Another cyber worm is loose on the Internet from the stock stolen from NSA

WannaCry was just one of the many exploit platforms that were stolen from NSA and now roaming on the Internet. EternalRocks worm is using same SMB vulnerabilities as WannaCry and three other attack vectors. It has not been weaponized yet, meaning that it does not have malevolent features added, but it has been infecting Internet-connected computers apparently since 3 of May.

The EternalRocks worm is an ideal platform that cyber attackers are using to prepare the target for more malicious effects. The behaviour of the work is as follows:

• In the first stage, the worm uses SMB vulnerability to install itself on the computer. It also downloads .NET components and TOR browser together with C2 communications node.
• Then it remains passive for 24 hours to avoid detection or analysis with sandboxing (sandboxing is used typically as virtual isolation between the Internet and closed networks to monitor downloaded the program for malevolent behaviour).
• In the second stage, the worm uses TOR browser to download more executable files. Then it starts a random scan of opened SMB ports on the network it is connected. Once detecting a vulnerable target, it pushes the first stage exploitation to it.

The EternalRocks is such a clandestine worm that only with strong network visibility and monitoring tools, the traffic will be detected.

The military should be careful to ensure that their Internet-connected Microsoft operating systems are updated, and there is a strong monitoring and analysing function in place.

Sources:

http://www.computerweekly.com/news/450419337/EternalRocks-worm-combines-seven-leaked-NSA-attack-tools?utm_medium=EM&asrc=EM_EDA_77512780&utm_campaign=20170523_EternalRocks%20worm%20combines%20seven%20leaked%20NSA%20attack%20tools&utm_source=EDA

https://github.com/stamparm/EternalRocks

https://nakedsecurity.sophos.com/2017/05/22/after-wannacry-eternalrocks-digs-deeper-into-the-nsas-exploit-toolbox/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+nakedsecurity+%28Naked+Security+-+Sophos%29

A Structure of Military Enterprise

The paper provides Enterprise Architect with a business level view of the enterprise structures military have been using to generate, sustain and project the force.  It also presents an evolutionary model that the military enterprise has developed at the strategic level. The attempt is to provide military Enterprise Architects with a simple tool to assess current structure of the military enterprise and create viable options for the development at the strategic level. The paper uses critical realism to describe the changes in military enterprise structures and inductively build up a model that explains its evolution.

A Generic Model for War and Military Affairs

Since the birth of city-state, war has been a constant feature of civilization. Strategies have varied from capturing assets, gaining ransoms, annihilating the main force of adversary, destroying the basis for the economy, exhausting the source of power of the adversary, suppressing the political decision making, and transforming the public opinion.  The utilization of military force has been the main way in gaining these strategic goals.
Military force is not born in isolation. Nor is it yielded alone but in connection to both society and its governing body i.e. political leadership.  Clausewitz defined the triangle of political leadership, society, and military force pictured in Figure 1. 

Clausewitz observed the Napoleonic wars and their political nature stating that war is the continuation of politics by other means.  Lenin enforced this relationship creating a doctrine for the war of classes. He declared that the struggle continues at the political level when means of war are insufficient.  This was implemented successfully by Stalin after the II WW. 
The triad and their interrelationships are a source of power but also potential target to the adversary. Keys to winning a war have been equally the annihilation of military force, capture or suppression of political leadership, turning the public opinion of the society against the other two, or isolating either of the entities from the others.  

When two societies confront each other in some area of interest, there is a possibility that confrontation  escalates into a conflict . In conflict, a utilization of military force is possible since political leadership may not think of the outcome but only resolving the current conflict with available forces in Figure 2.  

This model is very military oriented since it does not illustrate the other lines of projecting power i.e. political, economy, and social.  The paper will add later these lines of force projection into the model.

A Model of Military Affairs

The basic capabilities  of a military organization in achieving the desired effect in a specific operating environment can be modelled as a value creation network pictured in Figure 3,

which is composed of force utilization, force support, and force generation functions.  These core functions may be defined further by readiness, deployment, projection, modernization, knowledge, engagement, manoeuvrability, or protection. The basic functions are further illustrated in Figure 4. 

The force utilization  means that force elements are deployed in operations to project the military force of destruction or threat of it. Use of force is the primary way to affect the adversary’s triadic structure. The avenues or dimensions in delivering the effect are typically space, air, maritime, land, electromagnetic and cyber.  Other dimensions in battlespace may also be resources and time. All the dimensions are at the physical level but changing the human behavior; the physical event needs to be translated into information, which needs to be received by a human to change his/her behavior.
  
The main tactical ways in force projection are engaging, maneuvering and protecting. Force elements maneuver to get into the reach of their targets and to be able to mass their combined arms effect. The engagement with vulnerable and crucial targets enough in the adversary systems may create network effect and suppress the entire system. Protection is to prevent own losses and take care of the society that military force is defending.
The force support means the ability to maintain constant intensity and duration of operational activity to achieve military objectives.  Force support extends out from the military organization using supply chains that may be global in reach, which means dependence on a larger network of value creation.  Supplies are required to sustain the fighting power. Disabled parts of force element need to be evacuated from the battlefield and restore their ability to fight. It is essential to evacuate wounded to sustain their health and prevent the loss of morale.

The force generation or production brings together doctrine, people, and equipment forming them into force elements with the desired capabilities. Force generation is a continuous process to develop operational and organizational concepts and then combines them with technologies, material, workforce, and limited resources to produce combat capability. 

Training of troops is most visible part of force generation. Armed Forces recruit their members from the society either by hiring voluntaries or acquiring them through compulsory military service.  By combining people with military equipment and doctrines, The Armed Forces provides basic and special competency for these members to be able to defend their society. Once achieving sufficient level, this capability is either provided to combatant commands as force elements or send to reserve for possible later need. Training needs to be refreshed before sending reserve force into operation. The force generation also includes the development of material based capabilities by acquiring and integrating them into existing force structures.

The interconnected system of military affairs is commanded and controlled by command structure that extends towards all stakeholders of the value-creating network with contracts and obligations based on legislation. The national law can control only domestic resources. Thus, coalition structures are needed to ensure the strategic durability for a nation.

Evolution of Dimensions in Military Conflict

The ways of engagement in the military conflict have evolved with the development of society described by Toffler (1980)  and technology described by Bousquet (2009) as pictured in Figure 5. 

There is a long history of military action beginning with the first documented battle of Mediggo in 1469 B.C.E. on land (and later, on the sea ) mainly projected by agricultural production which provided some urban centers. The main strategy for force projection in first wave society was massing of people with adequate weapons to annihilate the military force of the adversary.

When agricultural societies were migrated to industrial, their military forces evolved accordingly. Machines that could maneuver below the sea surface  and in the air  were invented and found useful in projecting military force. The new physical dimension of electromagnetic spectrum was invented and besides radio communications, was used in WW II to gain a tactical advantage in the Battle of Britain. Electronic Warfare (EW)  is the use of the entire electromagnetic spectrum and its properties to achieve a military advantage over one’s opponent or to reduce disadvantages. It consists of Electronic attack for engaging, Electronic protection for protective actions, and Electronic warfare support to search for, intercept, identify, and locate or localize sources of intentional and unintentional radiated electromagnetic (EM)  energy to immediate threat recognition, targeting, planning, and conduct of future operations. The main strategy for powerful force projection in second wave society was massing of material, weapons, and fire to annihilate adversary’s military force, suppress her government or harm the society that is providing it.


The third wave society invented Cyber  dimension, a human-made environment where digital information is processed, transmitted and stored. The cyber warfare includes actions by parties to penetrate another stakeholder’s computers or networks for causing damage or disruption . Information becomes the main enabler for massing effect in adversary’s systems attacking the “schwerpunkt” , centers of gravity. Information and cybernetics also become the force enabler that has the potential to transform military forces more than any single weapon system before.

Strategies used in military structuring

Military affairs and their structure can be studied considering their strategy and doctrine. The strategy of an organization is typically reflected in its processes, arranging the units and values . This paper is using a model developed by Jeanne Ross, Peter Weil and David Robertson (2006) to analyze operating methods of an organization.  The model defines two dimensions of process integration and process standardization. These two dimensions are divided into four areas of differentiation in process approach: Diversification, Replication, Coordination, and Unification as illustrated in Figure 6. 

Diversification strategy is evident for least standard and integrated organization, where smaller, independent forces are conducting operations independently in separate areas of operations. They are autonomous in their command, functions, support, and most of the development. The independent forces fight differently, support their action and develop their forces uniquely. These military organizations are usually hierarchically arranged, and value is created vertically along the lines of command.

Replication strategy is mainly after standardized processes that enhance operational efficiency. The goal is to execute standardized affairs faster than the adversary. Tactically and technically the forces are similar, but they are engaged in different areas of operation. The Commander in Chief is controlling the force production and support to maintain and improve standardization. There might be an inspector governance that is guiding the development of arms capabilities and force production.

Coordination strategy is mainly after integrated processes that aim to optimize the operational effect. Multi-arms effects are used to engage a joint adversary in each area of operation. Operational level autonomy of force utilization is enabled by coordinated efforts of force production and support. The Commander in Chief is coordinating the effort of each, possibly specific, force element. Coordination requires pervasive command and control system.

Unification strategy is a combination of integrated processes and standardized force elements. The strategy aims to maximize operational effect and effectivity through similar force elements all facing the same kind of adversaries in their area of operation. Processed are owned by the Commander in Chief or his staff and developed centrally. The maturity of processes enables deep specialization of units since they are always used in combined arms and joint manner.

The evolution of military structures

The following sections will elaborate the various stages in the evolution of military affairs and their structures.

Diversification as natural outcome of evolution

I hope none of you gentlemen is so foolish as to think that aeroplanes will be useful employed for reconnaissance from the air. There is only one way for a commander to get information by reconnaissance, and that is by the use of cavalry. 

General Sir Douglas Haig addressing the British Army Staff College in summer 1914.

The subsequent evolution of Services has diversified them naturally. First land or ground forces were created to protect agricultural assets. Then naval forces to protect critical channels for commerce. Lastly, air forces to utilize industrial technology for mobility and provide a strategic advantage over both land and naval forces. All three Services are fighting their war facing their equivalent adversary in land, sea, and air with only secondary support to each other.  Their force generation and development are different from the others, and they need specific support and supplies as illustrated in Figure 7.

The combined arms tactics for land forces was invented and developed by Gustavus II Adolphus (1594-1632), who maneuvered with a combination of infantry, cavalry, and artillery (fire, maneuver, and protection) preferring movement and attack over fortification. He dismantled the companies and regiments that troops were mobilized to “svadroons (500 soldiers)” and brigades (1500 troops), operational task forces. He was also the first to use replication strategy when he standardized each arm to have pistols with the same caliber, same size swords with cavalry, same caliber muskets with infantry and first light, mobile, regimental artillery with a controlled variation or their caliber. He also rearranged the generation and mobilization of his force were arranged with “rusthol” principle where a farm was to provide a rider, horse, and weapons when called and sustain this resource by providing new “Hakkapeliitta” if the previous died.  He was also the first to use mandatory armed/national service called “värnplikt” to recruit conscripts to fill the ranks (råd). 

The modern, multi-capable air force was created by Germany 1933 – 1939. With training support from the Soviet Union, German aircrew was generated already 1924 in the secret air bases. Due to the constraint resources and geopolitical reality, the Luftwaffe did not adapt Giulio Douhet’s ideas for strategic bombing but developed more close air support capabilities for ground operations and protection of the main land assets. This provided the Luftwaffe with more flexible air force capabilities that its future adversaries who were concentrating on building strategic bombing capabilities.

The command and control topology is following basic commander – staff structure illustrated in Figure 8. 

Commander in Chief (CIC) has all three Services directly under his command. Each Service is confronting their adversary in their dimensionally constrained area of operation. CIC is supported by Headquarters (HQ) providing strategic guidance, sufficient future views, expert advice, and administration support. There is little or no need for coordination between Services as they are independent at tactical and operational levels. Commanders of the Services are deciding both issues in current operations and building future capabilities. Moltke Sr. (1800-1891)  was one of the first to decentralize command and control of this line-staff organization by introducing mission. Instead of orders (Befelhle), he preferred instructions (Weisungen), that provided subordinate commanders with freedom of action as situation emerged.

The Diversified Services with only strategic level Commander in Chief structure is quite usual for peacetime armed enterprises. The Swedish Armed Forces were arranged this way before they launched the revolutionary transformation mid-1990s. Most of the European NATO countries had this structure until the transformation launched after the London Declaration 1990.   NATO updated its command structure 2003 still following these traditional lines.  USA forces were structured this way until 1983  when they established the unified combatant commands to execute operations in geographic areas of responsibility directly under the leadership of the president of US. The Services remained hidden in the structure renamed as component commands. 

Seeking for coordination and unification 

It takes all our Services together plus the industrial efforts of our Nation to win any major war. 

General Omar N. Bradley

The Luftwaffe also introduced first ground-to-air communication system that made a difference in Battle of France.  After the success in flanking French and English forces , the mobile, combined arms tactics of armored forces and close air support was used in Operation Barbarossa launched 1941 against the Soviet Union.

Armed forces have started to seek coordination and unification as their adversaries’ doctrine has evolved more towards combined arms tactics and joint operations. In particular areas of operation, no one Service can sustain their force or fight with success. The availability of combined arms/Branches/Services capabilities in operation opens more options for the commander to counter the enemy courses of action.  The Joint Force also allows the operational commander to pose multidimensional threats to the enemy as illustrated in Figure 9.

The co-operation between Air Force and Land Force that the Wehrmacht invented back in 1930’s was reinvented by NATO and launched as AirLandBattle in 1982.  It was coordinated engagement against all three echelons of Soviet armored troops at the same time. 

The principle of unified action become more important as an adversary was unifying their effects delivered by each Service. Also, the efforts of other than military forces were included into this unification. Thence unified action becomes “a comprehensive approach that synchronizes, coordinates, and when appropriate, integrates military operations with the activities of other governmental and nongovernmental organizations to achieve unity of effort“.  This gradually led to the introduction of Joint Combatant Command, which was organized for mission or theater particulars and had both Joint and Service components. The coordination of force utilization led into defining joint functions like Command and Control, Intelligence, Fires, movement and maneuver, protection, and sustainment. These functions were to integrate both each other and the operational and tactical functions of each component. 

The force generation and to some extent also force development still maintained its diversity and autonomy within each Service.  The Service becomes a provider of force elements, and their force utilization was controlled by component command subordinated to joint combatant command. The USA was amongst the first to adopt this structure in 1983.   The rest of NATO followed starting from 1990.

The tail of armed force has sometimes been reformed following the unification strategy. Namely, logistics has been considered like other Services, and standardization of supply and service functions have promised improved efficiency. Joint logistics was considered as art and science of planning and carrying out, by a joint force commander and staff, logistic operations to support the protection, movement, maneuver, firepower, and sustainment of operating forces of two or more Military Departments of the same nation. 

The organization of military force, after reforms in coordination and unification, may remind of the model presented in Figure 10. 

The commander in chief is supported by general staff headquarters to manage the strategic level. The actual operations are divided into missions or theaters under a Joint Combatant Command that utilizes force elements in coordination. 

The Services produce and develop force units and provide them for the Combatant Command. Logistics are mainly arranged under one unified Support Command that provides support to both diversified Services and cooperating Commands. 

The defense of UK after 2010 Defence Reform Review achieving its full operation on 1st April 2014 , is one representative of this model for defense affairs structure as illustrated in Figure 11. 

The Permanent Joint Headquarters and Directorate Special Forces are commanding all operations abroad. Force elements are provided by Navy, Army, Air and Joint Commands. Both combatant commands and development commands are enabled by enterprise services provided by Defence Business Services, Defence Infrastructure Organization, Science and Technology and Ministry of Defence Police. The supply chain required to provide armed forces is managed by Defence Equipment and Support and Information Systems and Services.

Optimizing the effect and consumption of resources

The operational space has evolved into three levels (physical, information and cognitive). Besides the military line of operation, there also available other ways to project power namely political, economic and social as illustrated in Figure 12. The dimensions of military operations at physical level have evolved to include space, air, maritime, land, electromagnetic, and cyber.  

As the complexity and spectrum of operations, where armed forces are utilized, is increasing and value chains, where armed forces are sourcing its resources, are becoming longer, the unification of fully joint force is often sought. NATO was calling this doctrine as “Comprehensive Approach” since 2011 when they updated the list of tasks in NATO Action Plan. 

Multiservice force provides symmetry of capabilities that protects against asymmetric threats of the enemy. Multiservice capabilities also provide the commander with a wider spectrum of options at a technical, tactical and operational level to strike against vulnerable points of enemy structure. This way commander has more courses of action to unify the effort in massing the effect at enemy centers of gravity.  The enterprise model for unified force is illustrated in Figure 13. 

The Combatant Commands, defined to project force in all four lines of operation, are provided with specialized units fitting best for a concept for operations. They are coordinating effects also delivered by multinational force units and both governmental and non-governmental organizations, not under the military command. The ISAF 2001-2014 was one of the widest spectrum and diversified operations in enabling the Afghan government to provide effective security across the country and develop new Afghan security force . At its height, it included troops from 51 nations. About same time UN was investing in Afghanistan around 291 million dollars via 30 different UNAMA projects to achieve sustainable and profitable development through local communities.  Besides of this, there were UNHCR, Red Cross, Red Crescent, and many other organizations effort in place.

The force generation still includes dimensional specific features in troops training but for example simulation training is growingly provided in combined arms context. There is also a tendency to expose troops to combined arms live fire before sending them to operations or reserve. Some countries, like Sweden, have merged their Service Commands to Joint Commands for operations, production and support. 

The supply chain that is needed to support both force generation and force utilization is a global interdependent value chain.  The demands for more accurate support are meeting more constrained and degraded logistics resources. The solution is globally integrated Joint Logistics Enterprise . The supply chain composed of modularized supply nodes  that are connected by information and transportation networks. This Globally Integrated Logistics can provide support agiler and on-the-need basis allowing leaner force elements in operations. The development of technology increases the demands for specialized logistics, but on another hand, it simplifies more material oriented parts of logistics. The three-dimensional (3D) printing or additive manufacturing enables the production of spare parts, artificial organs, and housing facilities just-on-time within the area of operation (AOO) from simpler ingredients.  The service-oriented architecture, object oriented programming and software-defined features enable new ICT services produced in the AOO just by configuring readymade applets or release of new software components. 

The planning, preparation, and execution of the joint operation are far more complex than any single Service operation.  Thus, the traditional military command and control are too constrained way of governing the military enterprise. The value chain supporting current operations both with supplies and new force elements is mainly process based and trust between different entities in the chain is maintained by agreements and contracts as pictured in Figure 14. 

The operation command is more orchestrating the value chain than issuing orders to subordinates. Orchestration means operational analysis, clear intent and its communication, coordination, synchronization and assessment of combined and joint efforts to gain integrated and multiplied effect in adversary’s system.

The Swedish Armed Forces  are one of the closest to the model of a unified value chain enterprise as illustrated in Figure 15. 

The Commander in Chief is supported by Armed Forces Headquarters consisting of three staffs: Planning, Joint Forces Command, Training and Development Staff. Joint Force Command is responsible for all operations and command of force elements in operations. Training and development staff is in charge of force production, logistics, and medical services.  Directly under the Ministry of Defence is the Defence Materiel Administration (Forsvarets Materielverk)  responsible for material development and sustenance. Also in the UK, a discussion has surfaced in about merging the current air, land,  and Navy organizations.  

Further control over the forces available for politics

The Russian command structure for force utilization  is recently evolved to remind of more holistic approach as per the Lenin/Stalin heritage, where military force is just one tool for intern and international politics. They have multipolar theaters of operation as illustrated in Figure 16. 

All means of force are used under the National Defence Control Centre headed by the Supreme Commander. Operations can be commanded by five Joint Strategic Commands. National Guard, Intelligence organizations, Armed Forces or any of the non-governmental (NGO) organizations can provide troops and services for Joint Hybrid Operations.

The wider basis of troops enables addressing both in-state and international threats in an optimal way, for example, using “little green men”  in manning Crimea but denying their clear identification or having Night Wolves motorcycle club arranging celebrations of annexation . 

The Russian arrangement emphasizes the Federation’s need to have a flexible source of forces under one control and commanded by specialized Joint Command operating in all dimensions of force utilization. This is an example of statewide coordination over all available means of force whether military, media, social, economic, or non-governmental.