Retired U.S. Navy Captain Scott Jasper is a Senior Lecturer at the National Security Affairs Department at the Naval Postgraduate School, specializing in defense strategy, hybrid warfare, and cyber policy. He received his Ph.D. from the University of Reading, U.K. He is the author of Russian Cyber Operations: Coding the Boundaries of Conflict (Georgetown University Press), Strategic Cyber Deterrence: The Active Cyber Defense Option (Rowman and Littlefield) and editor of Conflict and Cooperation in the Global Commons, Securing Freedom in the Global Commons, and Transforming Defense Capabilities: New Approaches for International Security. Scott has published chapters in various handbooks related to cybersecurity and articles in Strategic Studies Quarterly, Signal Magazine, United States Cybersecurity Magazine, the International Journal of Intelligence and CounterIntelligence, The National Interest, Small Wars Journal, and The Diplomat, and blog posts for The Conversation, the Atlantic Council, The Foreign Policy Research Institute, and Council on Foreign Relations. He has spoken on defense and cyber issues on national media outlets, like NPR, KCBS Radio SF, and The First TV, and provided commentary in international newspapers, such as The Los Angeles Times, Daily Express UK, French daily Libération, and S&P Global Market Intelligence.
My publications stress the need to adopt cloud-centric cyber defense capabilities. For reference, a Joint Cybersecurity Advisory released in April 2022 on Russian State-Sponsored and Criminal Cyber Threats to Criminal Infrastructure recommends use of endpoint detection and response (EDR) tools to identify, detect and investigate abnormal activity. AI-powered versions of those devices using models created in Machine Learning environments can prevent weaponized files and malicious scripts. For example, the BlackCat ransomware group, linked to Russian-based DarkSide that attacked Colonial Pipeline a year ago, leverages PowerShell and Batch scripts to deploy ransomware and compromise additional hosts.
Russia has used disinformation on social media to sow discord and divide our society in recent elections. Their cyber units in the 2020 Presidential election did not repeat the hack and leak pattern seen four years prior. Instead, Russia stole information useful for foreign policy interests. Yet more concerning for national security was the SolarWinds campaign by the Russian Foreign Intelligence Service revealed the month after the election. They compromised the global technology supply chain to infect roughly eighteen thousand SolarWind customers with malware. The threat posed a grave risk to the federal government, critical infrastructure entities and private sector organizations.
Researchers have illustrated how AI technologies can enhance cyber operations along every step of the attack sequence, to include in the MITRE ATT&CK framework recognized by the federal government and cybersecurity industry. Russia and China have prioritized so far, the use of AI technologies in their aerial, ground, and maritime weapon systems for potential autonomous operations. While the US DOD Responsible AI Strategy emphasizes the mandate to design AI capabilities to fulfill intended functions, with the ability to detect and avoid unintended consequences.
Concur that strategic competitors continue to challenge or violate the rules-based international order. The innovation and adoption of new technologies by the Department of Defense, such as in our own hypersonic weapons, are necessary to deter these competitors from engaging in activity that would draw the United States into direct conflict.
The use of a CRADA (Cooperative Research and Development Agreement) is a great way to collaborate with industry. NPS recently announced a CRADA with Microsoft Corporation. I used a CRADA with Palo Alto Networks to explore the sufficiency of cloud-centric cyber defense capabilities to detect advance threats.
With my students, I stress innovation in warfighting domains to counter demonstrated and documented advances or attacks by our adversaries.
The most critical takeaway is a mindset to adapt to changing operational circumstances.
I teach analytical frameworks, such as the technical and legal framework in my Russian Cyber Operations: Coding the Boundaries of Conflict book that is enduring in value to understand how Russian cyber operations function in forms of conflict and competition.
The formulation of U.S. responses to strategic competitor cyber operations requires a thorough understanding of geopolitical ramifications. Students should understand how they embrace technical innovation and operational doctrine.
The defeat of their ambitions will take an aggressive approach that combines technical solutions for resilience with national-level methods for cost imposition.