The Integrated Threat Force (ITF) A Full Spectrum Advanced Persistent Threat for Operational Tests

Similar documents
UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

Defense Daily Open Architecture Summit EMS Panel

UNCLASSIFIED. UNCLASSIFIED Army Page 1 of 7 R-1 Line #9

CHAPTER 4 MILITARY INTELLIGENCE UNIT CAPABILITIES Mission. Elements of Intelligence Support. Signals Intelligence (SIGINT) Electronic Warfare (EW)

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

Training and Evaluation Outline Report

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

MCWP Electronic Warfare. U.S. Marine Corps PCN

Denied, Degraded and Disrupted

Training and Evaluation Outline Report

Cyber Attack: The Department Of Defense s Inability To Provide Cyber Indications And Warning

Tactical Technology Office

ELECTRONIC WARFARE TECHNIQUES. December 2014

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

UNCLASSIFIED. Unclassified

C4I System Solutions.

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

UNCLASSIFIED R-1 ITEM NOMENCLATURE

FM AIR DEFENSE ARTILLERY BRIGADE OPERATIONS

Subj: ELECTRONIC WARFARE DATA AND REPROGRAMMABLE LIBRARY SUPPORT PROGRAM

aselsan EW SPECTRUM MANAGEMENT

Training and Evaluation Outline Report

ARMY RDT&E BUDGET ITEM JUSTIFICATION (R-2 Exhibit)

ADP309 AUGUST201 HEADQUARTERS,DEPARTMENTOFTHEARMY

Department of Defense DIRECTIVE. SUBJECT: Electronic Warfare (EW) and Command and Control Warfare (C2W) Countermeasures

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

Force 2025 Maneuvers White Paper. 23 January DISTRIBUTION RESTRICTION: Approved for public release.

Chapter FM 3-19

Assessing the State of the Joint IO Enterprise. Mr. Gregory Radabaugh, SES Director Joint Information Operations Warfare Center

UNCLASSIFIED UNCLASSIFIED

UNCLASSIFIED. UNCLASSIFIED Air Force Page 1 of 31 R-1 Line #27

Preparing to Occupy. Brigade Support Area. and Defend the. By Capt. Shayne D. Heap and Lt. Col. Brent Coryell

Training and Evaluation Outline Report

UNCLASSIFIED. R-1 ITEM NOMENCLATURE PE F: Requirements Analysis and Maturation. FY 2011 Total Estimate. FY 2011 OCO Estimate

New FM 3-36 Electronic Warfare a/o 6 Jan 09/ 0800

Go Tactical to Succeed By Capt. Ryan Stephenson

THE STRYKER BRIGADE COMBAT TEAM INFANTRY BATTALION RECONNAISSANCE PLATOON

ANNEX 3-52 AIRSPACE CONTROL. COMMAND AND ORGANIZATION CONSIDERATIONS ACROSS THE RANGE OF MILITARY OPERATIONS Last Updated: 23 August 2017

1. What is the purpose of common operational terms?

An Enterprise Environment for Information Assurance / Computer Network Defense Testing and Evaluation

Air-Sea Battle & Technology Development

Joint Publication Operations Security

Intelligence Preparation of the Battlefield Cpt.instr. Ovidiu SIMULEAC

Victory Starts Here!

AGI Technology for EW and AD Dominance

2009 ARMY MODERNIZATION WHITE PAPER ARMY MODERNIZATION: WE NEVER WANT TO SEND OUR SOLDIERS INTO A FAIR FIGHT

USCYBERCOM 2018 Cyberspace Strategy Symposium Proceedings

Next Gen Armored Reconnaissance: ARV Introduction and Requirements. - Brief to Industry-

Cyber Operations in the Canadian Armed Forces. Master Warrant Officer Alex Arndt. Canadian Forces Network Operations Centre

Information Operations

Air Force Cyber Operations Command

Training and Evaluation Outline Report

UNCLASSIFIED. R-1 ITEM NOMENCLATURE PE D8Z: Central Test and Evaluation Investment Program (CTEIP) FY 2013 OCO

ART 2.2 Support to Situational Understanding

STATEMENT BY LIEUTENANT GENERAL RICHARD P. FORMICA, USA

Doctrine Update Mission Command Center of Excellence US Army Combined Arms Center Fort Leavenworth, Kansas 1 May 2017

GOOD MORNING I D LIKE TO UNDERSCORE THREE OF ITS KEY POINTS:

Infantry Companies Need Intelligence Cells. Submitted by Captain E.G. Koob

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

DEPARTMENT OF THE NAVY OFFICE OF THE CHIEF OF NAVAL OPERATIONS 2000 NAVY PENTAGON WASHINGTON DC

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

UNCLASSIFIED. R-1 Program Element (Number/Name) PE A / Advanced Tactical Computer Science and Sensor Technology

Airspace Control in the Combat Zone

To be prepared for war is one of the most effectual means of preserving peace.

Headquarters, Department of the Army

Presentation to AFCEA

By 1LT Derek Distenfield and CW2 Dwight Phaneuf

CURRICULUM OUTLINE OF INSTRUCTION SURFACE WARFARE OFFICER DEPARTMENT HEAD COURSE CIN: A-4H-0107 CDP: 9545 VER: 2.0 CHANGE: 3

SPAWAR Systems Center Atlantic Cooper River Landing Conference Center (Bldg. 3112) DRAFT AGENDA (Subject to Change - as of May 29, 2018)

Spectrum contest: RAAF boosts electronic warfare capabilities

UNCLASSIFIED R-1 ITEM NOMENCLATURE

150-MC-0002 Validate the Intelligence Warfighting Function Staff (Battalion through Corps) Status: Approved

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

Training and Evaluation Outline Report

Test and Evaluation WIPT

150-MC-5320 Employ Information-Related Capabilities (Battalion-Corps) Status: Approved

Cybersecurity TEMP Body Example

Delivering Space Capabilities to Enable the Tactical Warfighter

Plan Requirements and Assess Collection. August 2014

Modern Leaders: Evolution of today s NCO Corps

Challenges of a New Capability-Based Defense Strategy: Transforming US Strategic Forces. J.D. Crouch II March 5, 2003

AF Technical Program 2018 Dixie Crow Symposium 43 Call for Papers

Land Forces Situational Awareness

UNCLASSIFIED UNCLASSIFIED. EXHIBIT R-2, RDT&E Budget Item Justification RESEARCH DEVELOPMENT TEST & EVALUATION, NAVY / BA-7

UNCLASSIFIED. R-1 ITEM NOMENCLATURE PE D8Z: Central Test and Evaluation Investment Program (CTEIP) FY 2011 Total Estimate. FY 2011 OCO Estimate

USASMDC/ARSTRAT & JFCC IMD Update. Space and Missile Defense Capabilities for the Warfighter

UNCLASSIFIED. R-1 ITEM NOMENCLATURE PE D8Z: Central Test and Evaluation Investment Program (CTEIP) FY 2012 OCO

A Ready, Modern Force!

Training and Evaluation Outline Report

Information-Collection Plan and Reconnaissance-and- Security Execution: Enabling Success

Army Expeditionary Warrior Experiment 2016 Automatic Injury Detection Technology Assessment 05 October February 2016 Battle Lab Report # 346

Future Force Capabilities

NBC Warning and Reporting System

DISTRIBUTION RESTRICTION:

Chapter 13 Air and Missile Defense THE AIR THREAT AND JOINT SYNERGY

Test and Evaluation Strategies for Network-Enabled Systems

17 th ITEA Engineering Workshop: System-of-Systems in a 3rd Offset Environment: Way Forward

HEADQUARTERS, DEPARTMENT OF THE ARMY

APPENDIX D STUDENT HANDOUTS D-1

"Just as the Marine Corps has traditionally used the air, fand and sea to close with and destroy the enemy, it must now look at the EMS environment

Transcription:

The Integrated Threat Force (ITF) A Full Spectrum Advanced Persistent Threat for Operational Tests Steve Woffinden General Dynamics C4 Systems Sys Eng Tech Staff ITF Project Office: (480) 777-1718 steve.woffinden@gdc4s.com ITEA Advanced Persistent Threat Conference 28 November 2012

ITEA Advanced Persistent Threat Context ITEA Advanced Persistent Threat Theme: Cyber warfare is no longer something we'll have to worry about in the future. The Stuxnet virus, which targeted and damaged Iranian nuclear infrastructure, showed that internet warfare is happening now. The cost of securing U.S. infrastructure against our enemies will cost billions of dollars. U.S. Secretary of Defense Leon Panetta warned that the United States could be paralyzed by cyber warfare if it is not prepared. "The reality is that there is the cyber capability to basically bring down our power grid to create... to paralyze our financial system in this country to virtually paralyze our country," he told reporter Scott Pelley of CBS Evening News."And I think we have to be prepared not only to defend against that kind of attack but if necessary we are going to have to be prepared to be able to be aggressive when it comes to cyber efforts as well. We've got to develop the technology, the capability we've got to be able to defend this country." Maybe the most alarming part of cyber warfare is that it doesn't take an organized effort or millions of dollars to implement a devastating attack. A creative devious mind with access to a computer is all that it takes. This presentation will show that the ITF provides the needed opposing force perspective necessary to evaluate the integration of cyber, information interoperability, and C2! 2

ITF Presentation Abstract Title: The Integrated Threat Force (ITF) A Full Spectrum Advanced Persistent Threat for Operational Tests Discussions about, and definitions used for, the Advanced Persistent Threat usually include only the context of a cyber threat to Information Security and not the full spectrum of threat persistent behaviors. It is noteworthy that Joint Publication 1-02:... does include Persistent Surveillance and Estimative Intelligence, which are relevant to this topic. This presentation proposes definitions for Advanced Persistent Threat in the context of Operational Testing and presents how the Threat Systems Management Office s (TSMO) existing Integrated Threat Force (ITF) Program brings a scalable, adaptive, fullspectrum advanced persistent threat capability, to include cyber threats, to the operational test community. The ITF Initial Operating Capability (IOC) was delivered in December 2010 and has been deployed to support OT events in 2011 and 2012. The ITF is a capability with defined threat representations for high, medium, low and hybrid threats. The ITF also addresses the current Information Operations (IO) environment with threat Computer Network Operations (CNO) and Electronic Warfare (EW) systems integrated into the ITF tactical C4 capabilities. This allows the ITF to represent any set of estimative intelligence that test authorities want to define for the threat, as well as to incorporate cyber events on the Road To War as well as during operational execution, which then will define the context for the operational test vignettes. This allows the threat s persistent behaviors to extend across the definition of start conditions through execution of the tactical vignettes. What is the difference between stand alone persistent cyber events versus having a coordinated attack from a threat using cyber in combination with persistent surveillance? 3

Relevant Joint Definitions Joint Publication 1-02 Department of Defense Dictionary of Military and Associated Terms 8 November 2010 (As Amended Through 15 August 2012) persistent surveillance A collection strategy that emphasizes the ability of some collection systems to linger on demand in an area to detect, locate, characterize, identify, track, target, and possibly provide battle damage assessment and retargeting in near or real-time. Persistent surveillance facilitates the prediction of an adversary s behavior and the formulation and execution of preemptive activities to deter or forestall anticipated adversary courses of action. See also surveillance. (JP 2-0) estimative intelligence Intelligence that identifies, describes, and forecasts adversary capabilities and the implications for planning and executing military operations. (JP 2-0) Neither Advanced Persistent Threat nor Persistent Threat have an agreed definition in the current version of the Joint Pub 1-02: DoD Dictionary 4

Advanced Persistent Threat Definition It is proposed that, for Operational Testing, Advanced Persistent Threat can be defined as follows: Advanced Persistent Threat for Operational Test The representation of threats, to include Command and Control, traditional battlefield functions, and Information Operations, for use in the Operational Test and Evaluation of Systems which accounts for the accumulated knowledge available to the threat force, as well as the context gained during the Road to War leading to the test event. The Threat s persistent surveillance assets provide the basis for intelligence collection as well as offensive operations against the system under test, including the play of CNO, EW, and other sensors (ISR and Human). This allows the threat commander to synchronize cross-functional tactics, techniques and procedures to accomplish the threat s strategic goals and tactical missions. A Threat with persistent surveillance capabilities, to include persistent cyber, and the ability to bring a coordinated approach to achieving their strategic, operational and tactical objectives is a threat indeed!! 5

Integrated Threat Force (The Army s Answer to Threat) 6

Communicating Persistent Surveillance in the ITF 7

Operational Test Example: ITF C2 Capability Integrated with Threat Assets X (-) THQ CPV2 (-) CPV1 TCV2 TCV1 x1 EA ES CNO x4 18 DSMT 3X RPG-7 1xSniper x3 18 DSMT 3 X RPG-7 1xSniper x3 30 DSMT x2 x6 4 X RPG-7 2 X SA-7/18 3xSniper x 1 Comms jammer CICAD A x 1 Comms jammer TSIJ x 2 Comms (low) Jammer x 1 Comms (Medium) Jammer x 1 Comms (high) Jammer TIEW-E Constructive x 3 SIGINT/DF NESTS x1 CNO: Wired x1 CNO: Wireless NETT Constructive Virtual 8

ITF: Multi-Echelon C2 Capability Option National Authorities Echelons Above Corps Corps Level Threat Liaison Division Level Brigade Level Battalion Level Company Level Platoon Level Squad Level ITF Notebook THQ TNV CPV1 CPV2 TCV1 TCV2 Command And Staff Command And Staff Command And Staff Command And Staff Command Command ITF Cell Phone Dismounted ITF Assets THQ = Threat Higher Headquarters TNV = Tactical Network Vehicle CPV (1&2) = Command Post Vehicles TCV (1&2) = Tactical Command Vehicles 9

ITF Persistent Surveillance Capabilities NESTS The Networked Electronic Support Threat Sensors comes in High, Medium and Low capability variants. The High and Medium versions are able to conduct persistent spectrum surveillance as well as near real time signal identification and transmitter geo-location. NETT The Network Exploitation Test Tool brings together hundreds of hacker tools into a fully capable CNO suite. The TSMO CNO Teams are capable of short term testing or longer term surveillance and exploitation. TUD The Threat Unmanned Devices is a manned representation of a suite of ISR and EW capabilities from Unmanned Aerial Systems (UAS). This includes video and still imagery as well as SIGINT Direction Finding and jamming. 10

Advanced Persistent Threat Assets: Wired and Wireless CNO ITF NETT Thin Client CNO Target Nomination Surveillance and Attack Status Network Topology information Allows the Threat to correlate CNO with other assets NETT Wireless CNO for Exploitation and Attack Wireless Access Point detection Naming and Security data capture Mobile CNA capabilities Adds Wireless to Wired CNO Arsenal 11

Advanced Persistent Threat Assets: SIGINT, Electronic Attack, and ISR Aerial Surveillance and DF Capabilities with TUD Command Post Monitoring Change Detection Mission Rehearsal Activity Monitoring Target Verification Target Tracking Reaction Detection and BDA Ground-based SIGINT and EA SIGINT Locations Track Correlation and Display Target Shooter Pairing Engagement Control Spectrum Monitoring 12

The ITF is a threat with Advanced Persistent Surveillance and integrated Command and Control across the range of Information Operations to include Cyber! Questions? 13

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback