The Cyber Landscape & The Cheyenne Dog Soldier

Originally published June 24, 2013. Repost, sans edit.

This is one of a handful of memory-hole'd articles I wrote a decade ago. Nearly ten years after initial publication, this content is still highly relevant in 2023. Perhaps more-so. Do you feel the same way?

It is arguable that our human history has been deeply shaped and pockmarked by warfare. That is not to say war was the primary world change agent, as the rise of agriculture and faith systems also had a significant play on our evolution and the formation of modern civilization in the post hunter-gather phase of our history. But of course, those advances also begat conflicts. In fact, conflict is an inherent part of the human condition.

In a new landscape of cyber spies, Android APK woes, malware, APTs and financed hackers from abroad, we need to understand the following: How do you keep secrets in and the bad guys out??And how do you get your supplies through enemy territory?

There are lessons to be pulled from the rubble of history. The issues we face today are the age-old problems which civilizations and their warriors have faced since civilization began.?Interestingly, our solutions haven’t change that much through the ages.

I believe that conflict is in the human DNA, and a brief study of human history tends to support my assertion. Next to combat and a few other choice “professions”, espionage is one of the oldest ways to make a living. In fact, “data leakage” goes back to the days of Roman emperors attempting to send “secure” data (information) through untrusted territories – read about the Caesar Cipher or the “Babington Plot” for a long term perspective on encryption and data smuggling through the ages.

The net sum is that there is no particularly good way to stop it; neither predictive profiling nor ubiquitous surveillance fit the bill against a determined or properly motivated/funded adversary. What we can do is change our assumptions, philosophy and operating model.

Back to history. I recently began preparing material for a seminar I’m leading later this fall – and I will share a snippet of the narrative as it relates to the problems outlined above.

The Dog Soldiers were one of six military societies of the Cheyenne Indians; highly aggressive, effective in combat and possessing an incredible skilled cavalry with similar riding styles to the steppe warriors (think Mongols aka Genghis Khan). To the point of this discourse, it must be noted that each warrior wore a breech cloth approximately 50 ft. long.?What made their fighting style unique was the fact that they would dismount in the middle of a battlefield, pin their breechcloth to the earth with a sacred arrow and proceed to engage in hand to hand combat within in the area afforded them by the length of their breechcloth.?Furthermore, they would not leave their combat zone until the battle ended. Or they died. Period. As the old Spartan saying went?”E tan, e epi tan”. Come back with your shield, or on it.

The Dog Soldier’s combat philosophy was a zero-sum game?with each individual Dog Soldier being a whirlwind of death until victory, or the end. While the Dog Soldiers slowed the advance of the US Cavalry into all of their territories, for every US soldier who fell, there were many to take his place. Each Dog Soldier lost or neutralized was irreplaceable, whereas cavalry forces were effectively a commodity item (almost a 100 to 1 ratio).

When attempting to wage a battle against an enemy with significantly higher force concentration and exponentially more human capital, problems such as disparity of force tend to bubble up.

The?Dog Soldiers utilized a highly effective means of combat, but that became immaterial as their style had hard-set limitations when faced with a force with virtually limitless supplies. Survivability is often equated with adaptability, and the Cheyenne were a mighty force, but did not adapt and change their tactics for the seemingly infinite US Cavalry.?Theirs was a death by attrition.

This needs to be immediately contrasted with the Apache warriors of the same period; the grandfathers of American Guerrilla combat.?Think Geronimo.

The Apache were a fierce tribe who rapidly recognized the disparity of force issues experienced with the US Cavalry. They responded by shifting their combat style into an asymmetric modality.

They would strike at the enemy and then disappear into the desert leaving false trails. They would provoke the enemy into wasting their resources ghost-chasing small scout groups, meanwhile, the core Apache teams would commence breaking US Cavalry supply chains and lines of communications.

I view the Cheyenne narrative as representing our legacy defensive systems: firewalls, encryption, patching, data leakage prevention, compliance mandates, penetration testing – all things that become somewhat less relevant when?faced with “thinking” adversaries.

The threat surface of our world is rapidly approaching infinity, meanwhile the capabilities of the adversary are barely understood much less acknowledged.?As an industry we cling to our own antiquated TTPs much as the Cheyenne had their 50 ft. of breach cloth engaged in a death match against the infinite enemy.

The?Apache had a more interesting method of dealing with the overwhelming attacks. In order to survive their version of a “next-generation” threat, they took dynamic action and explicitly avoided Maginot line style warfare. We as a security community need to reconsider our approach to both defensive and offensive technologies. Certainly, continue to harden your systems, lock down the environment, patch broken systems, perform pen tests and attempt to write secure code.?But then take the next steps: profile the enemies, make them chase ghosts, feed them poisoned data and always lead them astray while breaking up and hampering their communications.

The time for the use of purely passive defense mechanisms is over. This equates to using?Crypto, deploying honey nets, integrating kill chain concepts, use of HUMINT & TECHINT, infiltration of adversary communities and the development of operationally relevant threat intelligence programs.

The end result was rather pyrrhic for both the Cheyenne AND the Apache people, but the Apache “gave ‘em hell” for nearly 30 years more than the Cheyenne.?Why make the adversaries’ job easier? Disrupt. Deny. Degrade. Destroy. Deceive.