25 December 2014

The Shadowy Giant: Secretive U.S. Cyber Command Beginning to Take Shape

Maggie Ybarra
December 23, 2014

Cyber Command investment ensures hackers targeting U.S. face retribution

In the shadows of the Sony hacking incident and North Korea’s massive Internet outage, the Pentagon has quietly built a multibillion-dollar cyberwarfare capability and trained its commanders to integrate these weapons into their battlefield plans.

U.S. Cyber Command was officially stood up in 2010, based at Fort Meade in the Maryland suburbs of the nation’s capital, consolidating intelligence and cyberwarfare capabilities of the Army, Air Force, Navy and Marines under one house. Soon, billions of dollars were being invested in the concept that cyberattackers targeting America should be prepared to sustain their own damage.

Little has been discussed in public about U.S. Cyber Command’s specific capabilities since, though budget documents detail a growing commitment to this form of warfare. The Pentagon’s cyberwarfare budget has grown from $3.9 billion in 2013 to $4.7 billion in 2014 and an estimated $5.1 billion in 2015.

The first commander of U.S. Cyber Command, then-Army Gen. Keith Alexander, gave Congress in 2013 one of its first public overviews of how quickly an offensive cyberwarfare mindset was spreading across the Pentagon. In military parlance, it means “normalizing” cyberoperations into the daily routine.

"We have no alternative but to do so because every world event, crisis and trend now has a cyber-aspect to it, and decisions we make in cyberspace will routinely affect our physical or conventional activities and capabilities as well," Gen. Alexander told lawmakers.

"Normalizing cyber requires improving our tactics, techniques and procedures, as well as our policies and organizations. It also means building cybercapabilities into doctrine, plans and training — and building that system in such a way that our Combatant Commanders can think, plan and integrate cybercapabilities as they would capabilities in the air, land and sea domains," he said.

Beyond Gen. Alexander’s broad descriptions, a few hints have emerged about the specific capabilities of the military to conduct offensive attacks in cyberspace.

The New York Times’ David Sanger reported in a June 2012 article that remains unchallenged that the U.S. was the primary developer of the Stuxnet computer worm that struck Iran’s nuclear computers, causing significant damage to centrifuges.

Later that summer, Marine Lt. Gen. Richard P. Mills bluntly told a conference in Baltimore that commanders under his control in Afghanistan routinely used cyberwarfare tactics to attack and disable al Qaeda and Taliban enemies.

"I can tell you that as a commander in Afghanistan in the year 2010, I was able to use my cyberoperations against my adversary with great impact," Gen. Mills was quoted at the time as saying. "I was able to get inside his nets, infect his command and control, and in fact defend myself against his almost constant incursions to get inside my wire, to affect my operations."

While the military is developing the capability, the political and policy realm is struggling with the right parlance.

While the U.S. government remained mum Monday on whether it was behind Pyongyang’s downed Internet service, it offered a clear and confident message that the Pentagon is equipped to conduct such offensive operations in cyberspace.

Army Lt. Col. Valerie Henderson, a Pentagon spokeswoman, said the Defense Department constantly prepares to counter cyberthreats. State Department spokeswoman Marie Harf described the U.S. retaliation against North Korea for the Sony hack this way: “Some will be seen. Some may not be seen.”

One of the government’s former top cybersecurity specialists said the Pentagon’s capabilities to attack in cyberspace are essential to deterrence, and that most Americans, including policymakers, need to be better educated about the devastating damage our enemies may try to inflict in a digitally connected world.

"I really see this issue as in line with weapons of mass destruction, a nuclear-type attack," said Shawn Henry, a former chief of FBI cybercrimes who now heads the technology firm Crowd Strike that helps corporate clients fight cyberthreats.

"Critical infrastructure — it’s all connected. … If a city lost power for a couple of weeks, it would lead to death, so this has a potential to escalate."

In addition, U.S. government agencies besides the Pentagon have the capability to execute at least some cyberattacks.

The Pentagon’s newest frontier for war fighting matured over the past half-decade as cyberthreats from everyday hackers and foreign states such as Russia and China proliferated.

Early cyberwarfare capabilities emerged under President George W. Bush in the middle of the last decade. But as recently as 2011, Pentagon officials still talked about the military’s cyberwarfare capabilities as primarily defensive in nature.

A year later, DARPA, the Pentagon’s experimental technology and research office, announced the formation of Project X, the military’s first major cyberoffense-strategy blueprint.

President Obama recently depicted the attack on Sony Pictures Entertainment as “cybervandalism.” The company responded to foreign threats of terrorism on movie theaters showing “The Interview” by pulling the film.

Mr. Henry, the FBI’s former cybersecurity chief, said he believes policy leaders need to regard the North Korean hack as an act of war and not vandalism. Equating North Korea’s actions as “the equivalent of graffiti” is misleading, he said.

"Call it what it is, so that the American public understands what the real risks are that we face," he said.

As U.S. politics and policy catch up to the capabilities of the American military and its enemies, many regard a little noticed speech by then-Defense Secretary Leon E. Panetta in fall 2012 as the official wake-up call.

Mr. Panetta bluntly predicted that the U.S. faced the possibility in the near future of a “cyber Pearl Harbor” that could dismantle the nation’s power grid and financial networks, wreaking untold havoc and damage.

Although an attack of that magnitude has not taken place, officials say, the cyberbullying of Sony — the hacker released a considerable amount of unflattering information about the company and its executives — may be a prelude of what is to come. That leaves the Pentagon’s growing offensive capabilities in cyberspace as a primary deterrent to enemies.

No comments: