SlideShare a Scribd company logo

In cyber, the generals should lead from behind - College of Air Warfare - Pukhraj Singh - Dec 2019

P
Pukhraj Singh

Pukhraj Singh's presentation delivered at the College of Air Warfare, Secunderabad, on 17th Dec, 2019.

Technology
1 of 46
Download to read offline
In cyber, the generals should lead from behind College of Air Warfare, Indian Air Force Dec 2019 Pukhraj Singh www.pukhraj.me
Part I What are the principles of cyber conflict?
What’s our MOOSE MUSS for cyberwar? Conventional (US Military) Net-Centric Cyber Mass N/A ??? Objective N/A ??? Offensive Opportunity ??? Security N/A ??? Economy of Force Economy of Force ??? Manoeuvre Dislocation ??? Unity of command N/A ??? Surprise Surprise ??? Simplicity N/A ???
What’s our MOOSE MUSS for cyberwar? Principles of War for the Information Age, Lt Col Robert Leonhard, 1998
Spectrum of cyber conflict Cognitive effects for below-threshold/quasi hot wars: Cyber-enabled information/psychological operations Power projection Political coercion/blackmail Regime instability Narrative wars Separatism & insurgency Data-driven behaviour modelling Shooting wars Sabotaging morale, cohesion & will to fight Societal chaos No such thing as TOTAL CYBER WAR Strategic Cyber Electromagnetic Activities Breaking nuclear deterrence Breaking M.A.D Cyber Commitment Problem
No such thing as Total Cyber War In cyber, the grey zone is the red zone, and the red zone is the grey zone Kinetic, cyber-physical or blow-stuff-up cyber is a MYTH Cyber as a force-multiplier for a hot war has had little success
Cyber war & peace The nature of war hasn’t changed, the nature of peace has. -- Edward Sobiesk, US Army Cyber Institute
Cyber war & peace In the 21st century, we have seen a tendency toward blurring the lines between the states of war and peace. Wars are no longer declared and, having begun, proceed according to an unfamiliar template. -- Valery Gerasimov, Chief of General Staff, Russian Armed Forces
Part II Cyber operations are information operations in disguise
Cyber conflict is truly cognitive Stuxnet • “Not just a cyber effort against Iran’s nuclear capability but the announcement of a team. A rather huge team that has been playing World-Cup level soccer on the cyber battlefield for a decade and a half.” – Dave Aitel, ex- NSA • It had the “whiff of August 1945.” – Gen Michael Hayden, ex-NSA & CIA • “Continues to be misunderstood by many as a straightforward destruction event.” – Joe Slowik, ex-US Navy Sandworm • “Sandworm operations targeting Ukrainian electric infrastructure undermined public confidence in stability/integrity of critical infrastructure and key resources.” -- Joe Slowik, ex-US Navy
Cyber conflict is truly cognitive Rebecca Slayton, Cornell
Cyber conflict is truly cognitive The objective is not kinetic but cognitive effect, the manipulation of information to change thoughts and behaviors. In essence, the strategic goal is to affect morale, cohesion, political stability, and, ultimately, diminish the opponent’s will to resist. -- James Lewis, Centre for Strategic & International Studies
Cyber conflict is truly cognitive “Offensive cyber operations act most directly on intangibles -- information, knowledge, and confidence.” -- Herbert Lin, Stanford
Cyber conflict is truly cognitive Cyber effects are a subset of “full-spectrum information operations.” Full-spectrum information operations capabilities can yield powerful results - including changing the behaviour of an adversary national command authority - without resorting to traditional force-related actions. -- Joe Slowik, ex-US Navy
Shifting from kinetic to cognitive: parameters Also, increasing legal ambiguity
US cyber apparatus Continued export of conventional parameters & principles Very kinetic mentality Fixation with the Law of Armed Conflict-governed, legally-sanctioned effects (5Ds) Slight aversion to info ops due to legal ambiguity Russian cyber apparatus Totally in the cognitive dimension Export of cognitive parameters like “reflexive control;” many decades of experience Subset of full-spectrum info ops under hybrid war Pre-empted the exploitation of legal ambiguity on cyber & info ops to carve new thresholds Dirt cheap Shifting from kinetic to cognitive: parameters
“Offer” as an extremely powerful cyberweapon (e.g. hack-and-leak ops) - Wikileaks - DNC Hack - Panama Papers - Paradise Papers - CNBT Leak - Disabling the Great Firewall - Cyber National Mission Force’s declaratory signalling on VirusTotal Shifting from kinetic to cognitive: parameters
• All cyber operations are information operations in disguise • All cyber operations could be deemed as information operations even after full denouement • Cyber-enabled information operations, too, exploit the cybersecurity triad: confidentiality, integrity & availability -- “Applying Information Security Paradigms to Misinformation Campaigns” by Misinfosec Shifting from kinetic to cognitive: parameters
Jackie Schneider, former US Naval War College She’s mainly talking about cyber-physical ops Shifting from kinetic to cognitive: parameters
• Deterrence • Proportional response • Theatre of operations Actually, every cyber-military parameter could be cognitive
Part III Operational dimensions
Daniel Moore of King’s College London divides cyber operations into two broad categories: Event-based & Presence-based Broad categorisation of cyber operations
Presence-based • Espionage • Reconnaissance • Pre-positioning • Preparing the battlefield Broad categorisation of cyber operations Event-based • Power projection
Presence-based operations prime the battlefield for event-based operations. “At a place & time of choosing…” Broad categorisation of cyber operations
Presence-based operations prime the battlefield for event-based operations. WHY? Broad categorisation of cyber operations
The adversarial environment is perpetually in a state of violent flux: • Basically millions of layers of architectural abstractions & interfaces • Configurations change, users log-out, patches get applied, trust relationships alter & applications get updated Broad categorisation of cyber operations
In cyberspace, a small change in configuration of the target machine, system, or network can often negate the effectiveness of a cyber weapon against it. This is not true with weapons in other physical domains…The nature of target-weapon interaction with kinetic weapons can usually be estimated on the basis of physics experimentation and calculation. Not so with cyber weapons. For offensive cyber operations, this extreme “target dependence” means that intelligence information on target characteristics must be precise, high-volume, high-quality, current, and available at the time of the weapon’s use. -- Chris Inglis, former Deputy Director, NSA Cyber-ISR frameworks: Extreme target dependence
Inglis argues that fielding “ubiquitous, real-time and persistent” intelligence, surveillance and reconnaissance (ISR) frameworks is crucial for mustering the ability to produce cyber effects at a place and time of choosing. Cyber-ISR frameworks: Extreme target dependence
This is your offensive toolchain Only 20% of it actually manifests over adversarial infrastructure An exploit could be just this
You need a lot of people to have a small number of hackers hacking. -- Grugq
• Nation-state (internal) • Nation-state (blended) • Nation-state (external) • Mercenary configurations (criminal) • Mercenary configurations (hacktivist) • Mercenary configurations (private sector) • Mercenary configurations (former/parallel) -- “Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors,” Juan Andres Guerrero-Saade Offensive toolchains: organisational structures
Would you ever outsource a surgical strike to a private mercenary, because that’s what we are doing. Offensive toolchains: organisational structures
Jointness is a software mechanism
Successful strategies must proceed from the premise that cyberspace is continuously contested territory in which we can control memory and operating capabilities some of the time but cannot be assured of complete control all of the time or even of any control at any particular time. -- Surviving on a Diet of Poisoned Fruit, Richard Danzig Defend Forward as a forward-operated counterinsurgency
• Highly attritive • Necessitates persistent engagement • Will remain fully extrajudicial Defend Forward as a forward-operated counterinsurgency
LOAC doesn’t work in cyberspace • Rear Admiral Mohit Gupta’s assertion is misplaced • Cyber doctrines are assiduously divorcing themselves from the impracticality & dogma of law of armed conflict • Cyber effects are too cascading & cognitive to ever be accounted for like munitions • The generals should be leading from behind
LOAC doesn’t work in cyberspace Augustine and Aquinas (and Mahabharat) had a stunningly long run…today’s world, based as it is on digital information and increasingly intelligent information-processing, points the way to a beast so big and so radically different, that the core of this duo’s insights needs to be radically extended. -- Selmer Bringsjord, Rensselaer Polytechnic Institute
LOAC doesn’t work in cyberspace Paul Ney, the General Counsel of the U.S. Department of Defence: He talked about cyberspace, postulating a “common understanding” that international law principles apply, coupled with much disagreement about details, including the presumptive validity of “territorial analogies and precedents.” At the same time, he stressed the need for law to be cognizant of the U.S. cyber-strategy to “defend forward,” which did not necessarily line up neatly to “international territorial boundary lines.
Part III Cognitive cyber offence
This multidimensional space [of data-driven behavioural modelling] is the battlefield… this abstract space of ideas. Adversaries are now able to visualise at that level. -- Dr David Perlman, applied physics from Caltech, electrical engineering at the University of Washington & cognitive sciences doctorate at University of Wisconsin-Madison Battlespace as an abstract space of ideas
Commanding change Controlling agendas Setting preferences Joe Nye’s three faces of power
Cognitive attack surfaces
Door in the face: The Overton Window
Wg Cdr Keith Dear • RAF Intelligence Officer: Innovation lead in the UK’s Joint Warfare directorate & Air Staff’s Fellow, Research Fellow at Oxford’s Changing Character of War Programme • Warfare is fundamentally persuasive. So, it has a psychological/cognitive premise. Psychology must play a much greater role in your operational, tactical & strategic planning • Humans really are “biochemical algorithms, reducible to input-output mechanisms” • Kahneman-Tversky showed that we make probabilistic, predictable, replicable errors which’re exploitable (wow!)
Wg Cdr Keith Dear • By 2020, data brokers would’ve 5200 GB of data/person. Imagine the role of intel officers • Netflix’s recommendation is quite akin to the military perspective of “reinforcing success.” PW Singer calls it weaponised experimentation • Bank of England replaces public opinion surveys with Spotify data (you can depress an adversary, too) • Shared stage with Dominic Cummings, key orchestrator of Brexit. Cummings at a behavioural science conference: “I didn’t employ anyone like you. I employed physicists & mathematicians for micro-targeting” • 1. Our social structures remain same throughout life (people change). That’s how you target Putin. 2. Most of our decisions are pre-ordained. 3. Germans, by creating the staff system, modelled Napoleon out of every soldier (humans = algorithms)
Thanks www.pukhraj.me @RungRage

Recommended

Understanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj SinghUnderstanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj Singh
Pukhraj Singh
 
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
Pukhraj Singh
 
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Pukhraj Singh
 
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh
 
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
Pukhraj Singh
 
Cyber Conflicts - Time for Reality Check
Cyber Conflicts - Time for Reality CheckCyber Conflicts - Time for Reality Check
Cyber Conflicts - Time for Reality Check
Jarno Limnéll
 
Cyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceCyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in Cyberspace
Jarno Limnéll
 
Cyber Ethics: TechNet Augusta 2015
Cyber Ethics: TechNet Augusta 2015Cyber Ethics: TechNet Augusta 2015
Cyber Ethics: TechNet Augusta 2015
AFCEA International
 

Recommended

Understanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj SinghUnderstanding the 'physics' of cyber-operations - Pukhraj Singh
Understanding the 'physics' of cyber-operations - Pukhraj Singh
Pukhraj Singh
 
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
The death of enterprise security as we know it - Pukhraj Singh - RootConf 2018
Pukhraj Singh
 
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Synergy in Joint Cyber Operations - Indian National Defence University & HQ I...
Pukhraj Singh
 
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh
 
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
BSides Delhi-2018 Keynote by Pukhraj Singh (Politics & Power in Cybersecurity)
Pukhraj Singh
 
Cyber Conflicts - Time for Reality Check
Cyber Conflicts - Time for Reality CheckCyber Conflicts - Time for Reality Check
Cyber Conflicts - Time for Reality Check
Jarno Limnéll
 
Cyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceCyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in Cyberspace
Jarno Limnéll
 
Cyber Ethics: TechNet Augusta 2015
Cyber Ethics: TechNet Augusta 2015Cyber Ethics: TechNet Augusta 2015
Cyber Ethics: TechNet Augusta 2015
AFCEA International
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
Space Defense Newsletter
 
Crim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllCrim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéll
Jarno Limnéll
 
Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for Cyberwarfare
Aurin Sheikh
 
Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...
AFCEA International
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
shifahirani
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286
Udaysharma3
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopolitics
tnwac
 
About cyber war
About cyber warAbout cyber war
About cyber war
eugenvaleriu
 
2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy
Sara-Jayne Terp
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usual
EnclaveSecurity
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber war
David Willson, Attorney, CISSP, Security +
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber Security
Dominic Karunesudas
 
Why_TG
Why_TGWhy_TG
Why_TG
TOP GUN
 
Session 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj Yunos
Commonwealth Telecommunications Organisation
 
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
BeyondTrust
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
Cyber Security Alliance
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectors
Love Steven
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law Please
William McBorrough
 
Artificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO ComplianceArtificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO Compliance
PECB
 
Information Gathering in Intelligence Agencies
Information Gathering in Intelligence AgenciesInformation Gathering in Intelligence Agencies
Information Gathering in Intelligence Agencies
Nora A. Rahim
 
USSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert LinUSSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert Lin
AFCEA International
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect us
Luis Borges Gouveia
 

More Related Content

What's hot

Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usual
EnclaveSecurity
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber Security
Dominic Karunesudas
 
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
BeyondTrust
 
Artificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO ComplianceArtificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO Compliance
PECB
 

What's hot (20)

Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
 
Crim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllCrim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéll
 
Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for Cyberwarfare
 
Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopolitics
 
About cyber war
About cyber warAbout cyber war
About cyber war
 
2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usual
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber war
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber Security
 
Why_TG
Why_TGWhy_TG
Why_TG
 
Session 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj Yunos
 
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectorsInformation warfare, assurance and security in the energy sectors
Information warfare, assurance and security in the energy sectors
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law Please
 
Artificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO ComplianceArtificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO Compliance
 
Information Gathering in Intelligence Agencies
Information Gathering in Intelligence AgenciesInformation Gathering in Intelligence Agencies
Information Gathering in Intelligence Agencies
 

Similar to In cyber, the generals should lead from behind - College of Air Warfare - Pukhraj Singh - Dec 2019

[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
CODE BLUE
 
Cyberwar threat to national security
Cyberwar threat to national securityCyberwar threat to national security
Cyberwar threat to national security
Talwant Singh
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber security
Andrea Rossetti
 

Similar to In cyber, the generals should lead from behind - College of Air Warfare - Pukhraj Singh - Dec 2019 (20)

USSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert LinUSSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert Lin
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect us
 
Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of view
 
Cyber Influence Operations
Cyber Influence OperationsCyber Influence Operations
Cyber Influence Operations
 
The rise of cyberpower
The rise of cyberpowerThe rise of cyberpower
The rise of cyberpower
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
 
Cyber Security for Oil and Gas
Cyber Security for Oil and Gas Cyber Security for Oil and Gas
Cyber Security for Oil and Gas
 
Models of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictModels of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber Conflict
 
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
 
Cyber power affects war outcomes in modern era
Cyber power affects war outcomes in modern eraCyber power affects war outcomes in modern era
Cyber power affects war outcomes in modern era
 
Cyber War
Cyber WarCyber War
Cyber War
 
Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015
 
RULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWARRULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWAR
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece Moore
 
Cyber Military Education in an Era of Change
Cyber Military Education in an Era of ChangeCyber Military Education in an Era of Change
Cyber Military Education in an Era of Change
 
Cyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber AnalystsCyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber Analysts
 
Cyberwar threat to national security
Cyberwar threat to national securityCyberwar threat to national security
Cyberwar threat to national security
 
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
 
Dondi West Defcon 18 Slides
Dondi West Defcon 18 SlidesDondi West Defcon 18 Slides
Dondi West Defcon 18 Slides
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber security
 

Recently uploaded

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Recently uploaded (20)

[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 

In cyber, the generals should lead from behind - College of Air Warfare - Pukhraj Singh - Dec 2019

  • 1. In cyber, the generals should lead from behind College of Air Warfare, Indian Air Force Dec 2019 Pukhraj Singh www.pukhraj.me
  • 2. Part I What are the principles of cyber conflict?
  • 3. What’s our MOOSE MUSS for cyberwar? Conventional (US Military) Net-Centric Cyber Mass N/A ??? Objective N/A ??? Offensive Opportunity ??? Security N/A ??? Economy of Force Economy of Force ??? Manoeuvre Dislocation ??? Unity of command N/A ??? Surprise Surprise ??? Simplicity N/A ???
  • 4. What’s our MOOSE MUSS for cyberwar? Principles of War for the Information Age, Lt Col Robert Leonhard, 1998
  • 5. Spectrum of cyber conflict Cognitive effects for below-threshold/quasi hot wars: Cyber-enabled information/psychological operations Power projection Political coercion/blackmail Regime instability Narrative wars Separatism & insurgency Data-driven behaviour modelling Shooting wars Sabotaging morale, cohesion & will to fight Societal chaos No such thing as TOTAL CYBER WAR Strategic Cyber Electromagnetic Activities Breaking nuclear deterrence Breaking M.A.D Cyber Commitment Problem
  • 6. No such thing as Total Cyber War In cyber, the grey zone is the red zone, and the red zone is the grey zone Kinetic, cyber-physical or blow-stuff-up cyber is a MYTH Cyber as a force-multiplier for a hot war has had little success
  • 7. Cyber war & peace The nature of war hasn’t changed, the nature of peace has. -- Edward Sobiesk, US Army Cyber Institute
  • 8. Cyber war & peace In the 21st century, we have seen a tendency toward blurring the lines between the states of war and peace. Wars are no longer declared and, having begun, proceed according to an unfamiliar template. -- Valery Gerasimov, Chief of General Staff, Russian Armed Forces
  • 9. Part II Cyber operations are information operations in disguise
  • 10. Cyber conflict is truly cognitive Stuxnet • “Not just a cyber effort against Iran’s nuclear capability but the announcement of a team. A rather huge team that has been playing World-Cup level soccer on the cyber battlefield for a decade and a half.” – Dave Aitel, ex- NSA • It had the “whiff of August 1945.” – Gen Michael Hayden, ex-NSA & CIA • “Continues to be misunderstood by many as a straightforward destruction event.” – Joe Slowik, ex-US Navy Sandworm • “Sandworm operations targeting Ukrainian electric infrastructure undermined public confidence in stability/integrity of critical infrastructure and key resources.” -- Joe Slowik, ex-US Navy
  • 11. Cyber conflict is truly cognitive Rebecca Slayton, Cornell
  • 12. Cyber conflict is truly cognitive The objective is not kinetic but cognitive effect, the manipulation of information to change thoughts and behaviors. In essence, the strategic goal is to affect morale, cohesion, political stability, and, ultimately, diminish the opponent’s will to resist. -- James Lewis, Centre for Strategic & International Studies
  • 13. Cyber conflict is truly cognitive “Offensive cyber operations act most directly on intangibles -- information, knowledge, and confidence.” -- Herbert Lin, Stanford
  • 14. Cyber conflict is truly cognitive Cyber effects are a subset of “full-spectrum information operations.” Full-spectrum information operations capabilities can yield powerful results - including changing the behaviour of an adversary national command authority - without resorting to traditional force-related actions. -- Joe Slowik, ex-US Navy
  • 15. Shifting from kinetic to cognitive: parameters Also, increasing legal ambiguity
  • 16. US cyber apparatus Continued export of conventional parameters & principles Very kinetic mentality Fixation with the Law of Armed Conflict-governed, legally-sanctioned effects (5Ds) Slight aversion to info ops due to legal ambiguity Russian cyber apparatus Totally in the cognitive dimension Export of cognitive parameters like “reflexive control;” many decades of experience Subset of full-spectrum info ops under hybrid war Pre-empted the exploitation of legal ambiguity on cyber & info ops to carve new thresholds Dirt cheap Shifting from kinetic to cognitive: parameters
  • 17. “Offer” as an extremely powerful cyberweapon (e.g. hack-and-leak ops) - Wikileaks - DNC Hack - Panama Papers - Paradise Papers - CNBT Leak - Disabling the Great Firewall - Cyber National Mission Force’s declaratory signalling on VirusTotal Shifting from kinetic to cognitive: parameters
  • 18. • All cyber operations are information operations in disguise • All cyber operations could be deemed as information operations even after full denouement • Cyber-enabled information operations, too, exploit the cybersecurity triad: confidentiality, integrity & availability -- “Applying Information Security Paradigms to Misinformation Campaigns” by Misinfosec Shifting from kinetic to cognitive: parameters
  • 19. Jackie Schneider, former US Naval War College She’s mainly talking about cyber-physical ops Shifting from kinetic to cognitive: parameters
  • 20. • Deterrence • Proportional response • Theatre of operations Actually, every cyber-military parameter could be cognitive
  • 22. Daniel Moore of King’s College London divides cyber operations into two broad categories: Event-based & Presence-based Broad categorisation of cyber operations
  • 23. Presence-based • Espionage • Reconnaissance • Pre-positioning • Preparing the battlefield Broad categorisation of cyber operations Event-based • Power projection
  • 24. Presence-based operations prime the battlefield for event-based operations. “At a place & time of choosing…” Broad categorisation of cyber operations
  • 25. Presence-based operations prime the battlefield for event-based operations. WHY? Broad categorisation of cyber operations
  • 26. The adversarial environment is perpetually in a state of violent flux: • Basically millions of layers of architectural abstractions & interfaces • Configurations change, users log-out, patches get applied, trust relationships alter & applications get updated Broad categorisation of cyber operations
  • 27. In cyberspace, a small change in configuration of the target machine, system, or network can often negate the effectiveness of a cyber weapon against it. This is not true with weapons in other physical domains…The nature of target-weapon interaction with kinetic weapons can usually be estimated on the basis of physics experimentation and calculation. Not so with cyber weapons. For offensive cyber operations, this extreme “target dependence” means that intelligence information on target characteristics must be precise, high-volume, high-quality, current, and available at the time of the weapon’s use. -- Chris Inglis, former Deputy Director, NSA Cyber-ISR frameworks: Extreme target dependence
  • 28. Inglis argues that fielding “ubiquitous, real-time and persistent” intelligence, surveillance and reconnaissance (ISR) frameworks is crucial for mustering the ability to produce cyber effects at a place and time of choosing. Cyber-ISR frameworks: Extreme target dependence
  • 29. This is your offensive toolchain Only 20% of it actually manifests over adversarial infrastructure An exploit could be just this
  • 30. You need a lot of people to have a small number of hackers hacking. -- Grugq
  • 31. • Nation-state (internal) • Nation-state (blended) • Nation-state (external) • Mercenary configurations (criminal) • Mercenary configurations (hacktivist) • Mercenary configurations (private sector) • Mercenary configurations (former/parallel) -- “Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors,” Juan Andres Guerrero-Saade Offensive toolchains: organisational structures
  • 32. Would you ever outsource a surgical strike to a private mercenary, because that’s what we are doing. Offensive toolchains: organisational structures
  • 33. Jointness is a software mechanism
  • 34. Successful strategies must proceed from the premise that cyberspace is continuously contested territory in which we can control memory and operating capabilities some of the time but cannot be assured of complete control all of the time or even of any control at any particular time. -- Surviving on a Diet of Poisoned Fruit, Richard Danzig Defend Forward as a forward-operated counterinsurgency
  • 35. • Highly attritive • Necessitates persistent engagement • Will remain fully extrajudicial Defend Forward as a forward-operated counterinsurgency
  • 36. LOAC doesn’t work in cyberspace • Rear Admiral Mohit Gupta’s assertion is misplaced • Cyber doctrines are assiduously divorcing themselves from the impracticality & dogma of law of armed conflict • Cyber effects are too cascading & cognitive to ever be accounted for like munitions • The generals should be leading from behind
  • 37. LOAC doesn’t work in cyberspace Augustine and Aquinas (and Mahabharat) had a stunningly long run…today’s world, based as it is on digital information and increasingly intelligent information-processing, points the way to a beast so big and so radically different, that the core of this duo’s insights needs to be radically extended. -- Selmer Bringsjord, Rensselaer Polytechnic Institute
  • 38. LOAC doesn’t work in cyberspace Paul Ney, the General Counsel of the U.S. Department of Defence: He talked about cyberspace, postulating a “common understanding” that international law principles apply, coupled with much disagreement about details, including the presumptive validity of “territorial analogies and precedents.” At the same time, he stressed the need for law to be cognizant of the U.S. cyber-strategy to “defend forward,” which did not necessarily line up neatly to “international territorial boundary lines.
  • 40. This multidimensional space [of data-driven behavioural modelling] is the battlefield… this abstract space of ideas. Adversaries are now able to visualise at that level. -- Dr David Perlman, applied physics from Caltech, electrical engineering at the University of Washington & cognitive sciences doctorate at University of Wisconsin-Madison Battlespace as an abstract space of ideas
  • 41. Commanding change Controlling agendas Setting preferences Joe Nye’s three faces of power
  • 43. Door in the face: The Overton Window
  • 44. Wg Cdr Keith Dear • RAF Intelligence Officer: Innovation lead in the UK’s Joint Warfare directorate & Air Staff’s Fellow, Research Fellow at Oxford’s Changing Character of War Programme • Warfare is fundamentally persuasive. So, it has a psychological/cognitive premise. Psychology must play a much greater role in your operational, tactical & strategic planning • Humans really are “biochemical algorithms, reducible to input-output mechanisms” • Kahneman-Tversky showed that we make probabilistic, predictable, replicable errors which’re exploitable (wow!)
  • 45. Wg Cdr Keith Dear • By 2020, data brokers would’ve 5200 GB of data/person. Imagine the role of intel officers • Netflix’s recommendation is quite akin to the military perspective of “reinforcing success.” PW Singer calls it weaponised experimentation • Bank of England replaces public opinion surveys with Spotify data (you can depress an adversary, too) • Shared stage with Dominic Cummings, key orchestrator of Brexit. Cummings at a behavioural science conference: “I didn’t employ anyone like you. I employed physicists & mathematicians for micro-targeting” • 1. Our social structures remain same throughout life (people change). That’s how you target Putin. 2. Most of our decisions are pre-ordained. 3. Germans, by creating the staff system, modelled Napoleon out of every soldier (humans = algorithms)