Blog Posts from April, 2011

Image modified by IT2 Justin W. Hoffman, Information Assurance Officer, from the original at WiscMel at en.wikipedia with permission

On April 22, we celebrate Earth Day, a day intended to reflect appreciation for the Earth's natural environment. You are probably thinking, “How can we apply the concept of ecosystems to the man-made domain of cyberspace?” A recently published Department of Homeland Security (DHS) whitepaper, “Enabling Distributed Security in Cyberspace,” describes the need for a healthy and resilient cyber ecosystem. Similar to natural ecosystems, cyber ecosystems have a variety of diverse participants, including private firms, non-profits, governments, individuals, processes, and cyber devices. These cyber species interact at machine speed and can have a positive and a negative impact on the cyber ecosystem.

The paper notes that today’s main weakness of cyber defenses is that they are “founded on ad hoc, manual processes, yet cyber attacks often follow a well known, systematic escalation path beginning with reconnaissance activities and extending to gaining entry, establishing persistence…and conducting attack operations.” A future, healthy cyber ecosystem would have cyber devices that collaborate to anticipate cyber attacks, minimized the outcomes and the spread of attacks, and recover to a trusted state.

In a healthy cyber ecosystem, “the cyber participants work together in near-real time to anticipate and prevent cyber attacks.” Such a system would require improvements in three basic areas, and include automation, interoperability, and authentication. Automation (similar to a body’s immune system) could be used in the cyber environment by building local defenses, sustaining itself and assured missions while fighting through attacks. Interoperability provides the way for cyber ecosystem participants to learn, collaborate and resist attacks by working together. Finally, a healthy cyber ecosystem needs authentication to build trust in transactions and other online decisions.

While there has been success in cleaning and restoring the physical ecosystem, the speed of cyber ecosystem evolutions lends urgency in innovating resolutions to the cyber ecosystem. With increased threats coming into our computers (antivirus companies reported a 139% increase of web malicious software in 2010), it is easy to see why we all need to help in cleaning our part of cyberspace. The most notable challenge of the cyber ecosystem is to show the cost of a cyber incident and lower the incentive for the attacker while raising the urgency for the user to comply with best practices and reduce the loss of intellectual property, privacy, confidence, opportunities, and essential services. As we celebrate Earth Day and work to improve the health of our physical ecosystem, think of how you can help to lower attacker success (improve the health) in our shared cyber ecosystem.

Kay Myers
Chief, Cyber Defense Division
EUCOM C3 System and Warfighting Integration Directorate
Twitter: @Cyber_Patriot