In a networked world, as in the rest of the world, we have to keep ourselves protected from attacks. The problem is, this networked world actually exists in a different domain than we are historically used to fighting in. Of course, I am talking about the cyber domain. The United States has long enjoyed a distinct military advantage in controlling the four traditional domains of air, space, ground, and land. But the cyber domain is the only one that man created; yet paradoxically the U.S. does not have full control over it.
Cyberspace is our interconnected information technology. It is the very nature that is cyberspace (decentralized) that makes it so difficult to dominate. Further, dominance in cyberspace is essential to dominance in all other domains, as they are all increasingly dependent upon cyber infrastructure. It seems that right now we are involved in what I see as an arms race, so to speak, that parallels historical times such as aircraft wars during the initial stages of flight, the space race between the U.S. and Soviet Union, and also the nuclear arms race during the Cold War.
One major difference in this realm however, is that domination in cyberspace means you essentially become the main target of anyone wishing to expand their power, to take a realist’s perspective. In the cyber realm there are no borders by which to define your existence and draw a line in the sand. Additionally, as of now there are no widely accepted defined rules, analogous to a Geneva Convention or Nuclear Non-Proliferation Treaty, governing actions in this realm. Even if there were established norms and mores in this realm, there is no international governing body to preside over them. All in all, this ‘wild west’ atmosphere essentially means that if there is an open door (i.e. vulnerability in your network), it is an invitation for someone to walk in and take something or attack without fear of repercussion.
This as where Computer Network Operations (CNO) comes into play. According to Joint Pub 3-13, CNO consists of three different operations; computer network exploitation (CNE) (and espionage), computer network defense (CND), and computer network attack (CNA):
- Computer Network Exploitation (CNE): Includes enabling actions and intelligence collection via computer networks that exploit data gathered from target or enemy information systems or networks.
- Computer Network Defense (CND): Includes actions taken via computer networks to protect, monitor, analyze, detect and respond to network attacks, intrusions, disruptions or other unauthorized actions that would compromise or cripple defense information systems and networks. Joint Pub 6.0 further outlines Computer Network Defense as an aspect of NetOps
- Computer Network Attack (CNA): Includes actions taken via computer networks to disrupt, deny, degrade, or destroy the information within computers and computer networks and/or the computers/networks themselves.
Over the next couple weeks I will be expanding upon this concept with a series of posts related to this. I am hoping this can help some people understand what it is we are all dealing with here, what the nature of the threat is, and how we can work together to alleviate it. I welcome any input and discussion on the matter.
For more on these topics see the CTOvision Guide to National Security Technology and