Digital Conflict

By Kevin Coleman

Blog archive

12 courses for a cyber warfare curriculum

Innovation and creativity require out-of-box thinking. That is what catches cyber defenders off guard and often makes the difference between a successful attack and failure. Given that observation, I was recently asked to think about what it would take for the Defense Department to fully integrate that characteristic into its cyber warriors.

First of all, out-of-box thinking runs counter to the traditional military mind-set that is created through current educational programs. Changing that mind-set will take time, and the only thing that can increase the rate of change is demonstrated success through the use of those characteristics.

Second, most cyber warfare training is highly focused on the technical aspects of cyberattacks, and that is a huge shortcoming. A broad background of understanding is needed that includes common operational user methods.

Third, we tend to view a cyberattack as an event. It is not. It is a multithreaded process that has internal recursive loops that incorporate operational feedback.

Using the three constructs above as a foundation, here are 12 programs that should be included in the core curriculum for advanced cyber warfare training.

1. Developing cyberattack strategy.
2. Identifying traditional and nontraditional points of attack.
3. Understanding the 43 current cyberattack vectors.
4. Working the cyberattack process.
5. Understanding tools and techniques supporting the attack process.
6. Using creativity and innovation in cyberattack design.
7. Understanding modular design of cyber weapons.
8. Knowing sources of cyberattack code for reuse and cloaking.
9. Target profiling and vulnerability announcement monitoring.
10. Social profiling of targets in support of social engineering.
11. Designing disinformation and misdirection in cyberattack code.
12. Designing counter cyber forensics in cyberattack code.

Those 12 courses would build the skills necessary for success in the offensive, defensive and intelligence collection areas in the military and intelligence communities and in many sectors of the defense industry.

However, education doesn’t stop there. The dynamics of the extended computer industry — including alternative devices — coupled with the rate of change we are seeing in cyberattack methods and techniques combine to make continuous education a necessity.

Posted by Kevin Coleman on Feb 08, 2011 at 12:12 PM


Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.