Tag Archive for: Pentagon’s

Pentagon’s Unclassified Cyber Strategy is Influenced by Russia-Ukraine War, China


The newly unclassified strategy anticipates election security issues and suggests an independent cyber service.

Deputy Assistant Secretary of Defense for Cyber Policy Mieke Eoyang talks to members of the press in Washington, D.C., Sept. 12, 2023. Photo credit: Senior Airman Cesar Navarro / DVIDS

The Defense Department’s unclassified summary of its 2023 cyber strategy presents a broad-ranging plan informed by the lessons learned from the Russia-Ukraine war, as well as the growing tensions between the U.S. and China in cyberspace.

“There are some shifts that reflect our real-world experience for the department in the time period between 2018 and 2023 to include our experiences of observing the conflict in Russia-Ukraine that have shaped and refined our understanding of the role of cyber in warfare, the ways in which we defend the homeland, and, of course, the importance of working on strengthening the cybersecurity of our partners and allies,” Deputy Assistant Secretary of Defense for Cyber Policy Mieke Eoyang told reporters at a roundtable organized by George Washington University.

The Pentagon’s unclassified cyber strategy comes on the heels of the White House’s national cybersecurity strategy implementation plan providing federal agencies with actionable steps to improve the nation’s security posture. While it is unclear whether a similar implementation plan will follow the Pentagon’s new cyber strategy, Eoyang said there are “mechanisms in the Department of Defense that we use to make sure that we are moving forward with that.” 

Some lessons learned from the Russia-Ukraine war include the importance of cloud migration, the impacts of satellite communications disruption, as well as people’s ability to tell their story to the world during an armed conflict. 

“The ability of Ukrainians to move their data extraterritorially, but still maintain access to it was really important,” Eoyang said. “We saw the Russian attempts to disrupt satellite communications as something that, I think, many people are still trying to understand that aggregate effect of that on the conflict. But certainly, it is something that we are looking at very carefully.”

Securing the 2024 Presidential…

Source…

Ukraine, Irregular-War Changes Are Reshaping Pentagon’s Info-Ops Strategy


Lessons from Ukraine and changes in irregular warfare will be reflected in the upcoming revision of the Pentagon’s information-operations strategy, defense policy leaders said.

“Everyone has a cell phone; that’s what we’re seeing in the Ukraine. Not just soldiers having cell phones and watching the Javelin strike. Civilians are reporting the movement of Russian forces,” said Maj. Gen. Matthew Easley, a top information-ops advisor to the assistant defense secretary for special operations.

Among other things, Easley said, this means special operators need to be thinking about public narratives—how they might change and how U.S. forces can shape them—long before fighting erupts. And that means ensuring that troops have the right digital skills, including data analysis and messaging. 

“Our information operators and forces must engage throughout the spectrum of operational planning and execution, and cannot wait until a crisis begins to start setting the theater for messaging,” the general said Friday at the National Defense Industrial Association’s Special Operations/Low-Intensity Conflict Symposium in Washington, D.C. “We must reinforce campaign planning to start with objectives in the cognitive domain. Understand what narratives are needed to reinforce those objectives, and then develop plans for physical action that show commitment to that narrative.”

The new strategy, required by the 2020 defense policy act and slated for publication in March, will update the 2016 version, Easley said. A joint info-ops doctrine was published in 2018. 

It builds on several sweeping tech policy efforts the Pentagon is working through, including cyber, data, and digital modernization strategies. It will have four lines of effort with an emphasis on personnel training needs and force design. That also means doing a better job integrating information operations, he said, noting the U.S. Marine Corps’ Information Groups as an example.

Other lines of effort include building programs that enhance information operations, such as cloud-based infrastructure and data analytics; creating effective policies and governance; and maintaining partnerships. In a 2021 report, the Government…

Source…

What happens if hackers are inside the Pentagon’s networks?


WASHINGTON — If Russian hackers suspected of a vast cybersecurity breach slipped into the Pentagon or military’s computer systems, the strength of protective network blockades is key to keeping them from burrowing in to try to access increasing amounts of information.

Those protections — in the form of secure network connections — have to stand up to meddling to keep hackers from hopping from network to network to potentially reach sensitive communications or even weapon systems, where they could steal or alter data or cause damage, experts say. However, observers point out that this breach appears so far to be a classic espionage campaign, though with some of the most sophisticated methods seen yet.

“We certainly have a high degree of activity around that right now,” Navy CIO Aaron Weis told C4ISRNET. “We have teams who have acted upon the direct orders from Cyber Command and have executed those things. We continue to engage around that. There are internal meetings that are ongoing where we’re ensuring that we’ve put the right things in place. Absolutely it’s got our full attention.”

Overall, the Pentagon has been largely silent about the breach publicly as it works through the long process to assess fallout from the intrusion, saying early on that no breach had been detected yet, despite media reports that said the agency was among government offices compromised through widely used software from SolarWinds, a network management company.

President-elect Joe Biden has criticized the Pentagon for not briefing him and his transition team fully, challenging President Donald Trump’s assertion that the situation is under control. The Pentagon disputed the idea that it is withholding information from Biden, saying briefings will continue in early January after a break over the holidays.

According to cybersecurity company FireEye, which uncovered the breach, the access that hackers achieved has allowed the malicious actor to move further into computer networks.

Several former government cybersecurity officials told C4ISRNET that lateral movement allowing the suspected Russian hackers to dig deeper posed a worst-case scenario with a myriad of…

Source…

Pentagon’s review of controversial $10B contract was a sham, Amazon claims

Sprawling concrete building surrounded by enormous parking lot.

Enlarge / The Pentagon in its natural habitat—Arlington, Virginia—in 2018. (credit: Michael Brochstein | SOPA Images | LightRocket | Getty Images)

Amazon is continuing to fight the Department of Defense over a $ 10 billion contract, as the Pentagon has completed its review of the deal and determined once again that it was correct to award the entire project to Microsoft.

The DOD launched bidding for the Joint Enterprise Defense Infrastructure (JEDI) project, a massive cloud-computing contract, in 2019. By April of that year, the shortlist was down to two finalists: Amazon AWS and Microsoft Azure. Amazon was widely considered the favorite, and many industry watchers expressed surprise when Microsoft ultimately landed the deal in October 2019.

Amazon filed suit, alleging that the decision was politically motivated and quoting President Donald Trump’s alleged intention to “screw Amazon.” In February of this year, a federal judge agreed to order an injunction on the deal pending the outcome of the case.

Read 7 remaining paragraphs | Comments

Biz & IT – Ars Technica