Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security The Military Technology

Is the Military Prepared For Cyberwarfare? 147

pbahra writes "If you think that combating cyber criminals is hard in your organization, imagine doing it in an enterprise with some 18 or so layers of management between the top man (and it is always a man) and the most junior employee. Now imagine that in such an organization, there is a form for everything, that it can take literally decades to buy new equipment, and that you can be jailed for having dirty footwear. But that same organization is charged with helping to defeat shadowy hacker groups who are faster, have better equipment, almost certainly are better funded and don't have to salute every time someone senior walks past them. The modern military is used to operating in what is known as an asymmetric environment, with a distinct imbalance between the two opponents. The problem for the military is that they like to be the big guy. According to a senior officer speaking at the 2011 Annual Defense Lecture in London, when asked if the military was capable of operating at the same speed as their opponents, he admitted they were not."
This discussion has been archived. No new comments can be posted.

Is the Military Prepared For Cyberwarfare?

Comments Filter:
  • Our military has a hard enough time managing to fight regular wars. If anyone thinks they are going to be ready for a cyberwar, they are kidding themselves.
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      actually, our military is very good at the blowing shit up and killing people part. this is what they do. hell, they are even very good when we ask them to blow up buildings without scratching the paint of the car parked in front of it.

      • by c0lo ( 1497653 )
        TFS

        when asked if the military was capable of operating at the same speed as their opponents, he admitted they were not.

        I know what's wrong! They aren't using enough explosives.

        • Speaking of the summary, who the hell are "better funded" than the US military?
          • I wondered about that too, just sounds like an excuse. I suppose you could argue that collectively the bored teens and others making up groups like Anon have more disposable income than the military, but that's... stupid no matter how you slice it. They could just as truthfully say that they are outmanned due to there being more civilian net users than military.
            I suppose they could be referring to other countries who've developed more resources to deal with a cyberthreat...
          • by c0lo ( 1497653 )
            Funny thing, the article is about UK military (even if published on the WSJ!). That's not to say that:
            a. what TFA says is not valid for US as well
            b. that I think UK has a totally underfunded army
          • Having a high budget, and spending it does not equal better funded.

            Take the land warrior system. Your smart phone has better everything except a few software apps,and cost you maybe $500. The military was spending $5000 per soldier to do the same thing.

            The military has lots of money but most of it is allocated long before it is handed over. Also the military is 5-10 years behind civilian tech.

            Cyberwarfare is dynamic, you cant be 5-10 years behind. That is like windows ME virus againist windows 7,and ubu

            • Except the land warrior is tested in all kinds of conditions, is 100% stable, has long MTBF and is generally a solid system. Your smartphone is made from cheap parts, isn't proven to be reliable, is made overseas, etc etc. It's the same kind of difference between building some cheap consumer-grade PC and claiming that it's better than a $5000 ruggedized server rack. The military is 5-10 years behind civilian tech? Really? The answer is no, not really.
            • My $600 phone can barely take a drop from my pocket to the server room floor without me wondering if I now have to spend another $600. Land warrior systems can be thrown out of a helicopter hit by a mule and smashed against rocks while the soldier wearing it does his job without wondering if it still works. Quite a bit of the money involved in systems like land warrior is dedicated to ensuring stability and reliability during combat operations in extreme heat, cold, rain, and snow. All of these are things t
              • What happens if it's thrown out of a helicopter that hasn't been hit by a mule? Or is there someone in charge of making sure all helicopters have been hit by a mule just to be safe?

                • You can't find helicopters that haven't been hit by mules, it is part of the training process for combat mules.
    • by slick7 ( 1703596 )

      Our military has a hard enough time managing to fight regular wars. If anyone thinks they are going to be ready for a cyberwar, they are kidding themselves.

      Of course they're prepared, look at Pearl Harbor, Tonkin Gulf, 911, when they are attacked, the response will be out of proportion to the false flag attacks orchestrated to chip at our rights and privacy online.

  • by Anonymous Coward

    It's nice to see the Slashdot is now taking direct plugs from the WSJ.

  • This is an easy one. They just have to outsource this job (especially the cyber-defense) to more capable companies, say in China!

  • Yank at Large wrote:

    Though the article purports to expose some interesting new misalignment, this is not a new challenge to the military or a host of other organizations. I used to work at IBM in their personal computing division (now known as Lenovo). Our heavy logistics and multiple levels of approval did not allow the company to bring to market fast enough the kinds of machines that could appeal to customers like other companies could. There is, however, a way to leverage large organizations, much as the human body searches for the right antibody for a disease. You produce many different potential solutions, rather than invest all your resources into one or two ‘optimized’ solutions, and once you find one that works, you leverage the ability of a large organization to quickly replicate and apply that solution. So, like some in the article say, it is not a question of having the right people – they probably already do – it’s a question of having the right environment.

    And a guy or gal who has the presence of mind and attention to detail to crack viruses probably also has the focus to keep his uniform in good shape, so those are not necessarily mutually exclusive properties.

    I love the way he wields his business-speak and manages to use the words leverage, logistics, market, resources, replicate, solutions and optimised with such ease and finesse. Add to that the analogy with the human body and antibodies and I am not sure how this guy is not in charge of the whole world! He's got my vote!

    • I love the way he wields his business-speak and manages to use the words leverage, logistics, market, resources, replicate, solutions and optimised with such ease and finesse. Add to that the analogy with the human body and antibodies and I am not sure how this guy is not in charge of the whole world! He's got my vote!

      He might be an optimized multilevel synergistic highly integrated bi-level marketing domain with highly stabilized upward mobility.

      Or he might be a buzzword generator.

  • ah just what we need (Score:5, Interesting)

    by Dyinobal ( 1427207 ) on Wednesday July 13, 2011 @01:35AM (#36745412)
    Ah just what we need another war. We got a war on terror, war on drugs, a war on war and a war on not enough war. Lets add a 'Cyber war' so we can get some more tax dollars thrown at us.
    • it is kind of sad in a funny way that the US marks everything as war.

      war on drugs, war on terrorism, war on cyber criminals - heck, those are jobs for law enforcement and police organisations; the military excels on battle grounds, not investigations and arrests.

      Even the article took the wrong turn in the 1st sentence, the headline talks about "cyberwarfare" (definition please) and the article starts with "combatting cyber criminals". Those are two distinct issues, catching criminals should be done by civil

      • But the US really wages war. Drugs are fought with jet bombers. Terrorism is fought with jet bombers - heck, two whole countries are almost wiped off the map to find two terrorists. Even international justice will probably fought with jet bombers. The threat has been issued already. I wish the USA would see that the War On [please fill in here] were not meant literally.
      • I'm still trying to find out how the War on Cancer and the War on Poverty turned out. You never hear about them any more. Who won?
    • Eh? We aren't staring any cyber war. But we must be prepared to defend against a cyber war. Do you just expect us to sit back and let our infrastructure get hacked?

    • I propose we pass a law requiring that the military win at least *one* of the wars they're already in before we let them have a new one.

    • Ah just what we need another war. We got a war on terror, war on drugs, a war on war and a war on not enough war. Lets add a 'Cyber war' so we can get some more tax dollars thrown at us.

      * I put on my robe and wizard hat *

    • This is one of those absolute nonsensical non-issues, which only makes sense if the person posting it is completely and tehnically ignorant??? Obviously, with Narus boxes at all the major switching centers, in the US, China (for the Chinese, that is, not against them), and other countries, plus having those Narus boxes located at EPs (that's Exchange Points, or IXPs to any and all newbies, who frequently misconstrue that term and think we mean "ISP" -- Internext eXchange Points, or EPs, the physical connec
  • One word: Windows (Score:5, Insightful)

    by antifoidulus ( 807088 ) on Wednesday July 13, 2011 @01:38AM (#36745424) Homepage Journal
    The military is over-reliant and over-confident on Windows. Hell they pretty much write their security specifications to whatever Windows does AND they scrutinize non-Windows(particularly Linux machines) much more than they do Windows machines. Relying on Microsoft for anything is just asking to get hacked. I hope(though I know it won't happen) that the next Secretary of Defense will make it his mission to wean the military off of Windows. Not only will it result in a more secure system(probably), it will also save the government money and not make them beholden to the beast of Redmond....

    Sadly I know it won't happen because Microsoft is always sure to let senior military officers in charge of this kind of stuff know that when the time is right they are always "looking" for people who have held those positions. IE throw lots of government money at us and we'll make sure you get a do-nothing job with an impressive title and salary to match.
    • Comment removed (Score:5, Informative)

      by account_deleted ( 4530225 ) on Wednesday July 13, 2011 @02:32AM (#36745646)
      Comment removed based on user account deletion
      • by rtb61 ( 674572 )

        In true cyberwarfare the realistic core of the problem will be the electronics themselves. You only hack software for cyberespionage, when it actually comes to cyberwarfare the whole idea is to shut system down, whether fixed, mobile, land based, airborne or seaborne. That includes military and or civilian systems.

        So exotic and not so exotic particle creation and targeting in order to alter energy states in transistors. Resonant affects and modulations to alter energy levels in circuit pathways. Disrupti

      • by Willuz ( 1246698 )
        I didn't expect a clear and sensible response here when the original post spent more time bashing the military than it did proving any kind of supporting evidence. It's true that a system becomes almost unusable for most software when all of the STIGs are applied. However, much of the problem lies with software developers who don't develop on fully STIG compliant systems. They design the software the same way as always, then request any conflicting STIGs be left out and mitigated on the OS side. This is
        • And to think I let mod points rot yesterday...

          What you say couldn't be more true. When I worked as a developer I was aware of some security practices such as secure password handling and things like that. But when I was our shop's DBA I had no idea what was in the DB STIG. Now I wish I could bring in the developers for every program we support and teach them the current STIG. That way they could design their system more securely.

          As it stands it's impossible to get things fixed because it means convincing a

      • Windows gets lots of scrutiny - much more than competing OS

        You figure the Windows source is getting more people doing better security reviews than Linux? If that's the case, then we'd have to assume that Microsoft isn't heeding the results. I'm not sure which is worse.

        It's possible there's a case for military office workers to use Windows. But for vertical applications - well, the NSA went through this evaluation and wrote SELinux.

        At least most of the embedded systems projects at the DoD are linux-based.

    • The considered going with Apple, but Steve Jobs scared them way more than any enemy military.

      Then they considered Unix, but couldn't find anyone who could still remember all the commands.

      Then they considered going with Linux, but that started a huge argument over which distro was best. That was 10 years ago, and the argument is still going on.

    • by cffrost ( 885375 )

      non-Windows(particularly Linux machines)

      Syntax error: Expected " ("

      hope(though I know it won't happen)

      Syntax error: Expected " ("

      system(probably)

      Syntax error: Expected " ("

  • FUBAR = Normal (Score:4, Informative)

    by Edgewood_Dirk ( 858367 ) on Wednesday July 13, 2011 @01:39AM (#36745430)
    I'm a currently-serving active duty Marine, and the fact that we're not ready for cyberwarfare is symptomatic of our way of doing things. The problem with the US military changing its ways of doing anything is that if there isn't a group of people already trained for the purpose of that new thing, its not gonna get done. Every Marine/sailor/soldier/airman/coastie has a specific job designation when they join up. They may do certain things outside of their scope at times, but "innovation" isn't commonplace or encouraged. It will be years if not a decade or more before an entirely new MOS (Military Occupational Specialty) is created and a training program implemented for the single purpose of creating "cyber-soldiers". Until that happens, the military will rely on other assets within the federal services, or contractors.
    • by c0lo ( 1497653 )
      ^^^ This essentially says all: the military spirit is compliance to the orders, the hacking and the necessary reaction against it is essentially a matter of improvisation at high speed.
      • No, There is a nuance in what Edgewood_Dirk said that you have missed. It is not the need for improvisation at high speed that is lacking. Believe me, the US military is able to do that, but in areas that it already works, such as in the case of flying a helicopter across a battlefield. What he was saying is that within the military there is not a group of people with the title "hacker" or "cyber warrior" or whatever you want to call it. And there needs to be a MOS created for that so that they can recr
    • Until that happens, the military will rely on other assets within the federal services, or contractors.

      The military will always rely on contractors as long as defense contractors have lobbyists in Washington.

      • by Willuz ( 1246698 )
        This has nothing to do with lobbyists. Software development takes flexibility in hiring. If you start a new project you usually have to hire and lay off according to skill sets so that you have the right programmers for the job. In military and civil service positions this is not possible because of excessive employment protections. Based on your experiences at the DMV or with the IRS, do you really want civil servants developing secure software with lives hanging in the balance?
        • thats not what i'm referring to. sure, we need defense contractors to build stuff for us. but there is a HEAVY reliance on defense contractors to maintain stuff too. i currently work in some field in the military where i have to maintain and implement things developed by these defense contractors. however, i am not authorized to do a lot of the work necessary even though i've been fully trained on it. the defense contractors have support contracts that allow only them to do technical work. i'm only allowed
          • by Willuz ( 1246698 )
            This doesn't go anywhere near as high as congress in most cases and only goes as high as the PMO. You only see your piece of the puzzle when you're fixing applications in the field. Making changes to DOD applications requires massive quantities of input from all affected parties. A fix that may work for you could very well cause problems for someone who uses the software in a slightly different way. If the same software is used on multiple vehicles or weapons systems then you have distinctly different u
            • Ok,
              • 1. although there are some systems that are too complex for a soldier to work on, there are numerous systems that aren't
              • 2. you don't know what it is that i work on. i'm very well aware of what my fixes may do to the overall picture of the systems. it gets the mission back up and running
              • 3. as you said, there may be some systems that require contractors, then why do we need contractors like blackwater security? whats wrong with sending in some 11B's or even some 18X if its that high a profile?

              i can't thi

  • by Xenkar ( 580240 ) on Wednesday July 13, 2011 @01:39AM (#36745434)

    Step 1: Make our own hardware again.
    Step 2: Remove anything critical to our infrastructure from the damned internet.
    Step 3: Remove our government computers from the internet and on to a private intranet where they can log everything and hunt down witches/pedophiles in the government while the rest of us get a pass from ineffective feel-good legislation.

  • There is not a front line.

    Provided security is implemented properly (for the US the NSA appears to have good guidelines and tools to do this, but potentially have back doors for everyone else) it is limited to humans being tricked/corrupted by spy and DOS. It seems a lot more suited to (counter) intelligence agencies.

    Unless you are talking about being offensive what’s the big deal about it, human error/corruption in not following guidelines is hardly complicated at least in theory and a 'kill switch'

  • by Calibax ( 151875 ) * on Wednesday July 13, 2011 @01:53AM (#36745488)

    I suppose the summary quotes 18 levels because that's approximately the number of ranks in each branch of the military. But it's not really 18 levels of management. Remember the old saying "Privates are for doing things, sergeants are for making certain things get done, officers are for thinking." And even junior officers don't get involved in purchasing decisions. The actual level of management when it comes to purchasing is more like 5 or 6, but even that is a big number.

    What really screws things up is that the military purchasing machine is designed for 100k+ of each item with fairly exacting requirements about being easy to operate, able to work in severely adverse conditions, and to be "fair" to everyone wanting to sell to the military. Which means a very complete description (sometimes thousands of pages), open bids, preference to certain categories of bidders, and much else. Oh, and they need to appear accountable for spending all the money that an army sized purchase entails.

    So the guys who actually need relatively small amounts of highly specialized equipment are fighting an entrenched bureaucracy who wants to preserve the status quo. Think $500 hammers. I believe it's getting better though, at least in some areas, and the process is getting reduced from decades to months. Even so, they are rarely have the ability to on-line order stuff from commercial vendors and pay with a credit card, although that does happen sometimes.

    The guy speaking at the lecture is right - large militaries can't move as fast as small fast moving enemy groups. But when they do move they can usually outspend him by at least 100,000:1. Which probably doesn't help.

    The key is to organize like the bad guys - small groups each with their own budget and freedom to use it without having to go up the chain of command.

    • Sounds to me that what's needed is to make the "cyber-warfare" division more like the special operations groups. From what I've heard, the SpecOps soldiers are basically given a check to buy their own equipment, since they need something better than the off-the-shelf M4. Same for the rest of their gear. Sure, that means they're costing many times more than the average grunt, but it also means that they're putting cutting-edge top-of-the-line gear into the hands of those best able to utilize it.

      We could just

  • by Anonymous Coward

    This is not a technology issue. Three years ago, I walked into a local Burger King and saw a servicewoman using a laptop that was 20% better than my system in every measure, and my laptop at the time was 3 weeks old and Compaq had only sold it for a month when I bought it.

    Roughly 2 years ago, however, I saw a recruiter near my apartment. I asked him, if I was to sign up with the Air Force, could he do 2 simple things for me. One, could I get a full waiver from all physical aspects of basic training, and

    • This is not a technology issue. Three years ago, I walked into a local Burger King and saw a servicewoman using a laptop that was 20% better than my system in every measure, and my laptop at the time was 3 weeks old and Compaq had only sold it for a month when I bought it.

      Roughly 2 years ago, however, I saw a recruiter near my apartment. I asked him, if I was to sign up with the Air Force, could he do 2 simple things for me. One, could I get a full waiver from all physical aspects of basic training, and two, could I get guaranteed placement in the cyber warfare division. I was told no on both requests. This is the problem. The US Military is more interested in transferring soldiers who can hack than recruiting actual hackers. This leads to troops who, while they may have some decent level of skill, are not a fifth as competent in anything cyberwarfare does (or rather, should be doing) as most civilian hackers.

      Geeks want to defeat America's enemies as badly as anyone else, but we're not going to have our faces slammed into the dirt by some drill sergeant with a chip on his shoulder to do it. We'll never be able to run 10 miles with 100 pounds of gear on our backs, and while most of us could fire a weapon and hit a target, we're not going to go do it in 140 degree heat in the middle of the desert. On the other hand, when the Chinese, Russians, or whoever else are trying to shutdown the power grid for the whole damn east coast, I don't care if the cyberwarfare division can run or shoot or salute - as long as the lights stay on, they can be as sloppy and physically unfit as they like.

      This is the problem with the cyberwarfare division. We're unprepared because the Military is too deep into tradition to attract those who are really the "best and the brightest" for the job in question.

      Don't worry though. Eventually this'll get farmed out to some defense contractor once the brass realizes it's costing too much and we suck at it, and those companies are more than willing to hire good hackers, whether they can do 50 pushups or not. I just hope it happens before someone like China decides to bite us in the ass.

      Ironic that you should mention farming cyber warfare out to contractors (as I know the Air Force already does this, I was enlisted for 4 years with the USAF), and one of the ones that got hacked (Booze Allen Hamilton) is a prime contractor for a lot of AF systems (as is General Dynamics, Diebold, Lockheed Martin, etc...). The problem is that the enemy can adapt a lot faster than our military can because it is one big bureaucracy on top of another bureaucracy, and it takes too many approvals to change anythi

    • by stiggle ( 649614 )

      The problem with civilian contractors is that the companies are only interested in the money.
      The workers might be motivated by national pride and security, but the company is only in it for the money.

    • This is totally true. The sad thing is technically minded people who ARE in the military still have a hard time getting any type of computer job. I came to the Air Force after completing an Associates degree in Computer Network Technology (this was a time before security-specific training was really pushed). I went to the recruiter and tried to get any job that was computer related. I had extremely high test scores (overall 92 on my ASVAB) and I qualified for just about any job (there are a few jobs that re

      • And the people they do pick aren't often what I would consider the highest caliber of people. I met a guy who was a self described cisco expert in the airforce for 3 years and yet he didn't even know the absolute basics about networking, seriously he thought that the first place every packet hit was the default router, he didn't know that you can send packets between two hosts on the same subnet without involving the router at all..... That's insane that we are putting such idiots in charge of our most sen
      • Part of your problem is that for a few years there the AF was trying to decide if they were going to keep Programmers and whatnot at all. I think it's finally settled out now and you might want to look into it again.

        The extra test (EDPT) is or at least was required to be a programmer, so if you can't pass that then you'll have to look into some of the other related jobs.

        The best thing I got out of my AF job though was the basic experienve, veterans preference, and clearance that landed me my first contracto

    • run 10 miles with 100 pounds of gear on our backs

      Fuuuuuck man, you think we did that in the Air Force? We had to make it 1.5 miles in 12 minutes, I know 60-year olds who could do that.

      He should have been able to guarantee you a cyberwarfare job. When I enlisted (2004) we got to pick a job.

      Still, it was probably good you never went in. I stuck in the 4 years for the G.I. Bill, but even in a technical field (communications) the military is a load of bullshit. Best thing about being in is getting out at the end. Benefits aren't bad though.

      If you really

  • The way I see it, is that the military doesn't need that capability themselves. They just need to know where to buy it.

    From a military perspective, cyber-warfare is restricted to figuring out where an attack is coming from and then hitting the source location with a predator drone - collateral damage be damned!! Now that would be true cyber war!! Just think how many hackers would be able to concentrate on the job at hand after a few of their colleagues have become carbon polution or the proxies the have h

  • This is a job for the FBI, CIA, NSA, DHS and whatever other scary three-letter organizations are down there. The military is about the last group on the list qualified to fight a cyberwar. They're useful for taking objectives and escorting in the smart guys. Expecting them to be the smart guys is just silly.
  • The military has a certain structure to make sure VERY large scale things remain coordinated - thus the associated bureaucracy. Sure, it'll take decades for the Defense Equipment and Support [www.mod.uk] to clean up the mess in procurement, but let's assume for a moment they could and hit a more commercial frame of mind and speed.

    They would still lose the battle.

    The problem is in the way security is now managed. For the last 5 years, everyone has settled down into a fine routine of process, patching and playthings: th

    • Dood, please see my earlier comment --- you appear to be hopelessly nontechnoid with regard to Internet, Narus, forensic software, and a host of other subjects.....Man oh man, the illiterates on this site lately -- espcially those nimrods trashing me from their very own abject ignorance --- should only be posting in Scandinaiva.
      • by cheros ( 223479 )

        "Dood", you haven't got the faintest clue who I am, what I know and what I do for a living, and I'm not going to enlighten you. Suffice to say you appear to be using the wrong orifice for communication.

        You can pick up chatter with intercept, but the bad guys vary their method of transmission which means you'd need to grab everything. Too much hay to find fewer needles, and *if* you find needles you may discover it's old school OTP, which means you can't convert unless their messages are a bit longer - you

  • Privateers (Score:5, Interesting)

    by Beryllium Sphere(tm) ( 193358 ) on Wednesday July 13, 2011 @03:26AM (#36745904) Journal

    Back in the old days, governments would authorize private parties to go out and do bad things to the enemies of the governments.

    http://en.wikipedia.org/wiki/Letter_of_marque [wikipedia.org]

    Reviving that concept might work better than trying to use the military for a task it's not optimized for.

    • Arrrrr! I be intrigued by yer ideas, and be wishin' ter subscribe ter yer letter o' news.

    • It's not a bad idea. Having the military prepare for 'cyberwarfare' is as smart as a company getting the guy who sits in the parking lot booth to do its firewall work.

      Are they going to be tasked with 'financial warfare' and 'PR wars' next? How about the 'war on poverty' or the 'war on drugs'? Oh, wait, they are trying to bomb their way out of the medical problem. I guess we can expect core router closets to be bombed if there's ever a 'cyberattack' too.

    • ... lists the issuance of letters of marque as a war crime. Not to mention that they applied to war at sea, not in cyberspace. Not to mention that I'm not real comfortable with the idea of subcontracting our national security affairs to LulzSec (or equivalent).

      I'm sort of dubious that we even NEED a "cyber" "warfare" capability, but if we do, maybe getting the military to do it isn't such a bad thing.

  • by Tei ( 520358 )

    Is hard to see how this is a issue. A pistol don't need a permanent conexion to the internet. As much, can have a firmware, that can only be updated manually. Or can have a secure protection to a protected and encrypted lan, completelly separated from the net.

    If we are talking about military people in a office, with computers. All normal rules apply. Just don't chose real security or feel good security. Feel good security is done buying products. Real security involve thinking, doing things right, h

    • "A pistol don't need a permanent conexion to the internet. As much, can have a firmware, that can only be updated manually."

      Just like Iran's uranium enrichment centrifugues?

  • The real question is: are the cyberhackers prepared for thermonuclear war?
  • For those in the USA speaking their mind on the US Cyber capability: They are talking about the British, so move along..

    A military in general preparing for "Cyberwar" will not have every grunt learn metasploit. There will be a few ultra bright people who get access to all the intelligence related to the enemy capability and develop recommendations based upon current threats and capabilities. These recommendations will be taken to the IT management and they will balance everything together to decide wha
  • Maybe the military should treat their Cyber Warfare division like it was special forces. Special forces units often play by their own rules which is why they're able to get things done quickly and efficiently. A Cyber Warfare division could work in the same way. No need for the riciculous sea of regualtions. Retain enough regulation and discipline to maintain military order while allowing flexibility.
  • by SirGarlon ( 845873 ) on Wednesday July 13, 2011 @07:39AM (#36747070)
    When we speak of the military as a lumbering bureaucracy, let's bear in mind there are also smart, mobile, very adaptable teams within that huge organization: the special forces. If the military has any sense at all then cyber-warriors will be organized and commanded more like special forces than like an infantry division.
  • Cyber "warfare" is not warfare in any traditional sense of the term. The military's entire mentality and organizational structure is completely unsuited for such a task. They should get the fuck out of the business and governments should form teams of actual white-hat hackers to do this kind of thing.

  • by Phoenix666 ( 184391 ) on Wednesday July 13, 2011 @07:48AM (#36747178)

    Of course the military isn't ready for cyberwarfare. They are always fighting the last war. Recent articles have come out about how the Pentagon is finally restructuring itself to fight terrorism, meaning they've done away with mass troop movements in favor of lots of small actions. Which will work great until we get into a war with China, which will both hack our systems and require mass troop movements. Chinese military doctrine has expressly stated it means to do just that along with financial warfare (suddenly dumping all dollar reserves), shutting off the Panama Canal (which they now control) to impede the American navy, and lots of other outside-the-box thinking.

    • People who make these kinds of statements about war with China need to think about it a little. 1) The Chinese own tons of our bonds, and if they were to some how beat us, the bonds would now be... worthless. 2) If they decided to do "financial warfare" by dumping the bonds, that takes time to accomplish, and the act of dumping the first increment of bonds would rapidly depress the price of the remaining bonds. They'd lose tons of money. 3) How many US flagged ships do you think go through the Panama Canal?

      • ... but I just noticed that the point of closing the Panama Canal was to deny access to US Navy ships, vs. merchants. That makes even less sense - the US Pacific fleet could whip the Chinese fleet all by itself, several times over, without any help from the Atlantic fleet.
  • A definitive 'no.' As a soldier working in networking, I can guarantee that the Army's understanding of security, our equipment, and most specifically our training are approaching a decade behind the enterprise world, for a number of reasons. The most prominent is that soldiers not only aren't adequately trained to operate even a minimalist network to modern standards, most have no desire or opportunity to improve the state of things.

    The 'operators,' those setting up equipment, are all junior enlisted, and

  • Starting with the original article, it's clear that a lot of the people talking about how bad the military is have no experience in the military. Similarly, most of those talking from military experience have little or no knowledge of commercial practices.

  • is it part of plan to make it look like we have no idea while we really have a good top secret cyber warfare group somewhere?

  • by farploop ( 1948190 ) on Wednesday July 13, 2011 @09:29AM (#36748392)
    In reviewing this, I find it amazing that Laura Callahan (the former senior deputy director at DHS who resigned in 2004 after an investigation found out that she had received three degrees from a diploma mill in Evanston, Wyoming) is now working again for US Cyber Command as a GS-14 employee as of May 2011. If you google her name, you'll find the entire story of what her lack of qualifications did to several government agencies and the white house (clinton e-mail scandal). My question is that how did someone with a history of misleading investigators get hired for this type of position (which no doubt involves access to classified information ala NIPR/SIPRnet, JWICS, etc) given her previous 'fraudulent' degrees. A check of OPM regulations shows that lying or misleading investigators in the course of a background investigation, including prior bad acts, and falsification of academic credentials is grounds for termination, or being marked ineligible for hiring. I would suggest if the military wants to keep losing ground, all it needs to do is to continue to hire persons like Ms. Callahan and watch the damage unfold. As for the part of outsourcing, you might want to ask Booz Allen Hamilton and IRC federal about their recent break in by Anonymous and the loss of sensitive information and PII.
  • Didn't the military create the net, shouldn't they be leading it?
  • Which country's military are we talking about?
  • Here's the person charged with Network Defense for the Army: Lt. Gen. Susan S. Lawrence, As the G-6, Lawrence supports the Chief of Staff of the Army and Army Staff in performing information management, network operations (including computer network defense), force structure, and the equipping and employment of signal forces. Hardly a "18 or so layers of management between the top man (and it is always a man)". Although only 5% of the general officers in the Army are women, it's hardly the sausage fest th
  • We laughed at the british armies when we read about the Revolutionary War in school. They would just stand there and take no cover but wait for the enemy to shoot them. They were stupid because of their rules. We laughed at that.

  • Although you can probably put up enough firewalls, and move to a secret DNS server, or add other anti-spyware, the question to ask is: How do you protect yourself from an inside attack? How can you be sure that in the hundreds of senior military IT people, you do not have someone there who, on a mission, would break the system from the inside. A war must be defended on all fronts.

Statistics are no substitute for judgement. -- Henry Clay

Working...