 The Global Cyber Threat Environment, Module 1. Objectives Once you have completed the readings, lecture, activity, and assessment, you will be able to list the United States four major cyber adversaries. Define Advanced Persistent Threat. Welcome to the Global Cyber Threat Environment, Module 1. During this course, we will look at the United States' most formidable cyberspace adversaries as well as non-state actors on the cyber threat landscape. In this module, we will summarize the threats of our major cyber enemies. Most intelligence experts assess the United States' greatest cyberspace threats to be Russia, China, Iran, and North Korea, with each having its own offensive capabilities to affect various outcomes. Russia possesses numerous cyber tools but focuses largely on information operations or techniques of deception and psychological operations, such as dissemination of propaganda to disrupt an adversary's ability to make logical informed decisions. China, on the other hand, uses cyber capabilities to commit espionage or the theft of information from governmental or corporate databases, often for economic or military advantage. Although Iran is not as capable as Russia or China in terms of cyber capabilities, the country is quickly catching up. Strict economic sanctions prevented Iran from obtaining advanced computing technology for many years. However, the sanctions regime ended in January 2016, and Iran may now make enormous strides in its capability to conduct cyber attacks. One area of particular interest to Iran seems to be breaching adversaries' industrial control systems. This is likely due to the country's own victimization by the Stuxnet worm in 2009, which affected an industrial control system at one of Iran's nuclear facilities. North Korea likely has the least cyber capability of the four countries just mentioned, although it has managed to wreak havoc on several U.S. corporations. In 2014, for example, North Korea launched a devastating cyber attack against Sony Pictures, after threatening Sony not to release the motion picture comedy The Interview, which was highly critical of North Korea's leader. Unlike Russia, China, and to a certain extent, Iran, North Korea employs its cyber capabilities to gain respect from the international community. This allows North Korea to punch above its weight, for instance, as it has been largely marginalized by the international community. China and Russia are believed to have initiated cyber technology research programs after witnessing the United States' quick victory over Iraq in the 1991 Gulf War. Both China and Russia were shocked and awed by the United States' sophisticated computer-enabled military operations. China was especially concerned with the United States' ability to wage such high-tech war, particularly because China's military relied on more primitive technology similar to Iraq's. Both China and Russia subsequently initiated long-range strategic development programs to upgrade their military capabilities, with the goal of creating their own net-centric militaries. Even as it ramped up technologies, however, China believed that the United States had become over-reliant on technology, and began research on how to asymmetrically exploit and disrupt this over-reliance. Russia, China, Iran, and North Korea have varying degrees of capability and technological know-how, but each generally organizes its cyber efforts, whether for disruption or theft of information, into advanced persistent threats, or APTs. Depending on the size of the effort, dozens or even hundreds of computer experts may be found in the same office building, all with the same express mission, for the sake of efficiency and unity of effort. For instance, China's APT, Byzantine Hades, may have succeeded in stealing classified designs of the United States F-35 fighter jet. These efforts by China to steal advanced military technology makes sense, as China aims to reach military parity with the United States by 2050. Although this course focuses on Russia, China, Iran, and North Korea, we will also address such non-state actors as international cyber-criminal syndicates and terrorist organizations. Organized cyber-criminal organizations are quickly gaining capabilities that only nation states were thought to possess a few years ago. We will also cover some theories about how threat actors may be deterred in cyberspace, although as you will see, a deterrence doctrine for cyberspace is still early in the making. Some notes about the logistics of this course. The textbook for this course is Introduction to Cyberwarfare, a multi-disciplinary approach. In addition, suggestions for related academic journal articles may be provided in some modules. Most modules will open with a statement of student learning outcomes, followed by a short lecture. You will then have the opportunity to answer quiz questions related to the material, as well as view the answers to those questions. Finally, the module may include an activity to integrate the material more effectively. If you have been assigned to take this course as part of an official training program, your instructor may ask that you submit your quiz or activity responses for grading or credit. Now let's get to the meat of the course. Continue this module and progress through the course's additional modules for successful completion. Quiz Question 1. Which of the following nation-states is not considered to be among our most formidable nation-state adversaries? A. Afghanistan, B. Iran, C. Russia, D. China, E. North Korea? The answer is A. Afghanistan. Quiz Question 2. An advanced persistent threat, APT, can best be described as which of the following? A. A highly organized, continuous process of computer hacking, often orchestrated by a nation-state or highly sophisticated criminal entity for the purpose of targeting a specific type of information or person for exploitation. B. A type of malware that is able to take mere images of specific computer networks. C. A type of logic bomb invented by the U.S. military. D. A strategic threat posed by one of the U.S.'s major adversaries that has the potential to disrupt the majority of industrial production in the country. The answer is A. A highly organized, continuous process of computer hacking, often orchestrated by a nation-state or highly sophisticated criminal entity for the purpose of targeting a specific type of information or person for exploitation. C. Activity, provide a one-page reflection about your current level of knowledge about the United States' four major cyber adversaries, including such things as their system of government, human rights record, technology development, history with the United States. Save your reflection to compare and contrast your thoughts at the end of this course.