[Log In] []

Exploring the science and magic of Identity and Access Management
Friday, March 29, 2024

DoD Strategy for Operating in Cyberspace

Information Security
Author: Mark Dixon
Thursday, July 14, 2011
10:28 pm

Today, the US Department of Defense released a highly-anticipated document, entitled, “Department of Defense Strategy for Operating in Cyberspace.”

I think this comment from a Pentagon official goes right to the heart of the issue:

“The department and the nation have vulnerabilities in cyberspace. Our reliance on cyberspace stands in stark contrast to the inadequacy of our cybersecurity.”

High reliance on cyberspace + low confidence in our ability to cope with bad guys = a dangerous combination.

I haven’t read the paper yet, but will comment more when I do.  The topic is both scary and intellectually stimulating to me. Perhaps I should enlist and ask to be assigned to the Cyber Command.

Oh, by the way, is it only coincidence that Iran recently launched their own Cyber Command?  I think not.

Comments Off on DoD Strategy for Operating in Cyberspace . Permalink . Trackback URL
 

Encryption Games at the Cyber Command

General
Author: Mark Dixon
Thursday, July 15, 2010
7:05 pm

It is was fitting today that as I studied the subject of encryption in preparation for my CISSP exam, I stumbled upon information about the newly-formed United States Cyber Command, a US armed forces sub-command subordinate to United States Strategic Command. The command was officially activated May 21, 2010 and is slated to reach fully operational readiness by October 2010.

The Cyber Command:

“ … plans, coordinates, integrates, synchronizes and conducts activities to direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries."

Defense Secretary Robert Gates, stated in the official June 23rd announcement:

“Cyberspace and its associated technologies offer unprecedented opportunities to the United States and are vital to our nation’s security and, by extension, to all aspects of military operations. Yet our increasing dependency on cyberspace, alongside a growing array of cyber threats and vulnerabilities, adds a new element of risk to our national security. To address this risk effectively and to secure freedom of action in cyberspace, the Department of Defense requires a command that possesses the required technical capability and remains focused on the integration of cyberspace operations.”

OK.  This sounds like a good thing to do.  But what was really intriguing and fitting for me today was to learn that the command’s handsome new emblem contains an encrypted message its inner gold ring: 9ec4c12949a4f31474f299058ce2b22a.

image

Can you figure out what it means?  The Wikipedia article for the command states:

“The text "9ec4c12949a4f31474f299058ce2b22a", which is located in the command’s emblem, is the MD5 hash of their mission statement.”

This is consistent with a statement from a command spokesman quoted in an article by John Cook of Yahoo! News.  However, something is not quite right.  John explained:

“We tried encrypting that entire statement using an MD5 hash generator, and we didn’t get a match to the logo code. So it looks like just a portion of the statement has been encoded.”

Wired Magazine has launched a contest to see who can crack to code.  Can you do it?  You can win a t-shirt from Wired or a ticket to the International Spy Museum.

Even better, rumor has it that the Cyber Command wants to hire 1,000 new cyber specialists over the next few years.  Maybe this game is part of the recruitment process.

Or … maybe this will remain another obscure mystery destined to someday being mentioned in a novel by Dan Brown.

Comments Off on Encryption Games at the Cyber Command . Permalink . Trackback URL
 
Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.