Cybersecurity
Cybersecurity
Posted on Mar 20, 2015
Do we need to use offensive cyber capabilities? - Cyber chief: Efforts to deter attacks against the U.S. are not working
4.35K
3
4
2
2
0
“We’re at a tipping point,” said Adm. Michael S. Rogers, who also directs the National Security Agency, at a hearing of the Senate Armed Services Committee. “We need to think about: How do we increase our capacity on the offensive side to get to that point of deterrence?”
Rogers noted that the command, which launched in 2010, has focused mostly on defense. But, he said, “in the end, a purely defensive, reactive strategy will be both late to need and incredibly resource-intense.”
His testimony picks up where his predecessor, retired Gen. Keith Alexander, left off. Alexander, who retired last year and started a cybersecurity firm, had long advocated a more robust offensive capability. But concerns over the years from the White House, the State Department and even some within the Pentagon that the use of cyberweapons could trigger unintended consequences and might harm diplomatic relations have slowed their deployment.
Read the entire article:
http://www.washingtonpost.com/world/national-security/head-of-cyber-command-us-may-need-to-boost-offensive-cyber-powers/2015/03/19/1ad79a34-ce4e-11e4-a2a7-9517a3a70506_story.html
Rogers noted that the command, which launched in 2010, has focused mostly on defense. But, he said, “in the end, a purely defensive, reactive strategy will be both late to need and incredibly resource-intense.”
His testimony picks up where his predecessor, retired Gen. Keith Alexander, left off. Alexander, who retired last year and started a cybersecurity firm, had long advocated a more robust offensive capability. But concerns over the years from the White House, the State Department and even some within the Pentagon that the use of cyberweapons could trigger unintended consequences and might harm diplomatic relations have slowed their deployment.
Read the entire article:
http://www.washingtonpost.com/world/national-security/head-of-cyber-command-us-may-need-to-boost-offensive-cyber-powers/2015/03/19/1ad79a34-ce4e-11e4-a2a7-9517a3a70506_story.html
North Korea
Threat
Cybersecurity
Posted 9 y ago
Responses: 3
1
1
0
It is not an issue of having cyber of offense weapons but of specified targeted use. The US can simply make countries disappear off the routing tables through use of ICANN, but there is huge collateral damage (civ, economic, diplomatic) when using these tactics. Normally a cyber attacker will route attack through multiple neutral country launch points or civilian unprotected servers and we have no means to attack them or strike back and get the bad guy. The other issue is what is more important, exploitation or kinetic action? Really it is a balancing act and strategic decision when it comes to use of cyber capabilities. Some abilities are cut in dry such as jamming within theatre but for long haul circuit offensive actions, it is a grey area and how do you determine effects.
(1)
(0)
0
0
0
There is a fundamental issue of deterrence when it comes to cyber. In many academic circles, they compare cyber to nukes which just don't work. The devastation of nukes can be easily measured and the horrors can be easily imagined. Offensive Cyber works on the notion of secrecy. You can just say trust me, i can hack you. If the goal is the create international norms concerning nation state cyber warfare, this may work to a certain degree but it will be limited to nation states with a vast intelligence enterprise. It will have very little effect on criminal and non-state organizations where cyber attacks are consider crimes not acts of war.
In cyber virtually anyone with a computer and a network connection has the means to produce an offensive cyber effect. Deterrence by increasing the number of offensive cyber operators/weapons is not going to work on the 2.94B users of the internet.
The bigger issue on the defensive side for CYBERCOM will be authorities...they are only tasked with protecting the DODIN not all of the US Federal Government or the Critical Infrastructure that underpins the US and its economy.
In cyber virtually anyone with a computer and a network connection has the means to produce an offensive cyber effect. Deterrence by increasing the number of offensive cyber operators/weapons is not going to work on the 2.94B users of the internet.
The bigger issue on the defensive side for CYBERCOM will be authorities...they are only tasked with protecting the DODIN not all of the US Federal Government or the Critical Infrastructure that underpins the US and its economy.
(0)
(0)
0
0
0
This article is spot on, in my opinion, SSG Norman Lihou. Playing defense in this "game" is too little too late. The attackers come, get what they want, leave, and we investigate what happened. That's a pitiful excuse for a cyber strategy. Something like closing the barn door after all the horses have run out.
(0)
(0)
Lt Col (Join to see)
Great point but the US has publicly stated it would use kinetic means to address attackers as well....that has had little effect. Also, we need to clearly define what "attack" means. Simply entering a network and stealing information is not an attack, its espionage. There are considerable negative effects as a result but would you call that an attack? I would argue these are functions of intelligence / counterintelligence within the cyber domain and not necessarily combat operations.
(0)
(0)
Read This Next
Continue with Facebook 
Continue with Google