17 September 2016

Cyber Command leader: ISIS is 'most adaptive


September 13, 2016 

The head of Cyber Command told senators on Tuesday that the Islamic State group is "the most adaptive target" he's seen during his time in the intelligence community. 

“ISIL remains the most adaptive target I’ve ever worked in 35 years as an intelligence professional,” Adm. Michael Rogers told the Senate Armed Services Committee, using an alternative acronym for the group. 

ISIS has proven adept online using the internet and encrypted communications platforms to push propaganda, recruit and communicate. The use of encrypted applications, such as the German company Telegram, allows terrorists to communicate securely with fighters deployed outside the group’s traditional battlefield in the Middle East, as well as new recruits without fear of being monitored by government snooping. 

This encryption challenge has amplified the age-old security versus privacy debate. Rogers offered a different outlook on the problem noting that rather than focus on specific applications and users, applying a broad approach could expose vulnerabilities to generate intelligence. 

“The argument I’m trying to make from both the [National Security Administration] and the Cyber Command side is: 'Guys, we’re dealing with a whole new ecosystem out there,' ” said Rogers, who also directs the NSA. “Don’t focus on just one particular application as used by one particular target, think more broadly about the host of actors that are out there. … If we look at this more as an ecosystem — and we will find vulnerabilities — that we can access to generate the insights that the nation and our allies is counting on.” 

Rogers explained how ISIS uses a variety of tools to communicate and sow its terror across the world. “We are watching ISIL use a multi-tiered strategy for how they convey information and insight that runs the entire gambit,” he said. “I think for us as intelligence professionals, we’ve got to come up with a strategy and a set of capabilities that are capable of working in that spectrum. It can’t be we just spend all our money focused on one thing. I don’t think that’s a winning strategy for us.” 

From a broader perspective, Rogers also discussed how the United States is approaching cyber deterrence against a wide range of actors that include state and non-state. He said the U.S. response to the Sony hack committed by North Korea was an example of how the U.S. has demonstrated that it can respond hard as a means of deterring future behavior in the same vein. 

While many response measures taken by the U.S. are private, the response against North Korea was public “in the sense that we publically acknowledged both the event, we publically acknowledged who did it and we publically discussed the steps we were going to take in response to it, and we also highlighted at the time and if this activity continues we are prepared to do more at the time and place of our choosing,” he said. 

In this case, Rogers said the U.S. decided to use the economic lever against North Korea, as opposed to responding in kind in cyberspace. 

“One of the things I’m always recommending — I realize I just work the operational piece of much of this — but I always encourage people, think more broadly than cyber. When thinking deterrence, think more broadly than cyber,” he said, hinting at the wide range of tools and measures the U.S. uses to respond to cyber incidents. “Just because an entity — a nation-state, group, individual — comes at us in cyber, that doesn’t mean that our response has to automatically fall back on: Well, we have to respond in kind. 

"I have tried to make the argument, as have others, we need to play to all of the strengths of our nation. So in the Sony case, for example, we collectively from a policy perspective made a choice to play to the strength of the economic piece for the United States.” 

Some lawmakers on the committee, however, expressed skepticism whether or not the U.S. has raised the cost in cyberspace asking if adversaries believe they can get away with intruding on U.S. networks without a response. “I think we need to show the adversary that we have capability, we have the intent and we have the will to employ it — within a legal framework,” Rogers said. 

More specifically, Rogers noted that the Sony incident was an example of imposing a cost. Additionally, he highlighted the fight against ISIS — both from a direct effect against the group and as a broader deterrent in demonstrating U.S. capability. 

“You could also argue in the areas of hostilities — Syria, Iraq, Afghanistan — we’re doing some good things every day that clearly I think the opponent understands that we’re applying this capability against them,” he said. “We’ve publically acknowledged that we’re doing that. I think in part, that idea of publically acknowledging the fact that we were using cyber as a capability to counter ISIL was not just to signal ISIL, but was also to make sure others are aware that the Department of Defense is investing in these capabilities and we are prepared to employ them within a legal, lawful framework.” 

It is unclear what exactly U.S. cyber forces are doing within the Afghanistan sphere. The primary targets for U.S. counterterrorism operations in Afghanistan are the Taliban — not known as a particularly tech savvy organization on par with other non-state actors — it's allies and ISIS' Afghanistan province known by the U.S. government as ISIL-Khorasan, or ISIL-K. 

An official at Cyber Command declined to offer additional details on cyber operations in Afghanistan citing operational security. ISIS’ Afghanistan province largely consists of disaffected members of the Pakistani Taliban. Gen. John Nicholson, commander of Resolute Support and United States Forces—Afghanistan, explained to reporters in July that the fight against ISIS in Afghanistan is “ nested within a larger global strategy against Islamic State. It, in fact, coincides with ongoing operations in Iraq and Syria.” 

When asked if the U.S. sends these same signals to state actors, Roger’s answer of “I would hope so” drew criticism from Sen. Daniel Sullivan, R-Alaska, who said it was worrying to hear such a response. “It varies by the actor,” Rogers responded, providing a more specific example with the Iranians: “Yes, my sense is the Iranians have a sense for capability … and they’ve seen us use it.” 

Rogers’ comments in this instance are curious as the United States has not officially acknowledged any formal involvement in the Stuxnet virus, a joint operation with Israel that sought to set Iran’s nuclear program back by physically destroying centrifuges through malware. 

With Sept. 30, 2016, as the date anticipated by top leadership for the cyber mission force to reach initial operational capability (IOC), Rogers assured the committee Tuesday the force will be IOC by that date. 

“I would complement the services,” he said, “because this is one where, quite frankly, I haven’t been the nicest individual at times about what don’t we understand about this is a goal and a standard and we are going to meet this.” 

http://www.c4isrnet.com/articles/cyber-command-leader-isis-is-most-adaptive-target-seen-in-35-years-of-intel?utm_source=Sailthru&utm_medium=email&utm_campaign=Daily%20Brief%200914&utm_term=Editorial%20-%20Daily%20Brief

No comments: