As per http://en.wikipedia.org/wiki/C4ISTAR
C2I stands for command, control, and intelligence.
C3I stands for command, control, communications, and intelligence.
C4I stands for command, control, communications, computers, and (military) intelligence.
C4ISTAR is the British acronym used to represent the group of the military functions designated by C4 (command, control, communications, computers), I (military intelligence), and STAR (surveillance, target acquisition, and reconnaissance) in order to enable the coordination of operations
I increasingly believe that cyber conflict will develop its own terminology and theory and paradigms in due time. In the meantime, it will adopt paradigms from existing military literature and adapt it to the unique sub culture of cyber conflict for both offensive, defensive as well as pre-emptive actions. Here I am theorizing for a case of targeted hacking attacks rather than massive attacks that bring down a website for a few hours and achieve nothing but a few press headlines . I would also theorize on countering such attacks.
So what would be the C4ISTAR for –
1) Media company supporting SOPA/PIPA/Take down Mega Upload-
Command and Control refers to the ability of commanders to direct forces-
This will be the senior executives including the members of board, legal officers, and public relationship/marketing people. Their name is available from corporate websites, and social media scraping can ensure both a list of contact addresses (online) as well as biases for phishing /malware attacks. This could also include phone (flooding or voicemail hacking ) attacks , and attacks against the email server of the company rather than the corporate website.
Communications– This will include all online and social media channels including websites of the media company , but also those of the press relations firms handling communications , phones,websites- anything which the target is likely to communicate externally (and if possible internal communication)
Timing is everything- coordinating attacks immediately is juevenile, but it might be more mature to attack on vulnerable days like product launches or just before a board of directors meeting
Most corporates have an in-house research team, they can be easily targeted using social media channels, but also offline research and digging deep. Targeting intelligence corps of the target corporate is likely to produce a much better disruption. Eventually they can be persuaded to stop working for that corporate.
Computers– Anything that runs on electricity and can be disabled – should be disabled. This might require much more creativity than just flooding.
surveillance- This can be both online as well as offline, and would be of electronic assets, likely responses for the attack, and the key people who are to be disrupted.
target acquisition- at least ten people within each corporate can and should be ideally disrupted, rather than just the website. this would call for social media scraping, and prior planning. even email in-boxes can be disrupted (if all else fails)
study your target companies, target employees, and their strategies.
Then segment and prioritize in a list of matrix of 10 to 10, who is more vulnerable and who is more valuable to attack.
the C4ISTAR for -a hacker activist organization is much more complicated but forensics reveal that most hackers tend to leave a signature style (in terms of computers,operating systems,machine ids,communication, tools, or even port numbers used)
the best defense for a media rich company to prevent hacking attacks is to first identify its own C4ISTAR structure for its digital content strategy and then fortify as well as scrub vulnerabilities (including from online information regarding its own employees)
(to be continued)
One thought on “C4ISTAR for Hacking and Cyber Conflict”