Cyber defense
Download 2.54 Mb. View original pdf
|
- Navigate this page:
- CIBERDEFENSA
| Operational intelligence 349. Cyberspace-related intelligence can be understood in two ways cyber threat intelligence, essential to the cyber force and cyber-supported intelligence services that the cyber force can provide due to its special skills. 350. Cyber threat intelligence is the activity performed, mostly through cyberspace and occasionally through other means, to obtain information and knowledge of known or unknown cyber threats, current or potential. 351. Cyber threat intelligence is used to predict future situations evaluate and assess its own and adversary vulnerabilities evaluate and assess the cyber defense capability of adversaries locate targets prepare its own cyber attacks and anticipate cyber attacks from adversaries identify its own and adversary critical services conduct cyber espionage and information exfiltration operations and create influence. 352. Cyber-supported intelligence is the activity carried out through cyberspace to obtain information and knowledge of any matter and that the cyberspace force, as a specialized force in the use of cyberspace, can carryout in support of intelligence services or any other unit that requires it, usually through a request for information (RFI). 353. The cyber force must actively participate in national and international forums that aim to exchange information on vulnerabilities and threats and must foster bilateral agreements with other foreign cyber forces to supplement its internal cyber threat intelligence production. Response 354. Response is the cyber force capability related to offensive cyber operations. 355. Offensive cyber operations on alien networks without authorization are very complex operations that require highly sophisticated skills and knowledge and will only be conducted on extraordinary occasions when the use of force is legally permitted. For this reason, the cyber force response unit will dedicate most of its time to its own training, to carryout practices in isolated environments (cyber range) and to participate in cyber exercises in order to be prepared to act when necessary. 356. The complexity of offensive cyber operations lies in the difficulty in creating the desired effects while avoiding any trace (fingerprint) to evade detection, prevent technical and legal attribution and prevent the reuse of the cyber weapon by the adversary. GUÍA DE CIBERDEFENSA ORIENTACIONES PARA EL DISEÑO, PLANEAMIENTO, IMPLANTACIÓN Y DESARROLLO DE UNA CIBERDEFENSA MILITAR 57 In practice, collaboration with other foreign cyber forces, in terms of offensive cyber operations, is very difficult to achieve so, in this matter the cyberspace force must seek self- sufficiency through its own developments and confidential collaboration agreements with the industry and universities. 358. In international collective defense organizations, such as NATO, the organization itself lacks combat forces (except in very specific cases, so it creates forces for specific missions and operations with the voluntary contribution of nations (force generation). 359. In a cyber defense context, it is mostly unnecessary to deploy cyber defense units to create the desired effects indicated by the mission commander, so the generation of a cyber force is not an efficient mechanism. In this case, an effects generation model is more suitable because a mechanism is established to create a collective cyber effect capability, for specific missions and operations, with the voluntary contribution of nations. 360. For the response, in addition to the regular permanent facilities of the cyber force, other non-regular facilities that cannot be associated with State entities should be considered. Download 2.54 Mb. Share with your friends:
|