The Revolution in Military Affairs has
Set the Stage for Cyberwar

Richard Stiennon
Chief Research Analyst
IT-Harvest
!
Ex...
!
twitter.com/cyberwar
securitycurrent
1996 Taiwan Straits Crisis
"Admiral Clemens was able to use e-mail, a very graphic-
rich environment, and video teleconfer...


The Revolution in Military Affairs
• Roman centuries
• Long bow and battle of Crecy
• Napoleon’s staff command
• Machine...
The Modern RMA
• Operation Desert
Storm leads to:
• Russian
assessment of
precision
weapons
ISR

 


 C&C
securitycurrent
Andrew Marshall: Enigmatic
Strategist
securitycurrent
Andrew W. Marshall (born September 13, 1921) is the director
of the ...


Arthur Cebrowski: Evangelist
securitycurrent
“Network Centric
Warfare should be the
cornerstone of
transformation. If yo...
The Dream
securitycurrent
Total Situational Awareness eliminates “the fog of war”!
!
Red Team - Blue Team identification!
!...
Network Centric Warfare
securitycurrent
Everything connected (like the Internet)
!
Satellite-Planes-Drones-Ground-Sea base...
IT-Harvest Confidential
Deja vu all over again
We’ve seen this story payed out before in the enterprise. !
!
First network...
IT-Harvest Confidential
How the Military Failed in Security
April 1, 2001 a Navy EP-3E was forced down and
captured by Chi...
IT-Harvest Confidential
How the Military Failed in Security
Pentagon email servers
p0wned 2007!
!
Terabytes of data
exfiltr...
IT-Harvest Confidential
Military IT Security Failures
The Wake Up Call !
!
BUCKSHOT YANKEE !
!
Agent.btz introduced via th...
IT-Harvest Confidential
Drone madness 1
IT-Harvest Confidential
Drone madness 2
IT-Harvest Confidential
Drone madness 3
SATCOM Vulns
securitycurrent
• “We uncovered
what would
appear to be
multiple
backdoors,
hardcoded
credentials,
undocument...
Software Assurance maturity came after most new
weapons platforms were sourced.
securitycurrent
One Air Force study of 3 m...
The F-35 Joint Strike Fighter
securitycurrent
!
“JSF software development is one
of the largest and most complex
projects ...
The F-35 Joint Strike Fighter
• Nine million lines of onboard code
could mean 128,000 critical vulns
• 15 million lines of...
Taiwan Straits Crisis. 2015?
securitycurrent
GPS hacks deflect jets away from tankers
!
Mission tasking subverted
!
Commun...
A Working Definition of Cyberwar
securitycurrent
The use of network and computer attack to
support the operations of a mil...
Cyber Pearl Harbor Defined
securitycurrent
An overwhelming defeat of US forces due to
!
enemy information dominance.
securitycurrent
securitycurrent
securitycurrent.com
!
!
email: richard@it-harvest.com
!
Twitter: twitter.com/cyberwar
Upcoming SlideShare
Loading in …5
×

How the Revolution in Military Affairs has set the stage for future cyberwars

1,101 views

Published on

Force transformation towards a Network Centric Warfare stance has left major militaries vulnerable to defeat in future cyberwars

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,101
On SlideShare
0
From Embeds
0
Number of Embeds
13
Actions
Shares
0
Downloads
83
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

How the Revolution in Military Affairs has set the stage for future cyberwars

  1. 1. The Revolution in Military Affairs has Set the Stage for Cyberwar
 Richard Stiennon Chief Research Analyst IT-Harvest ! Executive Editor securitycurrent.com ! twitter.com/cyberwar securitycurrent
  2. 2. ! twitter.com/cyberwar securitycurrent
  3. 3. 1996 Taiwan Straits Crisis "Admiral Clemens was able to use e-mail, a very graphic- rich environment, and video teleconferencing to achieve the effect he wanted", which was to deploy the carrier battle groups in a matter of hours instead of days.” -Arthur Cebrowski USS Nimitz and USS Independence deploy to Taiwan. securitycurrent
  4. 4. 
 The Revolution in Military Affairs • Roman centuries • Long bow and battle of Crecy • Napoleon’s staff command • Machine guns • Mechanized armor, blitzkrieg securitycurrent
  5. 5. The Modern RMA • Operation Desert Storm leads to: • Russian assessment of precision weapons ISR C&C securitycurrent
  6. 6. Andrew Marshall: Enigmatic Strategist securitycurrent Andrew W. Marshall (born September 13, 1921) is the director of the United States Department of Defense's Office of Net Assessment.
  7. 7. 
 Arthur Cebrowski: Evangelist securitycurrent “Network Centric Warfare should be the cornerstone of transformation. If you are not interoperable you are not on the net. You are not benefiting from the information age”.
  8. 8. The Dream securitycurrent Total Situational Awareness eliminates “the fog of war”! ! Red Team - Blue Team identification! ! Central Command and Control. Distributed battle command.! ! Networked Intelligence, Surveillance Reconnaissance (ISR)
  9. 9. Network Centric Warfare securitycurrent Everything connected (like the Internet) ! Satellite-Planes-Drones-Ground-Sea based sensor grid ! Instant communication over a Global Grid
  10. 10. IT-Harvest Confidential Deja vu all over again We’ve seen this story payed out before in the enterprise. ! ! First network everything. Take advantage of connectivity and ubiquity to re-invent commerce, social interactions, and communications. ! ! Second: succumb to attacks from hackers, cyber criminals, hacktivists, and nation states.! ! Finally: Layer in security
  11. 11. IT-Harvest Confidential How the Military Failed in Security April 1, 2001 a Navy EP-3E was forced down and captured by China. Top secret OS compromised! ! In 2008 China blatantly flooded communication channels known to be monitored by the NSA with decrypted US intercepts, kicking off a major re-deployment. SEVEN years too late. ! ! ! ! !
  12. 12. IT-Harvest Confidential How the Military Failed in Security Pentagon email servers p0wned 2007! ! Terabytes of data exfiltrated to China from the Defense Industrial Base. The target? Joint Strike Fighter design data.! ! ! !
  13. 13. IT-Harvest Confidential Military IT Security Failures The Wake Up Call ! ! BUCKSHOT YANKEE ! ! Agent.btz introduced via thumb drive in a forward operations command (Afghanistan?) ! ! EVERY Windows machine re-imaged in the entire military (3 million +) at a cost of $1 Billion.
  14. 14. IT-Harvest Confidential Drone madness 1
  15. 15. IT-Harvest Confidential Drone madness 2
  16. 16. IT-Harvest Confidential Drone madness 3
  17. 17. SATCOM Vulns securitycurrent • “We uncovered what would appear to be multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms.” - IOActive
  18. 18. Software Assurance maturity came after most new weapons platforms were sourced. securitycurrent One Air Force study of 3 million lines of code revealed: ! ! One software vulnerability per 8 lines of code ! ! One high vulnerability per 31 lines of code! ! One critical vulnerability for 70 lines of code
  19. 19. The F-35 Joint Strike Fighter securitycurrent ! “JSF software development is one of the largest and most complex projects in DOD history.” ! ! -Michael J. Sullivan, Director Acquisition and Sourcing Management for the DoD:!
  20. 20. The F-35 Joint Strike Fighter • Nine million lines of onboard code could mean 128,000 critical vulns • 15 million lines of logistics code could mean another 214,000 critical vulns • What could possibly go wrong? securitycurrent
  21. 21. Taiwan Straits Crisis. 2015? securitycurrent GPS hacks deflect jets away from tankers ! Mission tasking subverted ! Communications intercepts mislead commander ! Radar jamming masks enemy movement ! Result? ! Military defeat
  22. 22. A Working Definition of Cyberwar securitycurrent The use of network and computer attack to support the operations of a military force.
  23. 23. Cyber Pearl Harbor Defined securitycurrent An overwhelming defeat of US forces due to ! enemy information dominance.
  24. 24. securitycurrent
  25. 25. securitycurrent securitycurrent.com ! ! email: richard@it-harvest.com ! Twitter: twitter.com/cyberwar

×