Systemic Methodology for Cyber Offense and Defense

Abstract

This paper describes a systemic method towards standardization of a cyber weapon effectiveness and effectiveness prediction process to promote consistency and improve cyber weapon system evaluation accuracy – for both offensive and defensive postures. The approach included theoretical examination of existing effectiveness prediction processes for kinetic and directed energy weapons, complemented with technical and social aspects of cyber realm. The examination highlighted several paradigm-shifts needed to transition from purely kinetic-based processes and transition into the realm of combined kinetic and cyber weapons. Components of the new method for cyber weapons are cyber payload assessment, effects identification, and target assessment. The ultimate outcome of method is the 'Probability of Kill' for a cyber weapon paired with a threat and within a given situation. This probability is a function of factors such as intelligence gathered on the latency of information, access points, hardware and software configurations, accuracy and completeness of network map, understanding of operations tempo; likelihood that vulnerabilities being exploited are patched and IT's ability to detect and respond to the delivery of the cyber payload; and probability that the payload will achieve the desired mission effects. Aside from the use of this method for offensive purposes, it can also be mirrored as cyber defense and can serve as basis for developing cyber defense strategies, such as focused counter intelligence on access points, hardware and software configurations, and network map and architecture, comprehensive patching to assure most current and complete patches are deployed, and well trained and equipped IT with ability to detect and respond to cyber payloads.