BACKGROUND
In July 2008, several weeks before Russia invaded Georgia, Georgian websites were already under attack. These included the Georgian President and Parliament’s websites, main news sites, and commercial websites while Georgian internet traffic was rerouted to Russia and Turkey and blocked. These actions in cyberspace were indicators of the upcoming invasion; unfortunately, no one was watching.
While anticipating an attack is a central role of the Intelligence Community, it has failed before, most notably in the 1973 “Yom Kippur War” when Egypt surprised Israel. The Joint Force Intelligence Directorate (J-2) is responsible for providing threat assessment and warning intelligence for emerging and enduring threats. Cyber actions are increasingly attractive first option as a precursor to a traditional conflict. Currently, analysis of cyberspace and geopolitics is done separately, and the ensuing coordination failure results in an inability to provide indicators and warnings.
CHALLENGE
Develop a way for Cyber Command intelligence analysts and Political-Military analysts to tie cyber-attacks to their geopolitical context so that they can detect an impending real-world attack.
LIMITATIONS
– Technologies that might be relevant: Webinar technologies, Cyber situational awareness capabilities, on-line training environment, chat, white board, persistence for materials left in the room. RSS feeds for email alerts and invitations to join the room when a cyber event happens
– See Intelligence and the 1973 Arab-Israeli War by Matthew T. Penney, Surprise, Deception, Denial, Warning and Decision: Learning the Lessons of History by Dr. J.P. London and Dr. Lani Kass, and Joint Publication 2-0 for more information
Blog Posts
3/1/18
Another test of a blog post.