SlideShare a Scribd company logo
1 of 46
Download to read offline
In cyber, the generals should lead from behind
College of Air Warfare, Indian Air Force
Dec 2019
Pukhraj Singh
www.pukhraj.me
Part I
What are the principles of cyber conflict?
What’s our MOOSE MUSS for cyberwar?
Conventional (US Military) Net-Centric Cyber
Mass N/A ???
Objective N/A ???
Offensive Opportunity ???
Security N/A ???
Economy of Force Economy of Force ???
Manoeuvre Dislocation ???
Unity of command N/A ???
Surprise Surprise ???
Simplicity N/A ???
What’s our MOOSE MUSS for cyberwar?
Principles of War for the Information Age, Lt Col Robert Leonhard, 1998
Spectrum of cyber conflict
Cognitive effects for below-threshold/quasi hot wars:
Cyber-enabled information/psychological operations
Power projection
Political coercion/blackmail
Regime instability
Narrative wars
Separatism & insurgency
Data-driven behaviour modelling
Shooting wars
Sabotaging morale, cohesion & will to fight
Societal chaos
No such
thing as
TOTAL
CYBER
WAR
Strategic Cyber
Electromagnetic
Activities
Breaking nuclear
deterrence
Breaking M.A.D
Cyber Commitment
Problem
No such thing as Total Cyber War
In cyber, the grey zone is the red zone, and the red zone is the grey zone
Kinetic, cyber-physical or blow-stuff-up cyber is a MYTH
Cyber as a force-multiplier for a hot war has had little success
Cyber war & peace
The nature of war hasn’t changed, the nature of peace has.
-- Edward Sobiesk, US Army Cyber Institute
Cyber war & peace
In the 21st century, we have seen a tendency toward blurring
the lines between the states of war and peace. Wars are no
longer declared and, having begun, proceed according to an
unfamiliar template.
-- Valery Gerasimov, Chief of General Staff, Russian Armed Forces
Part II
Cyber operations are information operations in disguise
Cyber conflict is truly cognitive
Stuxnet
• “Not just a cyber effort against Iran’s nuclear capability but the announcement of a team. A rather huge team
that has been playing World-Cup level soccer on the cyber battlefield for a decade and a half.” – Dave Aitel, ex-
NSA
• It had the “whiff of August 1945.” – Gen Michael Hayden, ex-NSA & CIA
• “Continues to be misunderstood by many as a straightforward destruction event.” – Joe Slowik, ex-US Navy
Sandworm
• “Sandworm operations targeting Ukrainian electric infrastructure undermined public confidence in
stability/integrity of critical infrastructure and key resources.” -- Joe Slowik, ex-US Navy
Cyber conflict is truly
cognitive
Rebecca Slayton, Cornell
Cyber conflict is truly cognitive
The objective is not kinetic but cognitive effect, the
manipulation of information to change thoughts and
behaviors. In essence, the strategic goal is to affect morale,
cohesion, political stability, and, ultimately, diminish the
opponent’s will to resist.
-- James Lewis, Centre for Strategic & International Studies
Cyber conflict is truly cognitive
“Offensive cyber operations act most directly on intangibles -- information,
knowledge, and confidence.”
-- Herbert Lin, Stanford
Cyber conflict is truly cognitive
Cyber effects are a subset of “full-spectrum information operations.”
Full-spectrum information operations capabilities can yield powerful results - including changing
the behaviour of an adversary national command authority - without resorting to traditional
force-related actions.
-- Joe Slowik, ex-US Navy
Shifting from kinetic to cognitive: parameters
Also, increasing legal ambiguity
US cyber apparatus
Continued export of conventional parameters &
principles
Very kinetic mentality
Fixation with the Law of Armed Conflict-governed,
legally-sanctioned effects (5Ds)
Slight aversion to info ops due to legal ambiguity
Russian cyber apparatus
Totally in the cognitive dimension
Export of cognitive parameters like “reflexive control;”
many decades of experience
Subset of full-spectrum info ops under hybrid war
Pre-empted the exploitation of legal ambiguity on cyber &
info ops to carve new thresholds
Dirt cheap
Shifting from kinetic to cognitive: parameters
“Offer” as an extremely powerful cyberweapon (e.g. hack-and-leak ops)
- Wikileaks
- DNC Hack
- Panama Papers
- Paradise Papers
- CNBT Leak
- Disabling the Great Firewall
- Cyber National Mission Force’s declaratory signalling on VirusTotal
Shifting from kinetic to cognitive: parameters
• All cyber operations are information operations in disguise
• All cyber operations could be deemed as information operations even after full denouement
• Cyber-enabled information operations, too, exploit the cybersecurity triad: confidentiality, integrity
& availability
-- “Applying Information Security Paradigms to Misinformation Campaigns” by Misinfosec
Shifting from kinetic to cognitive: parameters
Jackie Schneider, former US Naval War College
She’s mainly talking about cyber-physical ops
Shifting from kinetic to cognitive: parameters
• Deterrence
• Proportional response
• Theatre of operations
Actually, every cyber-military parameter could be cognitive
Part III
Operational dimensions
Daniel Moore of King’s College London divides cyber operations into two broad
categories:
Event-based & Presence-based
Broad categorisation of cyber operations
Presence-based
• Espionage
• Reconnaissance
• Pre-positioning
• Preparing the battlefield
Broad categorisation of cyber operations
Event-based
• Power projection
Presence-based operations prime the battlefield for event-based operations.
“At a place & time of choosing…”
Broad categorisation of cyber operations
Presence-based operations prime the battlefield for event-based operations.
WHY?
Broad categorisation of cyber operations
The adversarial environment is perpetually in a state of violent flux:
• Basically millions of layers of architectural abstractions & interfaces
• Configurations change, users log-out, patches get applied, trust relationships alter &
applications get updated
Broad categorisation of cyber operations
In cyberspace, a small change in configuration of the target machine, system, or network can often
negate the effectiveness of a cyber weapon against it. This is not true with weapons in other physical
domains…The nature of target-weapon interaction with kinetic weapons can usually be estimated on
the basis of physics experimentation and calculation. Not so with cyber weapons. For offensive cyber
operations, this extreme “target dependence” means that intelligence information on target
characteristics must be precise, high-volume, high-quality, current, and available at the time of the
weapon’s use.
-- Chris Inglis, former Deputy Director, NSA
Cyber-ISR frameworks: Extreme target dependence
Inglis argues that fielding “ubiquitous, real-time and persistent” intelligence, surveillance
and reconnaissance (ISR) frameworks is crucial for mustering the ability to produce
cyber effects at a place and time of choosing.
Cyber-ISR frameworks: Extreme target dependence
This is your offensive toolchain
Only 20% of it actually manifests over
adversarial infrastructure An exploit could be just this
You need a lot of people to have a small number of hackers hacking.
-- Grugq
• Nation-state (internal)
• Nation-state (blended)
• Nation-state (external)
• Mercenary configurations (criminal)
• Mercenary configurations (hacktivist)
• Mercenary configurations (private sector)
• Mercenary configurations (former/parallel)
-- “Draw me like one of your French APTs – expanding our descriptive palette for cyber threat
actors,” Juan Andres Guerrero-Saade
Offensive toolchains: organisational structures
Would you ever outsource a surgical strike to a private mercenary, because
that’s what we are doing.
Offensive toolchains: organisational structures
Jointness is a software mechanism
Successful strategies must proceed from the premise that cyberspace is continuously contested
territory in which we can control memory and operating capabilities some of the time but cannot
be assured of complete control all of the time or even of any control at any particular time.
-- Surviving on a Diet of Poisoned Fruit, Richard Danzig
Defend Forward as a forward-operated counterinsurgency
• Highly attritive
• Necessitates persistent engagement
• Will remain fully extrajudicial
Defend Forward as a forward-operated counterinsurgency
LOAC doesn’t work in cyberspace
• Rear Admiral Mohit Gupta’s assertion is misplaced
• Cyber doctrines are assiduously divorcing themselves from the impracticality & dogma of law of
armed conflict
• Cyber effects are too cascading & cognitive to ever be accounted for like munitions
• The generals should be leading from behind
LOAC doesn’t work in cyberspace
Augustine and Aquinas (and Mahabharat) had a stunningly long run…today’s world, based as it is on
digital information and increasingly intelligent information-processing, points the way to a beast so big
and so radically different, that the core of this duo’s insights needs to be radically extended.
-- Selmer Bringsjord, Rensselaer Polytechnic Institute
LOAC doesn’t work in cyberspace
Paul Ney, the General Counsel of the U.S. Department of Defence:
He talked about cyberspace, postulating a “common understanding” that international law principles
apply, coupled with much disagreement about details, including the presumptive validity of “territorial
analogies and precedents.” At the same time, he stressed the need for law to be cognizant of the U.S.
cyber-strategy to “defend forward,” which did not necessarily line up neatly to “international
territorial boundary lines.
Part III
Cognitive cyber offence
This multidimensional space [of data-driven behavioural modelling] is the battlefield…
this abstract space of ideas. Adversaries are now able to visualise at that level.
-- Dr David Perlman, applied physics from Caltech, electrical engineering at the University of
Washington & cognitive sciences doctorate at University of Wisconsin-Madison
Battlespace as an abstract space of ideas
Commanding change
Controlling agendas
Setting preferences
Joe Nye’s three faces of power
Cognitive
attack
surfaces
Door in the face: The Overton Window
Wg Cdr Keith Dear
• RAF Intelligence Officer: Innovation lead in the UK’s Joint Warfare directorate & Air Staff’s Fellow,
Research Fellow at Oxford’s Changing Character of War Programme
• Warfare is fundamentally persuasive. So, it has a psychological/cognitive premise. Psychology must
play a much greater role in your operational, tactical & strategic planning
• Humans really are “biochemical algorithms, reducible to input-output mechanisms”
• Kahneman-Tversky showed that we make probabilistic, predictable, replicable errors which’re
exploitable (wow!)
Wg Cdr Keith Dear
• By 2020, data brokers would’ve 5200 GB of data/person. Imagine the role of intel officers
• Netflix’s recommendation is quite akin to the military perspective of “reinforcing success.” PW Singer calls it
weaponised experimentation
• Bank of England replaces public opinion surveys with Spotify data (you can depress an adversary, too)
• Shared stage with Dominic Cummings, key orchestrator of Brexit. Cummings at a behavioural science
conference: “I didn’t employ anyone like you. I employed physicists & mathematicians for micro-targeting”
• 1. Our social structures remain same throughout life (people change). That’s how you target Putin. 2. Most of our
decisions are pre-ordained. 3. Germans, by creating the staff system, modelled Napoleon out of every soldier
(humans = algorithms)
Thanks
www.pukhraj.me
@RungRage

More Related Content

What's hot

Crim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllCrim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllJarno Limnéll
 
Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for CyberwarfareAurin Sheikh
 
Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...AFCEA International
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286Udaysharma3
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopoliticstnwac
 
2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copySara-Jayne Terp
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usualEnclaveSecurity
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityDominic Karunesudas
 
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)BeyondTrust
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...Cyber Security Alliance
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance  and security in the energy sectorsInformation warfare, assurance  and security in the energy sectors
Information warfare, assurance and security in the energy sectorsLove Steven
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseWilliam McBorrough
 
Artificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO ComplianceArtificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO CompliancePECB
 
Information Gathering in Intelligence Agencies
Information Gathering in Intelligence AgenciesInformation Gathering in Intelligence Agencies
Information Gathering in Intelligence AgenciesNora A. Rahim
 

What's hot (20)

Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
 
Crim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéllCrim cybersecurity_jarno_limnéll
Crim cybersecurity_jarno_limnéll
 
Are we ready for Cyberwarfare
Are we ready for CyberwarfareAre we ready for Cyberwarfare
Are we ready for Cyberwarfare
 
Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...Defending Your Base of Operations: How Industrial Control Systems are Being T...
Defending Your Base of Operations: How Industrial Control Systems are Being T...
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286
 
Cyberwar and Geopolitics
Cyberwar and GeopoliticsCyberwar and Geopolitics
Cyberwar and Geopolitics
 
About cyber war
About cyber warAbout cyber war
About cyber war
 
2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy2019 11 terp_mansonbulletproof_master copy
2019 11 terp_mansonbulletproof_master copy
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usual
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber war
 
Global Partnership Key to Cyber Security
Global Partnership Key to Cyber SecurityGlobal Partnership Key to Cyber Security
Global Partnership Key to Cyber Security
 
Why_TG
Why_TGWhy_TG
Why_TG
 
Session 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj YunosSession 3.2 Zahri Hj Yunos
Session 3.2 Zahri Hj Yunos
 
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
 
Information warfare, assurance and security in the energy sectors
Information warfare, assurance  and security in the energy sectorsInformation warfare, assurance  and security in the energy sectors
Information warfare, assurance and security in the energy sectors
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law Please
 
Artificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO ComplianceArtificial Intelligence (AI) – Two Paths to ISO Compliance
Artificial Intelligence (AI) – Two Paths to ISO Compliance
 
Information Gathering in Intelligence Agencies
Information Gathering in Intelligence AgenciesInformation Gathering in Intelligence Agencies
Information Gathering in Intelligence Agencies
 

Similar to In cyber, the generals should lead from behind - College of Air Warfare - Pukhraj Singh - Dec 2019

USSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert LinUSSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert LinAFCEA International
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect usLuis Borges Gouveia
 
Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of viewS.E. CTS CERT-GOV-MD
 
The rise of cyberpower
The rise of cyberpowerThe rise of cyberpower
The rise of cyberpowerNoelle Cowling
 
Cyber Security for Oil and Gas
Cyber Security for Oil and Gas Cyber Security for Oil and Gas
Cyber Security for Oil and Gas mariaidga
 
Models of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictModels of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictZsolt Nemeth
 
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...CODE BLUE
 
Cyber power affects war outcomes in modern era
Cyber power affects war outcomes in modern eraCyber power affects war outcomes in modern era
Cyber power affects war outcomes in modern eraBhadra Thakuri
 
Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015AFCEA International
 
RULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWARRULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWARTalwant Singh
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreJamie Moore
 
Cyber Military Education in an Era of Change
Cyber Military Education in an Era of ChangeCyber Military Education in an Era of Change
Cyber Military Education in an Era of ChangeDr. Lydia Kostopoulos
 
Cyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber AnalystsCyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber AnalystsBooz Allen Hamilton
 
Cyberwar threat to national security
Cyberwar  threat to national securityCyberwar  threat to national security
Cyberwar threat to national securityTalwant Singh
 
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...Boston Global Forum
 
Dondi West Defcon 18 Slides
Dondi West Defcon 18 SlidesDondi West Defcon 18 Slides
Dondi West Defcon 18 Slidesdondiw
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityAndrea Rossetti
 

Similar to In cyber, the generals should lead from behind - College of Air Warfare - Pukhraj Singh - Dec 2019 (20)

USSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert LinUSSTRATCOM Cyber & Space 2011 Herbert Lin
USSTRATCOM Cyber & Space 2011 Herbert Lin
 
The Information Warfare: how it can affect us
The Information Warfare: how it can affect usThe Information Warfare: how it can affect us
The Information Warfare: how it can affect us
 
Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of view
 
Cyber Influence Operations
Cyber Influence OperationsCyber Influence Operations
Cyber Influence Operations
 
The rise of cyberpower
The rise of cyberpowerThe rise of cyberpower
The rise of cyberpower
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
 
Cyber Security for Oil and Gas
Cyber Security for Oil and Gas Cyber Security for Oil and Gas
Cyber Security for Oil and Gas
 
Models of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber ConflictModels of Escalation and De-escalation in Cyber Conflict
Models of Escalation and De-escalation in Cyber Conflict
 
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
[CB19] Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons by Andrew...
 
Cyber power affects war outcomes in modern era
Cyber power affects war outcomes in modern eraCyber power affects war outcomes in modern era
Cyber power affects war outcomes in modern era
 
Cyber War
Cyber WarCyber War
Cyber War
 
Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015Cyber Operations in Smart Megacities: TechNet Augusta 2015
Cyber Operations in Smart Megacities: TechNet Augusta 2015
 
RULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWARRULES OF THE GAME IN CYBERWAR
RULES OF THE GAME IN CYBERWAR
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece Moore
 
Cyber Military Education in an Era of Change
Cyber Military Education in an Era of ChangeCyber Military Education in an Era of Change
Cyber Military Education in an Era of Change
 
Cyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber AnalystsCyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber Analysts
 
Cyberwar threat to national security
Cyberwar  threat to national securityCyberwar  threat to national security
Cyberwar threat to national security
 
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
BGF-UNESCO-at-UCLA conference - Madness - The dynamics of International Cyber...
 
Dondi West Defcon 18 Slides
Dondi West Defcon 18 SlidesDondi West Defcon 18 Slides
Dondi West Defcon 18 Slides
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber security
 

Recently uploaded

API Governance and Monetization - The evolution of API governance
API Governance and Monetization -  The evolution of API governanceAPI Governance and Monetization -  The evolution of API governance
API Governance and Monetization - The evolution of API governanceWSO2
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....rightmanforbloodline
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaWSO2
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceIES VE
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers:  A Deep Dive into Serverless Spatial Data and FMECloud Frontiers:  A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers:  A Deep Dive into Serverless Spatial Data and FMECloud Frontiers:  A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingWSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformWSO2
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxFIDO Alliance
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTopCSSGallery
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
الأمن السيبراني - ما لا يسع للمستخدم جهله
الأمن السيبراني - ما لا يسع للمستخدم جهلهالأمن السيبراني - ما لا يسع للمستخدم جهله
الأمن السيبراني - ما لا يسع للمستخدم جهلهMohamed Sweelam
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseWSO2
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider  Progress from Awareness to Implementation.pptxTales from a Passkey Provider  Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxFIDO Alliance
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 

Recently uploaded (20)

API Governance and Monetization - The evolution of API governance
API Governance and Monetization -  The evolution of API governanceAPI Governance and Monetization -  The evolution of API governance
API Governance and Monetization - The evolution of API governance
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers:  A Deep Dive into Serverless Spatial Data and FMECloud Frontiers:  A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers:  A Deep Dive into Serverless Spatial Data and FMECloud Frontiers:  A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptx
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development Companies
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
الأمن السيبراني - ما لا يسع للمستخدم جهله
الأمن السيبراني - ما لا يسع للمستخدم جهلهالأمن السيبراني - ما لا يسع للمستخدم جهله
الأمن السيبراني - ما لا يسع للمستخدم جهله
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider  Progress from Awareness to Implementation.pptxTales from a Passkey Provider  Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 

In cyber, the generals should lead from behind - College of Air Warfare - Pukhraj Singh - Dec 2019

  • 1. In cyber, the generals should lead from behind College of Air Warfare, Indian Air Force Dec 2019 Pukhraj Singh www.pukhraj.me
  • 2. Part I What are the principles of cyber conflict?
  • 3. What’s our MOOSE MUSS for cyberwar? Conventional (US Military) Net-Centric Cyber Mass N/A ??? Objective N/A ??? Offensive Opportunity ??? Security N/A ??? Economy of Force Economy of Force ??? Manoeuvre Dislocation ??? Unity of command N/A ??? Surprise Surprise ??? Simplicity N/A ???
  • 4. What’s our MOOSE MUSS for cyberwar? Principles of War for the Information Age, Lt Col Robert Leonhard, 1998
  • 5. Spectrum of cyber conflict Cognitive effects for below-threshold/quasi hot wars: Cyber-enabled information/psychological operations Power projection Political coercion/blackmail Regime instability Narrative wars Separatism & insurgency Data-driven behaviour modelling Shooting wars Sabotaging morale, cohesion & will to fight Societal chaos No such thing as TOTAL CYBER WAR Strategic Cyber Electromagnetic Activities Breaking nuclear deterrence Breaking M.A.D Cyber Commitment Problem
  • 6. No such thing as Total Cyber War In cyber, the grey zone is the red zone, and the red zone is the grey zone Kinetic, cyber-physical or blow-stuff-up cyber is a MYTH Cyber as a force-multiplier for a hot war has had little success
  • 7. Cyber war & peace The nature of war hasn’t changed, the nature of peace has. -- Edward Sobiesk, US Army Cyber Institute
  • 8. Cyber war & peace In the 21st century, we have seen a tendency toward blurring the lines between the states of war and peace. Wars are no longer declared and, having begun, proceed according to an unfamiliar template. -- Valery Gerasimov, Chief of General Staff, Russian Armed Forces
  • 9. Part II Cyber operations are information operations in disguise
  • 10. Cyber conflict is truly cognitive Stuxnet • “Not just a cyber effort against Iran’s nuclear capability but the announcement of a team. A rather huge team that has been playing World-Cup level soccer on the cyber battlefield for a decade and a half.” – Dave Aitel, ex- NSA • It had the “whiff of August 1945.” – Gen Michael Hayden, ex-NSA & CIA • “Continues to be misunderstood by many as a straightforward destruction event.” – Joe Slowik, ex-US Navy Sandworm • “Sandworm operations targeting Ukrainian electric infrastructure undermined public confidence in stability/integrity of critical infrastructure and key resources.” -- Joe Slowik, ex-US Navy
  • 11. Cyber conflict is truly cognitive Rebecca Slayton, Cornell
  • 12. Cyber conflict is truly cognitive The objective is not kinetic but cognitive effect, the manipulation of information to change thoughts and behaviors. In essence, the strategic goal is to affect morale, cohesion, political stability, and, ultimately, diminish the opponent’s will to resist. -- James Lewis, Centre for Strategic & International Studies
  • 13. Cyber conflict is truly cognitive “Offensive cyber operations act most directly on intangibles -- information, knowledge, and confidence.” -- Herbert Lin, Stanford
  • 14. Cyber conflict is truly cognitive Cyber effects are a subset of “full-spectrum information operations.” Full-spectrum information operations capabilities can yield powerful results - including changing the behaviour of an adversary national command authority - without resorting to traditional force-related actions. -- Joe Slowik, ex-US Navy
  • 15. Shifting from kinetic to cognitive: parameters Also, increasing legal ambiguity
  • 16. US cyber apparatus Continued export of conventional parameters & principles Very kinetic mentality Fixation with the Law of Armed Conflict-governed, legally-sanctioned effects (5Ds) Slight aversion to info ops due to legal ambiguity Russian cyber apparatus Totally in the cognitive dimension Export of cognitive parameters like “reflexive control;” many decades of experience Subset of full-spectrum info ops under hybrid war Pre-empted the exploitation of legal ambiguity on cyber & info ops to carve new thresholds Dirt cheap Shifting from kinetic to cognitive: parameters
  • 17. “Offer” as an extremely powerful cyberweapon (e.g. hack-and-leak ops) - Wikileaks - DNC Hack - Panama Papers - Paradise Papers - CNBT Leak - Disabling the Great Firewall - Cyber National Mission Force’s declaratory signalling on VirusTotal Shifting from kinetic to cognitive: parameters
  • 18. • All cyber operations are information operations in disguise • All cyber operations could be deemed as information operations even after full denouement • Cyber-enabled information operations, too, exploit the cybersecurity triad: confidentiality, integrity & availability -- “Applying Information Security Paradigms to Misinformation Campaigns” by Misinfosec Shifting from kinetic to cognitive: parameters
  • 19. Jackie Schneider, former US Naval War College She’s mainly talking about cyber-physical ops Shifting from kinetic to cognitive: parameters
  • 20. • Deterrence • Proportional response • Theatre of operations Actually, every cyber-military parameter could be cognitive
  • 22. Daniel Moore of King’s College London divides cyber operations into two broad categories: Event-based & Presence-based Broad categorisation of cyber operations
  • 23. Presence-based • Espionage • Reconnaissance • Pre-positioning • Preparing the battlefield Broad categorisation of cyber operations Event-based • Power projection
  • 24. Presence-based operations prime the battlefield for event-based operations. “At a place & time of choosing…” Broad categorisation of cyber operations
  • 25. Presence-based operations prime the battlefield for event-based operations. WHY? Broad categorisation of cyber operations
  • 26. The adversarial environment is perpetually in a state of violent flux: • Basically millions of layers of architectural abstractions & interfaces • Configurations change, users log-out, patches get applied, trust relationships alter & applications get updated Broad categorisation of cyber operations
  • 27. In cyberspace, a small change in configuration of the target machine, system, or network can often negate the effectiveness of a cyber weapon against it. This is not true with weapons in other physical domains…The nature of target-weapon interaction with kinetic weapons can usually be estimated on the basis of physics experimentation and calculation. Not so with cyber weapons. For offensive cyber operations, this extreme “target dependence” means that intelligence information on target characteristics must be precise, high-volume, high-quality, current, and available at the time of the weapon’s use. -- Chris Inglis, former Deputy Director, NSA Cyber-ISR frameworks: Extreme target dependence
  • 28. Inglis argues that fielding “ubiquitous, real-time and persistent” intelligence, surveillance and reconnaissance (ISR) frameworks is crucial for mustering the ability to produce cyber effects at a place and time of choosing. Cyber-ISR frameworks: Extreme target dependence
  • 29. This is your offensive toolchain Only 20% of it actually manifests over adversarial infrastructure An exploit could be just this
  • 30. You need a lot of people to have a small number of hackers hacking. -- Grugq
  • 31. • Nation-state (internal) • Nation-state (blended) • Nation-state (external) • Mercenary configurations (criminal) • Mercenary configurations (hacktivist) • Mercenary configurations (private sector) • Mercenary configurations (former/parallel) -- “Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors,” Juan Andres Guerrero-Saade Offensive toolchains: organisational structures
  • 32. Would you ever outsource a surgical strike to a private mercenary, because that’s what we are doing. Offensive toolchains: organisational structures
  • 33. Jointness is a software mechanism
  • 34. Successful strategies must proceed from the premise that cyberspace is continuously contested territory in which we can control memory and operating capabilities some of the time but cannot be assured of complete control all of the time or even of any control at any particular time. -- Surviving on a Diet of Poisoned Fruit, Richard Danzig Defend Forward as a forward-operated counterinsurgency
  • 35. • Highly attritive • Necessitates persistent engagement • Will remain fully extrajudicial Defend Forward as a forward-operated counterinsurgency
  • 36. LOAC doesn’t work in cyberspace • Rear Admiral Mohit Gupta’s assertion is misplaced • Cyber doctrines are assiduously divorcing themselves from the impracticality & dogma of law of armed conflict • Cyber effects are too cascading & cognitive to ever be accounted for like munitions • The generals should be leading from behind
  • 37. LOAC doesn’t work in cyberspace Augustine and Aquinas (and Mahabharat) had a stunningly long run…today’s world, based as it is on digital information and increasingly intelligent information-processing, points the way to a beast so big and so radically different, that the core of this duo’s insights needs to be radically extended. -- Selmer Bringsjord, Rensselaer Polytechnic Institute
  • 38. LOAC doesn’t work in cyberspace Paul Ney, the General Counsel of the U.S. Department of Defence: He talked about cyberspace, postulating a “common understanding” that international law principles apply, coupled with much disagreement about details, including the presumptive validity of “territorial analogies and precedents.” At the same time, he stressed the need for law to be cognizant of the U.S. cyber-strategy to “defend forward,” which did not necessarily line up neatly to “international territorial boundary lines.
  • 40. This multidimensional space [of data-driven behavioural modelling] is the battlefield… this abstract space of ideas. Adversaries are now able to visualise at that level. -- Dr David Perlman, applied physics from Caltech, electrical engineering at the University of Washington & cognitive sciences doctorate at University of Wisconsin-Madison Battlespace as an abstract space of ideas
  • 41. Commanding change Controlling agendas Setting preferences Joe Nye’s three faces of power
  • 43. Door in the face: The Overton Window
  • 44. Wg Cdr Keith Dear • RAF Intelligence Officer: Innovation lead in the UK’s Joint Warfare directorate & Air Staff’s Fellow, Research Fellow at Oxford’s Changing Character of War Programme • Warfare is fundamentally persuasive. So, it has a psychological/cognitive premise. Psychology must play a much greater role in your operational, tactical & strategic planning • Humans really are “biochemical algorithms, reducible to input-output mechanisms” • Kahneman-Tversky showed that we make probabilistic, predictable, replicable errors which’re exploitable (wow!)
  • 45. Wg Cdr Keith Dear • By 2020, data brokers would’ve 5200 GB of data/person. Imagine the role of intel officers • Netflix’s recommendation is quite akin to the military perspective of “reinforcing success.” PW Singer calls it weaponised experimentation • Bank of England replaces public opinion surveys with Spotify data (you can depress an adversary, too) • Shared stage with Dominic Cummings, key orchestrator of Brexit. Cummings at a behavioural science conference: “I didn’t employ anyone like you. I employed physicists & mathematicians for micro-targeting” • 1. Our social structures remain same throughout life (people change). That’s how you target Putin. 2. Most of our decisions are pre-ordained. 3. Germans, by creating the staff system, modelled Napoleon out of every soldier (humans = algorithms)