The development of cyber warfare in the United States of America

Cybersecurity defense is the foundation of cyberspace’s combat capability and an important safeguard for military operations. Guided by the idea of ​​military-industry-led collaboration, the United States of America and the United Kingdom are making full use of industry technologies and capabilities to strengthen the research and development of cybersecurity technologies and equipment, as well as to improve the performance of its defense capabilities.

In August 2021, the United States Defense Information Systems Agency (DISA) awarded cybersecurity firm Forescout-Active Defense for the Enterprise of Things a US$115 million contract to promote a zero-trust security model. Also known as Zero Trust Architecture (ZTA), Zero Trust Network Architecture (ZTNA), or Perimeterless Security, it describes an approach to designing and deploying computer systems.

The main concept behind the zero-trust security model is “never trust, always verify”, which means that devices should not be trusted by default, even if they are connected to an authorized network such as a network. business premises and even if they have been verified. and checked before.

DISA selected the Forescout platform as part of the Compliant Connectivity (C2C) project. The Department of Defense expects C2C to provide a suite of computing and computing capabilities to manage all departmental network resources. One of the C2C capabilities of the Forescout platform is end-to-end visibility into the Department’s connected networks and will also enable DISA to upgrade security processes, including automation of critical security functions and improving information sharing.

DISA also plans to develop a prototype of the Thunderdome Zero Trust architecture, which will begin production in early 2023. The new architecture promises to improve security, reduce complexity and reduce costs, while replacing current approaches. cybersecurity defense in depth. .

At the same time, the Defense Advanced Research Projects Agency (DARPA) developed a new cybersecurity software for drones, namely the High Assurance Cyber ​​Military System (HACMS), and invited hackers to attend the conference on the cybersecurity DEFense readiness CONdition (DEFCON) in the United States. of America in August. The results show that even professionals aren’t capable of cracking such software – although I think those who could would stay hidden, preferring to declare themselves “beaten” rather than coming out in the open.

HACMS uses “formal method” techniques to mathematically ensure that there are no software flaws that would allow hackers to enter and take control of a computer system. The software architecture strictly separates the various functions of the task-specific control system, and even if hackers could break into the drone’s camera software, they could not hijack its command and control system.

Additionally, in September, DARPA launched the Hardening Development Toolchain Defense Against Burst Execution Engine (HARDEN) project, which aims to help developers understand the emergency and emergency behavior of computers in order to prevent cyber- attackers to use the built-in capabilities of critical systems to generate malicious attacks and accidental calculations.

In January 2022, the Defense Innovation Agency (DIU) announced that it had awarded cybersecurity firm CounterCraft an additional settlement agreement for new technology to capture and block insider threats on compromised networks.

The technique, known as a “cyber deception platform”, creates a trap for adversaries to leave behind the techniques, tools and command architecture they use after compromising a network. CounterCraft claims that the technology is essentially made up of “honeypots” and “honeynets”, i.e. cybersecurity techniques that create tempting traps (honeypots) and connect those traps (honeynets). The behavior of attackers in a honeypot environment can be classified, allowing institutions to visualize their vulnerabilities in the infiltration chains.

DIU entered the industry in July 2021 for advanced endpoint detection and response capabilities (a communication endpoint is a type of node in the communication network; it is an interface that consists of a communicating party or a communication channel).

DIU said U.S. Cyber ​​Command and the service’s various cyber components want to increasingly be the “crown jewel” on the defensive network and defensive weapons system to oppose cyber activity. malware around which DIU deploys deceptive elements to essentially create pre-filtered sensors and capabilities, as well as pre-filtered data collection devices.

It is basically a method to deploy fake artifacts, decoys, faulty algorithms and honeypots, and deploy highly personalized and targeted callbacks and endpoints in very specific traffic data and pre-filtering indicators in a environment that allows us to understand the details of threats by visualizing interactions with fake artifacts. If the methods and techniques outlined above are proven over time, these tools will be a game-changer for how the Department of Defense, and any agency, protects their networks and data.

This means cyberspace advocates can develop tailored protection plans and responses that are more specific to any part of the Department of Defense or any other department, rather than trying to adopt a one-size-fits-all approach. of cyber protection.

The U.S. military is leveraging new technologies to advance the development and deployment of cyberweapons, incorporating enhancements to existing systems to ensure continued cyber defense effectiveness. Among them, the Network Analysis and Detection (CAD) project is based on the army’s big data platform – called Gabriel Nimbus – which can operate on various classified networks, thereby increasing storage space; add new data sources; and the integration of special applications and tools.

Additionally, the User Activity Monitoring (UAM) program allows analysts to identify high-risk user activity in Army networks in near real-time to address insider threats. This makes it possible to take advantage of all the tools, applications, as well as streams and data flows in Gabriel Nimbus. Threat emulation is the project that allows users to simulate hostile capabilities on their networks with the goal of finding vulnerabilities before actual attacks. This should be implemented in the coming months.

Cyberspace deployable defensive operations. Systems-Modular (DDS-M) projects are configurable with hardware kit for use by Cyber ​​Protection Teams (CPT). The Garrison Defensive Cyberspace Operations Platform (GDP) project is a system capable of capturing data at high speed and is moving to the cloud as a software-based military weapon.

Three versions of the GDP are in development, with the fourth and fifth to be launched in 2022 and 2023.

The U.S. Army Cyber ​​Command issued an announcement last August requesting information on Endpoint Security Solutions as a Service: A potential resource for the military to find endpoint security solutions and services hosting, with the aim of improving overall security and reducing risk. Cyber ​​Command seeks to increase visibility into endpoint security across all operational areas of the military and track compliance measures that provide robust protection of assets and systems to detect and respond to cyber threats appropriately in all places and environments.

Professor Giancarlo Elia Valori is a world-renowned Italian economist and international relations expert, who is the chairman of the International World Group. In 1995, the Hebrew University of Jerusalem dedicated the Giancarlo Elia Valori Chair of Peace and Regional Cooperation. Professor Valori also holds chairs in peace studies at Yeshiva University in New York and Peking University in China. Among his many honors from countries and institutions around the world, Professor Valori is Honorable of the Academy of Sciences of the Institute of France, as well as Knight Grand Cross and Knight of Labor of the Italian Republic.

Comments are closed.