Jump to content

That Cyber Thread


17D_guy

Recommended Posts

5 hours ago, 17D_guy said:

  With CYBERCOM coming online as its own thing we're going to probably see a step-up in this sort of material.  As well as a norm-ing of what Cyber Operations is.  I think it'll take us a couple generations to get it right.  We've still got a lot of old heads stuck in this strange in-between place for Cyber.  Clearly focused on Ops, but without the no-nonsense focus on capes/effects/etc while also refusing to acknowledge it's a man-made domain that needs maintenance.  

Gen Bender came to speak at my location a few weeks ago and I took notes.  I'd really like some of your guys thoughts on his ideas as we move forward.  Overall I'd really like some of sun-god bastards to crossover and help get us more educated on what operations actually means.  But ACP and all.

If you're familiar with his talk at the 2015 A/TA convention, was Gen Bender's talk at your location similar in nature to that?  If not, and you can post the notes, I'd be interested in seeing what his current topics are.    I think his ideas are solid based on my perspective having seen that speech video, having perused through his flight plan, and having met him briefly.

Link to comment
Share on other sites

2 hours ago, nsplayr said:

So if a foreign nation hacked the re-election campaign computer networks of President Trump in the run-up to 2020 and released, say, his tax return, his medical records, evidence of his internal political dialogue or strategy, etc., you're ok with that?

I'm exactly as OK with that as I am with HRC's.  That is to say, I absolutely don't want a foreign power subverting our networks, but I do appreciate the value of unvarnished information.  Everything about modern political candidates is fake/staged/analyzed/brainstormed/etc...  Given that our media is complicit in crafting the desired image, I appreciate getting a peek behind the curtain.  Perhaps if our politicians had to hold themselves to a higher standard in private, we'd see a higher standard of politicians in public.

  • Upvote 1
Link to comment
Share on other sites

10 hours ago, tac airlifter said:

One thing surelyserious & kiloalpha have been saying better than me is the importance of context: this "hacking" accusation does not exist in a vacuum.  Where was the current D outrage over the OPM hacks by China?  It's only when their scheming was brought to light that we need to fix this, while China apparently got a pass for OPM.....twice.  "Intel assures me that ISIS is JV" when the truth turned out otherwise followed by CENTCOM intel analysts say their work was misconstrued for political purposes.  And let's not forget this Guccifer dude, who allergedly was a conduit for RIS to release hacked emails, originally came to importance because he was spying on Clintons private server.  So..... I guess her private server did compromise national security.  The apparent hypocrisy here gives me pause to accept everything I'm told.  

Yea, good points here.  This admin, which I've recently heard described as "passive-aggressive" on foreign-policy, has decidedly picked a really poor time to implement this type of response.  I can only speculate that it's the lame-duck president trying to get his "cyber house" in order before the new guy comes in who assures us he knows a lot about hacking.  Overall, I don't think they can release too much publicly without burning IC assets.  Note - this is assumption on my part.

 

10 hours ago, SurelySerious said:

I don't disagree that there are concerns with the cyber domain, but we should think carefully about employing measures with a cyber peer. These things are worth our time and effort.  I like where you're going with capabilities/policy development.

There's so  much to think about in this domain as it relates to warfighting.  For example, due to the LOAC we have to have a uniform, clear markings, etc.  How does that translate to cyber?  If the enemy can identify our weapon system domain, it's simple to block, man made domain and all.  So, if we take out a Schmuckistan Air Defense System from gray/civilian space, have we just violated LOAC?

Also, attribution is the hardest thing about this domain.  Most of the IP addresses released in that JAR were either proxies, onion/tor nodes.  Until some time in the future, we're going to have less level of confidence of the actions of our adversaries in this space.  It's basically going to be - moves like a bear, talks like a bear, acts like a bear...we hope it's a bear.

Man I love this shit.  Happy new year you animals.  My old ass is going to bed.

Link to comment
Share on other sites

On 12/29/2016 at 9:59 PM, Jaded said:

The second sentence is "However, public attribution of these activities to RIS is supported by technical indicators from the U.S. Intelligence Community, DHS, FBI, the private sector, and other entities." You want details in an unclassified report? Do you have any idea how this stuff works? The CIA, the FBI, the "U.S. Intelligence Community," and the Department of Homeland security is all in agreement on something, and you consider that "weak ass"? What is wrong with you?

Maybe you should spend some time on SIPR before you post here again.

ADMIN NOTE: If you have links to classified reports, there is a BaseOps Intelink page on a SIPRNET.  Feel free to post any documents you have on there...

Link to comment
Share on other sites

21 hours ago, nsplayr said:

So if a foreign nation hacked the re-election campaign computer networks of President Trump in the run-up to 2020 and released, say, his tax return, his medical records, evidence of his internal political dialogue or strategy, etc., you're ok with that?

See the lengthy Rubio quote I posted earlier.  The intellectually honest answer would be that if you're ok with Russia hacking the DNC and the Hillary campaign, you're also ok with them or the Chinese or some other state hacking the RNC or the Trump campaign next time around.  Playing Red Team / Blue Team on this stuff is not the right way to handle national security issues IMHO.

I will stand up and say no.  As much as I want Trump to be defeated in 2020, I don't want a hostile foreign power hacking his campaign or the RNC and I refuse to support any Democratic candidate or movement in the future that might think to use hacked information for political gain.

I do absolutely place campaign infrastructure and party infrastructure as part of our "democratic institutions" and they should be protected.  Obviously hacking voting machines or state voter databases is a higher level of provocation, but it's all part of our election system and foreigners or domestic bad actors need to keep out.

Someone earlier said they want a full-up bicameral, bipartisan Congressional investigation...my magic 8 ball says you may get what you asked for in the new Congress.

A few points to ponder:

1.  It is NOT a foregone conclusion that the Russians hacked anything.  Shockingly the mainstream media is starting to push back on the administration narrative that it was the Russians...technically things don't add up and a lot of insiders have been not so quietly questioning the recently released report.  I don;t give a lot of value to wikileaks statements but they do deny getting information from the Russians.  There are also reports, suggesting it was a disgruntled DNC insider, I absolutely agree we need a bipartisan investigation to help shed some light on what happened.

2.  I don't think anyone wants a foreign power hacking our "stuff" but it is EXTREMELY ironic that you are more upset about external criminal action that the fact that the DNC rigged the election.  Truly that should be the story of the year, the DNC under Wasserman Schultz fixed the primaries in order to secure the election of a chosen candidate rather than the will of the people. 

3.  Where do you draw your foreign influence line in the sand?  When expressing outrage that another nation might have tried to shape our election how do you response to Obama less covertly tried to hack the Israeli election, not just with words, but with a LOT of money and behind the scenes action.

4.  I also find it extremely ironic that liberals are convinced the Russians hacked the DNC emails and are equally convinced there is no possibility they could have hacked HRC's bathroom server.  Truly UNREAL!

5.  We have been in a cyber war for years and expressing outrage over what might have happened seems to ignore the likely fact that we have done the SAME thing to many other adversaries...

 

  • Upvote 6
  • Downvote 1
Link to comment
Share on other sites

55 minutes ago, ClearedHot said:

2.  I don't think anyone wants a foreign power hacking our "stuff" but it is EXTREMELY ironic that you are more upset about external criminal action that the fact that the DNC rigged the election.  Truly that should be the story of the year, the DNC under Wasserman Schultz fixed the primaries in order to secure the election of a chosen candidate rather than the will of the people.

The will of the people doesn't factor in to it.  The DNC (and RNC) are private organizations that can do whatever they like.  If people don't like how they act I suggest they quit supporting their candidates (no, seriously, please do).  

  • Upvote 1
Link to comment
Share on other sites

20 minutes ago, Mark1 said:

The will of the people doesn't factor in to it.  The DNC (and RNC) are private organizations that can do whatever they like.  If people don't like how they act I suggest they quit supporting their candidates (no, seriously, please do).  

Well in the case of the DNC that private organization controls super delegates that did in fact determine their party nominee....I concur with your wishes for more informed voter participation, but I don't see it happening anytime soon.  Thankfully on the RNC side, the voters did ignore the establishment.

Link to comment
Share on other sites

43 minutes ago, Mark1 said:

The will of the people doesn't factor in to it.  The DNC (and RNC) are private organizations that can do whatever they like.  If people don't like how they act I suggest they quit supporting their candidates (no, seriously, please do).  

On that note the Russians or whoever did the hack, didn't hack a government agency, voting machines etc to influence this election. They hacked a private organization involved with the election and now we are retaliating against Russia for their supposed involvement in this. I'm a little concerned we that we are using the government to retaliate against another government on behalf of a private organization for a criminal action.

Also on the case Wikileaks, of course they are going to deny any assistance from Russia becuase that would destroy their entire narrative of what they stand for if people found out they were a front for the Russian IC.

Link to comment
Share on other sites

4 hours ago, ClearedHot said:

A few points to ponder:

1.  It is NOT a foregone conclusion that the Russians hacked anything.  Shockingly the mainstream media is starting to push back on the administration narrative that it was the Russians...technically things don't add up and a lot of insiders have been not so quietly questioning the recently released report.  I don;t give a lot of value to wikileaks statements but they do deny getting information from the Russians.  There are also reports, suggesting it was a disgruntled DNC insider, I absolutely agree we need a bipartisan investigation to help shed some light on what happened.

2.  I don't think anyone wants a foreign power hacking our "stuff" but it is EXTREMELY ironic that you are more upset about external criminal action that the fact that the DNC rigged the election.  Truly that should be the story of the year, the DNC under Wasserman Schultz fixed the primaries in order to secure the election of a chosen candidate rather than the will of the people. 

3.  Where do you draw your foreign influence line in the sand?  When expressing outrage that another nation might have tried to shape our election how do you response to Obama less covertly tried to hack the Israeli election, not just with words, but with a LOT of money and behind the scenes action.

4.  I also find it extremely ironic that liberals are convinced the Russians hacked the DNC emails and are equally convinced there is no possibility they could have hacked HRC's bathroom server.  Truly UNREAL!

5.  We have been in a cyber war for years and expressing outrage over what might have happened seems to ignore the likely fact that we have done the SAME thing to many other adversaries...

 

My thoughts:

1. Our current President, Senate Majority Leader, Speaker of the House, DNI, FBI Director, etc. etc. etc. et al are convinced that it was Russia.  There is public evidence it was Russia but obviously there is also classified evidence that I'm guessing the vast majority of us are not privy to.  I'm very supportive of a joint select committee in Congress to investigate (that will be controlled by Republicans) and the release of more evidence publically up to the point that it would compromise sources and methods.  The President-Elect claims he has counter-evidence and that he'd release some of it this coming Tuesday or Wednesday.  Let's see what the leading skeptic has to back up his stance.

2. I disagree that the DNC "rigged" the election.  They showed a clear bias toward Hillary, which is not ideal.  Big picture though, she was a long-time party insider and Bernie is an independent Senator who only briefly switched his official party affiliation to Democratic in order to run.  Despite being a long-time member of Congress, he had few allies in the party.  Is it really a revelation that the party supported Hillary?  I don't approve of some of the seemingly illicit assistance that was given to her, she didn't need extra assistance from the DNC to win the nomination.  By the same token, it was very clear that the RNC did not support Trump and would have preferred just about any other nominee, right up until the point that he won.  They perhaps did a better job of at least appearing more neutral, I'll give you that.  Hillary won 54.8% of pledged delegates in the 2016 primary.  By contrast, Obama won 51% of pledged delegates in 2008 even though Hillary actually won more votes in that set of primaries.  If anyone was ever screwed out of a nomination by their party's system of super delegates and delegate apportionment compared to vote totals, it was Hillary in 2008.

3. I'm honestly not a fan of the U.S. interfering in foreign elections.  We have a terrible track record in general.  Clearly we have national interests that may be served better or worse by one particular candidate or another, but we need to take the high road and let other countries that are free and fair democracies do their thing.  Does not apply nearly as much to places that are not democracies.  I strongly believe Bibi is leading Israel into a really bad spot and I'd love to see different leadership there, but regardless, we need to let the Israelis (and everyone else) decide on their PM relatively free of our opinions or our dollars.

4. The IC concluded that the Russians hacked the DNC and John Podesta (among others), while an FBI investigation turned up no signs that Hillary's private server suffered the same fate.  So although we should be skeptical, I'll take the investigators at their word.  There were issues with the FBI investigation into Hillary (access, cooperativeness, etc.), and her decisions in terms of INFOSEC were very poor, but the conclusions of each investigation reached different conclusions WRT hacking by the Russians.

5. When WE, the U.S., the good guys, conduct offensive operations, I'm clearly gonna be more supportive than when our enemies do the same to us.  I'd rather us take the high road when able and not do the same stuff we condemn, but I'm a realist and sometimes we have to take actions we would not want done to us in return.

I would have greatly preferred a more robust response to cyber attacks on the U.S. under Obama, especially the Chinese hack of the OPM data I'm sure we're all familiar with.  It can be a tough spot because you don't want to automatically escalate and make things worse.  Overall, the thing that troubles me the most is that we have several other true peers in terms of cyber, where as in conventional and nuclear power, we are clearly superior to all comers.  I want us to speak softly and have the biggest stick by far.

Edited by nsplayr
  • Upvote 1
Link to comment
Share on other sites

On 12/31/2016 at 3:41 PM, SurelySerious said:

If you're familiar with his talk at the 2015 A/TA convention, was Gen Bender's talk at your location similar in nature to that?  If not, and you can post the notes, I'd be interested in seeing what his current topics are.    I think his ideas are solid based on my perspective having seen that speech video, having perused through his flight plan, and having met him briefly.

I wasn't familiar with his talk, gave it a listen.  Good stuff, but his chat with us at the "front line" was more focused on his philosophies for where we're at and where we'll be going.  I didn't take notes through the whole thing, only items I found interesting.  I've got them at work, so I'll try to post later this week once I return.

  • Upvote 1
Link to comment
Share on other sites

3 hours ago, ClearedHot said:

A few points to ponder:

1...5

 

Good thoughts.  I'd like some articles reading/sources for point 1 if you can link them.  I've yet to read anything, outside of political malarkey, that says Russia was not the culprit for these hacks.

Note: the professional commercial cyber corps (which is a lot former AF/DoD-cyber dudes) are saying, and have been saying out loud for awhile, that the Russians are in everything.  What motive do they have to say otherwise in relation to this hack?

1 hour ago, nsplayr said:

My thoughts:

1...5

I would have greatly preferred a more robust response to cyber attacks on the U.S. under Obama, especially the Chinese hack of the OPM data I'm sure we're all familiar with.  I can be a tough spot because you don't want to automatically escalate and make things worse.  Overall, the thing that troubles me the most is that we have several other true peers in terms of cyber, where as in conventional and nuclear power, we are clearly superior to all comers.  I want us to speak softly and have the biggest stick by far.

Concur on all.  Again, I think it was this limp-dick foreign policy coming back to bite them in the ass at the worst possible time for them.  That coupled with things getting worse and worse for not responding to Russian escalations (re: harassing diplomats, Crimea, etc) and an incoming President who appears to be infatuated with Russia spurred Obama to respond now.  

Additionally, I think our slow-roll of anything Cyber (orgs, forces, systems, IT system updates, etc.) has caused great consternation within the Administration.  While I try to give my leadership the benefit-of-the-doubt always, I also think this JRA might be pressure on the DoD to speed up getting Cyber to where the admin wanted it a year ago.  Unfortunately we've got the US Code thing to work through, which I think is going to be heavily modified as we move into real Cyber Ops.

  • Upvote 1
Link to comment
Share on other sites

Since everyone's favorite altruistic cyber activist was mentioned, fortuitously he was a hot topic in the WSJ this weekend.

TLDR version from the House report:

Screen Shot 2017-01-02 at 3.51.56 PM.png

Full Opinion:

The Fable of Edward Snowden by Edward Jay Epstein

WSJ_-A009-20161231.pdf

Edited by SurelySerious
Link to comment
Share on other sites

NSplayer, I haven't forgotten about my promise to think carefully on your reply and respond in kind, but I just haven't gotten to it yet.  For now, I found a germane article by Rolling Stone, not known for their conservative sympathies, which questions the official story for the same reasons mentioned here.  

Most relevant part of the story is: "The New York Times was more aggressive, writing flatly, "Obama Strikes Back at Russia for Election Hacking." It backed up its story with a link to a joint FBI/Homeland Security report that details how Russian civilian and military intelligence services (termed "RIS" in the report) twice breached the defenses of "a U.S. political party," presumably the Democrats.

This report is long on jargon but short on specifics. More than half of it is just a list of suggestions for preventive measures.....

But we don't learn much at all about what led our government to determine a) that these hacks were directed by the Russian government, or b) they were undertaken with the aim of influencing the election, and in particular to help elect Donald Trump.

The problem with this story is that, like the Iraq-WMD mess, it takes place in the middle of a highly politicized environment during which the motives of all the relevant actors are suspect. Nothing quite adds up.

If the American security agencies had smoking-gun evidence that the Russians had an organized campaign to derail the U.S. presidential election and deliver the White House to Trump, then expelling a few dozen diplomats after the election seems like an oddly weak and ill-timed response. Voices in both parties are saying this now."

http://www.rollingstone.com/politics/features/something-about-this-russia-story-stinks-w458439

I thought it was a worthwhile edition to this thread because it counters the narrative that everyone knows the Russians are responsible and only partisan fake news consumers are questioning the official account.  

Edited by tac airlifter
Link to comment
Share on other sites

On 1/2/2017 at 7:07 PM, tac airlifter said:

NSplayer, I haven't forgotten about my promise to think carefully on your reply and respond in kind, but I just haven't gotten to it yet.  For now, I found a germane article by Rolling Stone, not known for their conservative sympathies, which questions the official story for the same reasons mentioned here.  

I guess we can call that questioning the official story.  It's more a discussion about the impact of Iraqi WMD on the current IC situation.  Still waiting for Trump to drop that info on us about what he knows on the hacking.

Link to comment
Share on other sites

Here's the notes from Gen Bender's lunch chat I mentioned before.  Please note these are his words mangled by my interpretation.  Overall I found the time spent with him worth it, not a dog-phony show, and informative.  I was also confident that the future of Cyber is at least vectored in a good-direction, despite my disagreements with some of where we're going.

So the first was, "We're the best advanced Air Force of the Industrial Age."  Which was echoed a couple times in other thoughts and comments as we ate and talked.  Overall, he appeared to be getting at our ability to dominate Air and all aspects of it, but being ill-suited to continue to dominate Air as we struggle to get a grasp on Cyber.  If we don't grasp how Cyber impacts Air Operations (ex. Maintainers utilizing web-enabled laptops to update maps, AOC NIPR/SIPR Access Points, ICS/SCADA systems overall, etc.) and make sure we've covered those attack-vectors, we're not going to succeed.  Some of this can be seen in the Ukraine Artillery hack or not


"The days of the pilot on the pointy end being the only operator are old fashioned and over.  We need a focus on teamwork because everyone is impacted by cyber, not just our Operators on the keyboards.  On a football team--who's the operator?"  This was a comment after a discussion about how we're going to differentiate between operators, maintainers and users of the AFNET.  Gen Bender was not of the mind to spec out a separate Cyber Mx line (I am).  Because if you're operating on the domain for Mx, that's still operations.  He doesn't want someone to think of the domain as Air, and we "hop off" the domain to do Mx.  Cyber can't allow that mindset.  Interesting thought, not sure I agree.

There was a good discussion about a technical track for Cyber Officers and Gen Bender said it's something he's taking back to the CSAF.  Because the retention problem is going to be very different from the pilot one (pays, privileges, smaller outside hire opportunities) and the specifics required are more specialized.  So a pilot can spend an assignment getting spun up on an airframe, and stay within that airframe.  But we don't' have any of that in Cyber and taking someone from ICS/SCADA systems and throwing them into Router Exploitation is very different from F16->F15 or even F-16->Drone.  (Note - please correct me if I'm wrong in this assumption.)  It was also pointed out that we can't just have a cadre of technical experts at the O1-O4 level and have no one moving up the chain to advocate for capes and resources.  It appeared lost on my fellow O's, but it's a good point.

There was also some discussion about AFSPC as the home for Cyber.  Because cyber has to be fast and that is not AFSPC.  They'll spend decades on a project and it's ok, because: rockets, satellites, and the void.  They fail one launch, at that's a cool $2B instantly gone.  But if we spend 2 years on a cyber project, it's already outdated and we're behind.  3 years to POM for a project? GTFO (my words, obviously).  He said he brought that up to the CSAF/SecAF, but as we're AFSPC now it's where we've got to work.  But it's in the whole cyber mind that AFSPC isn't working out, and the efficiency wasn't as good as expected.

I didn't take notes on this, but he spoke at length about the culture change and really needing to work on that and make sure we get it right.  Which means bringing the right people in and getting the training right.  On training, "...right now we're taking in new Airman and treating them like they've got no idea how tech works.  Everyone starts at baseline zero with no regard for previous experience."  He did say they're developing a test to judge aptitude for cyber capabilities, similar to the TBAS.  Training for us is a realy problem.  Our training pipeline is not responsive, nor does it address the AF's needs beyond warm body.  I can't take a Airman out of tech school and get them prepared to start working in our operational units sooner than a year.  There's topics that aren't even covered in school (ex. virtualization) because AETC doesn't want to pony up the cash for equip.  Additionally, the on-going training is woefully out of date.  

On culture it's more about making sure that as we push towards ops that we get it right.  If we can get more of you guys into cyber to educate our oncoming senior leaders (and me) about what real ops is, that would be great.
 

EDIT - Forgot this one.  He also spoke about how we're doing applications and software.  Specifically mentioned the dog-shit(my words) software USAFA is using for their student actions.  How he approached SalesForce about possibly utilizing their applications and got push back from corporate AF asking what experience that commercial developer had running large university management.  Turns out SalesForce support a ton of universities, enough to have a dedicated portion of their site for it.  Also, costs less than $100 per student.  

Edited by 17D_guy
  • Upvote 1
Link to comment
Share on other sites

The days of the pilot on the pointy end being the only operator are old fashioned and over.  We need a focus on teamwork because everyone is impacted by cyber, not just our Operators on the keyboards.  On a football team--who's the operator?"  This was a comment after a discussion about how we're going to differentiate between operators, maintainers and users of the AFNET.  Gen Bender was not of the mind to spec out a separate Cyber Mx line (I am).  Because if you're operating on the domain for Mx, that's still operations.  He doesn't want someone to think of the domain as Air, and we "hop off" the domain to do Mx.  Cyber can't allow that mindset.  Interesting thought, not sure I agree.

Agree that an operational mindset is needed. However, except for specific operations where cyber could become the supported asset, the users are the "supported command". Otherwise if base comm pulls 30℅ of systems off the network while the CCRI inspectors are here, cyber defense wins but the rest of the AF can't execute their mission.
Link to comment
Share on other sites

Agree that an operational mindset is needed. However, except for specific operations where cyber could become the supported asset, the users are the "supported command". Otherwise if base comm pulls 30℅ of systems off the network while the CCRI inspectors are here, cyber defense wins but the rest of the AF can't execute their mission.

I think that's highlighting exactly why Gen Bender is out talking to people, actually. There's a large difference between cyber operations operations and the "operations" that are customer services they provide the users of NIPR...but 96% of us only care about the customer service side in a direct manner, whereas he sees the need for cross-talk about the extreme amount of effort and innovation needed for the other 4% that are the warfare tools of the future.

It's very akin to the beginnings of Army Aviation in the signal corps, and trying to get people to take using those new tools to fight seriously versus thinking they're nice trinkets.

Link to comment
Share on other sites

The more I think about cyber, the more I'm inclined to think the USAF should get out of the business.  

Probably worthy of its own service because of how different a medium it is to any of the other services; Bender made a case, though, at his 2015 A/TA speech that every service will have cyber needs of some sort that are unique to them (although mostly in the customer service sense). Maybe a cyber entity for the operations supplemented by the regular NIPR things within each component.

Whatever it is, it isn't sticking it inside AFSPC sts, that's for sure.
  • Upvote 1
Link to comment
Share on other sites

12 minutes ago, SurelySerious said:


Probably worthy of its own service because of how different a medium it is to any of the other services; Bender made a case, though, at his 2015 A/TA speech that every service will have cyber needs of some sort that are unique to them.

Sounds exactly like aviation in the later 1930s.  

I had one GO rationalize keeping cyber within the USAF because his vision was that we are the masters of all things which travel through the ether.  I was like "wat?"  

  • Upvote 1
Link to comment
Share on other sites

20 hours ago, SurelySerious said:

I think that's highlighting exactly why Gen Bender is out talking to people, actually. There's a large difference between cyber operations operations and the "operations" that are customer services they provide the users of NIPR...but 96% of us only care about the customer service side in a direct manner, whereas he sees the need for cross-talk about the extreme amount of effort and innovation needed for the other 4% that are the warfare tools of the future.

It's very akin to the beginnings of Army Aviation in the signal corps, and trying to get people to take using those new tools to fight seriously versus thinking they're nice trinkets.

Exactly.  Even the nomenclature for the names is the same: Air Office:Cyber Officer.  There's much going on now that is akin to the struggles our early military aviation pioneers had within the community.  Everyone wants cyber to turn off missiles mid-flight when that's just not possible--today.  I hope we can avoid the "Strategic Daylight Bombing" type of pitfalls.

20 hours ago, magnetfreezer said:

Agree that an operational mindset is needed. However, except for specific operations where cyber could become the supported asset, the users are the "supported command". Otherwise if base comm pulls 30℅ of systems off the network while the CCRI inspectors are here, cyber defense wins but the rest of the AF can't execute their mission.

You're talking about IT, which isn't Cyber.  IT will move out of blue-suit support into a contract/DISA maintenance scheme.  It's already happened with JIE and our migrations to JRSS.  As Gen Bender said above that they view "maintenance" on the network as still Ops because that's how the domain exists, so you can't maintain it without operating on it.  It's now causing serious issues because if I have an outage scheduled, and need to canx for base mission... is that a Cyber Ops failure?  Or is that just CANX MX, reattempt at a later date?  Some would/are saying it is an Ops Failure and we need to get C2 involved in it.

Either way, in 5-10 years we'll be out of the IT business for the most part.

6 hours ago, SurelySerious said:

Probably worthy of its own service because of how different a medium it is to any of the other services; Bender made a case, though, at his 2015 A/TA speech that every service will have cyber needs of some sort that are unique to them (although mostly in the customer service sense). Maybe a cyber entity for the operations supplemented by the regular NIPR things within each component.

Whatever it is, it isn't sticking it inside AFSPC sts, that's for sure.

I strongly disagree with Cyber as its own service.  Because the enemy can always just unplug, and still fight.   We will continue to bring capability, creating kinetic effects that kill bad-people, but I can't really see the value in spinning up a Cyber Corps...that'll just go and put people back on Army/Navy/AF bases to ensure the mission sets and/or DCO actions.  Doesn't make sense to me, and the loss of choke-con for Mission Assurance wouldn't fly.  Instead I forsee it being like AFSOC and JSOC.  It's not going to be some huge separate-service.  It needs to be small, agile and responsive to the services who operate in their individual areas within the physical domain.  Cyber doesn't bring that type of strategic shift...yet.  Perhaps in another decade, but I'll be an old(er)-head by then and cashing that check for life.

Link to comment
Share on other sites

2 hours ago, 17D_guy said:

I strongly disagree with Cyber as its own service.  Because the enemy can always just unplug, and still fight.   We will continue to bring capability, creating kinetic effects that kill bad-people, but I can't really see the value in spinning up a Cyber Corps...that'll just go and put people back on Army/Navy/AF bases to ensure the mission sets and/or DCO actions.  Doesn't make sense to me, and the loss of choke-con for Mission Assurance wouldn't fly.  Instead I forsee it being like AFSOC and JSOC.  It's not going to be some huge separate-service.  It needs to be small, agile and responsive to the services who operate in their individual areas within the physical domain.  Cyber doesn't bring that type of strategic shift...yet.  Perhaps in another decade, but I'll be an old(er)-head by then and cashing that check for life.

I'm an outsider to Cyber, but I've played in lots of communities.  I think you hit the nail on the head here with a solid parallel to the ideal fit for Cyber.  I could easily see it following the SOCOM/JSOC model with a Joint Cyber Operations Command (JCOC?) that cuts a wide swath across the services as an independent enabler/multiplier.

  • Upvote 1
Link to comment
Share on other sites

Then you've got wikileaks, who got called out hard in the report complaining about leaks...

And their popular front trying to put together a "influence network" to identify those hostile to their efforts:

The original, now deleted tweet, says "We are thinking of making an online database with all "verified" twitter accounts & their family/job/financial/housing relationships."

Influence Operations at their best.  PEOTUS is a twitter nut, maybe he can beat them at their own game.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...