The battlefields of previous centuries bare little resemblance to the war taking place on the cyber front today. Tourists and historians alike continue to travel to places like Gettysburg in Pennsylvania or Bunker Hill Massachusetts to catch a glimpse (albeit a very different one) to where history had taken place all those years ago. In the not-so-distant future, some battlefields will be impossible to travel to and visit. This is almost exclusively due to the nature of the battles we fight in the 21st Century. There are no rolling hills of Gettysburg or sharp cliffs of Pointe-du-hoc on the cyber battlefield. There is only an endless stream of data which falls into the laps of analysts and cyber warriors.
This endless flow of information, IP addresses, metadata, and encryption all leads to one place: Fort Meade, Maryland. At the Integrated Cyber Center (ICC), analysts and experts from the NSA, U.S. Cyber Command (USCC), and the Central Security Service have the daunting task of sifting through this continuous stream of information. As noted in an NSA Press Release from May 2020, the ICC exists to “facilitate real-time coordination, deconfliction, and intelligence.” This joint unit of NSA personnel and DoD Cyber Soldiers from all military branches works in concert to achieve extremely important national security objectives.
Much like our universe, the Internet is constantly expanding and growing. Newly created small businesses hoping to break into their respective markets, citizen-led news agencies created to bypass biased media outlets, and veteran non-profits all encompass how the internet continues to grow. The examples just brought forward to illustrate this endless online growth all seem positive in nature and exist to benefit the population as a whole. That is undoubtedly the truth and should continue. However, just as these good-natured outlets are created, there are just as many illegally based or terrorist related web pages being created on a daily basis. Oftentimes, these bad-natured websites attempt to avoid being flagged and noted as malicious by disguising themselves. It is up to the Cyber Task Forces at Fort Meade to see through these layers of cyber-camouflage.
The concept of hiding messages inside metadata on websites and images has been widely used by nefarious actors following the “dot com boom” of the late 90s and the early 2000s. In layman’s terms, metadata is the miniscule bits of information that are attached to image files in order for the user (or the NSA data collector) to see where that image was taken (geotagging) or what device took the image. Terrorist organizations have frequently attempted to hide messages inside of metadata in order to send coordinating instructions to operational cells across the globe. In addition to hiding these messages, these actors will routinely use a cypher to add an additional layer of security to these messages. It is up to NSA Cryptographic Specialists to break these codes.
These commonly used tactics, techniques, and procedures (TTPs) are not limited to just terrorist related activities. Human traffickers, pedophile rings, and other secret societies continuously use methods such as these to obscure and hinder investigators tasked with stopping them. It is up to the professionals in the ICC at Fort Meade to peel apart the layers of disinformation and camouflage and find the true intentions of these malicious actors.
In many cases, the use of “white hats” has proven invaluable to the completion of this daunting task. According to Technopedia white hats can best be defined as “a computer security specialist who breaks into protected systems and networks to test and assess their security. White hat hackers use their skills to improve security by exposing vulnerabilities before malicious hackers (known as black hat hackers) can detect and exploit them. Although the methods used are similar, if not identical, to those employed by malicious hackers, white hat hackers have permission to employ them against the organization that has hired them.” Oftentimes, the experts in coding messages online formerly did so on the black hat side. Whether it be the growth of a conscience or the offer of more financial compensation for working alongside government agencies, these former black hats switch sides to assist our government in the apprehension and unmasking of these malicious groups.
The cyber battlefield is a fluid environment, as the NSA and DoD gain ground in one area their opponents will adapt accordingly. The ability to quickly assess shortfalls and fill gaps that can be taken advantage of will be an invaluable skill moving forward. Using real-time coordination, deconfliction and intelligence gathering, the men and women working at the ICC have made tremendous strides in this Cyber War. There is much work to do yet; this commonly seen quote from a well known team of specialists will conclude this introduction: “The Silent War Continues.”