written 2.6 years ago by |
Solution
Full spectrum refers to the overall understanding (e.g., intelligence collection capabilities) and countering of threats across the Cyber Electronic Warfare (EW) domain or spectrum with the goal of providing full cyber control of allies and denying those to adversaries.
It refers to including research, knowledge, and development of sensors, concepts, techniques, and technologies encompassing collection, exploitation, and engagement of all data and signals across the Cyber EW spectrum.
Full spectrum cyber is a term coined by the DoD to include both defensive and offensive cyber operations. Full spectrum cyber refers also to the full cyber support life cycle: from providing network and systems designed to operational support, security intelligence, and cyber training and exercise support.
In the USA, one military unit, U.S. Army Cyber Command (ARCYBER) pro- vides cyber soldiers to support military missions. These soldiers are tasked with defending army networks and providing full spectrum cyber capabilities.
CNA/D/E/O
Full spectrum capabilities try to integrate elements from: computer network defense (CND) with offense: attack and exploitation (CNA/E) into one platform.
Computer network attack (CNA) indicates actions taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in com- puters and computer networks, or the computers and networks themselves (DoD 2010).
Computer network defense (CND). Actions that are taken to protect, monitor,analyze, detect, and respond to unauthorized activities within information systems and computer networks, (DoD 2010).
Computer network exploitation (CNE). Enabling operations and intelligence collection capabilities that are conducted through the use of computer networks to gather data from target or adversary information systems or networks, (DoD 2010).
Full spectrum analysis requires multi-INT analysis approach. Multi-INT (i.e., multiple-intelligence) is the fusion, integration, and correlation of different types of data collected from different sources to provide a full operating view.
The main two intelligence components to integrate are SIGINT, GEOINT, and MASINT. Open source and social media data are also important recent components. More recent components evolved such as: Activity-based intelligence (ABI).
Computer network operations (CNO).
In addition to multi-INT in terms of the different sources or methods of collecting intelligence data, multi-INT should employ sharing and operations:
Cross-agency multi-INT sharing: Between the different intelligence agencies, public and private sectors. One example of such efforts a project called MISP Open source threat intelligence platform and open standards for threat information sharing.
Cross-domain multi-INT operations: Ideally, this should be in the form of autonomous or self-adaptive security controls that learn threats in the domain and adapt itself to counter such threats.