22 janvier 2020 | International, C4ISR, Sécurité

What new documents reveal about Cyber Command’s biggest operation

Mark Pomerleau

New documents provide insight into the growing pains U.S. Cyber Command faced in building a force while simultaneously conducting operations.

The documents, which were released as part of a Freedom of Information Act request from the National Security Archive at George Washington University and later shared with journalists, are a series of internal briefings and lessons from the Defense Department's most complex cyber operation at the time, Operation Glowing Symphony.

That operation was part of the larger counter-ISIS operations — Joint Task Force-Ares — but specifically targeted ISIS's media and online operations, taking out infrastructure and preventing ISIS members from communicating and posting propaganda.

While Cyber Command described the operation, which took place in November of 2016, as a victory in the sense that it “successfully contested [ISIS] in the information domain,” the documents demonstrate the extent to which the command was still learning how to conduct operations and the exact steps to follow.

“Process maturation is something they pull out a lot. Obviously, as CYBERCOM was standing up, it was pulling together plans for how they were going to operate. They actually hadn't operated that much,” Michael Martelle, cyber vault fellow at the National Security Archive, told reporters. “A lot of these frameworks were formed in theory. Now they go to try them out in practice.”

Cyber Command leaders have stressed in public remarks for years that the command was building its force while operating. But the extent of those operations has been limited. Officials in recent years have explained that the command didn't undertake many offensive operations. One official said last year he could count on less than two fingers the number of operations, Cyber Command conducted in the last decade or so. One member of Congress said DoD didn't conduct an offensive cyber operation in five years.

But when they were in action, in this case with Operation Glowing Symphony, Martelle said the documents show cyber leaders did not anticipate the amount of data they would access.

“They actually weren't prepared for the amount of data they were pulling off of ISIS servers ... CYBERCOM was not set up for an operation of this magnitude from day one,” he said. “They had to learn on the fly, they had to acquire on the fly, they had to grow on the fly.”

The documents note that Cyber Command's capability development group, is “developing USCYBERCOM data storage solutions.”

The capabilities develop group, now known as the J9, serves as the advanced concepts and technology directorate and worked to plan and synchronizing cyber capability development and developed capabilities to meet urgent operational needs.

Experts had noted that in the past the CDG/J9 had been stressed in recent years by a limited staff and burdened by developing tools for operational needs, namely Joint Task Force-Ares.

Another example of potential growing pains the documents point to was the fact that updates to operations checklists were not made available readily to the team.

Finally, the documents note that authorities and processes the command was operating under that the time were restrictive in some cases.

“Absent of significant policy changes from [the office of the secretary of defense], USCYBERCOM is limited in its ability to challenge ISIS [redacted]. As a result, USCYBERCOM has [redacted] to achieve our objectives,” the executive summary of a 120-day assessment of Operation Glowing Symphony says.

Those authorities and processes have been streamlined by the executive branch and Congress in recent years.

Commanders now follow a process that defaults toward action, Maj. Gen. Dennis Crall, deputy principal cyber adviser and senior military adviser for cyber policy, said during an event Jan. 9. He explained the updated process provides continuity, tempo, pace and timing.

Ultimately, Martelle noted that the real importance behind Operation Glowing Symphony is that Cyber Command used the experience from those events and Joint Task Force-Ares more broadly as a template for future operations.

Cyber Command's top official, Gen. Paul Nakasone, who was also led Joint Task Force-Ares, has noted that the task force laid the foundation for the Russia Small Group, which was created to combat election interference in the 2018 midterms.

“This concept of a task force lives on. A lot of that thinking came from what we were doing in 2016,” he told NPR.

That task force has now evolved to be more all encompassing covering election threats more broadly.

https://www.fifthdomain.com/dod/cybercom/2020/01/21/what-new-documents-reveal-about-cyber-commands-biggest-operation/

Sur le même sujet

  • Under Siege: Business risk in the new age of warfare

    26 mai 2024 | International, Sécurité

    Under Siege: Business risk in the new age of warfare

    Opinion: America’s long-established methods of protecting against international threats may be inapplicable, ineffective, or too costly to pursue.

  • Nammo signs major ammunition contract with Sweden

    17 avril 2020 | International, Terrestre

    Nammo signs major ammunition contract with Sweden

    April 16, 2020 - Nammo has signed a contract with the Swedish Defence Materiel Administration for delivery of small caliber ammunition worth SEK 670 million. Covering deliveries from 2020-22, the contract builds on a framework agreement signed in 2017, and will enable to Swedish Armed Forces to strengthen its levels of training and readiness. ”We are honored that the Swedish Armed Forces have placed their trust in us as their primary supplier of small caliber ammunition. Customers like Sweden accept only the best, and also have some very specific requirements that we have to fulfil, so in our view this is a major achievement by Nammo's product and manufacturing teams,” said Reijo Bragberg, Nammo's Executive Vice President for Small and Medium Caliber Ammunition. This contract is the second issued under the 2017 framework agreement, and covers six different ammunition types, both for training and combat. Going forward, Nammo is looking to expand its cooperation with the Swedish government in line with the strategic partnerships it has developed with both of Sweden's Nordic neighbors. Nammo CEO Morten Brandtzæg sees this kind of collaboration between industry and governments as essential in dealing both current and future security challenges. ”Recent events have again underscored the need to ensure security of supply in all situations, ranging from peace to crisis, conflict and even war. In our view this relies on both industry and governments cooperating more closely, and we stand ready to support from our side,” said Brandtzæg. Related / Contacts Endre Lunde Endre Lunde Press Contact Senior Vice President, Communications endre.lunde@nammo.com +4790853270 View source version on NAMMO: https://www.nammo.com/newsroom/#/pressreleases/nammo-signs-major-ammunition-contract-with-sweden-2991652

  • Le drone tactique Patroller très proche de sa première livraison

    8 novembre 2019 | International, Aérospatial

    Le drone tactique Patroller très proche de sa première livraison

    Par Michel Cabirol Le drone tactique Patroller, qui doit être livré très prochainement à l'armée de Terre, devrait être armé d'une roquette guidée laser de 68 mm. Safran a reçu de la DGA une étude de levée de risques pour armer le Patroller. Tic-tac, tic-tac, tic-tac... La livraison du drone tactique Patroller est désormais une question de semaines. Prévue initialement le 22 novembre, elle a été très légèrement reportée à début décembre en raison de l'encombrement du trafic aérien à Istres, où le premier système (5 avions et deux stations sol) doit être remis à l'armée de Terre à l'issue d'une série de vols. Une fois le système testé à Istres, il sera rapatrié dare-dare à Chaumont où les créneaux de vol sont beaucoup plus simples à gérer pour l'armée de Terre, qui va devoir s'approprier ce nouveau système d'arme. Le Patroller est attendu sur les thé'tres d'opération mi-2021, et notamment sur la bande sahélo-saharienne (BSS). Le Patroller sera la "rolls" de l'armée de Terre. Équipé d'une boule optronique gyrostabilisée dernier cri, ce drone tactique vise à répondre aux missions de renseignement au profit des unités tactiques de l'armée de Terre en leur offrant une capacité de surveillance, d'acquisition, de reconnaissance et de renseignement (SA2R). Ce système d'observation est capable de détecter, d'identifier et de localiser, de jour comme de nuit, dans un champ atteignant presque 360°, tous les éléments observés sur une portée de 150 km (14 heures d'autonomie). "Il permet ainsi, presque immédiatement, de décrire une éventuelle unité ennemie, avait confirmé en juin dernier le général Jean-Pierre Bosser, qui était encore chef d'état-major de l'armée de Terre. Voilà un progrès essentiel apporté par la troisième dimension à l'armée de terre". Le Patroller armé d'une roquette guidée laser Une bonne nouvelle peut en cacher une autre. Safran a récemment obtenu la notification d'un contrat d'une durée de 18 mois pour une étude de levée de risques pour l'armement du Patroller, selon des sources concordantes. L'armée de Terre avait fortement plaidé pour armer le Patroller. "Pour les militaires l'armement des drones était depuis longtemps considéré comme une nécessité. (...) Nous avons clairement affirmé le besoin d'armer le Patroller", avait indiqué en mai 2018 lors d'une audition à l'Assemblée nationale le général Charles Beaudouin, sous-chef d'état-major chargé des plans et des programmes de l'état-major de l'armée de Terre. Le choix s'est porté sur la roquette guidée laser de 68mm de Thales, qui équipe déjà l'hélicoptère Tigre. Elle a été préférée à la version sol-air du missile MMP, le MHT de MBDA. Pourquoi ? La roquette guidée laser est dimensionnée aux besoins de l'armée de Terre en étant parfaitement adaptée à des objectifs rencontrés par le Patroller lors de ses missions de surveillance pour réaliser des tirs sur des cibles d'opportunité (pick-up, sniper...). La roquette est également beaucoup moins chère et plus légère que le MMP et son poste de tir. Ce dernier point permet d'optimiser l'autonomie du Patroller, qui un outil de gestion de crise. Enfin, la solution MMP, qui traite des cibles plus importantes (char, bunker...), aurait été plus compliquée techniquement à mettre au point en raison de son guidage (fibre optique). Bloqué par la direction générale de l'armement (DGA) en rétorsion aux retards du Patroller, cette étude de levée de risque était attendue depuis deux ans environ. C'était il y a deux ans déjà en septembre 2017 que la ministre des Armées Florence Parly avait annoncé dans un discours devenu fameux sa décision d'armer les drones Reaper français. "Deux ans de perdu", soupire une source interrogée par La Tribune. Aujourd'hui le Patroller armé est attendu au sein de l'armée de Terre en 2023 https://www.latribune.fr/entreprises-finance/industrie/aeronautique-defense/le-drone-tactique-patroller-tres-proche-de-sa-premiere-livraison-832585.html

Toutes les nouvelles