Tag Archives: cyberspace

Where the Money Goes: 2015 US Military Spending

Railgun. Image from wikipedia

U.S. Deputy Defense Secretary Robert Work on Wednesday, Jan. 28, 2015 urged NATO allies to develop and make more innovative weapons, and said bold action was needed to stay ahead of rapid weapons development by China, Russia and other countries.  Work said the Pentagon has a new plan called “Defense Innovation Initiative” and a separate effort targeting longer-term projects to ensure that the United States continues to have a decisive competitive advantage against potential foes.

Work said concerns about advances by other countries were a key reason that the Pentagon’s fiscal 2016 budget plan to be delivered to Congress will exceed budget caps set by Congress and reverse five years of declines in U.S. military spending.   He said the budget would include “significant” investments in nuclear weapons, space control capabilities, advanced sensors, missile defense and cyber, as well as unmanned undersea vehicles, high-speed strike weapons, a new jet engine, high-energy lasers and rail gun technology…..Lockheed Martin Corp  and Boeing  and other key weapons makers have repeatedly urged the Pentagon to step up investments in key technologies….

Kendall said the department would also earmark funds for development and prototyping of a new “next-generation X-plane” that would eventually succeed the F-35 fighter jet, and a new engine.

Excerpts, ANDREA SHALAL, Pentagon official urges NATO to focus on innovative weapons. Jan 28, 2015

Plan X for Cyberbattle: DARPA

The Defense Advanced Research Projects Agency (DARPA) Information Innovation Office (I2O) will host a Proposers’ Day in support of the anticipated Broad Agency Announcement (BAA) for the Plan X program.  The Proposers’ Day Workshop will be held on 27 September at the DARPA Conference Center, 675 N. Randolph Street, Arlington, VA from 0900 to 1600 EDT. There will be an unclassified session in the morning and a classified SECRET session in the afternoon. Attendance at the afternoon session is limited to individuals with US DOD SECRET clearances or higher. Neither session is open to the general public or members of the media. It is anticipated that the Plan X BAA will be released by the end of September 2012.

PROGRAM OBJECTIVE AND DESCRIPTION

The objective of the Plan X program is to create revolutionary technologies for understanding, planning, and managing cyberwarfare in real-time, large-scale, and dynamic network environments. Plan X will also conduct novel research into the nature of cyberwarfare and support development of fundamental strategies and tactics needed to dominate the cyber battlespace. The Plan X program is explicitly not funding research and development efforts in vulnerability analysis or cyberweapon generation.

DARPA seeks innovative research in four key areas in support of Plan X:

• Understanding the cyber battlespace: This area focuses on developing automated analysis techniques to assist human operators in planning cyber operations. Specifically, analyzing large-scale logical network topology characteristics of nodes (i.e., edge count, dynamic vs. static links, usage) and edges (i.e. latency, bandwidth, periodicity).

• Automatically constructing verifiable and quantifiable cyber operations: This area focuses on developing high-level mission plans and automatically synthesizing a mission script that is executed through a human-on-the-loop interface, similar to the auto-pilot function in modern aircraft. This process will leverage formal methods to provably quantify the potential battle damage from each synthesized mission plan.

• Developing operating systems and platforms designed to operate in dynamic, contested, and hostile network environments: This area focuses on building hardened “battle units” that can perform cyberwarfare functions such as battle damage monitoring, communication relay, weapon deployment, and adaptive defense.

• Visualizing and interacting with large-scale cyber battlespaces: This area focuses on developing intuitive views and overall user experience. Coordinated views of the cyber battlespace will provide cyberwarfare functions of planning, operation, situational awareness, and war gaming.

A system architecture team is also sought to lead the end-to-end Plan X system development. This will include working with Plan X performers to develop the standard system application programming interfaces, data format specifications, and performer integration schedule. The system architecture team will also be responsible for purchasing Plan X system infrastructure and hardware.  The Plan X program is structured around an on-site DARPA cyberwar laboratory where performers will continuously integrate developing technologies into the end-to-end Plan X system.

Excerpt from: Special Notice Plan X Proposers’ Day Workshop, DARPA-SN-12-51, August 17, 2012

Foundational Cyberwarfare (Plan X)

Proposers’ Day Workshop, 27 September 2012

Digital Bombs: DARPA and the Digital Battlefield

The Pentagon is turning to the private sector, universities and even computer-game companies as part of an ambitious effort to develop technologies to improve its cyberwarfare capabilities, launch effective attacks and withstand the likely retaliation.  The previously unreported effort, which its authors have dubbed Plan X, marks a new phase in the nation’s fledgling military operations in cyberspace, which have focused more on protecting the Defense Department’s computer systems than on disrupting or destroying those of enemies.  Plan X is a project of the Defense Advanced Research Projects Agency, a Pentagon division that focuses on experimental efforts and has a key role in harnessing computing power to help the military wage war more effectively.  “If they can do it, it’s a really big deal,” said Herbert S. Lin, a cybersecurity expert with the National Research Council of the National Academies. “If they achieve it, they’re talking about being able to dominate the digital battlefield just like they do the traditional battlefield.”

Cyberwarfare conjures images of smoking servers, downed electrical systems and exploding industrial plants, but military officials say cyberweapons are unlikely to be used on their own. Instead, they would support conventional attacks, by blinding an enemy to an impending airstrike, for example, or disabling a foe’s communications system during battle.  The five-year, $110 million research program will begin seeking proposals this summer. Among the goals will be the creation of an advanced map that details the entirety of cyberspace — a global domain that includestens of billions of computers and other devices — and updates itself continuously. Such a map would help commanders identify targets and disable them using computer code delivered through the Internet or other means.

nother goal is the creation of a robust operating system capable of launching attacks and surviving counterattacks. Officials say this would be the cyberspace equivalent of an armored tank; they compare existing computer operating systems to sport-utility vehicles — well suited to peaceful highways but too vulnerable to work on battlefields.   The architects of Plan X also hope to develop systems that could give commanders the ability to carry out speed-of-light attacks and counterattacks using preplanned scenarios that do not involve human operators manually typing in code — a process considered much too slow.  Officials compare this to flying an airplane on autopilot along predetermined routes.  It makes sense “to take this on right now,” said Richard M. George, a former National Security Agency cyberdefense official. “Other countries are preparing for a cyberwar. If we’re not pushing the envelope in cyber, somebody else will.”

The shift in focus is significant, said officials from the Pentagon agency, known by the acronym DARPA. Cyber-operations are rooted in the shadowy world of intelligence-gathering and electronic-spying organizations such as the NSA.  Unlike espionage, military cyber­attacks would be aimed at achieving a physical effect — disrupting or shutting down a computer, for example — and probably would be carried out by the U.S. Cyber Command, the organization that was launched in 2010 next to the NSA at Fort Meade.  “Because the origins of cyberattack have been in the intelligence community, there’s a tendency to believe that simply doing more of what they’re doing will get us what we need,” said Kaigham J. Gabriel, acting director of DARPA. “That’s not the way we see it. There’s a different speed, scale and range of capabilities that you need. No matter how much red you buy, it’s not orange.”

Plan X is part of a larger DARPA effort begun several years ago to create breakthrough offensive and defensive cyber-­capabilities.  With a cyber budget of $1.54 billion from 2013 to 2017, the agency will focus increasingly on cyber-offense to meet military needs, officials say. DARPA’s research is designed to foster long-shot successes. In addition to helping create the Internet, the agency’s work gave rise to stealth jet technology and portable global-positioning devices.   “Even if 90 percent of their ideas don’t pan out,” said Martin Libicki, a cyberwar expert at Rand Corp., “the 10 percent that are worthwhile more than pay back the difference.”

A digital battlefield map, as DARPA envisions it, would plot nodes on the Internet, drawing from a variety of sources and changing as cyberspace changes.  “In a split microsecond you could have a completely different flow of information and set of nodes,” Gabriel said. “The challenge and the opportunity is to create a capability where you’re always getting a rapid, high-order look of what the Internet looks like — of what the cyberspace looks like at any one point in time.”  The ideal map would show network connections, analyze how much capacity a particular route has for carrying a cyberweapon and suggest alternative routes according to traffic flows, among other things.

The goal would be a visual representation of cyberspace that could help commanders make decisions on what to attack and how, while seeing any attacks coming from an enemy.  Achieving this will require an enormous amount of upfront intelligence work, experts say.  Michael V. Hayden, a former NSA director and a former CIA director, said he can imagine a map with red dots representing enemy computers and blue dots representing American ones.  When the enemy upgrades his operating system, the red dots would blink yellow, meaning the target is out of reach until cyber operators can determine what the new operating system is…

Plan X also envisions the development of technology that enables a commander to plan, launch and control cyberattacks.  A commander wanting to hit a computer that controls a target — a strategically important drawbridge in enemy territory, for example — should be able to predict and quantify battle damage while considering the timing or other constraints on a possible attack, said Dan Roelker, Plan X program manager.

Cyberwar experts worry about unintended consequences of attacks that might damage the flow of electricity to civilian homes or hospitals. A targeting system also should allow operators to stop a strike or reroute it before it damages systems that are not targeted — a fail-safe mechanism that experts say would be very difficult to engineer.  DARPA will not prescribe what should be represented on the digital map.  Some experts say they would expect to see power and transportation systems that support military objectives.

Daniel Kuehl, an information warfare professor at the National Defense University’s iCollege, said the Air Force built its history around attacks on infrastructure — in Korea, Vietnam, Serbia and Iraq.  “In all of those conflicts,” he said, “we went after the other side’s electricity with bombs.”  Today, he said, cyberweapons could be more humane than pulverizing power grids with bombs.

If a cyberwarrior can disrupt a computer system controlling an enemy’s electric power, the system theoretically can also be turned back on, minimizing the impact on civilians.  But retired Gen. James E. Cartwright, who as vice chairman of the Joint Chiefs of Staff until August pushed to develop military cyber-offense capabilities, said the military is focused less on power grids than on “tanks and planes and ships and anything that carries a weapon.”  “The goal is not the single beautiful target that ends the war in one shot. That doesn’t exist,” said Cartwright, who is now with the Center for Strategic and International Studies. “The military needs more of a brute-force approach that allows it to get at a thousand targets as quickly as possible.

Ellen Nakashima, With Plan X, Pentagon seeks to spread U.S. military might to cyberspace, Washington Post, May 30, 2012

United States Cyber Range, how to replicate the internet to test cyberweapons

Replicating the complexity of thousands of globally interconnected network systems is a challenge faced by researchers developing tools to protect our nation against the growing threat of cyber attacks. Sophisticated attacks as well as adaptive malware have the ability to devastate defense and commercial networks. DARPA was tasked by the Comprehensive National Cybersecurity Initiative (CNCI) to “establish a front line of defense against today’s immediate threats by creating or enhancing…the ability to act quickly to reduce our current vulnerabilities and prevent intrusions” (National Security Presidential Directive 54 (NSPD)-54) .

Under the National Cyber Range (NCR) program, DARPA has developed the architecture and software tools for a secure, self-contained testing capability to rapidly emulate large-scale complex networks that match the depth and diversity of real-world networks. The capability, demonstrated at scale with an operational prototype, will enable realistic testing and evaluation of new cyberspace concepts, policies and technologies by the Department of Defense (DoD) and other federal entities. DoD’s Strategy for Operating in Cyberspace, released in July 2011, highlights the NCR’s role in DoD’s pursuit of revolutionary cyberspace technologies.

The NCR complements federal cyber testing capabilities by providing rapid and automated configurability and scalability for users across the government. It should provide a 5-10x reduction in the time and cost to test and evaluate new cyber tools while improving confidence in the real-world performance of these tools, a vital feature considering the extremely dynamic and evolving real-world cyber threat. The NCR is designed to allow potentially virulent code to be introduced and tested on the range without compromising the range itself. Additionally, multiple experiments will be able to run on the range simultaneously at different security levels, maximizing the range’s use across government agencies.

The NCR program began in 2009 and has been developed in three phases. The current phase (Phase II-B) will involve operation and beta testing of the prototype range; enhancing existing software tools to ensure that the range hardware and software are stable and to allow for a seamless transition; developing a business model for sustainable range operation beyond fiscal year 2012; and to transition the range and associated technologies to USCYBERCOM and other government organizations.

See DAPRA

United States New Cyberspace Strategy

In March, a cyber attack on a defense company’s network captured 24,000 files containing Defense Department information.Deputy Defense Secretary William J. Lynn III announces the Defense Department’s Strategy for Operating in Cyberspace at National Defense University at Fort Lesley J. McNair in Washington, D.C., July 14, 2011. It is the department’s first unified strategy for operating in cyberspace.

Nations typically launch such attacks, Deputy Defense Secretary William J. Lynn III said today, but a growing risk of terrorist groups and rogue states developing similar capabilities drives the need to strengthen the nation’s cyber defenses.  “All of the advanced capabilities we have, whether it’s targeting or navigation or communication, … have a backbone that’s run through information technology,” he said. “So if you’re a smart adversary and you’re seeking an asymmetric way to come at the United States, cyber will appear to you very, very quickly.”

Lynn spoke to Pentagon reporters about how the Defense Department’s new Strategy for Operating in Cyberspace counters such threats. Officials released an unclassified version of the strategy today.

Attacks in cyberspace are hard to trace to the source, which makes retaliation an ineffective strategy, Lynn said, noting that DOD’s approach is to harden defenses and reduce incentives for attacks.  The strategy rests on five pillars, he said: treat cyber as a domain; employ more active defenses; support the Department of Homeland Security in protecting critical infrastructure networks; practice collective defense with allies and international partners; and reduce the advantages attackers have on the Internet.

The department established U.S. Cyber Command in May 2010 to address the Internet as a domain, just as it does land, sea, air and space. Cyber Command develops doctrine, training and equipment for cyber defense, Lynn said.“We have, within Cyber Command, a full spectrum of capabilities, but the thrust of the strategy is defensive,” Lynn said. “We think we need to be able to defend our networks just to maintain our offensive advantages in all of the other areas.”  Lynn said the active defense facet of the strategy seeks to avoid a “Maginot Line” approach, focused only on the perimeter.  “You want to be able to hunt on your own networks, to find things that get past the perimeter,” he said. “It’s a more dynamic approach to defense.”

Lynn said DOD is responsible for defending military networks, but the Department of Homeland Security is responsible for government networks and working with the private sector on defending critical infrastructure. But the Pentagon has an important role to play supporting Homeland Security’s efforts, Lynn said, because it relies on the power grid and the transportation and financial networks.  “If we were in some sort of world where we were able to protect the military networks and the power grid went down, that would not be good militarily,” he said.

“We think that over time, research and development money might rebalance that somewhat and impose costs on the attacker,” Lynn said, offering as an example of promising technology the ability to encrypt data at rest without increasing processing time, which the Defense Advanced Research Projects Agency and private-sector companies are working to develop.  “That’s the kind of thing that would … give more advantages to the defender. So if you broke in [to a network] you would then have to decrypt the data,” he said. “It’s a much, much harder problem for an attacker.”

In the 1980s and 1990s, DOD invested in high-performance computing for cryptanalysis and other military applications, Lynn noted.“That helped seed a whole industry,” he said. “It helped, I think, accelerate the development of technologies.”   Similar advances can result from the department’s efforts now, he said, noting DOD’s cyber investment includes a half billion dollars in research funding for DARPA in the last budget. “We’ve got a very strong partnership with our defense industrial base now,” he said. “We have, I think, worked through processes where we’re sharing data, sharing an understanding of the threat … and that just strengthens everybody.”

Close cooperation among DOD, other agencies and private industry limits risk, Lynn said, because defenses can be put in place quickly to limit the spread of harmful attacks.  DOD also coordinates with defense companies and the information technology industry through the enduring security framework, he said, which allows the department to solicit technical solutions to threats.  “It’s a very soft touch,” he said. “This is a collaborative forum. … There’s no government direction in that, but we’ve seen several specific instances where they have indeed made upgrades based on the description of the threats.”

On the international front, the United States has reached agreements with NATO, as well as with individual nations, including the United Kingdom and Australia, Lynn said.  “The White House just put out an international strategy with the idea of broadening that group of international partners,” he added.  “There certainly are sovereignty issues,” Lynn said. “I think that’s where collective defense is a critical element. If you exchange information about the kinds of threats, the kinds of signatures you’re seeing, … you’re able to get early warning.”

By Karen Parrish, Lynn: Cyber Strategy’s Thrust is Defensive, American Forces Press Service, July 14, 2011 –