Cyber Space Security: Dispelling the Myth of Computer Network Defense by True Red Teaming the Marine Corps and Navy

Abstract

Computer Network "defense" (CND) in the global information grid (GIG) is a myth. Yet, the Armed Forces, namely the United States Navy and Marine Corps, continue to operate as if our systems are secure. CND is a myth because it is retroactive and does not utilize the proactive ethical hacking teams that were designed to think, act, and operate like the multi-faceted adversaries we face in cyberspace. These teams, called Red Teams, continue to work hard to show where our network deficiencies lie, yet their reports are continually sidelined and never reach senior management until after a major incident occurs. So why is this important? Pose this question, can you go to work and perform your job without the use of the internet, whether for email, research, or applications such as sharepoint, regardless of the classification of the system? Cyber Space has infiltrated itself into every facet of our daily lives as well as our military command and control systems. Any briefing given by the President or the Chief of Naval Operations, Admiral Roughhead, will include CyberSpace and its far reaching implications for National Security ",,,cyberspace is real. And so are the risks that come with it" (President Barack Obama, 29 May 2009). The recent nation state-level network attacks in Estonia (2002) and Georgia and the hacking of the White House website (2009) have shown the defense of our networks and the information residing on them cannot be thought of as safe. As such, the Navy and Marine Corps network "defense" teams will continue to fail unless they fully utilize these Red Teams whose sole purpose for existence is to discover and assist in closing network associated vulnerabilities.

Document Details

Document Type

Technical Report

Publication Date

Jan 05, 2010

Accession Number

ADA536674

Entities

Tags