This is a quick one, and falls under the Opensource Military Hardware concept. Imagine this–building a weaponized drone using open source maker’s sites like DIY Drones and Dronepedia and utilizing a 3D printer to make hundreds if not thousands of them? That is where all of this stuff is going, and the possibilities are endless.
The other reason why I wanted to bring this up is that this kind of thing is definitely competition for the defense industries that specialize in UAV sales. Why buy an expensive drone from a company when you can just print out a bunch of them? And because anyone can access the information on how to build these things, then now you have the ability to continuously improve your drone program based on the input of the crowds.
My last point to bring up with this is that as this technology becomes cheaper and more available, then the odds of these things being used by criminals or terrorists increase. The other day, a DIY crew made a drone that could hack into computers via Wifi, and it is only a matter of time until we see the bad guys use this stuff to do all sorts of interesting things. Or even today’s terrorists/enemies, and all of the possible deadly uses of drones. Cartels or pirates could also get into the game of making and using drones. Especially for pirates, because drones could help them to find vessels to take down. Perhaps having shotguns for site security will be a required weapon in the near future? Or some kind of grenade launcher outfitted with special rounds to counter drone attacks?
Now what I would be interested to see is a drone that could be launched by an RPG launcher, and either used for surveillance or as a flying missile. A drone that you could quickly get into the air and use it as a ‘bird of prey’ for a fire fight. Or something that you could launch and have it fly farther than any of your unit’s weapon’s effective ranges, and have the ability to locate and destroy an enemy across the canyon or up in the hills. Something like that could end one of these DShK cross canyon ambushes, and especially if you did not have CAS on deck to deal with the attackers. While everyone is returning fire, this drone could be launched and flown above enemy positions so precise targeting data could be collected, or targets of opportunity could be taken out by the drone itself. –Matt
Lately, there has been an increased intensity of hacking attacks on government and business. Of course, government is doing all it can to keep up and stop these hackers. And like the piracy problem on the high seas, hackers in the commons called cyber space are operating with virtual impunity.
To me, there are several areas of weakness that today’s hackers are exploiting. One is the shear enormity of the internet and cyber space, and all the potential targets that a hacker can attack. Like with the pirates of Somalia, hackers have plenty of ocean and are constantly searching for new hunting grounds and weaknesses to exploit.
Their rewards can be immense. Hack into a bank, steal information from a technology firm, or hack a government website and exploit that information. Or they do it because of the ‘lulz’ or the hell of it, just to prove they are the best. Or worse, they attack individuals. (companies or the government has done nothing to protect the little guys– like this blog, from attacks) And these hackers can do it all from a terminal at some random location in the world.
The other thing at play here is scale. Once folks see for themselves how successful one group or individual is, then others will copy them. They will borrow brilliance and follow a model of operation that works, all to achieve a goal. And like today’s example of piracy, hacking spreads because it is inspired by the success of others and by the rewards of the risk taking.
It also spreads when money or organizational influence comes into play. China or a cartel from Mexico can easily do things to add fire to the world of hacking and cyber warfare. All nations add to scale of such things. Just wait until ‘plomo o plata‘ comes to the world of hacking, and then that is when cyber lances will really become essential.
Which brings me to the point of this post. Because this problem is only growing, there must be measures that equal the size and scale of this global deluge. Legal tools like the LoM must be considered to even the scale between black hat and the company use of white hat hackers. Of course it would be nice if government and it’s law enforcement apparatus could be large enough enough to apply the rule of law to all corners of the cyber universe. But like with today’s modern day scourge of piracy, government cannot be everywhere and at all times.
So here is where I like to take the next step forward. Companies need the legal authority to effectively combat black hat hackers. That legal authority can and should come in the form of a Letter of Marque and Reprisal. Or maybe a government can come up with a different title for this license. But either way, by giving companies the legal authority to do what they need to do to combat the problem, they in essence help to put ‘the armed guards on boats’. (another analogy with today’s piracy problem)
Here is some more food for thought. If the targets of hackers are companies, then is the government the best tool to use to protect all of these companies out there? Who would have more interest and incentive to protect a company’s infrastructure–a government or the the company itself? Of course a company would love for someone to do it for free, but the problem here is that there is too much at stake to put the security of a company simply in the hands of a burdensome, bureaucratic and highly inefficient government organizations. Government does not have the resources to watch over every company, and it does not have the personal motivation to defend a company’s assets to the fullest degree.
Yet again, the piracy analogy works for this example. All of the navies in the world have not stopped piracy, and if anything, the problem has grown. Likewise, the US government was not able to protect Sony, Google or Lockheed Martin from vicious hacking attacks, even though the government has cyber warfare units and tons of agencies tasked with monitoring cyber related activities.
So what is the solution? I say government should listen to what the companies have to say about how best to help them. The government would also have to re-evaluate what ‘help’ really means, in the context of this problem. If a company says it is legally constrained when trying to defend against black hat hackers, then what is the logical solution? Do you put the government’s police forces in charge of a company’s security anti-hacking units, or do we license a company to combat this problem? To me, issuing a license to companies so they can actually compete with these black hat hackers, is the equivalent of putting ‘armed guards on boats’ to defend against Somali Pirates. It makes sense, and it answers the problem of scale.
It also sounds like this is the natural progression anyways? The new DIB Cyber Pilot program sounds like another step towards empowering companies. With companies like Lockheed Martin, it behooves the government to help them because this company is very much a part of our national security. So will licensing companies be the next ‘natural progression’ as an answer to this world wide scourge? I know myself, and the Morgan Doctrine blog will be following this stuff, and we will see….-Matt
Comments Off on Letter Of Marque: Inching Closer To A World Of Cyber Privateering
To supplement my cyber lance post, this news, along with the attacks on L3 and Lockheed Martin or the Stuxnet attack on Iran’s nuclear facilities, all point to how important and dangerous this stuff really is. I will let the article speak for itself.
Also check out the Morgan Doctrine’s opinion about this story. The MD is a blog that promotes the concept of cyber privateers and tracks the world of cyber warfare and crime. –Matt
Cyber Combat: Act of War
MAY 31, 2011
Pentagon Sets Stage for U.S. to Respond to Computer Sabotage With Military Force
By SIOBHAN GORMAN And JULIAN E. BARNES
WASHINGTON—The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force.
WSJ’s Siobhan Gorman has the exclusive story of the Pentagon classifying cyber attacks by foreign nations acts of war. – News Hub
The Pentagon’s first formal cyber strategy, unclassified portions of which are expected to become public next month, represents an early attempt to grapple with a changing world in which a hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country’s military.
In part, the Pentagon intends its plan as a warning to potential adversaries of the consequences of attacking the U.S. in this way. “If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” said a military official.
I want to thank Matt from Facebook for bringing up this quote from Starship Troopers. I found the movie clip of the quote and it clearly shows the weakness of cyber warfare. It shows why you must have a direct action/physical security component mixed with your cyber warfare/information operations unit.
The simple reason why is that all it takes for your enemies to ruin your ‘hacking’ ventures, is for them to kill your hacker and physically destroy his equipment. To ‘throw a knife into the hand of the guy that pushes the buttons’, to paraphrase the quote up top.
Or worse, that hacker could be tortured and key information could be extracted in order to conduct a larger attack. The value of what that hacker knows (a nation or company’s secrets), or what they know how to do (hacking a nation or company), makes them a high value target.
In other words, today’s freelance hacker or even government/military hacker, is a highly valuable asset to a nation or a company. That highly valuable asset must be defended, and have a highly evolved physical and cyber offensive capability in order to compete and survive in today’s world.
So in order to deal with this new reality I have developed and defined a new term that I wanted to share with the readership. Enter the ‘cyber lance’.
Basically, a cyber lance is a combined arms team within a privateer company or military unit. Or it could be an outsourced team. The lance part comes from the french term Lances fournies, or ‘lances fournished’. Here is the definition from wikipedia.
The Lances fournies (French: “lances furnished”) was a medieval army squad that would have surrounded a knight in battle, consisting of a four to ten man team built of squires, men-at-arms (usually mounted swordsmen), archers, attendants (pages) and the knight himself. These units formed companies under a captain either as mercenary bands or in the retinue of wealthy nobles and royalty. A Lance was usually led and raised by a knight in the service of his liege, yet it is not uncommon in certain periods to have a less privileged man, such as a sergeants-at-arms, lead a lance. More powerful knights, also known as a knight bannerets, could field multiple lances.
And of course the cyber is used to refer to anything to do with the internet or computing. I particularly like this etymology of cyber from wikipedia:
By the 1970s, the Control Data Corporation (CDC) sold the “Cyber” range of supercomputers, establishing the word cyber- as synonymous with computing. Robert Trappl credits William Gibson and his novel Neuromancer with triggering a “cyber- prefix flood” in the 1980s.
What’s cool about a cyber lance, is that a company can actually define it’s size to a client. They can say ‘we have 20 cyber lances’ or ‘cyber lancers’ (whatever sounds better to the user)
The other reason why I like the cyber lance concept, is that it mixes physical security with cyber security. It also mixes physical offense, with the cyber offense. You must have one with the other as the world of cyber warfare continues to evolve. The cyber lance defines that combined arms group of hackers and shooters. The way I envision it, it could be as simple as a protective detail assigned to a hacker, or as involved as a special forces type team that does both the protection of a hacker, and conducts offensive operations based upon the information gained by that hacker. It is a fusion of the cyber and the physical, and all the potential actions that can come out of that combination.
I also like the etymology of lance corporal. If you have ever served in the Marines, you more than likely were a ‘Lance Corporal”. Although the lance part refers to lancepesade.
From the Italian lanzia spezzata, which literally means “broken lance” or “broken spear”, but which was used to denote a seasoned soldier (the broken spear being a metaphor for combat experience, where such an occurrence was likely).
Or if you have ever heard of the term ‘free-lance photographer’ or ‘free-lancer‘ (etymology- medieval mercenary warrior) , then now you know the origins of the term. I think it works pretty nicely for cyber lance. So to me, cyber lance makes perfect sense in the context of what I am talking about here.
The cyber lance is also flexible in it’s usage. They could be all military units, or a private cyber lance contracted out to the government or companies. A cyber privateer or cyber pirate company would have several groups of cyber lances as an organizational idea. Each cyber lance is just a unit or term to describe this hardened ‘hacker team with teeth’. It also goes back to the idea of combined arms, or mutually supporting groups within a unit. This concept is very much a part of the building snowmobiles mindset.
Combined arms is an approach to warfare which seeks to integrate different branches of a military to achieve mutually complementary effects (for example, using infantry and armor in an urban environment, where one supports the other, or both support each other). Combined arms doctrine contrasts with segregated arms where each military unit is composed of only one type of soldier or weapon system. Segregated arms is the traditional method of unit/force organisation, employed to provide maximum unit cohesion and concentration of force in a given weapon or unit type.
A cyber lance also promotes the idea of ‘team’, as opposed to an individual. I believe cells or teams are far more capable for the attack and defense, as opposed to just an individual. The security of a nation or company, or the prosecution of that nation or company’s best interest would best be placed into the hands of a team, as opposed to just one individual. Primarily because teams would actually have the ‘teeth’ necessary to capture or kill ‘individuals’, or defend against an attacking force. A cyber lance could also be attacked by a cyber lance, or a group of cyber lances that would make up a cyber privateer company.
Another key component of the cyber lance is it’s ability to work within the borders of another country or navigate the complexities of the commons called cyber space. A small team can be surgical and have a light foot print. It also falls in line with the concepts of netwar, and offense industry which was a past building snowmobiles post.
Finally, as hackers become more valuable and more capable, it will be of national interest to protect these assets. The cyber lance could very well be the next chapter or paragraph in the world of combined arms and cyber warfare. It will also take the combination of the hacker’s mind and the tactical and strategic thinking of a special operations team to think of all the ways a cyber lance could be used for the defense or offense. The end result could lead to the destruction of a nation’s key national security assets, or the preservation of a nation’s vital national security assets. That is what makes a cyber lance a very important and lethal building snowmobiles concept. –Matt
Hat tip to Nathan Hodge for this one. The weight of this system is an outstanding two pounds! It is also a lot less obtrusive than the system being used in that Switchblade video below. I am telling you, the day when Drone Archers become a reality in infantry units and special forces units is coming.
The next step is to take micro drones like the Switchblade and make them launchable from Gustavs, SMAWs or similar hand held rocket launchers. If you watch that Switchblade video, these things are tube launched from a basic mortar type launcher, which I assume are disposable. Perhaps they should make the Switchblade launchable from an actual mortar tube? Or the other concept would be to make a micro drone that could be launched from an RPG. Or make it like a LAW or AT -4?
The reason why I say make them launchable like this, is so that you can get these drones on top of the enemy as soon as possible. The enemy will have a running start if they see a force hand launch this drone. But if a team could shoot that UAV immediately above the battle space, then getting eyes on for the kill or for tracking purposes becomes more efficient and increases success. It can end the fight a lot quicker, if this was possible. I imagine the electronics would have to be pretty sturdy to withstand this kind of launch, but after all, they have done it with systems like the Javelin.
What is interesting too, is that drone archers would be more successful while the fight is in progress. Accurate fires in the direction of the enemy would help to keep them in place and behind cover, while at the same time the drone archer can get a UAV above that enemy element and go for a kill or for over watch purposes to help develop the situation and contribute to a team’s OODA. Interesting stuff. –Matt
Photo from Wired's Danger Room and the company website for MVR IV
Multi-Band Video Receiver (MVR IV)
Overview
The MVR-IV is a hand-held unit that receives real-time, full-motion video. Designed to work over the L, S and C bands, it provides situational awareness to ground troops from aircraft, UAV, or ground based video sources. The unit is compatible with standard-issue eyepiece and can be interfaced to a portable computer for video capture, manipulation (John Madden), retransmitting and storage. It is modular in design, is upgradeable for unit specific requirements (to include digital encoding), and works with all legacy video transmission systems. Digital link encryption for all bands is available.
