This week covered some great reading on potential cyber targets. We learned about critical infrastructure vulnerabilities
as well as chips and other various computer parts. If I were to be a state-sponsored cyber actor I would definitely have to target items that would impact that national power of one of my enemies that is part of another nation-state. In order to effectively put pressure on another nation-state we would have to first understand the four instruments of national power which include : diplomacy, information, military, and economy or DIME. Afterwards I could effect this situation when I know the desired end state. I would have to ask myself how I can affect my enemy's instruments of national power. A clear message would need to be sent to my enemies in order to have a major effect. Once this is complete I would be able to accurately analyze my enemy's center of gravity. These are
their sources of power that provide the enemy with the will to act, strength, and freedom of action. After conducting an analysis of their center of gravity I could then consider my desired strategic and operational effects against each part of the center of gravity. I would also need to conduct an analysis of the critical vulnerabilities and targeting requirements.
I would need to consider which objectives I would want to achieve the most by deciding if I want to deny, degrade, destroy, disrupt, or manipulate enemy systems. I think if it were up to me I would concentrate my energy on their critical infrastructure. If it was a country like Iran I would probably concentrate on their nuclear facilities. These are facilities that are needed to develop their atomic weapons, and I would need to use extensive analysis in order to identify critical vulnerabilities. This must be accomplished before conducting penetration test to identify those vulnerabilities. When conducting cyber attacks I would have be cautious to not over step and still be able to deny their capabilities.
