Forwarded from: William Knowles <wk@private> http://www.fcw.com/article89526-07-11-05-Web By Frank Tiboni July 11, 2005 Military officials can better protect their communications systems by building fake networks or Honeynets to divert adversaries away from critical systems and to gain intelligence on their attack methods, a top official in the Defense Department's cyberdefense organization suggests in a new paper. The new computer defense strategy is called Net Force Maneuver. "For Net Force Maneuver, our objective is to draw the adversaries away from real, mission-critical systems while learning as much about their attack techniques and capabilities as possible," said Army Col. Carl Hunt, director of technology and analysis/J-9 in the Joint Task Force for Global Network Operations (JTF-GNO), in the paper "Net Force Maneuver: A NetOps Construct." To use Net Force Maneuver, military officials must better understand their networks, the technologies available to better operate them and their adversaries' capabilities, Hunt said. He co-wrote the paper with Doug Gardner, director of the Applied Technology Unit in JTF-GNO, and Jeffrey Bowes, technical director of the Joint Information Operations Division of Northrop Grumman's Information Technology TASC unit. The paper appeared in the 2005 Information Assurance Proceedings publication produced for the Institute of Electrical and Electronics Engineers Computer Society's Systems, Man and Cybernetics IA Workshop held in June at the U.S. Military Academy at West Point, but was announced at the Army IT Conference in Las Vegas earlier that month. Hunt also describes the military's current computer network defense strategy as a battle against attrition. "Unfortunately, attrition is a reasonable characterization of our defensive computer network strategy today, with one major caveat," he said. "With the exception of an occasional arrest, our adversaries are able to inflict a substantial amount of harassment and a measurable amount of damage upon DOD communications networks at practically no cost to themselves." Hunt went on to say, "It's probably only a slight exaggeration to say we are fighting an attrition battle where we are the only ones being attrited." *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* _________________________________________ Attend the Black Hat Briefings and Training, Las Vegas July 23-28 - 2,000+ international security experts, 10 tracks, no vendor pitches. www.blackhat.com
This archive was generated by hypermail 2.1.3 : Tue Jul 12 2005 - 03:34:12 PDT