DOCSLIB.ORG

A Continuous Monitoring Framework to Manage Cybersecurity Against Insider Threats

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Continuous Monitoring Framework to Manage Cybersecurity Against Insider Threats A CONTINUOUS MONITORING FRAMEWORK TO MANAGE CYBERSECURITY AGAINST INSIDER THREATS by Behnam Shariati M.S. in Engineering Management, May 1998, The George Washington University A Dissertation submitted to The Faculty of The School of Engineering and Applied Science of The George Washington University in partial fulfillment of the requirements for the degree of Doctor Philosophy August 31, 2016 Dissertation directed by E. L. Murphree Jr. Professor Emeritus of Engineering Management and Systems Engineering The School of Engineering and Applied Science of The George Washington University certifies that Behnam Shariati has passed the Final Examination for the degree of Doctor of Philosophy as of August 15, 2016. This is the final and approved form of the dissertation. A CONTINUOUS MONITORING FRAMEWORK TO MANAGE CYBERSECURITY AGAINST INSIDER THREATS Behnam Shariati Dissertation Research Committee: E. L. Murphree, Professor Emeritus of Engineering Management and Systems Engineering, Dissertation Director Thomas Andrew Mazzuchi, Professor of Engineering Management and Systems Engineering and of Decision Sciences, Committee Member Shahram Sarkani, Professor of Engineering Management and Systems Engineering, Committee Member Bhagirath Narahari, Professor of Computer, Committee Member Michael J. Stone, Senior Security Engineer, NIST/ National Cybersecurity Center of Excellence, Committee Member ii Acknowledgment First and foremost, I would like to express the deepest appreciation to everyone in my committee. I would like to gratefully and sincerely thank Dr. Murphree for his guidance, understanding and patience. His mentorship was paramount in completing this dissertation. I also would like to express my deepest gratitude to Dr. Mazzuchi for his support and encouragement throughout my studies. Without his incredible leadership and timely wisdom this dissertation would not have been possible. In addition, my appreciation to Dr. Sarkani, Dr, Narahari and Mr. Stone for having served on my committee, their thoughtful questions and suggestions were valued gratefully. This dissertation is dedicated to memory of my parents, you are in my heart and... Tamom Shod. Also special thanks to Kayko, yes it did happened. To the most important individuals in my life, A1 & A2 sometimes in the future you may read this work, so you should know this; that I never give up and I hope you both do the same and never give up in life and follow your dreams (Eshghe mani). I would also like to wish my deepest and sincere appreciation to RRR, who was instrumental in getting me started and without his help I wouldn’t have been successful, I am sincerely grateful Robert. I dreamt of this day when I was sixteen years old, it has been a long journey but it has finally concluded successfully. Thank you all. iii Abstract of Dissertation A CONTINUOUS MONITORING FRAMEWORK TO MANAGE CYBERSECURITY AGAINST INSIDER THREATS In today’s “Cyber-Society,” an enterprise faces numerous Cybersecurity challenges as Cybercriminals, hackers, and insider threats constantly threaten to compromise the Confidentiality, Integrity, and Availability (CIA) of the enterprise’s assets and data. This research presents a Dynamic Framework system that has a proactive security concept as opposed to the traditional reactive approach. This Dynamic Framework system minimizes the risks that Cybercriminals, hackers, and insider threats pose to an enterprise’s CIA. The Dynamic Framework system is mapped to the National Institute of Standards and Technology’s (NIST) Risk Framework (RF), is designed based on three functional Controls (Preventive, Detective and Corrective), enables an enterprise to develop a healthier Cyber Hygiene (CH) through continuous monitoring of its assets, and is capable of ensuring a proper alignment between the business functionality and Cybersecurity missions of an enterprise. Furthermore, although the Dynamic Framework system was developed based the Financial Services Sector’s vulnerabilities, its functionality applies to all enterprises. This research recognizes that the current Cybersecurity practices are insufficient to prevent a Cyber-Attack, respond to a Cyber-Attack, and, most importantly, remain resilient during a Cyber-Attack. The purpose of the Dynamic Framework system is to recommend a new and near-future Cyber-Ecosystem (CE), which an enterprise in the Financial Services Sector, or other sectors, can use to improve its security posture. iv Table of Contents Acknowledgment ...................................................................................................................................... iii Abstract of Dissertation ....................................................................................................................... iii Table of Contents ........................................................................................................................................ v List of Figures............................................................................................................................................. vii List of Tables.................................................................................................................................................ix List of Abbreviations ................................................................................................................................ x List of Terms/Glossary..........................................................................................................................xv Chapter 1. Introduction .......................................................................................................................... 1 1.1 Overview ............................................................................................................................................... 1 1.2 Research Contributions.................................................................................................................. 5 1.3 Significance .......................................................................................................................................... 6 1.4 Limitations .........................................................................................................................................11 1.5 Organization of the Document ..................................................................................................12 Chapter 2. Literature Review ........................................................................................................... 14 2.1 Overview .............................................................................................................................................14 2.2 Executive Order 13636 – Improving Critical Infrastructure Cybersecurity.........14 2.3 Current Cybersecurity Practices in Industry ......................................................................16 2.4 The NICE - Financial Services Sector-Specific Plan ..........................................................19 2.4.1 Sector-Specific Agency ..............................................................................................................20 2.4.2 Sector Goals and Objectives......................................................................................................21 2.4.3 Asset, System, and Network Identification............................................................................22 2.4.4 The Financial Services Sector Vulnerabilities ......................................................................24 2.5 NIST Special Publication 800-53 Revision 4 .......................................................................25 2.5.1 Applicability..................................................................................................................................27 2.6 Framework for Improving Critical Infrastructure Cybersecurity ............................28 2.6.1 Framework Core...........................................................................................................................29 2.6.2 Framework Implementation Tiers............................................................................................31 2.6.3 Framework Profile .......................................................................................................................31 2.6.4 Applicability..................................................................................................................................32 2.7 Review of Current Situational Awareness ...........................................................................32 2.8 Importance of Situational Awareness in Cybersecurity ................................................34 Chapter 3. Framework ......................................................................................................................... 37 3.1 Overview .............................................................................................................................................37 3.2 Framework Architecture .............................................................................................................37 3.3 Dynamic Framework Pre-Conditions.....................................................................................40 3.4 Dynamic Framework System Modules ..................................................................................43 3.5 Identity Management (IM) Module .........................................................................................45
Load more

Recommended publications
  • Nina Koennemann Bann They Come from Behind the Wall: the So-Called Smokers. Nina Koennemann Observes Them As If They Were the La
    Films & Windows I-IV 07.06. - 25.08. 2012 Films & Windows (IV) Nina Koennemann & Flame Opening Reception: 09.08.2012 / 19.00 - 22.00 CET Nina Koennemann Bann They come from behind the wall: the so-called smokers. Nina Koennemann observes them as if they were the last - or newly discovered - specimens of their kind. Their shoes, their lair, the way in which they separate ash from ember and how they dispose of waste. The traces that they leave behind in the cityscape; a cityscape in which they them- selves appear only in traces. A granite block and a film frame, in which visible and invisible dividing lines of the various quadrants, zones and outskirts overlap each other, forming the city as a semi-transparent area. The era of the cigarette, which began with the rise of industrial production and mass consumption, their ordering of time into brief intervals-the length of a smoke-is shown here entering its last phase. The semi-worldliness of smoking, last bound to bars and juke joints, finds the reverberation of a waking dream in the reflections of people, their body parts and passenger cars in the granite surface. This can mean the bisection of the world in the exact doubling of the material factors, or it's interpreted as a means of escape, an extension of space. -Katha Schulte Flame In May 2012 over a thousand computers in countries in the Middle East were infected by Flame malware. The virus is the latest in a series of cyberweapons (following Stuxnet in 2010, Duqu in 2011 and Mahdi in February 2012) and, because of its large and expensive scale, is speculated to be designed by governments for espionage purposes rather than hacker or cybercriminal activity.
    [Show full text]
  • An Information Security Framework for Web Services in Enterprise Networks
    AN INFORMATION SECURITY FRAMEWORK FOR WEB SERVICES IN ENTERPRISE NETWORKS A THESIS SUBMITTED TO THE GRADUATE SCHOOL OF INFORMATICS THE MIDDLE EAST TECHNICAL UNIVERSITY BY BAHADIR GÖKHAN SARIKOZ IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF SCIENCE IN THE DEPARTMENT OF INFORMATION SYSTEM JANUARY 2015 AN INFORMATION SECURITY FRAMEWORK FOR WEB SERVICES IN ENTERPRISE NETWORKS Submitted by Bahadır Gökhan Sarıkoz in partial fulfilment of the requirements for the degree of Master of Science in Information Systems, Middle East Technical University by, Prof. Dr. Nazife Baykal Director, Informatics Institute Prof. Dr. Yasemin Yardımcı Çetin Head of Department, Information Systems Assoc. Prof. Dr. Banu Günel Supervisor, Information Systems, METU Examining Committee Members: Prof. Dr. Nazife Baykal IS, METU Assoc. Prof. Dr. Banu Günel IS, METU Prof. Dr. Şeref Sağıroğlu CENG, Gazi University Assist. Prof. Dr. Pekin Erhan Eren IS, METU Dr. Buğra Karabey META, Microsoft Date: June 21, 2015 I hereby declare that all information in this document has been obtained and presented in accordance with academic rules and ethical conduct. I also declare that, as required by these rules and conduct, I have fully cited and referenced all material and results that are not original to this work. Name, Surname: Bahadır Gökhan Sarıkoz Signature: iii ABSTRACT AN INFORMATION SECURITY FRAMEWORK FOR WEB SERVICES IN ENTERPRISE NETWORKS Sarıkoz, Bahadır Gökhan M.S., Department of Information Systems Keywords: Web Services, Cyber Security, Security Modeling, Security Controls, Security Measurement. Supervisor: Assoc. Prof. Dr. Banu GÜNEL January 2015, 197 pages Web Service, an open standard based on existing Internet protocols, provides a flexible solution to web application integration.
    [Show full text]
  • Bakalářská Práce 2013
    Masarykova univerzita Filozofická fakulta Ústav české literatury a knihovnictví Kabinet informa čních studií a knihovnictví Bakalá řská diplomová práce 2013 Alena Brožová Masarykova univerzita Filozofická fakulta Kabinet informa čních studií a knihovnictví Informa ční studia a knihovnictví Alena Brožová AntiSec: hacktivistická kampa ň za svobodu na internetu Bakalá řská diplomová práce Vedoucí práce: PhDr. Pavla Ková řová 2013 Prohlašuji, že jsem diplomovou práci vypracovala samostatn ě s využitím uvedených pramen ů a literatury. …………………………………………….. Podpis autora práce Zde bych cht ěla pod ěkovat vedoucí práce PhDr. Pavle Ková řové za pomoc a cenné rady v pr ůběhu tvorby bakalá řské diplomové práce. Bibliografický záznam BROŽOVÁ, Alena. AntiSec: hacktivistická kampa ň za svobodu na internetu . Brno: Masarykova univerzita, Filozofická fakulta, Ústav české literatury a knihovnictví, Kabinet informa čních studií a knihovnictví, 2013, 59 s. Vedoucí bakalá řské práce PhDr. Pavla Ková řová. Anotace Bakalá řská diplomová práce „AntiSec: hacktivistická kampa ň za svobodu na internetu“ se zabývá hackerskými útoky v rámci operace AntiSec, které byly uskute čněny pod záštitou propagace svobodného internetu, svobody informací a svobody projevu. Práce se zabývá etickou oprávn ěností provedení útok ů v souvislosti s pravidly definovaných etických teorií a kodex ů. Pro toto hodnocení jsou využity principy dimenzionální analýzy. Výsledkem práce je souhrn informací o prob ěhnuté operaci s důrazem na eti čnost provedených útok ů. Annotation Bachelor thesis „AntiSec: hacktivism campaign for freedom on the internet“ deals with hacker attacks in Operation AntiSec which were made under the auspices of promoting free internet, freedom of information and freedom of expression. The work deals with the ethical legitimacy of carrying out attacks in relation to the rules of defined ethical theories and codes.
    [Show full text]
  • Commander Cialis
    E­Paper | Today's Paper | SmartInvestor.in | B2B Connect | Apps | BS Products Sign in | Register Thursday, January 15, 2015 | 06:40 PM IST News Stock Quote Authors Advanced Search Home Markets Companies Opinion Politics Technology Specials Personal Finance Portfolio My Page Overview News Features Gadgets & Gizmos People Personal Technology Technology » Columns » Columns Emerging global cyberlaw trends in 2014 2014 was the year when dark web started emerging, primarily due to the iCloud hacking of celebrities' pictures Pavan Duggal January 5, 2015 Last Updated at 13:37 IST Add to My Page Related News Careless and online Keeping it safe Should you worry about the Gmail hack? Now, Ankit Fadia plans to pen a fiction novel Is India prepared to tackle a Sony like cyber attack? Globally, the year 2014 was a year that was dedicated to cybercrimes and hacking. In fact, cybercrime as a phenomenon loomed large and predominant on the firmament of cyberspace landscape. Looking at the predominant events that happened in 2014 across the world, one gets an intrinsic feeling that the year 2014 was a year to remind the world that cyber criminal activities and breaches of cybercrime are going to be an integral part of our day­to­day lives. Seen from another perspective, the predominant existing landscape also demonstrates an ongoing struggle between the digital haves and the digital have­nots. The worlds saw one of the biggest hacking attacks in the form of Sony hacking. In the said case, hackers reportedly infiltrated the computer network of Sony Pictures Entertainment, a major Hollywood movie studio.
    [Show full text]
  • الجريمة اإللكرتونية يف املجتمع الخليجي وكيفية مواجهتها Cybercrimes in the Gulf Society and How to Tackle Them
    مسابقة جائزة اﻷمير نايف بن عبدالعزيز للبحوث اﻷمنية لعام )2015م( الجريمة اﻹلكرتونية يف املجتمع الخليجي وكيفية مواجهتها Cybercrimes in the Gulf Society and How to Tackle Them إعـــــداد رامـــــــــــــي وحـــــــــــــيـد مـنـصــــــــــور باحـــــــث إســـتراتيجي في الشــــــئون اﻷمـــنـــية واﻻقتصـــــــــاد الســــــــياسـي -1- أ ت جملس التعاون لدول اخلليج العربية. اﻷمانة العامة 10 ج إ الجريمة اﻹلكترونية في المجتمع الخليجي وكيفية مواجهتها= cybercrimes in the Gulf:Society and how to tackle them إعداد رامي وحيد منصور ، البحرين . ـ الرياض : جملس التعاون لدول اخلليج العربية ، اﻷمانة العامة؛ 2016م. 286 ص ؛ 24 سم الرقم املوحد ملطبوعات اجمللس : 0531 / 091 / ح / ك/ 2016م. اجلرائم اﻹلكرتونية / / جرائم املعلومات / / شبكات احلواسيب / / القوانني واللوائح / / اجملتمع / مكافحة اجلرائم / / اجلرائم احلاسوبية / / دول جملس التعاون لدول اخلليج العربية. -2- قائمة املحتويات قائمة احملتويات .......................................................................................................... 3 قائمــة اﻷشــكال ........................................................................................................10 مقدمــة الباحــث ........................................................................................................15 مقدمة الدراســة .........................................................................................................21 الفصل التمهيدي )اﻹطار النظري للدراسة( موضوع الدراســة ...................................................................................................... 29 إشــكاليات الدراســة ................................................................................................
    [Show full text]
  • Geneva Information Security Day
    Geneva Information Security Day 17 September 2013 ©2011 High-Tech Bridge SA – www.htbridge.ch # whoami Frédéric BOURLA Chief Security Specialist Head of Ethical Hacking & Computer Forensics Departments High-Tech Bridge SA ~13 years experience in Information Technologies GXPN, LPT, CISSP, CCSE, CCSA, ECSA, CEH, eCPPT GREM, CHFI RHCE, RHCT, MCP [[email protected]] ©2011 High-Tech Bridge SA – www.htbridge.ch # readelf prez Slides in English. Talk in French. 3 rounds of 20’ [not including Q&A] focused on the offensive angle. No need to take notes, the whole slides and demos will be published on High-Tech Bridge website. Given the very short time and the heterogeneous attendees, slides will not dive to far in the technique. Nevertheless, I will also publish an additional low level and step by step guide for all of you who may be interested by the technical part of those hacking principles. ©2011 High-Tech Bridge SA – www.htbridge.ch # readelf prez The first two parts are server-side oriented, whereas the third one focuses on client-side attacks. If you missed previous conferences, you can learn more on server-side attacks here: https://www.htbridge.com/publications/frontal_attacks_fro m_basic_compromise_to_advanced_persistent_threat.ht ml And here are the slides which introduced client-side attacks: https://www.htbridge.com/publications/client_side_threat s_anatomy_of_reverse_trojan_attacks.html ©2011 High-Tech Bridge SA – www.htbridge.ch Table of contents 0x00 - About me 0x01 - About this conference 0x02 - Round 1: Web Servers vs. SQL Injections 0x03 - Round 2: Web Servers vs. Blind SQL Injections 0x04 - Round 3: Web Users vs. Cross-Site Scripting 0x05 - Conclusion ©2011 High-Tech Bridge SA – www.htbridge.ch SQL Injection On 5th February 2011, the security firm HBGary was compromised by LulzSec using a SQL Injection in their CMS-driven website.
    [Show full text]
  • Reporting, and General Mentions Seem to Be in Decline
    CYBER THREAT ANALYSIS Return to Normalcy: False Flags and the Decline of International Hacktivism By Insikt Group® CTA-2019-0821 CYBER THREAT ANALYSIS Groups with the trappings of hacktivism have recently dumped Russian and Iranian state security organization records online, although neither have proclaimed themselves to be hacktivists. In addition, hacktivism has taken a back seat in news reporting, and general mentions seem to be in decline. Insikt Group utilized the Recorded FutureⓇ Platform and reports of historical hacktivism events to analyze the shifting targets and players in the hacktivism space. The target audience of this research includes security practitioners whose enterprises may be targets for hacktivism. Executive Summary Hacktivism often brings to mind a loose collective of individuals globally that band together to achieve a common goal. However, Insikt Group research demonstrates that this is a misleading assumption; the hacktivist landscape has consistently included actors reacting to regional events, and has also involved states operating under the guise of hacktivism to achieve geopolitical goals. In the last 10 years, the number of large-scale, international hacking operations most commonly associated with hacktivism has risen astronomically, only to fall off just as dramatically after 2015 and 2016. This constitutes a return to normalcy, in which hacktivist groups are usually small sets of regional actors targeting specific organizations to protest regional events, or nation-state groups operating under the guise of hacktivism. Attack vectors used by hacktivist groups have remained largely consistent from 2010 to 2019, and tooling has assisted actors to conduct larger-scale attacks. However, company defenses have also become significantly better in the last decade, which has likely contributed to the decline in successful hacktivist operations.
    [Show full text]
  • Turkey Under Cyber Fire
    TURKEY UNDER CYBER FIRE The theater of cyberwar is changing and evolving by the minute. New threats, new attacks, and new actors are emerging daily, with Turkey likely being both the target and the attacker in many cyber attacks. Its young population, the nation’s increasing use of technology, and growing nationalist ideas could place Turkish hackers as one of the main actors in the global cyberwar. However, a number of factors could doom Turkey to only have several different cyber militias rather than a well organized cyber army. Attacks targeting Turkey and the region could speed up the organization of such cyber attack capabilities. Alper Başaran* Spring 2017 * Alper Başaran is the Founder of Garnizon Bilgi Guvenligi, a company specialized in penetration testing and cybersecurity consulting services working with government agencies and enterprises in Turkey. 95 VOLUME 16 NUMBER 1 ALPER BAŞARAN yber attacks have become part of our daily lives. The last great offen- sive occurred on 12 May 2017 in a global attack that compromised over a quarter million computers worldwide. A ransomware (a mali- C cious software that encrypts files on the computer it infects and asks for money to decrypt them) caused delays on German railways, almost halted the UK’s National Health Services, and stopped production in some major French fac- tories. This scenario unfolded on a global scale within a few hours.1 This ransomware was built using an exploit developed by the National Security Agency (NSA) and was leaked by Wikileaks, both of which are key actors in the current arena of cyber warfare.
    [Show full text]
  • A Survey on Smartphones Security: Software Vulnerabilities, Malware, and Attacks
    (IJACSA) International Journal of Advanced Computer Science and Applications Vol. 8, No. 10, 2017 A Survey on Smartphones Security: Software Vulnerabilities, Malware, and Attacks Milad Taleby Ahvanooey*, Prof. Qianmu Li*, Mahdi Rabbani, Ahmed Raza Rajput School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing, P.O. Box 210094 P.R. China. Abstract—Nowadays, the usage of smartphones and their desktop usage (desktop usage, web usage, overall is down to applications have become rapidly popular in people’s daily life. 44.9% in the first quarter of 2017). Further, based on the latest Over the last decade, availability of mobile money services such report released by Kaspersky on December 2016 [3], 36% of as mobile-payment systems and app markets have significantly online banking attacks have targeted Android devices and increased due to the different forms of apps and connectivity increased 8% compared to the year 2015. In all online banking provided by mobile devices, such as 3G, 4G, GPRS, and Wi-Fi, attacks in 2016, have been stolen more than $100 million etc. In the same trend, the number of vulnerabilities targeting around the world. Although Android OS becomes very popular these services and communication networks has raised as well. today, it is exposing more and more vulnerable encounter Therefore, smartphones have become ideal target devices for attacks due to having open-source software, thus everybody malicious programmers. With increasing the number of can develop apps freely. A malware writer (or developer) can vulnerabilities and attacks, there has been a corresponding ascent of the security countermeasures presented by the take advantage of these features to develop malicious apps.
    [Show full text]
  • WORLD WAR C : Understanding Nation-State Motives Behind Today’S Advanced Cyber Attacks
    REPORT WORLD WAR C : Understanding Nation-State Motives Behind Today’s Advanced Cyber Attacks Authors: Kenneth Geers, Darien Kindlund, Ned Moran, Rob Rachwald SECURITY REIMAGINED World War C: Understanding Nation-State Motives Behind Today’s Advanced Cyber Attacks CONTENTS Executive Summary ............................................................................................................................................................................................................................................................................................................... 3 Introduction ............................................................................................................................................................................................................................................................................................................................................... 4 A Word of Warning ................................................................................................................................................................................................................................................................................................................. 5 The FireEye Perspective ...........................................................................................................................................................................................................................................................................................
    [Show full text]
  • Ethical Hacking
    Ethical Hacking Alana Maurushat University of Ottawa Press ETHICAL HACKING ETHICAL HACKING Alana Maurushat University of Ottawa Press 2019 The University of Ottawa Press (UOP) is proud to be the oldest of the francophone university presses in Canada and the only bilingual university publisher in North America. Since 1936, UOP has been “enriching intellectual and cultural discourse” by producing peer-reviewed and award-winning books in the humanities and social sciences, in French or in English. Library and Archives Canada Cataloguing in Publication Title: Ethical hacking / Alana Maurushat. Names: Maurushat, Alana, author. Description: Includes bibliographical references. Identifiers: Canadiana (print) 20190087447 | Canadiana (ebook) 2019008748X | ISBN 9780776627915 (softcover) | ISBN 9780776627922 (PDF) | ISBN 9780776627939 (EPUB) | ISBN 9780776627946 (Kindle) Subjects: LCSH: Hacking—Moral and ethical aspects—Case studies. | LCGFT: Case studies. Classification: LCC HV6773 .M38 2019 | DDC 364.16/8—dc23 Legal Deposit: First Quarter 2019 Library and Archives Canada © Alana Maurushat, 2019, under Creative Commons License Attribution— NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) https://creativecommons.org/licenses/by-nc-sa/4.0/ Printed and bound in Canada by Gauvin Press Copy editing Robbie McCaw Proofreading Robert Ferguson Typesetting CS Cover design Édiscript enr. and Elizabeth Schwaiger Cover image Fragmented Memory by Phillip David Stearns, n.d., Personal Data, Software, Jacquard Woven Cotton. Image © Phillip David Stearns, reproduced with kind permission from the artist. The University of Ottawa Press gratefully acknowledges the support extended to its publishing list by Canadian Heritage through the Canada Book Fund, by the Canada Council for the Arts, by the Ontario Arts Council, by the Federation for the Humanities and Social Sciences through the Awards to Scholarly Publications Program, and by the University of Ottawa.
    [Show full text]
  • Cyber-Enabled Information Operations
    S. HRG. 115–426 CYBER–ENABLED INFORMATION OPERATIONS HEARING BEFORE THE SUBCOMMITTEE ON CYBERSECURITY OF THE COMMITTEE ON ARMED SERVICES UNITED STATES SENATE ONE HUNDRED FIFTEENTH CONGRESS FIRST SESSION April 27, 2017 Printed for the use of the Committee on Armed Services ( Available via the World Wide Web: http://www.Govinfo.gov/ U.S. GOVERNMENT PUBLISHING OFFICE 34–175 PDF WASHINGTON : 2019 VerDate Nov 24 2008 11:34 Jan 17, 2019 Jkt 000000 PO 00000 Frm 00001 Fmt 5011 Sfmt 5011 C:\USERS\WR47328\DESKTOP\34175.TXT WILDA COMMITTEE ON ARMED SERVICES JOHN MCCAIN, Arizona, Chairman JAMES M. INHOFE, Oklahoma JACK REED, Rhode Island ROGER F. WICKER, Mississippi BILL NELSON, Florida DEB FISCHER, Nebraska CLAIRE MCCASKILL, Missouri TOM COTTON, Arkansas JEANNE SHAHEEN, New Hampshire MIKE ROUNDS, South Dakota KIRSTEN E. GILLIBRAND, New York JONI ERNST, Iowa RICHARD BLUMENTHAL, Connecticut THOM TILLIS, North Carolina JOE DONNELLY, Indiana DAN SULLIVAN, Alaska MAZIE K. HIRONO, Hawaii DAVID PERDUE, Georgia TIM KAINE, Virginia TED CRUZ, Texas ANGUS S. KING, JR., Maine LINDSEY GRAHAM, South Carolina MARTIN HEINRICH, New Mexico BEN SASSE, Nebraska ELIZABETH WARREN, Massachusetts LUTHER STRANGE, Alabama GARY C. PETERS, Michigan CHRISTIAN D. BROSE, Staff Director ELIZABETH L. KING, Minority Staff Director SUBCOMMITTEE ON CYBERSECURITY MIKE ROUNDS, South Dakota, Chairman DEB FISCHER, Nebraska BILL NELSON, Florida DAVID PERDUE, Georgia CLAIRE MCCASKILL, Missouri LINDSEY GRAHAM, South Carolina KIRSTEN E. GILLIBRAND, New York BEN SASSE, Nebraska RICHARD BLUMENTHAL, Connecticut (II) VerDate Nov 24 2008 11:34 Jan 17, 2019 Jkt 000000 PO 00000 Frm 00002 Fmt 0486 Sfmt 0486 C:\USERS\WR47328\DESKTOP\34175.TXT WILDA C O N T E N T S APRIL 27, 2017 Page CYBER-ENABLED INFORMATION OPERATIONS .........................................................
    [Show full text]