stiennon
 
Post Apocalyptic Cyber Realism
Post Apocalyptic Cyber RealismPost Apocalyptic Cyber Realism
Post Apocalyptic Cyber RealismRichard Stiennon
 
What makes the IT industry tick?
What makes the IT industry tick? What makes the IT industry tick?
What makes the IT industry tick? Richard Stiennon
 

More from Richard Stiennon (9)

Cyber security industry trends
Cyber security industry trendsCyber security industry trends
Cyber security industry trends
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is Impossible
 
Stiennon Keynote at Trusted Computing Conference 2013, Orlando
Stiennon Keynote at Trusted Computing Conference 2013, OrlandoStiennon Keynote at Trusted Computing Conference 2013, Orlando
Stiennon Keynote at Trusted Computing Conference 2013, Orlando
 
How the Surveillance State Changes IT Security Forever
How the Surveillance State Changes IT Security ForeverHow the Surveillance State Changes IT Security Forever
How the Surveillance State Changes IT Security Forever
 
Cybercrime and Business Process Hacking
Cybercrime and Business Process HackingCybercrime and Business Process Hacking
Cybercrime and Business Process Hacking
 
Post Apocalyptic Cyber Realism
Post Apocalyptic Cyber RealismPost Apocalyptic Cyber Realism
Post Apocalyptic Cyber Realism
 
What makes the IT industry tick?
What makes the IT industry tick? What makes the IT industry tick?
What makes the IT industry tick?
 
New definition for APT
New definition for APTNew definition for APT
New definition for APT
 
Surviving Cyber War
Surviving Cyber WarSurviving Cyber War
Surviving Cyber War
 

Recently uploaded

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 

Recently uploaded (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 

The Revolution in Military Affairs has Set the Stage for Cyberwar

  • 1. The Revolution in Military Affairs has Set the Stage for Cyberwar
 Richard Stiennon Chief Research Analyst IT-Harvest ! Executive Editor securitycurrent.com ! twitter.com/cyberwar securitycurrent
  • 3. 1996 Taiwan Straits Crisis "Admiral Clemens was able to use e-mail, a very graphic- rich environment, and video teleconferencing to achieve the effect he wanted", which was to deploy the carrier battle groups in a matter of hours instead of days.” -Arthur Cebrowski USS Nimitz and USS Independence deploy to Taiwan. securitycurrent
  • 4. 
 The Revolution in Military Affairs • Roman centuries • Long bow and battle of Crecy • Napoleon’s staff command • Machine guns • Mechanized armor, blitzkrieg securitycurrent
  • 5. The Modern RMA • Operation Desert Storm leads to: • Russian assessment of precision weapons ISR C&C securitycurrent
  • 6. Andrew Marshall: Enigmatic Strategist securitycurrent Andrew W. Marshall (born September 13, 1921) is the director of the United States Department of Defense's Office of Net Assessment.
  • 7. 
 Arthur Cebrowski: Evangelist securitycurrent “Network Centric Warfare should be the cornerstone of transformation. If you are not interoperable you are not on the net. You are not benefiting from the information age”.
  • 8. The Dream securitycurrent Total Situational Awareness eliminates “the fog of war”! ! Red Team - Blue Team identification! ! Central Command and Control. Distributed battle command.! ! Networked Intelligence, Surveillance Reconnaissance (ISR)
  • 9. Network Centric Warfare securitycurrent Everything connected (like the Internet) ! Satellite-Planes-Drones-Ground-Sea based sensor grid ! Instant communication over a Global Grid
  • 10. IT-Harvest Confidential Deja vu all over again We’ve seen this story payed out before in the enterprise. ! ! First network everything. Take advantage of connectivity and ubiquity to re-invent commerce, social interactions, and communications. ! ! Second: succumb to attacks from hackers, cyber criminals, hacktivists, and nation states.! ! Finally: Layer in security
  • 11. IT-Harvest Confidential How the Military Failed in Security April 1, 2001 a Navy EP-3E was forced down and captured by China. Top secret OS compromised! ! In 2008 China blatantly flooded communication channels known to be monitored by the NSA with decrypted US intercepts, kicking off a major re-deployment. SEVEN years too late. ! ! ! ! !
  • 12. IT-Harvest Confidential How the Military Failed in Security Pentagon email servers p0wned 2007! ! Terabytes of data exfiltrated to China from the Defense Industrial Base. The target? Joint Strike Fighter design data.! ! ! !
  • 13. IT-Harvest Confidential Military IT Security Failures The Wake Up Call ! ! BUCKSHOT YANKEE ! ! Agent.btz introduced via thumb drive in a forward operations command (Afghanistan?) ! ! EVERY Windows machine re-imaged in the entire military (3 million +) at a cost of $1 Billion.
  • 17. SATCOM Vulns securitycurrent • “We uncovered what would appear to be multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms.” - IOActive
  • 18. Software Assurance maturity came after most new weapons platforms were sourced. securitycurrent One Air Force study of 3 million lines of code revealed: ! ! One software vulnerability per 8 lines of code ! ! One high vulnerability per 31 lines of code! ! One critical vulnerability for 70 lines of code
  • 19. The F-35 Joint Strike Fighter securitycurrent ! “JSF software development is one of the largest and most complex projects in DOD history.” ! ! -Michael J. Sullivan, Director Acquisition and Sourcing Management for the DoD:!
  • 20. The F-35 Joint Strike Fighter • Nine million lines of onboard code could mean 128,000 critical vulns • 15 million lines of logistics code could mean another 214,000 critical vulns • What could possibly go wrong? securitycurrent
  • 21. Taiwan Straits Crisis. 2015? securitycurrent GPS hacks deflect jets away from tankers ! Mission tasking subverted ! Communications intercepts mislead commander ! Radar jamming masks enemy movement ! Result? ! Military defeat
  • 22. A Working Definition of Cyberwar securitycurrent The use of network and computer attack to support the operations of a military force.
  • 23. Cyber Pearl Harbor Defined securitycurrent An overwhelming defeat of US forces due to ! enemy information dominance.