When I had just started my dive into American culture, teachers told a story that New York City is called a melting pot. In this place, people with various backgrounds and cultures mix into a single entity with new and unique traits. Naval Postgraduate School demonstrated to me this remarkable phenomenon, providing an excellent place where students' diverse experiences and knowledgeable faculty yield and develop new ideas in a desire to bring a better and safer world for all of us.
My NPS education gives me the unique benefit of understanding any cyber-related problem from at least two angles. One perspective is based on knowledge gained at NPS. Another one comes from my experience gained during military service in Ukraine. Besides having a direct impact, it also enables additional friendship ties between the US and Ukraine, which is crucial in the sophisticated cyber world.
The idea came from my experience and belief that strong cyber defenses must be based on knowledge about cyber threat actors. It is similar to conventional warfare, where the enemy’s movements, capabilities, and intent are studied to develop a plan and specific actions to win a fight. Similarly, in cyberspace, the same approach could be applied. However, I noticed many researchers focus on capabilities, studying and developing methods to analyze adversary toolsets while missing tools and techniques for analyzing attackers’ network infrastructure. Network infrastructure is crucial for attackers’ or defenders’ success as logistics for artillery or infantry to win.
Using historical data on cyber attacks against Ukraine, I developed an AI algorithm to extract patterns in attackers’ network infrastructure. Those patterns help to deepen understanding of cyber threat actors attacking Ukraine, saving valuable analysts’ time and allowing them to process tons of data on cyber attacks. Even though I used the data on cyber attacks targeting Ukraine, the nature of cyber threats is global. Therefore, Ukraine and its allies can improve cyber resilience by sharing knowledge on cyber threat actors they face today to save and protect each other from future attacks.
Even though there are many discussions nowadays about artificial intelligence, particularly the ethical question, everybody should admit that AI is good at certain things. For example, AI would not miss something because it is tired or can comprehend more than humans. Speaking of cybersecurity, all of those are vital traits. Considering a case when one analyst misses something while another does not. Why? Lack of knowledge? Distractions? In cybersecurity, when you often find yourself looking for a needle in a haystack, those tools can play an essential role in helping cyber defenders focus their attention on key things.
There are several aspects to that. First, programs like CORE help integrate Ukraine into the space of allied nations that share the same democratic values as Ukraine. As a result, all participants will be ready to operate as one, speaking the same "language" and understanding each other. The second aspect is that partnerships and programs help exchange new ideas, share experiences and build a network of friends ready to help, benefiting every allied and partnering nation. As the cyberattack NotPetya demonstrated, all these factors are crucial to be prepared to face and respond to cyber threats.
Battlespace challenges are not just something that militaries want to solve. Militaries look for responses to national or international threats. Those threats could impact not just governmental institutions but also private companies. By working together, private industry and the military can combine private industry's expertise with the unique military perspective of the battlespace to provide a safer and more prosperous environment for everybody.
