Category Archives: Future Tech

What is coming down the pipe in naval and maritime technology?

Beijing’s Views on Norms in Cyberspace and Cyber Warfare Strategy Pt. 1

By LCDR Jake Bebber USN

The following is a two-part series looking at PRC use of cyberspace operations in pursuit of its national strategies and the establishment of the Strategic Support Force. Part 1 considers the centrality of information operations and information war to the PRC’s approach toward its current struggle against the U.S. Part 2 looks at the PRC’s use of international norms and institutions in cyberspace, and possible U.S. responses.

Introduction

A recent article noted a marked shift in Chinese strategy a few short years ago which is only now being noticed. Newsweek author Jeff Stein wrote a passing reference to a CCP Politburo debate under the presidency of Hu Jintao in 2012 in which “Beijing’s leading economics and financial officials argued that China should avoid further antagonizing the United States, its top trading partner. But Beijing’s intelligence and military officials won the debate with arguments that China had arrived as a superpower and should pursue a more muscular campaign against the U.S.”1

The nature of this competition is slowly taking shape, and it is a much different struggle than the Cold War against the Soviet Union – however, with stakes no less important. This is a geoeconomic and geoinformational struggle. Both U.S. and PRC views on cyber warfare strategy, military cyber doctrine, and relevant norms and capabilities remain in the formative, conceptual, and empirical stages of understanding. There is an ongoing formulation of attempting to understand what cyberspace operations really are. While using similar language, each has different orientations and perspectives on cyberspace and information warfare, including limiting structures, which has led to different behaviors. However, the nature of cyberspace, from technological advancement and change, market shifts, evolving consumer preferences to inevitable compromises, means that while windows of opportunity will emerge, no one side should expect to enjoy permanent advantage. Thus, the term ‘struggle’ to capture the evolving U.S.-PRC competition.

The PRC recognized in the 1990s the centrality of information warfare and network operations to modern conflict. However, it has always understood the information space as blended and interrelated. Information is a strategic resource to be harvested and accumulated, while denied to the adversary. Information warfare supports all elements of comprehensive national power to include political warfare, legal warfare, diplomatic warfare, media warfare, economic warfare, and military warfare. It is critical to recognize that the PRC leverages the American system and its values legally (probably more so than illegally), to constrain the U.S. response, cloud American understanding, and co-opt key American institutions, allies, and assets. In many ways, the PRC approach being waged today is being hidden by their ability to work within and through our open liberal economic and political system, while supplemented with cyber-enabled covert action (such as the OPM hack).

To support their comprehensive campaign, the PRC is reforming and reorganizing the military wing of the Communist Party, the People’s Liberation Army (PLA), posturing it to fight and win in the information space. Most notably, it recently established the Strategic Support Force (SSF) as an umbrella entity for electronic, information, and cyber warfare. Critical for U.S. policymakers to understand is how the SSF will be integrated into the larger PLA force, how it will be employed in support of national and military objectives, and how it will be commanded and controlled. While much of this remains unanswered, some general observations can be made.

This reform postures the PLA to conduct “local wars under informationized conditions” in support of its historic mission to “secure dominance” in outer space and the electromagnetic domain. Network (or cyberspace) forces are now alongside electromagnetic, space, and psychological operations forces and better organized to conduct integrated operations jointly with air, land, and sea forces.2

This change presents an enormous challenge to the PLA. The establishment of the SSF disrupts traditional roles, relationships, and processes. It also disrupts power relationships within the PLA and between the PLA and the CCP. It challenges long-held organizational concepts, and is occurring in the midst of other landmark reforms, to include the establishment of new joint theater commands.3 However, if successful, it would improve information flows in support of joint operations and create a command and control organization that can develop standard operating procedures, tactics, techniques, procedures, advanced doctrine, associated training, along with driving research and development toward advanced capabilities.

While questions remain as to the exact composition of the Strategic Support Force, there seems to be some consensus that space, cyber, electronic warfare, and perhaps psychological operations forces will be centralized into a single “information warfare service.” Recent PLA writings indicate that network warfare forces will be charged with network attack and defense, space forces will focus on ISR and navigation, and electronic warfare forces will engage in jamming and disruption of adversary C4ISR. It seems likely that the PRC’s strategic information and intelligence support forces may fall under the new SSF. The PLA’s information warfare strategy calls for its information warfare forces to form into ad hoc “information operations groups” at the strategic, operational, and tactical levels, and the establishment of the SSF will save time and enable better coordination and integration into joint forces. The SSF will be better postured to conduct intelligence preparation of the battlespace, war readiness and comprehensive planning for “information dominance.”4

The establishment of the SSF creates a form of information “defense in depth,” both for the PLA and Chinese society as a whole. The SSF enables the PLA to provide the CCP with “overlapping measures of electronic, psychological, and political deterrents.” It is reasonable to expect that there will be extensive coordination and cooperation among the PRC’s military, internal security, network security, “commercial” enterprises such as Huawei and ZTE, political party organizations, state controlled media both inside and outside China, and perhaps even mobilization of Chinese populations.

Chinese Information Warfare Concepts and Applications

Recent Chinese military writings have stressed the centrality of information to modern war and modern military operations. Paying close attention to the way the West – principally the U.S. – conducted the First Gulf War and operations in Kosovo and the Balkans in the 1990s, the PRC has been aggressively pursuing a modernization and reform program that has culminated in where they are today. Indeed, there is close resemblance to PLA and PRC aspirational writing from the 1990s to today’s force structure.

In many ways, the PLA understanding of modern war reflects the American understanding in so much as both refer to the centrality of information and the need to control the “network domain.” “Informatized War” and “Informatized Operations” occur within a multi-dimensional space – land, sea, air, space and the “network electromagnetic” or what Americans generally understand as “cyberspace.” The U.S. has long held that the control of the network domain provides a significant “first mover advantage,” and the PRC is well on the way toward building the capability for contesting control of the network domain. Its writings consistently hold that the PLA must degrade and destroy the adversary’s information support infrastructure to lessen its ability to respond or retaliate. This is especially necessary for “the weak to defeat the strong,” because most current writing still suggests that the PLA believes itself still inferior to American forces, though this perception is rapidly changing. Regardless, the PRC understanding of modern war supposes a strong incentive for aggressive action in the network domain immediately prior to the onset of hostilities.6 These operations are not restricted geographically, and we should expect to see full-scope network operations worldwide in pursuit of their interests, including in the American homeland.7

There are three components to a strategic first strike in the cyber domain. The first component is network reconnaissance to gain an understanding of critical adversary networks, identifying vulnerabilities, and manipulating adversary perception to obtain strategic advantage. Network forces are then postured to be able to conduct “system sabotage” at a time and place of the PRC’s choosing. When the time is right, such as a prelude to a Taiwan invasion or perhaps the establishment of an air defense identification zone over the South China Sea, the PRC will use system sabotage to render adversary information systems impotent, or to illuminate the adversary’s “strategic cyber geography” in order to establish a form of “offensive cyber deterrence.” The PRC could take action to expose its presence in critical government, military, or civilian networks and perhaps conduct some forms of attack in order to send a “warning shot across the bow” and give national decision-makers reason to pause and incentive to not intervene.8

Indeed, unlike the American perspective, which seeks to use cyberspace operations as a non-kinetic means to dissuade or deter potential adversaries in what Americans like to think of as “Phase 0,” the PLA has increasingly moved toward an operational construct that blends cyberspace operations with kinetic operations, creating a form of “cyber-kinetic strategic interaction.” The goal would be to blind, disrupt, or deceive adversary command and control and intelligence, surveillance, and reconnaissance (C4ISR) systems while almost simultaneously deploying its formidable conventional strike, ballistic missile, and maritime power projection forces. The PLA envisions this operational concept as “integrated network electronic warfare,” described by Michael Raska as the “coordinated use of cyber operations, electronic warfare, space control, and kinetic strikes designed to create ‘blind spots’ in an adversary’s C4ISR systems.”9 

The PLA has recently described this as a form of “network swarming attacks” and “multi-directional maneuvering attacks” conducted in all domains – space, cyberspace, ground, air, and sea. The Strategic Support Force has been designed to provide these integrated operations, employing electronic warfare, cyberspace operations, space and counter-space operations, military deception and psychological operations working jointly with long-range precision strike, ballistic missile forces and traditional conventional forces.

Essential to these concepts are China’s ability to achieve dominance over space-based information assets. PRC authors acknowledge this as critical to conducting joint operations and sustaining battlefield initiative. This includes not only the orbiting systems, but ground stations, tracking and telemetry control, and associated data systems. We can expect full-scope operations targeting all elements of America’s space-based information system enterprise.

Important to all of this is the necessity of preparatory operations that take place during “peacetime.” China understands that many of its cyberspace, network, electronic and space warfare capabilities will not be available unless it has gained access to and conducted extensive reconnaissance of key systems and pre-placed capabilities to achieve desired effects. We should expect that the PRC is actively attempting to penetrate and exploit key systems now in order to be able to deliver effects at a later date.

Chinese Understandings of Deterrence and International Law in Cyber Warfare

China recently released the “International Strategy of Cooperation on Cyberspace.”10 Graham Webster at the Yale Law School made some recent observations. First, it emphasizes “internet sovereignty,” which is unsurprising, since the CCP has a vested interest in strictly controlling the information space within China, and between China and the rest of the world.  This concept of “internet sovereignty” should best be understood as the primacy of Chinese interests. China would consider threatening information sources outside of the political borders of China as legitimate targets for cyber exploitation and attack. In the minds of the CCP, the governance of cyberspace should recognize the sovereignty of states, so long as the Chinese state’s sovereignty is paramount over the rest of the world’s.

Second, the strategy suggests that “[t]he tendency of militarization and deterrence buildup in cyberspace is not conducive to international security and strategic mutual trust.” This appears to be aimed squarely at the U.S., most likely the result of Edward Snowden’s actions. The U.S. seems to also be the target when the strategy refers to “interference in other countries’ internal affairs by abusing ICT and massive cyber surveillance activities,” and that “no country should pursue cyber hegemony.” Of course, the PRC has been shown to be one of the biggest sources of cyber-enabled intellectual property theft and exploitation, and China’s cyber surveillance and control regimes are legendary in scope. Immediately after decrying the “militarization” of cyberspace, the strategy calls for China to “expedite the development of a cyber force and enhance capabilities … to prevent major crisis, safeguard cyberspace security, and maintain national security and social stability.” These broad, sweeping terms would permit China to later claim that much of its activities that appear to violate its own stated principles in the strategy are indeed legitimate.

The strategy seeks to encourage a move away from multi-stakeholder governance of the Internet to multilateral decision-making among governments, preferably under the United Nations. This would certainly be in China’s interests, as China continues to hold great sway in the U.N., especially among the developing world. After all, China is rapidly expanding its geoeconomic and geoinformational programs, leveraging its state-owned enterprises to provide funding, resources, and informational infrastructure throughout Africa, Asia, Europe, and the Americas. As more countries become dependent on Chinese financing, development, and infrastructure, they will find it harder to oppose or object to governance regimes that favor Chinese interests.

Naturally, the strategy emphasizes domestic initiatives and a commitment to a strong, domestic high-tech industry. This would include the “Made in China 2025” plan, which has received a great deal of attention. The plan seeks to comprehensively upgrade and reform Chinese industry, with an emphasis on information technology.11

When considering deterrence in the Chinese understanding, it is important to remember that China approaches it from a different context than the United States. Jacqueline Deal noted that China’s basic outlook proceeds from the premise that the “natural state of world is one of conflict and competition, and the goal of strategy is to impose order through hierarchy.”12 While Americans understand deterrence as a rational calculation, the Chinese approach emphasizes the conscious manipulation of perceptions.

Indeed, the Chinese term weishe, which translates as “deterrence,” also embodies the idea of “coercion.” We might see examples of this understanding by China’s historic use of “teaching a lesson” to lesser powers. In the 20th Century, Chinese offensives against India and Vietnam – thought by many in the West to be an example of tragic misunderstanding and failed signaling of core interests – might be better thought of as attempts by China to secure its “rightful” place atop the regional hierarchy. It is a form of “lesson teaching” that has long-term deterrent effects down the road.

We can expect therefore that cyberspace would become one means among many that China will use in support of its “Three Warfares” (public opinion, media, legal) concept in support of its larger deterrent or compellence strategies. It will likely be much broader than the use of PLA SSF forces, and could include cyber-enabled economic strategies, financial leverage, and resource withholding.

LCDR Jake Bebber is a cryptologic warfare officer assigned to the staff of Carrier Strike Group 12. He previously served on the staff of U.S. Cyber Command from 2013 – 2017. LCDR Bebber holds a Ph.D. in public policy. He welcomes your comments at: jbebber@gmail.com. These views are his alone and do not necessarily represent any U.S. government department or agency.

1. Available at: http://www.newsweek.com/cia-chinese-moles-beijing-spies-577442

2. Dean Cheng (2017). Cyber Dragon: Inside China’s Information Warfare and Cyber Operations. Praeger Security International.

3. Cheng 2017.

4. John Costello and Peter Mattis (2016). “Electronic Warfare and the Renaissance of Chinese Information Operations.” in China’s Evolving Military Strategy (Joe McReynolds, editor). The Jamestown Foundation.

6. Joe McReynolds, et. Al. (2015) “TERMINE ELECTRON: Chinese Military Computer Network Warfare Theory and Practice.” Center for Intelligence Research and Analysis

7.  Barry D. Watts (2014) “Countering Enemy Informationized Operations in Peace and War.” Center for Strategic and Budgetary Assessments

8. Timothy L. Thomas (2013) “China’s Cyber Incursions.” Foreign Military Studies Office

9. See: http://www.atimes.com/article/chinas-evolving-cyber-warfare-strategies/

10. See: http://news.xinhuanet.com/english/china/2017-03/01/c_136094371.htm

11. See: https://www.csis.org/analysis/made-china-2025

12. Jacqueline N. Deal (2014). “Chinese Concepts of Deterrence and their Practical Implications for the United States.” Long Term Strategy Group.

Featured Image: The Center for Nanoscale Materials at the Advanced Photon Source. (Photo: Argonne National Laboratory)

Standing Up the NIWDC with CAPT John Watkins

By Sally Deboer

CIMSEC was recently joined by Captain John Watkins, the first commanding officer of  the Naval Information Warfighting Development Center (NIWDC). Read on to learn about this new command’s role in shaping the U.S. Navy’s information warfighting skills and capabilities.

SD: We are joined by CAPT John Watkins, the first commanding officer of the newly opened Naval Information Warfighting Development Center. It is truly an honor to have you here. Before we begin, can you share a bit about yourself and your background?

JW: Thanks first and foremost for having me, it’s an honor for me as well. I came into the Navy in 1992 as a Surface Warfare Officer and completed various tours in engineering. I did that for roughly five years and really enjoyed it, but subsequent to those tours I attended the Naval Postgraduate School in Monterey, California where I achieved a Master’s degree in IT Management during which time I laterally transferred into the space and electronic warfare community. A few years transpired and that community was subsumed into the information professional community that we know of today, which comes with the 1820 designator.

Since being an IP, I’ve had multiple operational and staff tours, to include XO of USS Coronado, serving as N6 and Information Warfare Command on Expeditionary and Carrier Strike Group Staffs, and as the N6 on a Numbered Fleet staff. Staff tours have included time on the OPNAV and SURFACE FORCES staffs. I’ve been very fortunate and blessed to have had multiple command tours including NAVCOMTELSTA San Diego, Navy Information Operations Command Texas, and now just recently, my assignment here at the Naval Information Warfighting Development Center.  

SD: Let’s kick off by introducing our readers to your new command. Initial operating capability for the NIWDC was declared on 27 March 2017. Could you please explain the role of this warfighting development center, and specifically the mission of the NIWDC within the information domain?

JW: Like the other warfighting development centers (WDC), we are all focused on four primary lines of operation. First, we’re concerned with enhancing advanced level training. As you can imagine, in terms of NIWDC, that entails all of our information-related capabilities. The advanced level training for our units and forces in the fleet occurs at the latter stages of the optimized fleet response plan (OFRP). We’re heavily invested in that along with our fellow WDCs.

The second line of operation is the development of doctrine that allows us to achieve that advanced level of proficiency – doctrine including tactics, techniques, and procedures (TTPs), standard operating procedures (SOPs), higher level Concepts of Operation (CONOPS), or as necessary, revisions to Naval Warfare publications.

The third line of operation is to cultivate and develop a subject matter expertise known throughout all the WDCs as a ‘warfare tactics instructor’ or WTIs. Other WDCs have WTIs in place today, for example, the model that has been around longest is the Naval Aviation WDC, “Top Gun,” associated with advanced tactics for jet fighting, air-to-air combat, etc. What we want to do here at NIWDC is to build out our own WTI pipeline, which I think of as the “Information Warfare Jedi Knights” of the future; we’ll have quite a few WTI pipelines, as we have a broad spectrum of capabilities.

Last but not least, we’ll have an organic assessments capability built into the command which allows us to, in an OODA loop fashion, assess our advanced level training capabilities, our TTPs and SSPs, and our doctrine as we bake it into our training pipeline and processes, ensuring it is delivering optimal IW warfighting effects. Those are the four lines of operation that were promulgated to the WDCs, directed by the Chief of Naval Operations, in 2014.

SD: The traditional warfare Type Commanders (Air, Surface, Undersea) have established their own warfare development centers, as you mentioned. Given that IW is a critical enabler of other warfare areas, how do you envision the NIWDC interacting with the other warfare development centers? What key IW concepts and understandings should be incorporated by other communities?

JW: That’s a fantastic question. NIWDC just achieved IOC designation in late March, and the good news is that while we are the last WDC to be stood up, we already have IW community professionals, both enlisted and officer, arrayed across the other WDCs today, totaling about 150 people, who are working Information Warfare expertise into Naval warfighting. Even as we’re building up to this capability, our folks that have been embedded throughout the other WDCs have done a remarkable job laying the groundwork and foundation for us to come to fruition as the NIWDC. This is significant because the information-related capabilities that we bring to bear are so ingrained in all the other mission warfare areas of the Navy that we have to be interlinked with the other WDCs and visa-versa.

As we build up our capabilities here, we’d like to see the reciprocal detailing back and forth – where ideally we’ll have Surface Warfare Officers, Submariners, Aviators, etc., embedded and billeted to the NIWDC. That’s the future, and it’s absolutely imperative that we get to that point – to have that common back and forth day in and day out as we’re contemplating modern day warfare – it’s essential for us to understand the other warfare areas, their requirements, how our systems are interdependent, and how we have to operate in real time to optimize our overarching warfare capabilities.

SD: You recently stated, “a key objective of the NIWDC is to provide hard-hitting, fleet-relevant information warfighting effects…” Can you outline what some of those effects might be and what specific mission areas within Information Warfare (IW) they support? 

JW: I think the best way I can answer that question is to describe how we’re building out the command here today. We’ve established a headquarters staff that will manage seven core Mission Area Directorates, or what we refer to as “MADs.”

Those Mission Area Directorates include an Assured command-and-control and CyberSpace Operations MAD, a Space Operations MAD, a Meteorology MAD, an Intelligence MAD, a Cryptology MAD, an Electronic Warfare MAD, and an Information Operations MAD. Laying that all out, we can generate information warfare effects from any of those Mission Areas—but when combined, it becomes extremely optimal. It’s the traditional ‘sum of the parts’ principle.

As we develop our organization here, another big effort we’re putting into play in the larger Navy is the Information Warfare Commander construct, which is an organization led by a fully board-screened senior Information Warfare Community Captain (O-6). I’ll describe the construct at the tactical level for now because I think it will be the best way to articulate where we’re headed in employing our model. On a Carrier Strike Group (CSG) staff, for example, we have the Information Warfare Commander (IWC)—again, that board-screened IW Community Captain, who is providing leadership and oversight on core IW mission areas run by the N2 Intelligence Officer, the N39 Cryptologic Officer, the N6 Communications officer, and to the extent where we can get it into play, the Meteorological officer, who at the end of the day, all work for this O-6 IWC. The entire IWC organization works for the Carrier Strike Commander similar to a Destroyer Squadron or Carrier Air Group Commander.  

Where the synergistic effect really comes in is in information operations planning. If you think across typical phased wartime planning scenarios, the folks that are sitting down at the table in the IWC organization bringing their skills and attributes to the team while enabling holistic planning across all phases of warfare, achieve tremendous synergy and total awareness of the  interdependencies and linkages across their mission areas. This powerful effect cannot be overemphasized. Planning in individual stovepipes, i.e. within traditional N Head silos like the N2, the N39, N6 or Meteorology, is counterproductive in today’s modern warfare continuum. It’s essential that planning along these lines factors in and accounts for the coordination and integration of needs and requirements of our fellow Composite Warfare Commanders. When done correctly, we give our collective Navy team every advantage possible to win when we need to. Suffice it to say, I’m very excited about where we’re headed and how we’re going to make our phenomenal Naval warfighting prowess even better!

SD: There seems to be growing agreement that in future conflict, naval forces will not enjoy undisputed access to the electromagnetic spectrum. How will naval information warfare capabilities enable distributed operations when the spectrum required for C4ISR is being, denied, degraded, disrupted and subject to deception operations?

JW: That’s another great question that we are constantly focused on. We all acknowledge the fact that in modern warfare scenarios, the likelihood that we will have denied or degraded communications is a given. Frankly, it’s almost no longer an assumption—it’s reality. Simply put, we need to be able to retain organic capabilities as much as possible wherever we are, so that if we lose the link back to the beach, we can still function and fight.

To that end, we’ve got to be able to train, operate, and be proficient in fighting in those types of scenarios. We’re all about getting at that advanced level of necessary training here at the NIWDC.

SD: How do you propose addressing the acquisition and fielding of new information technology (cyber/EW/IW) and developing TTPs under the current DOD acquisition system?

JW: Acquisition is an evolving process, and I think acquisition reform surfaces quite frequently anytime we talk about the dynamics of advancing IT. The rate of advancement in technology is astounding, and the acquisition process needs to be agile enough to keep pace. To that end, we’ve looked for creative and innovative ways within our acquisition process to accelerate and expedite systems that facilitate IW warfighting effects and we need to continue doing so. NIWDC participates in many experimentation and innovation venues that help facilitate that speed-to-fleet dynamic and we’re excited to be a partner in those efforts.    

To your question about the TTPs and SOPs – when we introduce new tech to the fleet, it is important that we have TTPs and SOPs built into them from day one. We’ve got to be able to deliver a product that comes with robust training behind it so that when it’s delivered to the fleet, our sailors can put it into immediate effect. The TTPs and SOPs that accompany that capability need to be solid enough out of the gate so that we achieve immediate success from day one of fielding.  

On top of that, what I want to achieve at the NIWDC is the ability to refine and tweak TTPs and SOPs at a high rate – what I call the “wash, rinse, repeat” approach. There’s no reason we can’t take those TTPs and SOPs, have sailors put them into effect, provide their feedback to us if they’re not quite right and suggest course corrections, then update those on a continuous, OODA-loop basis until we have delivered optimal doctrine.

SD: Our adversaries approach the information space (IW/EW/cyber) holistically, blending electronic and information warfare with cyberspace operations, psychological operations, deception – and conduct these operations across all elements of national power (diplomatic, economic, legal, military, information). What steps are you taking to ensure the Navy is developing information warfare strategies, operational concepts, and TTPs that cut across all elements of national power?

JW: I’ll give you an example – that’s the best way I can answer this question – it’s a great question, but one you could spend an hour answering. Earlier in our discussion, we talked about the IWC construct. I’m a firm believer that if we get that instituted correctly and make it a robust organization with the goal of delivering those optimal IW effects that it will serve as the bedrock going forward across the Navy enterprise. We’ll look to institute that construct, as applicable, by using that optimized model at the tactical level and building out from there to implement at the operational and strategic levels.

Back to the point about our adversaries – when they’re exploiting all this goodness and delivering their effects, they are planning across the DOTMPLF (doctrine, organization, training, materiel, leadership and education, personnel and facilities) spectrum. We must do the same thing with our IWC Construct. At the NIWDC, in partnership with IFOR, this is one of our tasks – to perform this DOTMPLF analysis that will codify the IWC construct. We’ve been tasked by Fleet Forces Command and PACFLT to do just that – this will be one of our top objectives in the first years here at the NIWDC – to ensure we’re setting ourselves up for success for decades to come.

SD: Last but not least – if our listeners are new to information warfare, can you suggest any resources or reading materials that could help the less tech-inclined among us become more familiar with the domain and more ready to address its unique challenges?

JW: There are so many great reference materials, but perhaps the quickest way to answer that is to recommend your readers and listeners go to our command website and InfoDOMAIN, or our Navy News Web page or Facebook page. We have a lot of good products posted there – that would be a great start. We have some items posted there that are specific to the NIWDC, so if your readers want more information or a summary, they can find it there as well.

SD: Thank you so much for your time today, CAPT Watkins. It’s truly been an honor speaking with you, and we thank you for taking time out of your busy schedule to help educate us on your new command and the role of IW in the Navy and DoD going forward. We hope you’ll join us again sometime. 

Captain John Watkins is a native of California, where he went on to graduate from the NROTC program at the University of San Diego obtaining his commission in 1991. He joined the Naval Information Warfighting Development Center as the commanding officer in March of 2017.

Sally DeBoer is an Associate Editor with CIMSEC, and previously served as CIMSEC’s president from 2016-2017. 

Featured Image: Chief Fire Controlman Daniel Glatz, from Green Bay, Wisconsin, stands watch in the combat information center aboard the Arleigh Burke-class guided-missile destroyer USS John S. McCain (DDG 56). (Alonzo M. Archer/U.S. Navy)

Hyper-Converged Networks and Artificial Intelligence: Fighting at Machine Speed

By Travis Howard

Lieutenant Stacey Alto sits in the Joint Intelligence Center aboard the Wasp-class Amphibious Assault ship USS ESSEX (LHD 2). As the Force Intelligence Watch Officer (FIWO), her job is to absorb relevant information related to current and future operations of the Essex Amphibious Ready Group, as well as the general intelligence within the operating theater. Her zero-client, virtual desktop environment (VDE) 6-panel display at her watch station allows her a single-pane-of-glass into Unclassified, Secret, Top Secret, and Coalition enclaves through the Consolidated Afloat Networking and Enterprise Services (CANES) network.

One of her watch standers, an Intelligence Specialist Second Class, approaches her desk with new information from the Joint Operations Center (JOC), the nerve center of ARG operations, announcing new orders from the fleet commander to enter the Gulf of Oman, which represents a shift in operating theater from their current position in the Arabian Sea.

Stacey goes to work immediately, enlisting the help of two Intelligence Specialists and one of the Information Systems Technicians standing watch in the Ship’s Signal Exploitation Space (SSES). She queries the onboard widget carousel on her CANES SECRET terminal. Using a combination of mouse, keyboard, and touchscreen, she pulls together several ready-made widgets and snaps them into place, each taking advantage of a pool of “big data” information stored on the ship’s carry-on Distributed Common Ground System-Navy (DCGS-N) and off-ship sources from the intelligence cloud. Her development work gets passed to the next watch team, as they set the application’s variables for data parsing, consolidating inputs, and terrain mapping to put together a relevant, real-time intelligence picture.

By the time Stacey returns to her watch station almost 24 hours later, the IT personnel in SSES have put the new application through the automated cybersecurity testing process and have released it to the onboard “app store,” which Stacey can now install on her virtualized, thin-client desktop within seconds. She calls the JOC, the Marine Landing Force Operations Center (LFOC), and the ship’s Combat Information Center (CIC) announcing the system’s readiness with separate logins at the appropriate classification level for each watch station. By the time ESSEX enters the Gulf of Oman, the application has mapped adversarial positions and capabilities, pulled from several disparate databases afloat and ashore, all at varying levels of classification necessary for operational planning throughout the ship.

Building a More Maneuverable Network Afloat

The above scenario is almost a reality, representing several emergent advances in network technology and application portability (the “mobility” factor) that the Navy will soon capitalize on: a hardware and network-layer software architecture known as hyper converged infrastructure (HCI). The performance and cost efficiencies realized by this architecture will pave the way for disruptive changes to how we maneuver the network across the entire spectrum of operations: as a business system, as a decision support system, and as a warfighting platform.

Hyper-convergence is the integration of several hardware devices through a hypervisor, which acts as an intermediary and resource broker between software and hardware. Independent IT components are no longer siloed but combined, simplifying the entire infrastructure and improving speed and agility of the virtual network.1 The advantages of HCI seem obvious, but the real disruptive effect is how we can build upon it. The opening scenario describes on-demand application development at the tactical edge. This is achievable through HCI efficiency and another emerging network process known as Agile Core Services (ACS), a joint software development initiative being built into several programs throughout the Navy and Air Force, and one that CANES (as the afloat and maritime operations center network provider) is leveraging.

Hyper-Convergence in Network Hardware combines storage and processing power into a single appliance for simplified management, faster deployment, and could even lower acquisition costs ( Helixstorm.com)

ACS allows applications to use a common mix of services at the platform level, reducing cost and time of development but also forcing all applications to “speak the same language.” All that is needed to make on-demand, tactical application delivery a reality is a framework for plug-ins that takes advantage of big data we already have aboard ships and available at both the operational and tactical levels of war.

Previous articles in the United States Naval Institute’s magazine Proceedings have argued for thin-client solutions aboard warships,2 leveraging the CANES network program to ultimately achieve network efficiency that can remove “fat clients” (standard computer desktops) from the architecture to be replaced by thin or zero-clients (user workstation nodes with virtualized desktops and no onboard storage or input devices beyond keyboard and mouse). Removing clients from the equation eases the burden on shipboard technicians, consolidates the information security posture, and overall presents a more efficient network management picture through smart automation that makes better use of available manpower. HCI is the architecture solution that will eventually enable a full-scale, afloat, thin-client solution.

Hyperconverged.org is a website dedicated to delivering the message of advantages that HCI can bring,3 and lists ten compelling advantages that HCI brings to any IT infrastructure, to include:

  • Focus on software-defined data centers to allow faster software modernization and more agile vulnerability patching
  • Use of commercial off the shelf (COTS) commodity hardware that provides failure avoidance without the additional costs
  • Centralized systems and management
  • Enhanced agility in network management, automation, virtualization of operating systems, and shared resources across a common resource manager (such as hypervisor)
  • Improved scalability and efficiency
  • Potentially lower costs (caveat: in the commercial sector this may be truer than in the government sector, but smart contract competitions and vendor choices can drive down costs for the government as well)
  • Consolidated data protection through improved backup and recovery options, more efficient resource utilization, and faster network management tools

The advantages of HCI are numerous, and represent the true next step in IT architecture that will enable future software capabilities. How can we, as warfighters, take advantage of this emerging technology? It cannot be overstated that our current processes for procuring and delivering software-based services and capabilities must be revamped to keep pace with industry and take advantage of the speed and agility that HCI brings.

Faster, More Efficient Application Development is the Next Step

In our current hardware development methodology, programs of record within the Department of Defense (DoD) have little difficulty determining a clear modernization path that fits within the cost, schedule, and performance constraints outlined by the DoD acquisition framework. However, software development is an entirely different story, and is no longer agile enough to suit our needs. If we can iterate hardware infrastructure at near the speed of industry, then software and application development becomes the pacing function that we must address before we can realize the opening scenario of this essay.

The key term when discussing the speed of system development is agility, defined by the Massachusetts Institute of Technology (MIT) as “the speed of operations within an organization and speed in responding to customers…or reduced cycle times.”4 The federal government, DoD in particular, has been struggling with acquisition reform for some time, and with the signing of the National Defense Authorization Act in fiscal year 2010, Congress placed renewed emphasis on the need to transform the acquisition process for information technology. Several programmatic changes to acquisition helped (such as the approval of the “IT Box” programmatic framework in the joint requirements process), but the agility of software development and modernization remains challenged. Ensuring proper testing and evaluation (T&E) methodology, bureaucratic approval processes to ensure affordability, joint interoperability testing, and lengthy proof-in testing are just some of the processes facing software applications prior to gaining approval for full-rate production and fielding to the warfighter.

Matthew Kennedy and Lieutenant Colonel Dan Ward (U.S. Air Force), in a 2012 article for Defense Acquisition University, argued for agility in system development by discussing flaws in the current “agile software development” model.5 Developed in the early 2000s, this model is not as agile as the name would imply, and still defines requirements to be developed in advance, which doesn’t leave room for innovation or rapid, iterative changes to keep pace with the speed of industry. Exciting initiatives are being fielded in the commercial sector, such as cloud-based development and learning models, and mobility technology that many of the services would use to great effect. Innovative prototyping of disruptive technology at the service or component level of DoD, such as the now-disbanded Chief of Naval Operation’s Rapid Innovation Cell (CRIC), proved that there are operational advantages to emerging tech such as wearable mobile devices, if only we could “turn a tighter circle” within our acquisition framework and work with agility to field newer and better versions to the force.

Thankfully, we don’t have to reinvent the wheel when implementing a more agile software development framework; we must take lessons from industry and apply them to the unique needs of each of the DoD components. This may be easier said than done, but Kennedy and Ward, and indeed likely many other acquisition professionals and scholars, would agree that it is entirely possible if leadership demanded it, and the policies, procedures, and resourcing followed suit to support it. Kennedy and Ward offered a common set of software and business aspect practices to support agile practices that would allow a predictable, faster software refresh cycle (not just patches, but cumulative updates) to ensure software remains agile and relevant to the warfighter. Using small teams for incremental development, lean initiatives to shorten timelines, and continuous user involvement with co-located teams are just some of the practices offered.6

Improving our software development and modernization framework to be even more agile than it is now is necessary considering the recent industry shift to software-as-a-service and cloud-based business models. No longer will software versions be deliberate releases, but rather iterative updates such as Microsoft’s “current branch for business” (CBB) model. With this model, Microsoft envisions that Windows 10 could be the last “version” of Windows to be released, which will then be built upon in future “service pack-like” updates every 12-18 months. Organizations that do not update their operating systems to the latest CBB will be left behind with unsupported versions. Not only does such a change demand a rapid speed-to-force update solution for DoD, but it represents a disruptive process change that will ultimately allow us to reach the opening scenario’s on-demand tactical application process, leveraging big data in a way that units at the tactical edge have never done before – and in a way that may never have been imagined by the system’s original developers.

Hyper-convergence infrastructure, together with agility-based application development and modernization, represents a near-term possibility that will enable true innovation at the tactical level of war and put the power of information superiority into the hands of the warfighter. While re-developing the acquisition framework to achieve this may be difficult, it is entirely possible and, many would say, necessary if DoD is to keep pace with emerging threats, take advantage of emerging technology and innovation, and ultimately retain its status as the best equipped and trained force the world has ever known.

Artificial Intelligence: The Next AEGIS Combat System

Now let’s imagine another scenario. USS LYNDON B. JOHNSON (DDG 1002), last of the Zumwalt-class destroyer line and used primarily to test emergent technology prototypes in real-world scenarios, slips silently through the South China Sea in the dead of night. She is the first ship in the U.S. Navy to possess Nelson, a recursively-improving artificial intelligence (RIAI). Utilizing an HCI supercomputer core, Nelson acts as an integrator for the various shipboard combat systems in a similar concept to today’s AEGIS Combat System, except much faster and with machine-speed environmental adaption.

American relations with China have broken down, resulting in a shooting war in the South China Sea that threatens to spill into the Pacific proper, and eventually reach Hawaii. In an effort to change the dynamic, DDG-1002 forward deploys in stealth to collect intelligence on enemy force disposition and, if the opportunity presents itself, offer a first-strike capability to the U.S. Pacific Command. JOHNSON is spotted by a surface action group of three Chinese destroyers, who take immediate action by firing a salvo of anti-ship cruise missiles followed by surface gunnery fire once in range.

At the voice command of the Tactical Action Officer, Nelson goes to work, taking control of the ship’s self-defense system and prioritizing targets in a similar fashion to Aegis, only much faster, while constantly providing voice feedback on system readiness, target status, and battle damage assessments through the internal battle circuit, essentially acting as a member of the CIC team. Nelson’s adaptability as an AI allows it to evolve its tactical recommendations based on the environment and the sensory input from the ship’s 3D and 2D radars, intelligence feeds, and even the voice reports over the battle circuit. Compiling the tactical picture on a large display in CIC, Nelson simultaneously responds to threats against the ship while providing a fused battle management display to the Captain and Tactical Action Officer. The RIAI does much to lift the fog of war, and automates enough of the ship’s defensive and information-gathering functions to allow the humans to focus on tactically employing the ship to stop the threat rather than reacting to it.

While hyper-convergence, coupled with agile and rapidly-developed software innovation, is the emerging technology, recursively-improving artificial intelligence is the ultimate disruptive technology in the near to medium-term and represents the giant leap forward that many research and development efforts are striving towards. AI has often been relegated to the work of science fiction, and while many futurists see it as the inevitable “singularity” to happen as soon as the mid-21st century, it has not quite gained acceptance in the mainstream technical community. What must be focused on from a warfighter’s perspective is the near-term (within the next 30-50 years) prospects of advances in quantum computing, neural networks, robotics, nanotechnology, and hyper-convergence. These advances could put us on a path towards artificial intelligence within the lifetime of generations currently serving or about to serve in the armed forces.

The debate over whether recursively self-improving artificial intelligence is possible continues,5 with some theorists stating that such an AI cannot be achieved because intelligence could be “upper bounded” in a way that transcends processor speed, available memory, and sensor resolution improvements. Others suggest that intelligence “is the ability to find patterns in data”7 and that, regardless of the more fringe theories surrounding AI, transhumanism, and the ontological discussions of the singularity, “a sub-human level system capable of self-improvement can’t be excluded.”8  It is the sub-human AI, capable of adapting to changing data patterns, that makes a combat system AI an exciting near-future prospect. 

Conclusion

This article presented two hypothetical scenarios. In the near-term, a Navy watchstander takes advantage of a hyper-converged infrastructure network environment onboard a U.S. Navy warship to rapidly develop a tactical application to take advantage of disparate databases and cloud data resources, ultimately producing a battle management aid for the ship’s next mission. This scenario took advantage of two emerging technological concepts: hyper-convergence in hardware infrastructure, a reality some major defense acquisition programs such as the Navy’s CANES has already resourced and on-track to field in the coming years, and agile software development in defense acquisition, which is a conceptual framework that must be developed to ensure more rapid and innovative software capabilities are delivered to the force.

The funding for these technological advances must remain stable to deliver HCI to our operating forces as a hardware baseline for future development, and policy makers must continue to find efficiencies in IT acquisition that lead to agile software development to really take advantage of the efficiencies HCI brings. Additionally, DoD IT leaders must think critically and dynamically about how future software updates will be tested and fielded rapidly; our current lengthy testing and evaluation cycle is no longer compatible with either the speed of industry’s vulnerability patching, a fluid content upgrade schedule, or the pace of adversarial threats.

The second scenario describes a near-future incorporation of recursively-improving artificial intelligence within a combat system, which builds upon hyper converged hardware and recursively improving software to deliver a warfighting platform that can defend itself more rapidly and learn from its tactical situation. The simple fact is that technology is changing at a pace no one dared dream as early as 20 years ago, and if we don’t build it, our adversaries will. A recent (2016) article in Reuters, and reported in other media outlets, showcases the People Republic of China’s (PRC) desire to build AI-integrated weapons,9 citing Wang Changqing of China Aerospace and Industry Corp with saying “our future cruise missiles will have a very high level of artificial intelligence and automation.” DoD must adapt its processes to keep pace and remain the world’s leader in incorporating emerging and disruptive technology into its warfighting systems.

Travis Howard is an active duty U.S. Naval Officer assigned to the staff of the Chief of Naval Operations in Washington D.C. He holds advanced degrees and certifications in cybersecurity policy and business administration, and has over 16 years of enlisted and commissioned experience in surface warfare and Navy information systems. The views expressed here are solely those of the author and do not necessarily reflect those of the Department of the Navy, Department of Defense, or the United States Government.

References

1. Scott Morris. “Putting The ‘Hyper’ Into Convergence.” NetworkWorld Asia 12.2 (2015): 44. 28 Jan 2017.

2. Travis Howard, LT, USN. “’The Next Generation’ of Afloat Networking.” Proceedings Magazine, Mar 2015, Vol. 141/3/1,345

3. Hyperconverged.org. “Ten Things Hyperconverged Can Do For You: Leveraging the Benefits of Hyperconverged Infrastructure.” Retrieved Feb 2 2017, http://www.hyperconverged.org/10-things-hyperconvergence-can-do/

4. Matthew Kennedy & Lt Col Dan Ward. “Inserting Agility In System Development.” Defense Acquisition Research Journal: A Publication Of The Defense Acquisition University 19.3 (2012): 249-264. 4 Feb 2017.

5. Ibid

6. Ibid

7. Roman Yampolskiy. “From Seed AI to Technological Singularity via Recursively Self-Improving Software.” Cornell University Library. arXiv:1502.06512 [cs.AI]. 23 Feb 2015.

8. Ibid

9. Ben Blanchard. “China eyes artificial intelligence for new cruise missiles.” Reuters, World News. 19 Aug 2016, http://www.reuters.com/article/us-china-defence-missiles-idUSKCN10U0EM

Featured Image: Electronic Warfare Specialist 2nd Class Sarah Lanoo from South Bend, Ind., operates a Naval Tactical Data System (NTDS) console in the Combat Direction Center (CDC) aboard the USS Abraham Lincoln as it conducts combat operations in support of Operation Southern Watch. (U.S. Navy photo by Photographer’s Mate 3rd Class Patricia Totemeier)

The Threat, Defense, and Control of Cyber Warfare

NAFAC Week

By Lin Yang Kang

The Internet has grown phenomenally since the 1990s and currently has about 3.5 billion users who make up 47 percent of the world population.1 Out of the 201 countries surveyed, 38 percent have a penetration rate of at least 80 percent of its population.2 The ubiquity and reliance on cyberspace to improve the efficiency and capability of government, military, and civilian sectors lead to the Internet of Things (IOT) for day-to-day operations and in this pervasiveness of the use of Internet lies the potential for devastating cyber-attacks.

This paper seeks to discuss the crippling effects and dangers of cyber-attacks and outline the defensive responses against and control of cyber warfare.

The lethality, and hence appeal of cyber warfare, lies in its asymmetric3 and stealthy nature. Little resource, such as teams of experienced hackers, is required to render a disproportional amount of devastating damage to the core and day-to-day operations of both the government as well as the military. Unlike conventional warfare where a military build-up and transportation of resources are tell-tale signs of preparation, cyber-attacks can be conducted without warning. In this regard, it is akin to covert operations, such as the use of Special Forces or submarines, with added advantage of not exposing soldiers to the risk of harm. Coupled with the inherent difficulty in pinpointing attribution,4 subjects of a cyber-attack are left with the choice of either doing nothing except to try to recover or to retaliate against the suspected attacker without concrete proof and lose moral high ground, neither of which is optimal.

An example of a well-coordinated attack demonstrating the covert nature of cyber warfare occurred in 2007 when the Estonian government and government-related web-services were disabled.5 Though no physical damage was inflicted, it created widespread disruption for Estonian citizens. While Russia was the suspected perpetrator, it was never proven or acknowledged. In 2010, it was discovered that Iranian nuclear centrifuges that are responsible for enriching uranium gas had been infected and crippled by a malware, codenamed “Stuxnet.”This successful insertion of this malware effectively set the Iranian nuclear program back for a few years and demonstrated an effective and non-attributable way7 to pressurize if not exert will without the use of military might as it achieved what the United Nations Security Council (UNSC) had hitherto failed to do, i.e., curtail the development of nuclear weapons by Iran.

The above examples illustrate the potential damage of small-scale and limited cyber-attacks. Extrapolating from these examples, it is conceivable that the damage from a successful large-scale cyber-attack on a well-connected country that relies heavily on IOT can range from disruption of essential services, crippling confusion and even operational paralysis of both government and the military. For the government, a cyber-attack across every essential means and aspects of daily living including but not limited to destruction of financial data, records and transactions, forms of travel, communication means, and national power grid create chaos and confusion resulting in psychological shock that will in turn sap the will and resilience of the citizens. For the military, the irony is that the more modern and advanced a military is with its concomitant reliance on technology and network centric warfare, the more vulnerable it is to a potential cyber Pearl Harbor attack that will render its technological superiority over its adversary impotent. Given the symbiotic relation between the government and the military, a successful simultaneous cyber-attack on both government and the military can achieve Sun Tze’s axiom that the supreme art of war is to subdue the enemy without fighting.

Given its unique nature and unmatched demonstrated potential for lethality, it is understandable the attractiveness of cyber warfare as an instrument of choice for all players, both state and non-state actors and even individuals. As with all other forms of warfare, the need for defense against should be proportional to the threat. It is a game of cat and mouse,8 where hackers seek to find security vulnerabilities while defenders attempt to patch them up as soon as they are exploited and redirect the attackers to digital traps, preventing them from obtaining crucial information or cause damages. Specialized cyber warfare military branches have been formed in many countries, and extensive cyber defensive measures and contingency plans are being developed by government, military, and civil sectors of states. Through inter-cooperation, potential attacks could be resolved in the shortest time possible and minimize disruption, while preventing future attacks. As the world begins to witness the increasing use of cyber warfare as a weapon, cyber-attacks may not be as easy to conduct as before as states that understand the lethality of such attacks seek to safeguard their nation.9

Beyond defense at the national level, there is a lack of well-defined norms on the rules of cyber warfare as the international law community is still interpreting how current law of war can apply to cyber warfare. Recently, Tallinn Manual 2.0 was published by NATO’s Cooperative Cyber Defence Centre of Excellence (CCDOE) and is to date the most detailed study of how existing international laws can govern cyber operations.10 However, it currently serves as a reference and is non-binding. It is crucial for nations to iron out the rules for cyber warfare together and abide by it, ensuring that it will not affect the lives of civilians and minimize potential damages to non-military installations by cyber-attacks and cyber warfare.

Cyber warfare is a real and growing threat which has the potential to create disruption that the world has yet to witness. As nations become even more reliant on cyberspace as it ventures into automation and smart cities, they need to invest adequately in cyber defense and ensure that this new frontier is well-guarded. Apart from dealing with it domestically, on an international level, rules of cyber warfare need to be clarified and be abided by the international community to safeguard civilians. Cyber warfare may be threatening, but if the international community abides by clarified rules of cyber warfare and has sufficient cyber defensive measures established, the potential devastation caused by cyber-attacks could be minimized.

Yang Kang is a naval officer from the Republic of Singapore and a freshman at the Nanyang Technological University (NTU) in Singapore currently studying Electrical and Electronics Engineering. Before attending NTU, Yang Kang underwent midshipman training in Midshipman Wing, Officer Cadet School of the Singapore Armed Forces and was appointed Midshipman Engineering Commanding Officer during the Advanced Naval Term, his final phase of training.

Bibliography

Barker, Colin. “Hackers and defenders continue cybersecurity game of cat and mouse.” ZDNet. February 04, 2016. Accessed March 28, 2017. http://www.zdnet.com/article/hackers-and-defenders-continue-cyber-security-game-of-cat-and-mouse/.

Davis, Joshua. “Hackers Take Down the Most Wired Country in Europe.” Wired. August 21, 2007. Accessed March 21, 2017. https://www.wired.com/2007/08/ff-estonia/.

Geers, Kenneth. Strategic cyber security. Tallinn: NATO Cooperative Cyber Defence Centre of Excellence, 2011.

Zetter, Kim. “An Unprecedented Look at Stuxnet, the World’s First Digital Weapon.” Wired. November 03, 2014. Accessed March 21, 2017. https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/.

“Cyber Warfare Integral Part of Modern Politics, New Analysis Reaffirms.” NATO Cooperative Cyber Defence Centre of Excellence. December 01, 2015. Accessed March 15, 2017. https://ccdcoe.org/cyber-warfare-integral-part-modern-politics-new-analysis-reaffirms.html.

“Global Cybersecurity Index & Cyberwellness Profiles Report.” April 2015. Accessed March 23, 2017. https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-SECU-2015-PDF-E.pdf.

“NATO presents the Tallinn Manual 2.0 on International Law Applicable to cyberspace.” Security Affairs. February 05, 2017. Accessed March 25, 2017. http://securityaffairs.co/wordpress/56004/cyber-warfare-2/nato-tallinn-manual-2-0.html.

“Internet Users by Country (2016).” Internet Users by Country (2016) – Internet Live Stats. Accessed March 20, 2017. http://www.internetlivestats.com/internet-users-by-country/.

“Internet Users.” Number of Internet Users (2016) – Internet Live Stats. Accessed March 20, 2017. http://www.internetlivestats.com/internet-users/.

“The Asymmetric Nature of Cyber Warfare.” USNI News. February 05, 2013. Accessed March 20, 2017. https://news.usni.org/2012/10/14/asymmetric-nature-cyber-warfare.

“The Attribution Problem in Cyber Attacks.” InfoSec Resources. July 19, 2013. Accessed March 25, 2017. http://resources.infosecinstitute.com/attribution-problem-in-cyber-attacks/#gref.

1. “Internet Users.” Number of Internet Users (2016) – Internet Live Stats. Accessed March 20, 2017. http://www.internetlivestats.com/internet-users/.

2. “Internet Users by Country (2016).” Internet Users by Country (2016) – Internet Live Stats. Accessed March 20, 2017. http://www.internetlivestats.com/internet-users-by-country/.

3. “The Asymmetric Nature of Cyber Warfare.” USNI News. February 05, 2013. Accessed March 20, 2017. https://news.usni.org/2012/10/14/asymmetric-nature-cyber-warfare.

4. “The Attribution Problem in Cyber Attacks.” InfoSec Resources. July 19, 2013. Accessed March 25, 2017. http://resources.infosecinstitute.com/attribution-problem-in-cyber-attacks/#gref.

5. Davis, Joshua. “Hackers Take Down the Most Wired Country in Europe.” Wired. August 21, 2007. Accessed March 21, 2017. https://www.wired.com/2007/08/ff-estonia/.

6. Zetter, Kim. “An Unprecedented Look at Stuxnet, the World’s First Digital Weapon.” Wired. November 03, 2014. Accessed March 21, 2017. https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/.

7. The United States and Israel were allegedly responsible for this cyber attacked but as with the Estonian example, it was never proven or acknowledged.

8. Barker, Colin. “Hackers and defenders continue cybersecurity game of cat and mouse.” ZDNet. February 04, 2016. Accessed March 28, 2017. http://www.zdnet.com/article/hackers-and-defenders-continue-cyber-security-game-of-cat-and-mouse/.

9. “Global Cybersecurity Index & Cyberwellness Profiles Report.” April 2015. Accessed March 23, 2017. https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-SECU-2015-PDF-E.pdf.

10. “NATO presents the Tallinn Manual 2.0 on International Law Applicable to cyberspace.” Security Affairs. February 05, 2017. Accessed March 25, 2017. http://securityaffairs.co/wordpress/56004/cyber-warfare-2/nato-tallinn-manual-2-0.html.

Featured Image: U.S. sailors assigned to Navy Cyber Defense Operations Command man their stations at Joint Expeditionary Base Little Creek-Fort Story, Va., Aug. 4, 2010. NCDOC sailors monitor, analyze, detect and respond to unauthorized activity within U.S. Navy information systems and computer networks. (U.S. Navy photo by Petty Officer 2nd Class Joshua J. Wahl)