Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Ask Lt. Col. John Bircher About Cyber Warfare Concepts

Posted by timothy on Thu Jun 12, 2008 01:20 PM
from the please-include-your-gps-coordinates dept.
Security The Military United States
The Air Force is not the only U.S. military branch trying to come to grips with the electronic side of warfare, both current and future. The U.S. Army Computer Network Operations (CNO)-Electronic Warfare (EW) Proponent (USACEWP), located at Fort Leavenworth, Kansas — home to the U.S. Army's Combined Arms Center — serves as the Army's hub for cyber-electronic concepts and capabilities. This is the organization responsible for developing doctrine, materiel and training to prepare the Army for cyber-electronic engagements. For example, USACEWP has developed training teams to ensure that U.S. commanders and soldiers around the world are fully informed of cyber-electronic capabilities at their disposal. Leading the Proponent's Futures branch is Lt. Col John "Chip" Bircher; Bircher entered the Army in 1989 as an Infantry officer, then served in various command and staff positions, most recently Information Operations (IO). He was the IO Chief for the 25th Infantry Division (Light), Hawaii, and Director of IO for Combined Joint Task Force -76, Bagram, Afghanistan. If you want to know more about the realities and challenges that face an armed, global IT department in a time when electronic warfare is ever more important and dangerous, now's your chance to ask Lt. Col. Bircher some questions. We'll pass on the highest-moderated questions for Lt. Col. Bircher to answer. Usual Slashdot interview rules apply.
+ -
story

Related Stories

[+] Air Force Cyber Command General Answers Slashdot Questions 543 comments
Here are the answers to your questions for Major General William T. Lord, who runs the just-getting-off-the ground Air Force Cyber Command. Before you ask: yes, his answers were checked by both PR and security people. Also, please note that this interview is a "first," in that Generals don't typically take questions from random people on forums like Slashdot, and that it is being watched all the way up the chain of command into the Pentagon. Many big-wigs will read what you post here -- and a lot of them are interested in what you say and may even use your suggestions to help set future recruiting and operational policies. A special "thank you" goes to Maj. Gen. Lord for participating in this experiment, along with kudos to the (necessarily anonymous) people who helped us arrange this interview.
[+] IT: DVD Porn Viruses Ravage US Soldiers' Computers 489 comments
stevegee58 writes "Tom Ricks' Inbox in the Sunday Washington Post reported that bootleg DVDs purchased in Iraqi markets ('souks') are frequently infected with viruses. Iraqi soldiers were affected as well; electronic interaction between Iraqi and US soldiers frequently resulted in a corresponding exchange of viruses from these infected DVDs."
[+] News: Expert Dissects Estonian Cyber-War 172 comments
Stony Stevenson points out an iTnews summary of a security researcher's account of the cyber-attacks on Estonia last year. The full report [PDF] is also available. We've discussed this internet-based conflict in the past. From the report: "In the days leading up to the attack, numerous clues pointed to a large-scale operation that was being planned online. Russian-language Internet discussion forums were abuzz with preparations for an online attack. Three days before the expected onslaught, Estonia planned to release the news of the coming strike in hopes that European media attention would oblige the EU to pressure the Kremlin to intervene, whether or not the attacks emanated from the Russian authorities."
[+] IT: Chinese Government Accused of Hacking Congress 237 comments
Alotau writes "Chinese hacking is getting some serious Congressional attention. Two House members said Wednesday their Capitol Hill computers, containing information about political dissidents from around the world, have been hacked by sources apparently working out of China. Virginia Rep. Frank Wolf says four of his computers were hacked. New Jersey Rep. Chris Smith says two of his computers were compromised in December 2006 and March 2007. The two lawmakers are longtime critics of China's record on human rights."
[+] Lt. Col. John Bircher Answers Your Questions 232 comments
A few weeks ago, you asked questions of Lt. Col. John Bircher, head of an organization with a difficult-to-navigate name: the U.S. Army Computer Network Operations (CNO)-Electronic Warfare (EW) Proponent's Futures Branch. Lt. Col. Bircher has answered from his perspective, at length, not just the usual 10 questions, but several more besides. Read on for his take on cyberwar, jurisdiction, ethics, and more.
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Ask Lt. Col. John Bircher About Cyber Warfare Concepts 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • John Bircher? (Score:5, Funny)

    by Lilith's Heart-shape (1224784) on Thursday June 12 2008, @01:24PM (#23766793)
    Wait a second. Aren't members of the John Birch Society [wikipedia.org] called "John Birchers"? If so, I'd say this poor bastard has an unfortunate name.

  • Technique? (Score:5, Interesting)

    by Manip (656104) on Thursday June 12 2008, @01:25PM (#23766821)
    Does the US Army take advantage of traditional misconfiguration and social engineering techniques in order to compromise a network or are the US government developing a home grown list of exploits to gain access to foreign government systems?

  • Legal Ramifications (Score:5, Interesting)

    by muellerr1 (868578) on Thursday June 12 2008, @01:27PM (#23766847) Homepage
    How does the military ensure that it is operating within the law regarding online military offensive activities? Are there any laws or oversight, as such? If so, how are those laws and/or oversight affected by a declaration of war?
  • I'm interested in why so many sensitive networks are even hooked up to the internet in the first place, or why trivial systems are so often bundled with sensitive ones under the same security frameworks.

    Why aren't there more isolated networks that would require physical contact or interception to get to in the first place? Do sensitive systems really need any connection at all to the conventional internet in the first place?

    I know that many places in the DoD do take this approach (people having one computer for safe email and browsing, and a completely different computer for sensitive intel), and certainly it's more expensive and less convenient. But when the internet is basically just a big pathway leading directly to your backdoor, why take any chance at all, ever?

  • What is that? (Score:5, Interesting)

    by khasim (1285) <brandioch.conner@gmail.com> on Thursday June 12 2008, @01:29PM (#23766877)
    What, specifically, would be a "cyber-electronic engagement".

    Include examples.

    Compare/contrast with traditional forms of intelligence gathering (wiretaps, listening devices, etc) and their counter-measures.

  • Interview Question (Score:5, Interesting)

    by Anonymous Coward on Thursday June 12 2008, @01:30PM (#23766905)
    With the political tilt as it is, a large part of the software development community is likely prejudiced against helping our country. With this in mind, how do you recruit the most creative and skilled people that this country has to offer?

    • Re:Interview Question (Score:5, Insightful)

      by Daniel Dvorkin (106857) * on Thursday June 12 2008, @01:56PM (#23767365) Homepage Journal
      With the political tilt as it is, a large part of the software development community is likely prejudiced against helping our country.

      You made a typo there. Here's a correction:

      With the political tilt as it is, a large part of the software development community is likely inclined against helping politicians use the Army as a tool to fight wars which harm our country.

  • Hacker war... (Score:5, Interesting)

    by Notquitecajun (1073646) on Thursday June 12 2008, @01:31PM (#23766933)
    I doubt you could REALLY answer this, but Is the US military playing any sort of role in the semi-undergroung "hacker war" that appears to be going on between China and the US?

    • And if and if ... (Score:5, Interesting)

      by khasim (1285) <brandioch.conner@gmail.com> on Thursday June 12 2008, @01:59PM (#23767409)
      And if there actually is a "Hacker War" between us ... and if our military is currently playing a role in such ... are there any civilian applications that will be released to help defend our non-military assets (corporations, education, etc)?

      Example: the NSA has worked on SELinux.

  • For us geeks who'd be sitting behind a computer .. (Score:5, Funny)

    by Anonymous Coward on Thursday June 12 2008, @01:32PM (#23766957)
    to fight. Will we have to go to basic training?

    If so, would basic training be to train us to stay up all night, living on pizza, soda, Skittles, and porn?

    If so, where do I sign up?!?

    • You know, you can go through basic training (or some other physically demanding training course) and get in shape ... and still be a geek. Seriously. Build some muscles, lose some fat, and you'll still be just as smart as you were before. I've done it, and so have lots of other folks on /. We didn't magically forget all our geek skills, or undergo some drastic personality transplant.

  • Since the Air Force is the U.S. military branch claiming dominance in "cyberspace" (along with air and space), how do you view the Army's relationship with the Air Force in "cyberspace"? Will the Army seek to take over all of the "cyberspace warfare", carve out its own niche in cyberspace, or peacefully coexist with the Air Force?

    With respect to leadership in this area across the DoD, do you feel that the Air Force being denied the program executive role for all DoD UAV endeavors represents an opportunity for the Army increase its role with respect to UAVs (as many people see cyberspace and UAVs to be inextricably linked)?

  • Attacks... (Score:5, Interesting)

    by Notquitecajun (1073646) on Thursday June 12 2008, @01:33PM (#23766971)
    Without diving into details that compromise security, can you reveal anything about the types or quantities of attacks that the US military is able to fend off, and how often they are faced?

    • Re:Attacks... (Score:5, Funny)

      by Sloppy (14984) on Thursday June 12 2008, @02:10PM (#23767601) Homepage Journal

      Without diving into details that compromise security

      Can you imagine what might have happened, if you had not so qualified your question? He might have let the cat out of the bag!

      Personally, I would have phrased it this way: "Please tell us everything you're up to. (It's ok. We're cool.)"

  • China (Score:5, Interesting)

    by je ne sais quoi (987177) on Thursday June 12 2008, @01:44PM (#23767157)
    What is the U.S. Army doing to protect U.S. sensitive information from the frequent number of cyber-attacks originating from inside the People's Republic of China? Is it primarily defensive?

  • Recruitment (Score:5, Interesting)

    by caljorden (166413) on Thursday June 12 2008, @01:47PM (#23767199)
    Does the US Air Force, or any branch of the armed services, currently recruit for cyber-related positions directly? Or is it a requirement that all members come out of the standard armed services personnel? If there is currently no system for recruiting the best and brightest CS/IT/Security personnel from the civilian population, would that ever be considered?

  • What limitations do you observe? (Score:5, Interesting)

    by Anonymous Coward on Thursday June 12 2008, @01:48PM (#23767229)
    Conventional military is bound by the Geneva convention. To date, there is no international law governing military info-war. Are you therefore no longer bound not to attack civilian targets? Is scrambling hospital records to create civilian deaths by mistreatment considered a valid attack?

  • Why does the Army have a love affair with Windows (Score:5, Interesting)

    by Anonymous Coward on Thursday June 12 2008, @01:51PM (#23767275)
    the worlds most insecure operating sytem? Seriously, I just had to go through the Army accreditation process at work, and all the guidelines basically say that Windows is the most secure according to the army. Several of the policies do nothing to increase security but are windows only features, a not so subtle hint that if you want to be "secure" you should be using Windows. The policies also states that since open source is "unsupported" you should use a commercial OS unless you can find "support" for the open source software. The scrutiny that the Linux/Unix machines are put through is MUCH more than Windows machines are. Windows machines are basically said to be "secure" if you apply all the patches and set a couple of settings. Its as if the Army considers Windows to be the most secure instead of the least secure. The whole security accreditation process seemed to be a giant push for us to move to Windows, which means that in my opinion the whole exercise was intellectually bankrupt. Why does the Army continue to push windows despite its absolutely horrendous security track record?

  • Jurisdiction? (Score:5, Interesting)

    by Caerdwyn (829058) on Thursday June 12 2008, @01:54PM (#23767333)
    Given that the most likely targets for cyber warfare are civilian targets, and that the perpetrators will likely be either non-government organizations or non-military employees of foreign governments, how do you see the jurisdiction question playing out? In particular, at what point are there handoffs in investigation, arrest, and prosecution between the US military, the FBI, and local authorities of affected civilian targets?

  • Avoiding Redundancy or is it Necessary? (Score:5, Interesting)

    by introspekt.i (1233118) on Thursday June 12 2008, @01:56PM (#23767361)
    What steps is the Army taking to avoid overlap with the Air Force's "cyber warfare" program(s)? Is avoiding overlap considered necessary, or is redundancy considered a good thing? Are there plans to collaborate on large scale with the Air Force, or keep the programs isolated from one another?

  • Timing and relevancy (Score:5, Interesting)

    by zappepcs (820751) on Thursday June 12 2008, @01:59PM (#23767411) Journal
    It's common knowledge that what we call the Internet was suckled by the military. Black-hat and white-hat security conferences and practices have been an active part of Internet security for over a decade.

    Can you explain what seems to be the US Military arriving at the game in the third inning?

    Having had TSEC and observed security processes and procedures, such as tempest precautions some time ago, I'm having trouble understanding why the 'cyber defenses' of the US Military only now seem to be actually realized.

    Is the delay due to funding? Priorities? or simply to underestimation of what the rest of the world was up to all this time?

    Please be as specific as you are able to be.

    Thank you.

  • Are you running botnets? (Score:5, Interesting)

    by advocate_one (662832) on Thursday June 12 2008, @02:01PM (#23767463)
    no text

  • Threat Assessment (Score:5, Interesting)

    by mykepredko (40154) on Thursday June 12 2008, @02:07PM (#23767545) Homepage
    As I understand it, every military in the world assess the threat its opponents pose by their capabilities rather than perceived intents.

    How do you perform a threat assessment in the area of cyber-warfare where the physical weapons (as was pointed out in an earlier post) is the keyboard and mouse with much of technology being used as a threat being developed in the U.S?

    Thanx,

    myke

  • "Civilian contractors" (Score:5, Interesting)

    by faloi (738831) on Thursday June 12 2008, @02:10PM (#23767597)
    Do you foresee a high utilization of civilian contractors? Knowing that there are some restrictions on people that can be recruited into the Army for any number of reasons (asthma, medications, criminal records), do you see a need for either more lax recruiting guidelines for some of the "front line" troops in the cyber warfare field, or a higher use of civilian (or at least non-Army) personnels?

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.