14 décembre 2018 | International, C4ISR

Marines need to equip defensive cyber teams

By:

The Marines are looking to develop and equip specialized tactical cyber teams with a specific defensive tool set. These teams, known as defensive cyber operations-internal defensive measures (DCO-IDM) companies, are designed to help defend critical digital assets at the tip of the spear.

These companies will fall under the newly established Marine Expeditionary Force Information Groups, or MIGs, and one will reside within each MEF providing MEF commanders information-related capabilities to include cyber, intelligence, electronic warfare and information operations.

All three DCO-IDM companies have reached the minimum threshold for deployment,though their specific kits are not in place yet, Gregg Kendrick, executive director of Marine Corps Forces Cyberspace Command, said Dec. 6 at the Charleston Defense Contractors Association Defense Summit.

In the interim, service-retained cyber protection teams — strategic-level defensive cyber teams that feed up to U.S. Cyber Command — are partnering with the companies to conduct operations and participate in exercises.

These companies will serve as a “paired down version” of cyber protection teams in the cyber mission force and be employed at the Marine Air Ground Task Force level, said MGySgt Carlos Torres, senior enlisted Marine in the cyberspace division for the Deputy Commandant for Information, during the annual C4ISRNET Conference in May. The companies have used the expertise from cyber protection teams and Marine Corps Forces Cyberspace Command throughout their establishment.

Kendrick said the companies and elements of a cyber protection team participated in the NATO-led Trident Juncture exercise in Norway that took place from Oct. 25 to Nov. 7.

Kenneth Bible, deputy director of the C4 directorate and deputy CIO, said Trident Juncture served as a good example of giving these teams exposure to operations and commanders, who want this capability.

Kendrick added that the deputy commandant for information, which oversees all aspects of information for the Corps, to include the MIGs, requested Marines with intelligence backgrounds to go to each of the DCO-IDM companies.

This will allow them to begin the process of establishing an organic intelligence support ability in the defensive cyber sphere as opposed to having to rely on outside resources, such as Marine Corps Forces Cyberspace Command. This is critical given the expeditionary and tactical nature of these teams.

https://www.fifthdomain.com/dod/marine-corps/2018/12/11/marines-need-to-equip-defensive-cyber-teams/

Sur le même sujet

  • Qatari research center chooses Leonardo for cyber range

    4 février 2021 | International, C4ISR, Sécurité

    Qatari research center chooses Leonardo for cyber range

    Agnes Helou BEIRUT — A Qatari cyber research center has selected Leonardo to provide a cyber range and training system to support security operations, the Italian firm announced Feb. 3. The Qatar Computing Research Institute, or QCRI, was established by the Qatar Foundation for Education, Science and Community Development. The training platform ordered by the QCRI is capable of simulating cyberattacks so users can assess the resilience of digital infrastructure. “The training is completely to be performed in Qatar, and it is expected, through an approach oriented to ‘train the trainers,' to provide courses to a significant number of operators involved in the cybersecurity framework,” Tommaso Profeta, managing director of Leonardo's Cyber Security Division, told Defense News. He noted that training and exercise scenarios can be customized using a drag-and-drop graphical interface. The platform can also analyze and classify the results of simulated attacks based on data collected during real-world offensive campaigns. Scenarios can be used for individual training or classroom experiences, and they provide practice for security operations centers and incident response activities. This training tool “will allow the QCRI to deliver a complete cyber training process, from the design of the learning path to specific training sessions. Users will be able to practice their skills in simulated attack and defense scenarios, employing both information technology (IT) and operational technology (OT). The training will produce qualified teams of operators equipped with up-to-date knowledge and techniques, ready to face ever-evolving cyber threats,” according to a company statement. “The best cyber training/testing environments are in theory real production systems. But in practice for such environments, institutions, enterprises and organizations cannot easily experience critical situations without paying high, sometime unaffordable prices,” Profeta said. “Training and testing are therefore the two essential, human-driven processes that can effectively support the overall cyber ‘protection' loop, but only if they can cope with real threats and highly realistic systems in highly realistic situations.” Cyber ranges provide a controlled environment where cybersecurity experts can practice their technical and soft skills in emulated complex networks and infrastructures to learn how to respond to real-world cyberattacks. In these environments, cyber tools can be stressed to reveal their limits and vulnerabilities before deployment into cyberspace. Leonardo's platform challenges such assets and provides digital twin environments for predeployment testing. Asked whether other Gulf countries have expressed interest in this training system, Profeta said it “has already been presented to other high-level Middle East stakeholders, and a significant level of interest has been registered for the platform.” What scenarios are available? Those using the cyber range will try to defend against simulated but realistic cyberattacks. According to Profeta, these include: Man-in-the-middle attacks. Botnets. Exploitation of client and server vulnerabilities with lateral movements in search of sensitive data. Distributed denial-of-service attacks (HTTP flooding or domain name system reflection) designed to disrupt connections to a targeted server. Ransomware via multiple vectors, such as spear-phishing via email or drive-by downloads, relying on DNS-based covert channels. Data exfiltration of personally identifiable information and intellectual property. Though it's difficult to measure the potential effectiveness of this platform for Qatar, the company official predicted the system will reduce the cost of and improve the user experience in cyber training. Leonardo also supplies the NATO Computer Incident Response Capability, a cyber defense product. https://www.c4isrnet.com/cyber/2021/02/03/qatari-research-center-chooses-leonardo-for-cyber-range

  • RTX wins $118 million Army order for drone target sensors

    21 juin 2023 | International, C4ISR

    RTX wins $118 million Army order for drone target sensors

    The latest edition, known as CSP v3, will feature “several enhancements over the previous version,” according to a PEO IEW&S official.

  • Directed energy weapons making jump from sci-fi to real world

    18 septembre 2023 | International, Terrestre

    Directed energy weapons making jump from sci-fi to real world

    WASHINGTON — Five Pelican dropships and two Phantom troop carriers glide into view near snowcapped hills on a world with biomes similar to Earth’s. A handful of the warplanes break formation, ultimately bound for farther-flung targets, as volleys of neon green anti-aircraft fire erupt.

Toutes les nouvelles