The US Steps Up Its Cyberwar Capability

Uploaded on 2020-09-08 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

In the 21st century military attack and defence increasingly involves the use of cyber operations between rival states. Cyberspace is a warfighting domain, and the US military is beginning to take an active role in cyber defending the country and its allies from threats in that realm, US Defense Secretary Mark T. Esper has said.

US military superiority in the air, land, sea, and space domains is critical to its ability to defend their interests and protect values. Achieving superiority in the physical domains now often depends on superiority in cyberspace. The security of the US has become also partly dependent on cyber security and this issue will increase with th development AI and cyber-attacks.

China and Russia are honing their offensive cyber capabilities. Both have been focused on extracting COVID-19-related research, but post-pandemic China’s cyber campaigns will go back to targeting Western intellectual property and other valuable commercial information, while Russia will pursue anti-Western political manipulation.

Technological decoupling, most apparent in geopolitical divisions over Huawei’s role in building 5G telecoms infrastructure, forms part of the West’s defensive cyber security strategy.

US Defense policy and processes need to keep pace with the speed of events in cyberspace to maintain a decisive advantage and superior strategic effects depend on the alignment of operations, capabilities, and processes, and the seamless integration of intelligence with operations. Indeed, some military analysts have promoted the idea of a coming “Cyber Pearl Harbor,” but instead the domain is littered with covert operations meant to manage escalation and deter future attacks. Cyber strategy and policy must start from an accurate understanding of the domain, not imagined realities.

Recently Montenegro has faced increased harassment from Russia since joining NATO in 2017, and the Cyber Command team has been there to investigate signs that hackers had penetrated the Montenegrin government’s networks. Working side by side with Montenegrin partners, the team saw an opportunity to improve American cyber defenses ahead of the 2020 election. 

The 'Hunt Forward' mission to Montenegro represented a new, more proactive strategy to counter online threats that reflects Cyber Command’s evolution over the last ten years from a reactive, defensive posture to a more effective, proactive posture called “persistent engagement.” The findings enable the US government to defend critical networks more effectively and allow large antivirus companies to update their products to better protect their users.

When Cyber Command was established in 2010, the assumption was that its focus should be on trying to prevent the military’s networks from being infiltrated or disabled. But a reactive and defensive posture proved inadequate to manage evolving threats.​ Even as the military learned to better protect its networks, adversaries’ attacks became more frequent, sophisticated, and severe.
 
Russia uses cyberspace for espionage and theft and to disrupt US infrastructure while attempting to erode confidence in the nation’s democratic processes. Iran undertakes online influence campaigns, espionage efforts, and outright attacks against government and industrial sectors. In the face of these threats, the US government has changed how it will respond. In 2018, Congress clarified the statutory authority for military cyber operations to enable Cyber Command to conduct traditional military activities in addition to the mostly preparatory operations to which it had been limited previously.

The White House also released a National Cyber Strategy, which aligned economic, diplomatic, intelligence, and military efforts in cyberspace.

Some specialists have speculated that competing with adversaries in cyberspace will increase the risk of escalation, from hacking to physical war. The thinking goes that by competing more proactively in cyberspace, the risk of miscalculation, error, or accident increases and could escalate to a crisis.

US Cyber Command takes these concerns seriously, and reducing this risk is a critical part of the planning process, however, cyberspace operations are not silver bullets and to be most effective, they require much planning and preparation. Cyber Command thus works closely with other combatant commands to integrate the planning of kinetic and non-kinetic effects.

Cyber Command’s capabilities are meant to complement, not replace, other military capabilities, as well as the tools of diplomacy, sanctions, and law enforcement. Controlling cyberspace as a military domain is a challenge that demands critically assessing issues, questions, and assumptions, especially those at the foundation of the military’s decision making for operations and requirements. 

Foreign Affairs:      US  Cyber Command:      CATO Institute:      US Dept. of Defense

You Might Also Read:

Cyber Command’s Plan to ‘frustrate’ Hackers Is Working:

 

« Superhuman Brain-Hacking Device
Fixing Britain's Digital Skills Gap »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

InfoWatch

InfoWatch

InfoWatch solutions allow you to protect data and information assets that are critically important to your business.

Intensity Analytics

Intensity Analytics

Intensity Analytics is a software firm that develops next-generation, physical user and entity behavioral authentication ("physical UEBA") security software technology.

TunnelBear

TunnelBear

TunnelBear is a Virtual Private Network services provider offering secure encrypted access to the internet.

CSIRT GOV - Poland

CSIRT GOV - Poland

Computer Security Incident Response Team CSIRT GOV, run by the Head of the Internal Security Agency, acts as the national CSIRT responsible for coordinating the response to computer incidents.

Optra Security

Optra Security

Optra Security specializes in information security with a focus on Application Security.

Fingent

Fingent

Fingent develops strategic software solutions for businesses across the globe in areas including Network Security, Infrastructure Security, Application Security, Risk and Compliance.

Octane OC

Octane OC

OCTANe is building the SoCal of tomorrow. We drive innovation and growth by connecting people, resources and capital. Our Incubator focus is FinTech, Data Analytics and Cybersecurity.

US Cyber Range

US Cyber Range

US Cyber Range is a scalable, cloud-hosted infrastructure providing students with virtual environments for realistic, hands-on cybersecurity labs and exercises.

Blacksands

Blacksands

Blacksands is a leader in network architecture, identity & services management, threat analysis, industrial IoT architecture, and invisible dynamic networks.

Plante Moran

Plante Moran

Plante Moran is a leading audit, tax, consulting, and wealth management firm. Areas of consulting expertise include cybersecurity.

Match Systems

Match Systems

Match Systems provides blockchain investigations, KYC, KYT, AML, Due Diligence and compliance services.

SignMyCode

SignMyCode

SignMyCode is a one-stop shop for trusted and authentic code signing solutions to safeguard software.

Protos Labs

Protos Labs

Protos Labs enables insurers & enterprises to make better cyber risk decisions through holistic, real-time risk management tools.

Synagex

Synagex

Synagex Modern IT is a simple IT and cybersecurity solution for businesses.

NeuroID

NeuroID

NeuroID combines the power of industry-leading behavioral analytics with advanced device and network intelligence to create your first line of defense against malicious bots, bad actors, and fraud.

GAM Tech

GAM Tech

GAM Tech is a Managed IT Service Provider that serves small and medium sized businesses in Alberta, British Columbia, Ontario and Quebec.