The Cyber-Target listing process on tactical level
Abstract
The Cyber War involves actions that contribute to the achievement of military objectives, being necessary its integration in operational planning. Thus, this article aims to present a proposal for the Cyber-Target Listing methodology during the
Military Decision Making Process. Therefore, qualitative research with a descriptive character was developed and, bibliographical and documentary research was employed, besides the inductive method. The research was also oriented to understand the necessary adaptations to the targeting process adopted by the Brazilian military doctrine due to the peculiarities of the cyber operating environment. The selection of research sources was based on articles by authors of recognized importance in the literary and academic circles, as well as publications with a high number of citations or on current open sources available on electronic websites. Thus, the Cyber-Target Listing methodology presented allows overcoming the peculiarities of the cyberspace, through the use of auxiliary tools. Initially, cyberspace is evaluated from the perspective of the informational dimension, to facilitate the understanding of the operating environment and the identification of cyber targets in the theater of operations. The acquired targets are then analyzed using the MACE taxonomy. Finally, the targets identified in the previous phases are selected and prioritized using the CARVER method, producing the Cyber-Target List. In conclusion, the article presents the validity of the proposed method, as well as suggestions for future work.
the Cyber-Target List. In conclusion, the article presents the validity of the proposed method, as well as suggestions for future work.
Downloads
References
BERNIER, M. Military Activities and Cyber Effects (MACE) Taxonomy: TM 2013-226. Ottawa: DRDC CORA, 2013.
BRANDÃO, J. E. M. D. S.; IZYCKI, E. A. Poder Ofensivo no Espaço Cibernético. In: ANDRADE, I. D. O., et al. Desafios contemporâneos para o Exército Brasileiro. Brasília, DF: Ipea, 2019. cap. 10, p. 241-273. Disponível em:
BRASIL. Ministério da Defesa. Doutrina de Operações Conjuntas: MD30-M-01. Brasília, DF: Ministério da Defesa, 2011. v. 1.
BRASIL. Ministério da Defesa. Política de Defesa Cibernética: MD31-P-02. Brasília, DF: Ministério da Defesa, 2012.
BRASIL. Ministério da Defesa. Doutrina Militar de Defesa Cibernética: MD31-M-07. Brasília, DF: Ministério da Defesa, 2014.
EXÉRCITO BRASILEIRO. Estratégia: C-124. 3. ed. Brasília, DF: Estado-Maior do Exército, 2001.
EXÉRCITO BRASILEIRO. Processo de Planejamento e Condução das Operações Terrestres: EB20-MC-10.211. Brasília, DF: Estado-Maior do Exército, 2014.
EXÉRCITO BRASILEIRO. Fogos: EB20-MC-10.206. Brasília, DF: Estado-Maior do Exército, 2015.
EXÉRCITO BRASILEIRO. Guerra Cibernética: EB70-MC-10.232. Brasília, DF: Comando de Operações Terrestres, 2017a.
EXÉRCITO BRASILEIRO. Planejamento e Coordenação de Fogos: EB70-MC-10.346. Brasília, DF: Comando de Operações Terrestres, 2017b.
HUTCHINS, E. M.; CLOPPERT, M. J.; AMIN, R. M. Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. In: INTERNATIONAL CONFERENCE ON INFORMATION WARFARE AND SECURITY, 6., 2011, Washington, DC. Proceedings […]. p. 113-125. Disponível em:
INTERNATIONAL ORGANIZATION FOR STANDARDIZATION. ISO/IEC 27032: Information Technology - Security Techniques - Guidelines for Cybersecurity. Geneva: ISO/IEC, 2012.
SCHNAUBELT, C. M.; LARSON, E. V.; BOYER, M. E. Vulnerability Assessment Method Pocket Guide: a tool for center of gravity analysis. Santa Monica, CA: RAND Corporation, 2014. 142 p.
UNITED KINGDOM. Ministry of Defence. Cyber Primer. 2. ed. Swindon: Development, Concepts and Doctrine Centre of Ministry of Defence, 2016. Disponível em:
US ARMY. Cyberspace Operations Concept Capability Plan 2016-2028: TRADOC Pamphlet 525-7-8. Newport News: U.S. Army Capabilities Integration Center, 2010.
US ARMY. Intelligence Preparation of the Battlefield: ATP 2-01.3. Washington, DC: Department of the Army, 2019.
USA. Departament of Defense. Cyberspace Operations: JP 3-12. Washington: Departament of Defense, 2018.
