AFCEA TECHNET LAND FORCES EASTindianstrategicknowledgeonline.com/web/5CEMElementFinalPR.pdf ·...

Army Cyber Command/2nd ARMY

1 “Second to None!”

AFCEA TECHNET LAND

FORCES EAST

Topic 1: "Tactical and operational

Cyberspace modernization: the

CyberElectromagnetic (CEM) Element"

“Transforming Cyberspace While at War…

Can’t Afford Not To!”

OVERALL CLASSIFICATION OF THIS BRIEF IS

UNCLASSIFIED/APPROVED FOR PUBLIC RELEASE



U.S. Army Cyber Command

“Think there's great opportunity here for the Army to dominate in LandCyber. We're focused on integrating cyber at all levels and increasing the cyber capabilities we provide to commanders, in order to ensure mission command in the conduct of unified operations. This is all about mission command and maintaining our freedom to operate while taking it away from the enemy.”

LTG Rhett A. Hernandez 7 March 2012



Threats

In and From Cyberspace

Social Engineering - Cyber Capabilities

Integrated Bio - Cyber Capabilities

Weaponized Robotics

Reconnaissance and Surveillance Robotics

Weaponized Intelligent Code Based Cyber Bots

Compromised Embedded Processors

Compromised Embedded Network Interfaces

Integrated Smart Delivery /Defense Platforms

Integrated Smart Munitions

Malware, Denial of Service, Jamming

Science Fiction?

The Art of the Possible

Convergence of Technology

Current State of Technology



BASIC Visual Basic VBScript VB.net

(1975) BSD

IT, Internet, & Telecommunications

Over Time

1980 1985 1990 1995 2000 2005 2010

DOS

SunOS Solaris

Windows

Vista

Win 98

Win

95

Win

NT Win 7 Win 8

Server 08

UNIX (1971) HP-UX

AIX

Mac OS 9 OS/X

Red Hat RHEL

Debian SELinux Ubuntu Chrome

LINUX Kernel

Java

Java

Fedora

nexus

Mosiac

Netscape

IE

1,2 Mozilla

Safari

Firefox

Sea Monkey Chrome

IE

10

IE

3

IE

4

IE

5

IE

6

IE

7 IE

8

IE

9

Cyber Environment

DOS, BASIC

Windows

Web

Browsers

Linux, Mac

OS, *UX

SunOS

Solaris

Unix &

Variants

Server 2K Server 2003

(1968) ARPANET

Internet Service Providers – Internet Growth

ARPANET

SHUT DOWN

Telecomms

GPS AMPS

GSM/C

DMA 802.11a/b

VOIP IPv4 IPv6

Bluetooth

WiMAX GPRS

UMTS EDGE

Ethernet Fast Ethernet

GbEthernet 10GbE 100GbE

Mobile Internet

802.11g 802.11n

WEP WPA WPA2

SONET/SDH SONET/SDH WDM CWDM DWDM Android

Windows

Phone

Symbian

Phone

Blackberry

NO Cyber Medium

or Operating System

is Invulnerable




(1975) BSD

Initial Threat Exploitations

1980 1985 1990 1995 2000 2005 2010

DOS

SunOS Solaris

Windows

Vista

Win 98

Win

95

Win

NT Win 7 Win 8

Server 08

UNIX (1971) HP-UX

AIX

Mac OS 9 OS/X

Red Hat RHEL


LINUX Kernel

Java

Java

Fedora

nexus

Mosiac

Netscape

IE

1,2 Mozilla

Safari

Firefox

Sea Monkey Chrome

IE

10

IE

3

IE

4

IE

5

IE

6

IE

7 IE

8

IE

9

Cyber Environment:



GPS AMPS

GSM/C

DMA 802.11a/b

VOIP IPv4 IPv6

Bluetooth

WiMAX GPRS

UMTS EDGE



Mobile Internet

802.11g 802.11n

WEP WPA WPA2

SONET/SDH SONET/SDH WDM CWDM DWDM

HIGH

LOW

CNO INTRUDER KNOWLEDGE

CNO ATTACK TOOL SOPHISTICATION

Password Guessing

SELF-Replicating Code

Password Cracking

Known Vulnerability Exploits

Audit Disabling

Back Doors

Portsweeping

Network Mgmt & Diagnostics

Port Sniffing

GUI

Packet Spoofing

Automated Probes/Scans

Flexible (“Stealth”) Scan Techniques

DoS

Web Attacks

Cross-Site Scripting

Distributed Attack Tools (DDoS)

Auto-Coordinated Tools

Highjacking Sessions

Initially,

Intruder Knowledge High

Tool Sophistication Low




(1975) BSD

Threat Prowess Improves

1980 1985 1990 1995 2000 2005 2010

DOS

SunOS Solaris

Windows

Vista

Win 98

Win

95

Win

NT Win 7 Win 8

Server 08

UNIX (1971) HP-UX

AIX

Mac OS 9 OS/X

Red Hat RHEL


LINUX Kernel

Java

Java

Fedora

nexus

Mosiac

Netscape

IE

1,2 Mozilla

Safari

Firefox

Sea Monkey Chrome

IE

10

IE

3

IE

4

IE

5

IE

6

IE

7 IE

8

IE

9

Cyber Environment:



GPS AMPS

GSM/C

DMA 802.11a/b

VOIP IPv4 IPv6

Bluetooth

WiMAX GPRS

UMTS EDGE



Mobile Internet

802.11g 802.11n

WEP WPA WPA2


HIGH

LOW



ARF-ARF vs. IBM

PC

BRAIN-BOOT / Pakistani Flu vs.

IBM PC Compatibles

Vienna, Lehigh, Stoned, Ping-Pong, Cascade, Jerusalem, SCA/Byte Bandit, Christmas Tree

Wild spread/Worldwide Impact: Jerusalem, Festering Hate,

Morris Worm

Chameleon (Polymorphic

Virus)

Michelangelo

Freddy Kruger

One-Half (Polymorphic)

Concept (Macro Virus)

Happy99, Melissa ExploreZip, Kak

ILOVEYOU/Barok, Pikachu, Hybris

Simile, Beast, MyLife, Optix Pro

SQL Slammer/Sapphire, Graybird, ProRat/RAT, Blaster, Welchia, SoBig, Swen,

Sober, Agobot, Bolgimo

Bagel, MyDoom, Netsky, Witty, Sasser, Caribe, Nuclear RAT, Vundo/Virtumode,

Bifrost, Santy

Zotob, Samy, Zlob,

Bandook

Nyxem, Leap/Oompa, Brontok, Stration

Storm, Zeus

Mocmex, Torpig, Rustock, Bohmini,

Koobface, Conficker

W32.Dozer, Daprosy

STUXNET, “Here You

Have” Zeus/SpyEye Merged Code

New Technology

Yields Extraordinary Vulnerabilities

& Opportunities




(1975) BSD

Infused w/Intelligence

BotNet as A Warfighter

1980 1985 1990 1995 2000 2005 2010

DOS

SunOS Solaris

Windows

Vista

Win 98

Win

95

Win

NT Win 7 Win 8

Server 08

UNIX (1971) HP-UX

AIX

Mac OS 9 OS/X

Red Hat RHEL


LINUX Kernel

Java

Java

Fedora

nexus

Mosiac

Netscape

IE

1,2 Mozilla

Safari

Firefox

Sea Monkey Chrome

IE

10

IE

3

IE

4

IE

5

IE

6

IE

7 IE

8

IE

9

Cyber Environment:



GPS AMPS

GSM/C

DMA 802.11a/b

VOIP IPv4 IPv6

Bluetooth

WiMAX GPRS

UMTS EDGE



Mobile Internet

802.11g 802.11n

WEP WPA WPA2


One-on-One

Attacks only

Appearance of

Multiple Boot-Sector

Viruses at the

Campus, Regional,

and Worldwide

levels.

First Worm spreads “in

the wild”, First Buffer

Overflows

Viruses Spreading

from Network to

Network

1st Massive

Damage to

World

Financial

Institutions

Damage to Individual & World

Business & Financial Institutions

Continue

Mobile

Phone &

1st MAC

OS X

Viruses

BOTNETS

CYBER

WARFARE

(Europe)

STUXNET

ZOMBIES

MIL/Nation-State Use of

CYBER Weaponry

One or More

MIL/Nation States

using Cyber

Weaponry

Potential of

MIL/Nation-

State use of

BOTNETS &

ZOMBIES

Viruses Spreading

from BBSes to

Mainstream

Networks



Coordinated Attacks

Against Multiple Target Sets

Potential for Strategic Consequence



The Op/Tac Cyber Gap

• Brigade level and above staffs lack the appropriate organization for situational awareness, expertise and capability to integrate all aspects of the Cyber Electromagnetic (CEM) contest : - Situational Awareness/Common Operating Picture - Offense - Defense - Support, and the necessary “practitioner‟ expertise for the CEM tasks that they must execute. - Each echelon lacks sufficient expertise/capability to request C/EM capabilities resident at higher echelons.



Mission Command applies unified force (Land and Cyber) to establish optimal combination of effects to achieve objectives

CYBERSPACE DOMINATION

LAND DOMINATION

Mission Command Unified Effects

?

Current Situation Where We Need to Go

USCC Initiatives

ARMY Initiatives

UNIFIED OPERATIONS

How do we link?

CAM/WAS

Operational Adaptability

9

LandCyber

(Unified Operations)



Cyber Electromagnetic

(CEM) Element

Fires

Operational

Integration,

Electronic

Warfare

(29 Series)

Cyber

Warfare,

Intelligence

(35 Series)

Cyber

NetOps

(25 Series)

PlansCurrent

Operations

Integrating Cells

Future

Operations

ProtectionSustainment

Maneuver

Mission

Command

Intelligence

The CEM element &

working group

accomplish two primary

functions:

• Integrate and

synchronize CEM

capabilities and activities to

achieve desired conditions

in cyberspace and the

electromagnetic spectrum

• Integrate CEM

capabilities and activities

into the combined arms

operation.

Human



Enable

Msn Cmd

NA

TIO

NA

L R

EGIO

NA

L O

PS

/ TA

CTI

CA

L

Futu

re B

uild

National Targets

Regional Targets

OPS/Tactical Targets

EMS / C

ybe

rspace

Network Mapping

Defend

Close Access Operations

Attack

Cyb

er

Infr

astr

uct

ure

(“N

od

es”

)

Cyber Centers Integrate/De-conflict/Add Visibility

Modify Machine Behavior

Modify Human Behavior

Collection

Distributed Warfighting Platform Creates Effects

Cyberspace / EM Operations





11

CEM at

Army Echelon



Integrated Warfighting Platform

Mission Command

CEM Element

7/39 IIA

Element Signal

Capability

MI Capability

Leads Directs Tasks

Orders

Cdr’s Desired Effects

Build, Operate, Maintain, Defend Mission Command Exploit, Attack and Influence Adversary Mission Command

Cyber Capability

- Platforms of EW - E and A of Cyber - D support of Cyber

- B, O, M, D of Cyber - IA of Cyber - Enterprise Management of Cyber

Mission Command

6 NETOPs Center 2

ACE EW

Capability

IIA Capability

Guides WfFs/Staff

Process

2/3/6 Staff Integration Integrated Cyber

Warfighting Platform

3

NETWORK



The Joint

Cyber Support Element

Cyber Support Elements (CSE)

Organized from USCYBERCOM forces and stationed with CCDRs for full

integration with their staff. Provide SMEs for cyberspace operations, planning,

and other related functions.

Expeditionary Cyber Support Element (ExCSE)

A forward-deployed element of USCYBERCOM (or service cyber component)

personnel temporarily augmenting the CSE in CCDR designated locations during

an operation

13

Spec Integration

Sea Integration

Land Integration

Air Integration

CCMD USCYBERCOM

JCC

CSE

JTF

ExCSE

JFACC

ExCSE

JFLCC

ExCSE

JFMCC

ExCSE

JFSPOC

ExCSE

JOC JTF

ExCSE

JTF

ExCSE



Questions

“Transforming Cyberspace While at War…

Can’t Afford Not To!”

AFCEA TECHNET LAND FORCES EASTindianstrategicknowledgeonline.com/web/5CEMElementFinalPR.pdf ·...

Documents

Transcript of AFCEA TECHNET LAND FORCES EASTindianstrategicknowledgeonline.com/web/5CEMElementFinalPR.pdf ·...