[Infowarrior] - Cyberwarfare Wish List

Richard Forno rforno at infowarrior.org
Tue Jun 3 00:15:54 UTC 2008 

Cyberwarfare Wish List
U.S. Air Force Calls for Help in Beefing Up Specific Capabilities
By william matthews
Published: 26 May 2008
Print  Print  |  Print  Email

http://www.defensenews.com/story.php?i=3553238

Know how to hack a computer system and quietly steal information? Can  
you also deceive, deny, disrupt, degrade or destroy the system? Then  
the U.S. Air Force wants to hear from you.

In mid-May, the Air Force published a request for "white papers" that  
will show the service how it can achieve "Dominant Cyber Offensive  
Engagement."

It's the latest step the Air Force is taking to build up its  
cyberwarfare capabilities - offensive as well as defensive. Last fall,  
the service began assembling its own Cyber Command.

The Air Force Research Laboratory plans to spend $3 million this year  
and another $8 million next year in developing new cyberwarfare  
techniques.

The lab is calling for papers that will help it develop a variety of  
cyberwarfare skills, including:

■ Gaining access to remotely located open or closed computer systems.

■ Taking "full control of a network for the purposes of information  
gathering and effects-based operations."

■ Techniques that enable user and root-level access to fixed and  
mobile computers.

■ Methods for gaining access "to any and all operating systems, patch  
levels, applications and hardware of interest."

■ Maintaining an active presence within the adversaries' information  
infrastructure "completely undetected."

■ The capability to "stealthily exfiltrate information" from remote  
computer systems.

■ And if stealth fails, the ability to "deceive, deny, disrupt,  
degrade, destroy (D5)" a targeted computer system.

On the defensive side, the Air Force wants to develop "Proactive  
Botnet Defense Technology."

That appears to be technology that would protect U.S. computer systems  
against the type of directed denial-of-service attacks that crippled  
Estonia's cyber infrastructure in April 2007.

In that instance, Estonia blamed Russia for the attack, but Russian  
government officials denied any involvement.

The Air Force Research Lab also wants to explore whether different  
computer architectures and new protocols can improve security.

Air Force Laboratory officials did not respond to repeated requests  
for details about their new cyberwarfare effort.

Growing Concern

But the push to increase cyberwarfare proficiency comes amid growing  
concern for U.S. cyber vulnerability.

In 2005, the Air Force added "and cyberspace" to its vow to fly and  
fight in air and space. And last fall, the service began assembling a  
Cyber Command that will be responsible for "cyberspace operations."

"In the last decade, people have realized that cyberwarfare is a  
critical domain of national security," said William Martel, a Tufts  
University professor and former chairman of space technology and  
policy studies at the Naval War College.

"The significance of cyber can't be overstated. It may be as  
strategically significant as nuclear weapons and ballistic missiles  
over time," Martel said.

"Cyber technology, cyber security and cyberwarfare opens up an  
entirely new arena of warfare in which state and non-state actors are  
on a level playing field," he said.

It costs little to launch a cyberattack. Terrorists, organized  
criminals and Third World countries can easily afford it.

Cybersecurity experts say attacks could seriously affect daily life in  
the United States by disrupting utilities such as electricity and  
water, halting air traffic, interrupting commerce, even interfering  
with emergency response capabilities.

"The possibilities are limitless here," Martel said. "Over time,  
cyberwarfare might make traditional warfare look a little passé."

Recent cyber events have put the United States on the defensive,  
Martel said. The Chinese military is believed to be responsible for  
recent cyber break-ins to U.S. Department of Defense computer and  
communications systems.

Al-Qaida has become uncomfortably adept at using the Internet to  
spread propaganda, recruit followers and train terrorists, he said.  
Can cyberwarfare be far behind?

Much of what the Air Force Research Lab says it wants to do looks  
"very doable," said Richard Forno, a cyber security expert who counts  
the U.S. military and major corporations among his clients.

But while developing new cyber capabilities, the Air Force also ought  
to consider new organizational approaches, he said. "I don't believe  
big bureaucratic organizations with tons of contract vehicles" is the  
best way to approach the problem. Relying on a cadre of carefully  
monitored hackers might be more effective, he said.

Concern about cyberwarfare is spreading well beyond the United States.

On May 14, two days after the Air Force Lab called for ideas, NATO  
began setting up a cyber defense training center in Tallinn, Estonia.

The Cooperative Cyber Defence Center of Excellence is scheduled to  
open in 2009 and will be operated by computer specialists from  
Germany, Italy, Spain, Latvia, Lithuania, Slovakia and Estonia.

In its cyber push, the Air Force Lab is moving quickly. The first  
batch of white papers is due June 5 for projects to be funded in 2008  
and March 1, 2009, for projects to be funded next year.

The papers are to be three to 10 pages long and submitted by e-mail,  
CD or on paper. If on paper, three copies are required.

Work contracts are expected to be worth $200,000 to $1.5 million  
apiece and last for two years.

More information about the Infowarrior mailing list