Trump budget: FBI would get an extra $61M to fight cybercrime and break encryption

President Donald Trump’s budget blueprint for the federal government proposes a $61 million increase for the FBI and Justice Department in fiscal 2018 to better track terrorist communications and combat cybercriminals. “The FBI would devote resources toward its world-class cadre of special agents and intelligence analysts, as well as invest $61 million more to fight terrorism and combat foreign intelligence and cyber threats and address public safety and national security risks that result from malicious actors’ use of encrypted products and services,” the blueprint states. The FBI is one of the few agencies that would see significant increases under the budget, which emphasizes national security and law enforcement. The Environmental Protection Agency and State Department, for example, would see drastic cuts. Trump’s proposed plan is designed to effectively increase the FBI’s overall funding by a total of $249 million, or 3 percent, above the current 2017 budget. Beyond cyber operations, a majority of the […]

The post Trump budget: FBI would get an extra $61M to fight cybercrime and break encryption appeared first on Cyberscoop.

Continue reading Trump budget: FBI would get an extra $61M to fight cybercrime and break encryption

Domain Creep? Maybe Not.

I just read a very interesting article by Sydney Freedberg titled DoD CIO Says Spectrum May Become Warfighting Domain. That basically summarizes what you need to know, but here’s a bit more from the article:

Pentagon officials are drafting new policy that would officially recognize the electromagnetic spectrum as a “domain” of warfare, joining land, sea, air, space, and cyberspace, Breaking Defense has learned. 

The designation would mark the biggest shift in Defense Department doctrine since cyberspace became a domain in 2006. With jamming, spoofing, radio, and radar all covered under the new concept, it could potentially bring new funding and clear focus to an area long afflicted by shortfalls and stovepipes.

The new electromagnetic spectrum domain would be separate from cyberspace, although there’s considerable overlap between the two… 

But the consensus among officials and experts seems to be that the electromagnetic spectrum world — long divided between electronic warriors and spectrum managers — is so technologically complex and bureaucratically fragmented by itself it must be considered its own domain, without trying to conflate it with cyberspace.

My initial reaction to this move is mixed. History and definitions provide some perspective.

One of the big differences between the civilian and military views of “cyberspace” has been, prior to this story, the military’s more expansive view.

The formerly classified National Military Strategy for Cyberspace Operations, published in 2006, defined cyberspace as

A domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data via networked systems and associated physical infrastructures. (emphasis added)

The NMS-CO in a sense embedded cyberspace within EMS. That document also signaled DoD’s formal recognition of cyberspace as a domain. By associating EMS with cyberspace, DoD thought of cyberspace in larger terms than civilian counterparts. In addition to activities involving computers, now cyberspace theoretically incorporated electronic warfare and other purely military functions with little or no relationship with civilian activities.

Army Doctrine Reference Publication No. 3-0 published in 2012 introduced the term “cyber electromagnetic activities” (CEMA). It defined CEMA as

Activities leveraged to seize, retain, and exploit an advantage over adversaries and enemies in both 
cyberspace and the electromagnetic spectrum, while simultaneously denying and degrading adversary and enemy use of the same and protecting the mission command system. Cyber electromagnetic activities consist of cyberspace operations, electronic warfare, and electromagnetic spectrum operations.

This Army publication separates cyberspace and EMS, and created “CEMA” as an umbrella over both.

The more recent  Joint Publication 3-12R, published in 2013, drops explicit mention of the EM spectrum. It defines cyberspace as

A global domain within the information environment consisting of the interdependent networks of information technology infrastructures and resident data, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.

With the definitions and their evolution out of the way, consider what it means for cyberspace to be separate from EMS.

In my opinion, cyberspace has always been more about the content, and less the infrastructure. In other words, it’s the information that matters, not necessarily the containers. I first appreciated this distinction when I was stationed at Air Intelligence Agency, where we helped publish Air Force Doctrine Document 2-5: Information Operations in August 1998. Page 3 states

The Air Force believes information operations include actions taken to gain, exploit, defend, or attack [GEDA] information and information systems. (emphasis added)

*Note that document doesn’t use the term “cyber” very much. When describing information warfare, it states

Information warfare involves such diverse activities as psychological operations, military deception, electronic warfare, both physical and information (“cyber”) attack, and a variety of defensive activities and programs.

In any case, the “GEDA” concept stuck with me all these years. I think the focus on the information, rather than the infrastructure, is conceptually useful. Consider: would there be “cyberspace” if it contained no information? The answer might be yes, but would anyone care to use it? It’s the information that makes “cyberspace” what it is, I believe.

In this sense, separating the physical aspect of EMS seems to make sense. However, what does that mean for other physical aspects of manipulating information? EMS seems most tangible when considering radio and other radio frequency (RF) topics. How does that concept apply to cables or servers or other devices? Are they part of EMS? Do they “stay” with “cyberspace”?

Finally, I am a little worried that a reason from creating EMS as a sixth domain could be because it is ” technologically complex and bureaucratically fragmented,” as described in the article excerpt. “Creating” a military domain should not be done to solve problems of complexity or bureaucracy. Domains should be used as constructs to improve the clarity of thinking around warfighting, at least in the military world.

Addendum: When reading Joint Publication 3-13: Information Operations for this post, I saw the following figure:

It is one way to show that DoD considers Information Operations to be a much larger concept than you might consider. IO is often neglected in the “cyber” discussions, but with the ideas concerning EMS, IO might be hot again.

Tweet

Copyright 2003-2015 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)

Continue reading Domain Creep? Maybe Not.

Domain Creep? Maybe Not.

I just read a very interesting article by Sydney Freedberg titled DoD CIO Says Spectrum May Become Warfighting Domain. That basically summarizes what you need to know, but here’s a bit more from the article:

Pentagon officials are drafting new policy that would officially recognize the electromagnetic spectrum as a “domain” of warfare, joining land, sea, air, space, and cyberspace, Breaking Defense has learned. 

The designation would mark the biggest shift in Defense Department doctrine since cyberspace became a domain in 2006. With jamming, spoofing, radio, and radar all covered under the new concept, it could potentially bring new funding and clear focus to an area long afflicted by shortfalls and stovepipes.

The new electromagnetic spectrum domain would be separate from cyberspace, although there’s considerable overlap between the two… 

But the consensus among officials and experts seems to be that the electromagnetic spectrum world — long divided between electronic warriors and spectrum managers — is so technologically complex and bureaucratically fragmented by itself it must be considered its own domain, without trying to conflate it with cyberspace.

My initial reaction to this move is mixed. History and definitions provide some perspective.

One of the big differences between the civilian and military views of “cyberspace” has been, prior to this story, the military’s more expansive view.

The formerly classified National Military Strategy for Cyberspace Operations, published in 2006, defined cyberspace as

A domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data via networked systems and associated physical infrastructures. (emphasis added)

The NMS-CO in a sense embedded cyberspace within EMS. That document also signaled DoD’s formal recognition of cyberspace as a domain. By associating EMS with cyberspace, DoD thought of cyberspace in larger terms than civilian counterparts. In addition to activities involving computers, now cyberspace theoretically incorporated electronic warfare and other purely military functions with little or no relationship with civilian activities.

Army Doctrine Reference Publication No. 3-0 published in 2012 introduced the term “cyber electromagnetic activities” (CEMA). It defined CEMA as

Activities leveraged to seize, retain, and exploit an advantage over adversaries and enemies in both 
cyberspace and the electromagnetic spectrum, while simultaneously denying and degrading adversary and enemy use of the same and protecting the mission command system. Cyber electromagnetic activities consist of cyberspace operations, electronic warfare, and electromagnetic spectrum operations.

This Army publication separates cyberspace and EMS, and created “CEMA” as an umbrella over both.

The more recent  Joint Publication 3-12R, published in 2013, drops explicit mention of the EM spectrum. It defines cyberspace as

A global domain within the information environment consisting of the interdependent networks of information technology infrastructures and resident data, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.

With the definitions and their evolution out of the way, consider what it means for cyberspace to be separate from EMS.

In my opinion, cyberspace has always been more about the content, and less the infrastructure. In other words, it’s the information that matters, not necessarily the containers. I first appreciated this distinction when I was stationed at Air Intelligence Agency, where we helped publish Air Force Doctrine Document 2-5: Information Operations in August 1998. Page 3 states

The Air Force believes information operations include actions taken to gain, exploit, defend, or attack [GEDA] information and information systems. (emphasis added)

*Note that document doesn’t use the term “cyber” very much. When describing information warfare, it states

Information warfare involves such diverse activities as psychological operations, military deception, electronic warfare, both physical and information (“cyber”) attack, and a variety of defensive activities and programs.

In any case, the “GEDA” concept stuck with me all these years. I think the focus on the information, rather than the infrastructure, is conceptually useful. Consider: would there be “cyberspace” if it contained no information? The answer might be yes, but would anyone care to use it? It’s the information that makes “cyberspace” what it is, I believe.

In this sense, separating the physical aspect of EMS seems to make sense. However, what does that mean for other physical aspects of manipulating information? EMS seems most tangible when considering radio and other radio frequency (RF) topics. How does that concept apply to cables or servers or other devices? Are they part of EMS? Do they “stay” with “cyberspace”?

Finally, I am a little worried that a reason from creating EMS as a sixth domain could be because it is ” technologically complex and bureaucratically fragmented,” as described in the article excerpt. “Creating” a military domain should not be done to solve problems of complexity or bureaucracy. Domains should be used as constructs to improve the clarity of thinking around warfighting, at least in the military world.

Addendum: When reading Joint Publication 3-13: Information Operations for this post, I saw the following figure:

It is one way to show that DoD considers Information Operations to be a much larger concept than you might consider. IO is often neglected in the “cyber” discussions, but with the ideas concerning EMS, IO might be hot again.

Tweet

Copyright 2003-2016 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)

Continue reading Domain Creep? Maybe Not.