DoD’s Cyber Strategy – 2018 – Shall We Play a Cyber-Retaliation Game?
Building offensive cyber warfare and intelligence-gathering capabilities? Further positioning China and Russia as pre-dominant Cyber Warfare powers? Departamentalization and ongoing consolidation of different Offensive Warfare cyber groups? Keep reading.
We’ve recently obtained access to the currently accessible DoD Cyber Strategy for 2018 – and decided to further take a deeper look potentially communicating invaluable information and related data to Unit-123.org readers further highlighting and elaborating more on some of the key points of DoD’s Cyber Strategy for 2018.
Key points include:
- Real-time based ongoing offensive Cyber Warfare build-up and Cyber Threat Intelligence gathering operations – Want to be a Journeyman? Want to keep track of the latest cyber threats to the bottom of the source potentially undermining a malicious and fraudulent campaign? Keep reading. The U.S DoD is currently busy establishing the foundations for what can be best described as day-to-day Offensive Cyber Warfare operations and Intelligence-gathering operations in the context of what I managed to archive circa 2008-2012 when I managed to successfully keeping track and eventually launching a take down effort against the Koobface botnet following two and a half years daily and active campaign monitoring and take down efforts – while undertaking the position of Journeyman on my way to successfully keep track of and undermine various Koobface related malicious and offensive Cyber Warfare activities. What’s worth pointing out is that day-day-operations can potentially lead to a lower level of OPSEC (Operational Security) in terms of properly attributing a variety of nation-state and malicious and fraudulent groups based cyber attacks. What readers including the U.S DoD should keep in mind is that a properly trained Cyber Warrior can truly make impact in terms of becoming a Journeyman in case a proper OPSEC (Operational Security) practice and experience is in place including a possible experience with long-term and short term Cyber Assets build-up can really take place. Don’t have the necessary experience in building-up a Cyber Assets arsenal and information repositories? Think twice before engaging in day-to-day Cyber Warfare operator positions in terms of having the necessary experience in building up Cyber Assets and cyber arsenal type of information and account repositories. How should a potential Cyber Warrior proceed in terms of building-up a proper Cyber Assets repository including a possible Cyber Warfare arsenal? Keep reading. It should be noted that properly built and stashed Cyber Assets including Cyber Warfare arsenal is crucial for maintaining day-to-day offensive Cyber Warfare operations including possible Intelligence-gathering operations. Stay tuned for an upcoming in-depth analysis of the basic principles of Cyber Assets and offensive Cyber Warfare arsenal build-up basics.
- Further enhancing cyber threat intelligence collection capabilities – The next point in the most recently obtained DoD Cyber Strategy for 2018 has to do with enhancing and improving Intelligence collection and gathering operations. Welcome to the Wonderful World of industry-automated OSINT? Or shall we play a cyber retaliation game? Keep reading. The current state of OSINT has to do with a variety of independent-based consultants and Intelligence Analysts spreading data information and knowledge successfully enriching and enhancing public data sets and data-mining social media for active personal threat actor profiling largely provoked by the infamous quote by U.S President Nixon courtesy of the CIA – “What use are they? They’ve got over 40,000 people over there reading newspapers.”. Largely relying on a variety of proprietary and publicly obtainable OSINT-based type of automated tools including a proprietary and custom-based OSINT trade-craft and methodology – the current state of the OSINT industry seems to be in a favorable stance courtesy of the U.S Intelligence Community successfully fueling growth into a variety of different market segments potentially empowering the U.S Intelligence Community with the necessary data information and knowledge to stay on the top of its game. An OSINT conducted today is a tax payer’s dollar saved tomorrow.
- Striking back where it hurts most – at the source – In a world dominated by popular buzz-words including “stepping-stones” and Iran-based “proxies” including Russian and China’s utilization of civilian sector for the purpose of launching orchestrating and managing offensive cyber warfare campaigns – it shouldn’t be surprising that striking back at the source remains among the primary and top priorities of the U.S Intelligence Community. In a world dominated by public and proprietary-obtainable OSINT sources – it shouldn’t be surprising that the U.S Intelligence Community including its partners are perfectly positioned to obtain the necessary data information and knowledge to stay on the top of its game. Intersecting CYBERINT with virtual HUMINT for the purpose of reaching to law enforcement agencies including the U.S Intelligence Community and the general public should be considered as a proactive option in terms of reaching out to and prosecuting high-profile and low-profile cybercriminals including the active profiling of various cybercrime-friendly communities for the purpose of establishing the footprint of an active forum and community-infiltration tactics. Yet another scenario worth profiling is the active utilization of government-sponsored and orchestrated DDoS (Denial of Service Attacks) utilizing commercial and government-owned and positioned infrastructure for the purpose of denying an enemy the option to properly utilize their online assets potentially undermining his and their cybercrime-friendly community’s ability to remain online potentially undermining public confidence in the cybercrime-friendly community leading to a potentially disrupted online rogue and fraudulent operation.
- Waging full-spectrum offensive Cyber Warfare capabilities build-up – What does full-spectrum cyber warfare really mean? It basically means spending a decent amount of money to properly outsource the necessary “know-how” including technical solutions in terms of defensive and offensive cyber warfare to a variety of leasing military complex contractors. Among the key recommended summary points in this particular case would be to properly build a law enforcement and private sector community outreach for the purpose of establishing the foundations for active data-and-information sharing including the necessary dissemination of active threat intelligence further enhancing the U.S Intelligence Community’s capabilities in terms of properly responding to and proactively preventing major including targeted cyber attacks. Establishing the foundations for a successful data-and-information sharing repository consisting of threat intelligence data including data-and-information on current and emerging major and targeted cyber attacks should be considered as an option for the purpose of establishing the foundations for a successful threat intelligence data type of repository.
- Long-term and short-term Security Industry and commercial sector build-up – Among the most common myths in terms of ongoing cooperation with law enforcement and the private sector including the academic market segment would be the direct establishment of a central data-and-information repository including the exchange of threat intelligence data and OSINT know-how. What should be clearly done in this particular area would be to establish an active community and industry outreach program whose purpose would be to properly recruit train and educate including the active exchange of threat intelligence data including academic insight into the area of threat intelligence gathering cybercrime research and malicious software research and analysis projects including newly launched commercial and private ventures including R&D projects in the area of cyber security.