US Cyber Command Is A Tool Of Foreign Policy

Uploaded on 2020-01-27 in INTELLIGENCE--USA, FREE TO VIEW

The US National Security Strategy announced by President Trump at the end of 2017 was aimed at “redefining its cyber security mission” and stemming the tide of nation-state attacks on the US. This  has include the open use of cyber weapons to influence,deter and punish other nation states.

Much of the information we have about recent US cyber activities has come from unnamed, but most likely authorised, government sources which have been used as a foreign policy too to signal to adversaries that certain actions are infringing upon US national interests. 

By 2013 US domestic networks were overwhelmed by  constant attack from sophisticated nation-state actors. Hackers stole millions of sensitive records from the Office of Personnel Management, gained access to White House networks and destroyed dozens of computers at Sony Pictures from thousands of miles away. At that time the US Department of Defense’s own cyber teams couldn’t hit back or work on enemy networks abroad because the rules for such operations were incredibly stringent. In fact, one US senator said DoD didn’t conduct an offensive operation for five years. 

That’s not to say the United States sat idly by in cyberspace, experts pointed to covert strikes and intrusions, but it does mean the Pentagon rarely or never used cyber operations as an overt response or to flex its power.

The way Cyber Command meets those goals is through persistent engagement, which means challenging adversary activities wherever they operate, however, cyber tools and networks are a limited commodity; publicising them makes them harder to use a second time. The hope is that using this scarce commodity effectively will persuade potential challengers of American resolve.  

This represents a shift from the Obama administration, which was far more reticent to combine covert cyber activities with more overt signaling. Surely, the United States undertook secret operations to degrade, disrupt, destroy, manipulate, operations in cyberspace. The most famous Obama-era cyber operation was Stuxnet, a worm that caused Iranian nuclear centrifuges to tear themselves apart.  Obama Administration officials engaged only reluctantly in overt signaling. They officially denied involvement, only talking with select reporters on deep background and after the operation was being discussed in the media.

In comparison, the Trump administration is  more openly using cyberspace activities to signal to adversaries that when certain lines are crossed it will result in consequences. 

Examples include operations against Iran after the Saudi oil attack in August 2019 and after the drone downing in September; and operations against Russia after the 2018 midterm elections.

The administration is clearly signaling to Russa in its efforts to deter Moscow’s meddling in the 2020 elections. Officials have told media outlets of efforts to develop information warfare tactics that target Russia’s senior leaders and elites. Such open declarations represent even larger costs because they cannot be easily backed away from. If it works and the threat proves credible enough to deter Russian meddling in the upcoming elections, the US will likely continue with this type signaling

The new philosophy has engendered praise, criticism and confusion among experts. One lawmaker said the White House is stonewalling oversight of the new operations. Academics have questioned whether the strategy will indeed slow hacking from the United States’ enemies. 

Because of the sensitivity of operational details, the Pentagon rarely discusses how the new strategies have worked. But based on interviews with military officials and several cyber experts this is the story of how, in two years, a new strategy is forcing the national security community to rethink cyber operations and the strategy’s long-term effects.

Ultimately, cyber is one tool in the US arsenal and experts have cautioned that it will be hard to point directly to a more assertive cyber posture as the one thing that changes the calculus of adversaries.

New Statesman:       Fifth Domain:            Defense One:

You Might Also Read:

Shockwave - A Global Transformation In Warfare:

 

« Electric Grids Targeted For Cyber Attacks
Cyber Stocks Soaring From Conflict With Iran »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Global Digital Forensics (GDF)

Global Digital Forensics (GDF)

GDF specialise in Digital Forensics and e-Discovery. Other services include Data Breach Response and Cyber Security.

Mobile Guroo

Mobile Guroo

Mobile Guroo is a strategy and systems integrator for Enterprise Mobility Management projects.

SecureBrain

SecureBrain

SecureBrain software and services help protect against Japanese-specific cybercrime and global internet security threats such as online fraud, phishing, drive-by downloads and malware attacks.

Segusoft

Segusoft

With its encryption platform SEGULINK, Segusoft provides standard software for companies to securely transfer files and messages.

Cynerio

Cynerio

Cynerio develops cybersecurity protections for medical devices, comparing network behavior with a database of medical workflows.

WhiteHawk

WhiteHawk

WhiteHawk is the first online Cyber Security Exchange. We help you understand your cyber risk and match you to tailored and affordable solutions.

Centre for Cyber Security Belgium (CCB)

Centre for Cyber Security Belgium (CCB)

The Centre for Cyber Security Belgium is the central authority for cyber security in Belgium.

Spyderbat

Spyderbat

Spyderbat ATI closes the manual investigation gap between detection and response by instantly presenting causally connected threat activity to security analysts at the onset of an investigation.

Drawbridge

Drawbridge

Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment industry.

Ostra Cybersecurity

Ostra Cybersecurity

As a next-generation MSSP, Ostra Cybersecurity combines best-in-class tools, proprietary technology and exceptional talent to deliver Fortune 100-level protection for businesses of all sizes.

Trace3

Trace3

Trace3 is a pioneer in business transformation solutions, empowering organizations to keep pace with the rapid changes in IT innovations and maximize organizational health.

5S Technologies

5S Technologies

5S Technologies is a regional IT solutions and services provider based in Cary, NC and serving the Carolinas.

PayPal Ventures

PayPal Ventures

PayPal Ventures invests in companies at the forefront of innovation in fintech, payments, commerce enablement, artificial intelligence, blockchain and cryptocurrency, regulatory and cyber technology.

MIND

MIND

MIND is the first-ever data security platform that puts data loss prevention and insider risk management programs on autopilot, so you can automatically identify, detect and prevent data leaks.

Aprio

Aprio

Aprio is a premier business advisory and accounting firm. We deliver advisory, tax, managed, and private client services to build value, drive growth, manage risk, and protect wealth.

Foresights

Foresights

Foresights is a Nordic company utilizing advanced intelligence tradecraft and extensive cyber security capabilities to deliver services and advisory tailored to our client’s critical requirements.