Successfully reported this slideshow.
Your SlideShare is downloading. ×

In cyber, the generals should lead from behind - College of Air Warfare - Pukhraj Singh - Dec 2019


Check these out next

1 of 46 Ad

More Related Content

Slideshows for you (20)

Similar to In cyber, the generals should lead from behind - College of Air Warfare - Pukhraj Singh - Dec 2019 (20)


Recently uploaded (20)

In cyber, the generals should lead from behind - College of Air Warfare - Pukhraj Singh - Dec 2019

  1. 1. In cyber, the generals should lead from behind College of Air Warfare, Indian Air Force Dec 2019 Pukhraj Singh
  2. 2. Part I What are the principles of cyber conflict?
  3. 3. What’s our MOOSE MUSS for cyberwar? Conventional (US Military) Net-Centric Cyber Mass N/A ??? Objective N/A ??? Offensive Opportunity ??? Security N/A ??? Economy of Force Economy of Force ??? Manoeuvre Dislocation ??? Unity of command N/A ??? Surprise Surprise ??? Simplicity N/A ???
  4. 4. What’s our MOOSE MUSS for cyberwar? Principles of War for the Information Age, Lt Col Robert Leonhard, 1998
  5. 5. Spectrum of cyber conflict Cognitive effects for below-threshold/quasi hot wars: Cyber-enabled information/psychological operations Power projection Political coercion/blackmail Regime instability Narrative wars Separatism & insurgency Data-driven behaviour modelling Shooting wars Sabotaging morale, cohesion & will to fight Societal chaos No such thing as TOTAL CYBER WAR Strategic Cyber Electromagnetic Activities Breaking nuclear deterrence Breaking M.A.D Cyber Commitment Problem
  6. 6. No such thing as Total Cyber War In cyber, the grey zone is the red zone, and the red zone is the grey zone Kinetic, cyber-physical or blow-stuff-up cyber is a MYTH Cyber as a force-multiplier for a hot war has had little success
  7. 7. Cyber war & peace The nature of war hasn’t changed, the nature of peace has. -- Edward Sobiesk, US Army Cyber Institute
  8. 8. Cyber war & peace In the 21st century, we have seen a tendency toward blurring the lines between the states of war and peace. Wars are no longer declared and, having begun, proceed according to an unfamiliar template. -- Valery Gerasimov, Chief of General Staff, Russian Armed Forces
  9. 9. Part II Cyber operations are information operations in disguise
  10. 10. Cyber conflict is truly cognitive Stuxnet • “Not just a cyber effort against Iran’s nuclear capability but the announcement of a team. A rather huge team that has been playing World-Cup level soccer on the cyber battlefield for a decade and a half.” – Dave Aitel, ex- NSA • It had the “whiff of August 1945.” – Gen Michael Hayden, ex-NSA & CIA • “Continues to be misunderstood by many as a straightforward destruction event.” – Joe Slowik, ex-US Navy Sandworm • “Sandworm operations targeting Ukrainian electric infrastructure undermined public confidence in stability/integrity of critical infrastructure and key resources.” -- Joe Slowik, ex-US Navy
  11. 11. Cyber conflict is truly cognitive Rebecca Slayton, Cornell
  12. 12. Cyber conflict is truly cognitive The objective is not kinetic but cognitive effect, the manipulation of information to change thoughts and behaviors. In essence, the strategic goal is to affect morale, cohesion, political stability, and, ultimately, diminish the opponent’s will to resist. -- James Lewis, Centre for Strategic & International Studies
  13. 13. Cyber conflict is truly cognitive “Offensive cyber operations act most directly on intangibles -- information, knowledge, and confidence.” -- Herbert Lin, Stanford
  14. 14. Cyber conflict is truly cognitive Cyber effects are a subset of “full-spectrum information operations.” Full-spectrum information operations capabilities can yield powerful results - including changing the behaviour of an adversary national command authority - without resorting to traditional force-related actions. -- Joe Slowik, ex-US Navy
  15. 15. Shifting from kinetic to cognitive: parameters Also, increasing legal ambiguity
  16. 16. US cyber apparatus Continued export of conventional parameters & principles Very kinetic mentality Fixation with the Law of Armed Conflict-governed, legally-sanctioned effects (5Ds) Slight aversion to info ops due to legal ambiguity Russian cyber apparatus Totally in the cognitive dimension Export of cognitive parameters like “reflexive control;” many decades of experience Subset of full-spectrum info ops under hybrid war Pre-empted the exploitation of legal ambiguity on cyber & info ops to carve new thresholds Dirt cheap Shifting from kinetic to cognitive: parameters
  17. 17. “Offer” as an extremely powerful cyberweapon (e.g. hack-and-leak ops) - Wikileaks - DNC Hack - Panama Papers - Paradise Papers - CNBT Leak - Disabling the Great Firewall - Cyber National Mission Force’s declaratory signalling on VirusTotal Shifting from kinetic to cognitive: parameters
  18. 18. • All cyber operations are information operations in disguise • All cyber operations could be deemed as information operations even after full denouement • Cyber-enabled information operations, too, exploit the cybersecurity triad: confidentiality, integrity & availability -- “Applying Information Security Paradigms to Misinformation Campaigns” by Misinfosec Shifting from kinetic to cognitive: parameters
  19. 19. Jackie Schneider, former US Naval War College She’s mainly talking about cyber-physical ops Shifting from kinetic to cognitive: parameters
  20. 20. • Deterrence • Proportional response • Theatre of operations Actually, every cyber-military parameter could be cognitive
  21. 21. Part III Operational dimensions
  22. 22. Daniel Moore of King’s College London divides cyber operations into two broad categories: Event-based & Presence-based Broad categorisation of cyber operations
  23. 23. Presence-based • Espionage • Reconnaissance • Pre-positioning • Preparing the battlefield Broad categorisation of cyber operations Event-based • Power projection
  24. 24. Presence-based operations prime the battlefield for event-based operations. “At a place & time of choosing…” Broad categorisation of cyber operations
  25. 25. Presence-based operations prime the battlefield for event-based operations. WHY? Broad categorisation of cyber operations
  26. 26. The adversarial environment is perpetually in a state of violent flux: • Basically millions of layers of architectural abstractions & interfaces • Configurations change, users log-out, patches get applied, trust relationships alter & applications get updated Broad categorisation of cyber operations
  27. 27. In cyberspace, a small change in configuration of the target machine, system, or network can often negate the effectiveness of a cyber weapon against it. This is not true with weapons in other physical domains…The nature of target-weapon interaction with kinetic weapons can usually be estimated on the basis of physics experimentation and calculation. Not so with cyber weapons. For offensive cyber operations, this extreme “target dependence” means that intelligence information on target characteristics must be precise, high-volume, high-quality, current, and available at the time of the weapon’s use. -- Chris Inglis, former Deputy Director, NSA Cyber-ISR frameworks: Extreme target dependence
  28. 28. Inglis argues that fielding “ubiquitous, real-time and persistent” intelligence, surveillance and reconnaissance (ISR) frameworks is crucial for mustering the ability to produce cyber effects at a place and time of choosing. Cyber-ISR frameworks: Extreme target dependence
  29. 29. This is your offensive toolchain Only 20% of it actually manifests over adversarial infrastructure An exploit could be just this
  30. 30. You need a lot of people to have a small number of hackers hacking. -- Grugq
  31. 31. • Nation-state (internal) • Nation-state (blended) • Nation-state (external) • Mercenary configurations (criminal) • Mercenary configurations (hacktivist) • Mercenary configurations (private sector) • Mercenary configurations (former/parallel) -- “Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors,” Juan Andres Guerrero-Saade Offensive toolchains: organisational structures
  32. 32. Would you ever outsource a surgical strike to a private mercenary, because that’s what we are doing. Offensive toolchains: organisational structures
  33. 33. Jointness is a software mechanism
  34. 34. Successful strategies must proceed from the premise that cyberspace is continuously contested territory in which we can control memory and operating capabilities some of the time but cannot be assured of complete control all of the time or even of any control at any particular time. -- Surviving on a Diet of Poisoned Fruit, Richard Danzig Defend Forward as a forward-operated counterinsurgency
  35. 35. • Highly attritive • Necessitates persistent engagement • Will remain fully extrajudicial Defend Forward as a forward-operated counterinsurgency
  36. 36. LOAC doesn’t work in cyberspace • Rear Admiral Mohit Gupta’s assertion is misplaced • Cyber doctrines are assiduously divorcing themselves from the impracticality & dogma of law of armed conflict • Cyber effects are too cascading & cognitive to ever be accounted for like munitions • The generals should be leading from behind
  37. 37. LOAC doesn’t work in cyberspace Augustine and Aquinas (and Mahabharat) had a stunningly long run…today’s world, based as it is on digital information and increasingly intelligent information-processing, points the way to a beast so big and so radically different, that the core of this duo’s insights needs to be radically extended. -- Selmer Bringsjord, Rensselaer Polytechnic Institute
  38. 38. LOAC doesn’t work in cyberspace Paul Ney, the General Counsel of the U.S. Department of Defence: He talked about cyberspace, postulating a “common understanding” that international law principles apply, coupled with much disagreement about details, including the presumptive validity of “territorial analogies and precedents.” At the same time, he stressed the need for law to be cognizant of the U.S. cyber-strategy to “defend forward,” which did not necessarily line up neatly to “international territorial boundary lines.
  39. 39. Part III Cognitive cyber offence
  40. 40. This multidimensional space [of data-driven behavioural modelling] is the battlefield… this abstract space of ideas. Adversaries are now able to visualise at that level. -- Dr David Perlman, applied physics from Caltech, electrical engineering at the University of Washington & cognitive sciences doctorate at University of Wisconsin-Madison Battlespace as an abstract space of ideas
  41. 41. Commanding change Controlling agendas Setting preferences Joe Nye’s three faces of power
  42. 42. Cognitive attack surfaces
  43. 43. Door in the face: The Overton Window
  44. 44. Wg Cdr Keith Dear • RAF Intelligence Officer: Innovation lead in the UK’s Joint Warfare directorate & Air Staff’s Fellow, Research Fellow at Oxford’s Changing Character of War Programme • Warfare is fundamentally persuasive. So, it has a psychological/cognitive premise. Psychology must play a much greater role in your operational, tactical & strategic planning • Humans really are “biochemical algorithms, reducible to input-output mechanisms” • Kahneman-Tversky showed that we make probabilistic, predictable, replicable errors which’re exploitable (wow!)
  45. 45. Wg Cdr Keith Dear • By 2020, data brokers would’ve 5200 GB of data/person. Imagine the role of intel officers • Netflix’s recommendation is quite akin to the military perspective of “reinforcing success.” PW Singer calls it weaponised experimentation • Bank of England replaces public opinion surveys with Spotify data (you can depress an adversary, too) • Shared stage with Dominic Cummings, key orchestrator of Brexit. Cummings at a behavioural science conference: “I didn’t employ anyone like you. I employed physicists & mathematicians for micro-targeting” • 1. Our social structures remain same throughout life (people change). That’s how you target Putin. 2. Most of our decisions are pre-ordained. 3. Germans, by creating the staff system, modelled Napoleon out of every soldier (humans = algorithms)
  46. 46. Thanks @RungRage