The US Steps Up Its Cyberwar Capability

In the 21st century military attack and defence increasingly involves the use of cyber operations between rival states. Cyberspace is a warfighting domain, and the US military is beginning to take an active role in cyber defending the country and its allies from threats in that realm, US Defense Secretary Mark T. Esper has said.

US military superiority in the air, land, sea, and space domains is critical to its ability to defend their interests and protect values. Achieving superiority in the physical domains now often depends on superiority in cyberspace. The security of the US has become also partly dependent on cyber security and this issue will increase with th development AI and cyber-attacks.

China and Russia are honing their offensive cyber capabilities. Both have been focused on extracting COVID-19-related research, but post-pandemic China’s cyber campaigns will go back to targeting Western intellectual property and other valuable commercial information, while Russia will pursue anti-Western political manipulation.

Technological decoupling, most apparent in geopolitical divisions over Huawei’s role in building 5G telecoms infrastructure, forms part of the West’s defensive cyber security strategy.

US Defense policy and processes need to keep pace with the speed of events in cyberspace to maintain a decisive advantage and superior strategic effects depend on the alignment of operations, capabilities, and processes, and the seamless integration of intelligence with operations. Indeed, some military analysts have promoted the idea of a coming “Cyber Pearl Harbor,” but instead the domain is littered with covert operations meant to manage escalation and deter future attacks. Cyber strategy and policy must start from an accurate understanding of the domain, not imagined realities.

Recently Montenegro has faced increased harassment from Russia since joining NATO in 2017, and the Cyber Command team has been there to investigate signs that hackers had penetrated the Montenegrin government’s networks. Working side by side with Montenegrin partners, the team saw an opportunity to improve American cyber defenses ahead of the 2020 election. 

The 'Hunt Forward' mission to Montenegro represented a new, more proactive strategy to counter online threats that reflects Cyber Command’s evolution over the last ten years from a reactive, defensive posture to a more effective, proactive posture called “persistent engagement.” The findings enable the US government to defend critical networks more effectively and allow large antivirus companies to update their products to better protect their users.

When Cyber Command was established in 2010, the assumption was that its focus should be on trying to prevent the military’s networks from being infiltrated or disabled. But a reactive and defensive posture proved inadequate to manage evolving threats.​ Even as the military learned to better protect its networks, adversaries’ attacks became more frequent, sophisticated, and severe.
 
Russia uses cyberspace for espionage and theft and to disrupt US infrastructure while attempting to erode confidence in the nation’s democratic processes. Iran undertakes online influence campaigns, espionage efforts, and outright attacks against government and industrial sectors. In the face of these threats, the US government has changed how it will respond. In 2018, Congress clarified the statutory authority for military cyber operations to enable Cyber Command to conduct traditional military activities in addition to the mostly preparatory operations to which it had been limited previously.

The White House also released a National Cyber Strategy, which aligned economic, diplomatic, intelligence, and military efforts in cyberspace.

Some specialists have speculated that competing with adversaries in cyberspace will increase the risk of escalation, from hacking to physical war. The thinking goes that by competing more proactively in cyberspace, the risk of miscalculation, error, or accident increases and could escalate to a crisis.

US Cyber Command takes these concerns seriously, and reducing this risk is a critical part of the planning process, however, cyberspace operations are not silver bullets and to be most effective, they require much planning and preparation. Cyber Command thus works closely with other combatant commands to integrate the planning of kinetic and non-kinetic effects.

Cyber Command’s capabilities are meant to complement, not replace, other military capabilities, as well as the tools of diplomacy, sanctions, and law enforcement. Controlling cyberspace as a military domain is a challenge that demands critically assessing issues, questions, and assumptions, especially those at the foundation of the military’s decision making for operations and requirements. 

Foreign Affairs:      US  Cyber Command:      CATO Institute:      US Dept. of Defense

You Might Also Read:

Cyber Command’s Plan to ‘frustrate’ Hackers Is Working:

 

« Superhuman Brain-Hacking Device
Fixing Britain's Digital Skills Gap »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ThaiCERT

ThaiCERT

ThaiCERT is the national Computer Security Incident Response Team (CSIRT) for Thailand.

Apcon

Apcon

Apcon's mission is to provide valuable network insights that enable security and network professionals to monitor, secure and protect their data in both physical and virtual environments.

ReversingLabs

ReversingLabs

ReversingLabs develops cyber threat detection and mitigation tools that address the the latest directed attacks, advanced persistent threats and polymorphic malware.

Six Degrees

Six Degrees

Six Degrees is a leading secure, integrated cloud services provider. We protect UK organisations and help them thrive in the cloud by giving them secure platforms to innovate and grow.

Tigera

Tigera

Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to meet their security and compliance requirements.

Salient Law

Salient Law

Salient Law is a virtual law firm that specialises in advising providers and users of technology on contracts involving technology.

Ascent Cyber

Ascent Cyber

Ascent Cyber provide simple and stress-free solutions to protect your business and its customers from the worries and costs of cybercrime.

BugDazz

BugDazz

BugDazz pentest as a service (PTaaS) platform helps bringing in real-time results, detail coverage, & easy remediation workflows with compliance-ready reports.

Framatome

Framatome

Framatome Cybersecurity portfolio is directly inspired by its unique experience in nuclear safety for critical information systems and electrical systems design.

Tonex

Tonex

Tonex providing industry-leading technology training, courses, seminars, workshops, and consulting services to companies and government organizations around the world.

Surfshark

Surfshark

Surfshark is a cybersecurity company focused on developing humanized privacy & security protection solutions to secure people's digital lives.

The Security Bulldog

The Security Bulldog

The Security Bulldog distills and assimilates open source cyber intelligence to enable security teams to understand threats more quickly, make better decisions, and accelerate detection and response.

Xoriant

Xoriant

Xoriant is a technology leader and execution partner throughout the Build, Run and Transform lifecycle for companies that create and use technology products.

ResilientX

ResilientX

ResilientX is an All-In-One Security Testing Platform designed to help MSPs and SMBs to perform their security testing and assessments without having to outsource IT.

V3 Cybersecurity

V3 Cybersecurity

V3 Cybersecurity is a unique company focused on contextualization of security programs from a business perspective. Our mission is to provide enterprise IT Risk Management capabilities.

AuthenticID

AuthenticID

Our mission at AuthenticID is to combat fraud worldwide and help businesses protect their enterprise and valuable data assets.