Cyber Trails Help Track Attackers
Pentagon Cyber Report Says Cyber Trails Help Track Attackers
By Michael Fabey
Technological improvements and greater internet access may have helped terrorists, hackers and other intruders launch successful attacks on U.S. networks, but the technology is also creating digital tracks that can lead to detection and capture, a recent U.S. Defense Department report said.
Newly confirmed U.S. Defense Secretary James Mattis sees cybersecurity operations as a major issue confronting the country. “We’re going to have to come up with the guiding principles that work for this sort of thing,” he said during his confirmation hearing before the Senate Armed Services Committee.
And while the cyber realm is a relatively “new domain,” he says, “That does not give us an excuse not to address it on an urgent basis.”
The report says all of this must be kept in perspective.
“While much has been made of the revolution brought about by technology and its
impact on a threat network’s organization and operational methods, the impacts have been evolutionary rather than revolutionary,” the Pentagon said in its report. “Countering Threat Networks.”
“The threat network is well aware that information technology, while increasing the rate and volume of information exchange, has also increased the risk to clandestine operations due to the increase in electromagnetic and
cyberspace signatures, which puts these types of communications at risk of detection by governments, like the U.S., that can apply technological advantage to identify, monitor, track, and exploit these signatures,” the Pentagon reported.
Having said that, the report notes cyberspace has become a “safe haven” for threat networks to lurk and hatch schemes against the U.S. military or other government entities.
Internet service providers, the report said, help provide key communications for threats’ notional network nodes.
“Many threat networks have mastered social media and tapped into the proliferation of traditional and nontraditional news media outlets to create powerful narratives,” the report said. “Cyberspace is equally as important to the threat network as physical terrain.”
Future anti-threat operations “will require the ability to monitor and engage threat networks within cyberspace, since this provides them an opportunity to coordinate sophisticated operations that advance their interests.”
Luckily, for U.S. military and other government agencies looking to track and target threat networks, cyberspace ranks high on what the report calls the criticality, accessibility, recoverability, vulnerability, effect, and recognizability (CARVER) scale, making that realm a “useful tool in determining a target’s suitability for attack.”
Cyberspace trails can help the military and other U.S. digital detectives discover and track the various threat network connections.
“The capabilities of US instruments of national power can be employed against selected key nodes to create operational and strategic effects … identifying a potential key node may be facilitated through an analysis of network density, degree of centrality, and node centrality (i.e., how individual entities fit in the systems network). Node centrality can highlight possible positions of importance, influence, or prominence and patterns of connections.”
Specifically, the Pentagon said, “U.S. military forces may, with the support of mission partners, conduct operations to interdict value transfers to the threat network as necessary.
This may be a raid to seize cash from an adversary safe house, foreign exchange house, hawala or other type of informal remittance systems; seizure of electronic media including mobile banking systems commonly known as “red sims” and computer systems that contain data support payment and communication data in the form of cryptocurrency or exchanges in the virtual environment; interdiction to stop the smuggling of goods used in trade-based money laundering; or command and control flights to provide aerial surveillance of drug-smuggling aircraft in support of law enforcement interdiction.”