I want to talk a little bit about what we’re doing from a cyber-security perspective and what we hope to get out of the exercises going on today from the Cyber Storm perspective. I think it’s important to note that when most people think about DHS they think either about TSA or Border Patrol agents or other physical presence in security situations and it’s important to realize that DHS has an important role in cyber security. And even though cyber security is not tangible or as tangible as some of the other security aspects that we deal with at DHS it’s a very, very important issue and it’s important threats and arrows that we’re dealing with as a department.
Boston Dynamics has just released a brand new video of their DARPA-funded Big Dog robot. Big Dog, the older brother of the Little Dog robot we covered a while back, is meant to be a "pack mule" for soldiers some day. Behind Big Dog is some pretty cool force-controlled technology. With its quadruped gait it can regain balance if it's kicked, handle rough terrain like rocks, and climb inclines up to 35 deg.
In this new video, in addition to some footage from previous videos, you can see it handling slippery ice, slopes in deep snow, and demoing its new walking gait. About halfway through is the ice part -- this thing is better than I am at regaining balance. There's also a demo of it carrying a 340 lb load, much heavier than it has managed in the past. And I LOVE the hopping/jumping at the end.
One warning, you might want to turn off your sound, since as awesome as this guy is, the gas engine is very loud and very annoying.
Worst Enemy: The Reluctant Transformation of the American Military
Topic: Military Technology
7:12 am EDT, Mar 16, 2008
John Arquilla has a new book.
Worst Enemy offers an inside analysis of the events that have derailed our efforts to transform the nation's military into a leaner, lighter, and much more networked force. John Arquilla places these events in historical context and assesses Donald Rumsfeld's role as secretary of defense of the post-9/11 era. Beyond articulating a thorough critique of what has gone wrong, he outlines new solutions, in detail, to remedy the ills that beset American defense policy, including the elimination of the Pentagon, the end of strategic bombing strategy, and force reductions to 100,000 in each of the main services.
About the book, Sy Hersh says:
"Arquilla...makes his case with style and sly wit--often leaving us laughing through our tears."
Left of Boom: The Struggle to Defeat Roadside Bombs in Iraq and Afgthanistan
Topic: Military Technology
7:12 am EDT, Mar 16, 2008
Staff writer Rick Atkinson describes the effort by the U.S. military to combat the improvised explosive devices used by insurgents in Afghanistan and Iraq from 2002 until Summer 2007. The series is drawn from more than 140 interviews over the past six months with military and congressional officials, contractors, scientists and defense analysts in Iraq, Afghanistan, Washington and elsewhere. Most agreed to speak candidly only on the condition of anonymity. Ten senior officers or retired officers, each of them intimately involved in the effort to combat IEDs, were asked to review the findings for accuracy and security considerations.
Air Force Air Refueling: The KC-X Aircraft Acquisition Program
Topic: Military Technology
7:12 am EDT, Mar 16, 2008
The KC-X program, the first of three planned programs intended to recapitalize the Air Force’s air refueling fleet, is expected to acquire 179 new, commercial off- the-shelf airliners modified to accomplish air refueling missions. Both Boeing and a consortium consisting of Northrop Grumman and European Aerospace Defense Company (EADS) — the parent company of Airbus — are in competition for KC-X. Boeing offered a variant of the 767-200 while Northrop Grumman/EADS submitted a version of the Airbus 330-200.
Air Force in-flight aerial refueling aircraft, often referred to as “tankers,” provide both persistence and range to Department of Defense (DOD) fighters, bombers, airlift and surveillance aircraft. As such, the Air Force’s tanker fleet greatly multiplies the effectiveness of DOD air power across the continuum of military operations. Today, the KC-135, which makes up the preponderance of the Air Force’s tanker force, is among the Air Force’s oldest aircraft. As a result, potential issues for Congress include:
* How long will the KC-135 remain viable as a military air refueler? * What is the lowest cost alternative for KC-135 recapitalization? * How many new tankers does the Air Force require? * What capabilities should KC-X have? * How will KC-X fit with future tanker requirements? * Was the competition fair? * Should a competitive dual-sourcing acquisition model be pursued? * Where does the Air Force plan to base KC-X aircraft? * What other options that can be pursued along with KC-X to expedite KC-135 recapitalization and should they be pursued?
Insider Threat Study: Illicit Cyber Activity in the Government Sector
Topic: Military Technology
10:43 pm EDT, Mar 9, 2008
The ITS government sector findings are presented in this section under four headings:
* The Insiders * The Incidents * Detecting the Incidents * Consequences of the Incidents
The Insiders reports findings related to the characteristics of the individuals who perpetrated the incidents, their roles within the target organizations, their workplace behaviors, and their motives for carrying out their illicit activities. Information provided under The Incidents concerns the insiders’ pre-incident planning and technical information regarding methods for advancing the incidents. Detecting the Incidents presents findings concerning the manner in which the insiders’ illicit activities were uncovered and the insiders were identified. The final section, Consequences of the Incidents, is comprised of two subcategories. The first subcategory reports findings related to insiders’ perceptions of the potential consequences of their actions, disciplinary actions taken by the target organizations, charges filed, and the outcome of cases. The second subcategory describes the characteristics of the target organizations and the damages they incurred.
Thirty-six incidents and 38 insiders were examined within the ITS government sector. As noted, some research questions in this study concern the insider, while others bear on the incident. Accordingly, the denominator for statistics in this report will vary depending upon whether the finding pertains to the insider or the incident.
This document provides an overview of Department of Defense (DoD) Information Operations (IO) doctrine and organizations at the joint and individual service levels. It is intended to serve students and staff of the US Army War College as a ready reference for IO information extracted and summarized from a variety of sources. Wherever possible, Internet web sites have been given to provide access to additional and more up-to-date information. The booklet is intentionally UNCLASSIFIED so that the material can be easily referenced during course work, while engaged in exercises, and later in subsequent assignments.
This booklet begins with an overview of Information Operations and Strategic Communication. The booklet then goes from the national level to the Department of Defense, to the Joint Operations level and then finally to the service level. At each level it describes strategies or doctrine, agencies, organizations, and educational institutions dedicated to the information element of national power. Finally, the document concludes with an overview of Information Operations Condition (INFOCON) and an IO specific glossary.
* Botnets and trojans will be extremely difficult to find and analyze in the near future. * Nascent market shift to automated incident response as part of vulnerability analysis faces ongoing challenges as attackers build one-time custom-use trojans
Patrick Norris responds to the occasion of the 50th Anniversary of the dawn of the Space Age the launch of Sputnik 1 with a review of the most important historical applications of space science for the benefit of the human race during that half century, focusing particularly on the prevention of nuclear war. The author addresses the oft quoted conclusion that the Moon landings and the race to the Moon between the two superpowers were a side effect of the Cold War, by describing what he believes was the more important event the use of satellites by military to prevent the Cold War becoming a hot war. In developing the story the author casts a spotlight on a little-known aspect of the Space Age, namely the military dimension. Today military satellites represent 25 percent of all satellites in orbit, and they are just as important now in preventing regional nuclear war as they were in preventing global Armageddon more than 30 years ago.
Beginning with a discussion of Sputnik 1, and the impact of its launch, both on the Soviets and on the West, the book continues to show the social, economic and scientific benefits of satellites today in our daily lives some 50 years later. The author introduces the concept of the Cold War nuclear stand off and mutually assured destruction and shows how spy satellites developed, and the problems of using them to verify arms limitation treaties. He identifies the significance of the ABM Treaty and of SALT and demonstrates how satellites were used to underpin such agreements. He then discusses fringe nuclear powers, such as the UK, France and China and the concept of nuclear non-proliferation. He concludes by looking at the regional tensions of today, including Israel and Arabic nations, India and Pakistan and the threat posed by North Korea, and looks ahead to what the future holds.
I attended a fascinating talk yesterday at Blackhat given by Sinan Eren from Immunity in which he described a recent for-hire Information Operation.
In the talk he took pains to differentiate between a standard penetration test and the kinds of things they were doing; the primary differences being time scale and scope. In this case the time scale was long (though undisclosed) and the goal was compromise of some particularly sensitive data. He didn't say but it was probably product design or source code.
To maintain a stealthy ingress they decided to avoid easily exploited client side weaknesses and instead found something much more difficult to detect, a poorly implemented anti virus scanner on the mail transfer agent. After fingerprinting, building an equivalent MTA in their lab, and coding a unique one-time exploit of the poorly implemented AV file parser, they were in. Consolidation and expansion was done at a leisurely pace, greatly aided by the social engineering benefits of the MTA's access to all of the email traffic. Within a reasonable period of time they were able to relationship map many of the target's personnel, expand to the other side of the firewall, quietly exploit a number of client machines, and gain a good understanding of who was likely to have access to the information they were looking for.
IO in the Cyber Domain, Immunity Style Sinan Eren, VP of Research, Immunity
This presentation will discuss techniques to attack secure networks and successfully conduct long term penetrations into them. New Immunity technologies for large scale client-side attacks will be demonstrated as will a methodology for high-value target attack. Design decisions for specialized trojans, attack techniques, and temporary access tools will be discussed and evaluated.