US Cyber Command Is A Tool Of Foreign Policy

The US National Security Strategy announced by President Trump at the end of 2017 was aimed at “redefining its cyber security mission” and stemming the tide of nation-state attacks on the US. This  has include the open use of cyber weapons to influence,deter and punish other nation states.

Much of the information we have about recent US cyber activities has come from unnamed, but most likely authorised, government sources which have been used as a foreign policy too to signal to adversaries that certain actions are infringing upon US national interests. 

By 2013 US domestic networks were overwhelmed by  constant attack from sophisticated nation-state actors. Hackers stole millions of sensitive records from the Office of Personnel Management, gained access to White House networks and destroyed dozens of computers at Sony Pictures from thousands of miles away. At that time the US Department of Defense’s own cyber teams couldn’t hit back or work on enemy networks abroad because the rules for such operations were incredibly stringent. In fact, one US senator said DoD didn’t conduct an offensive operation for five years. 

That’s not to say the United States sat idly by in cyberspace, experts pointed to covert strikes and intrusions, but it does mean the Pentagon rarely or never used cyber operations as an overt response or to flex its power.

The way Cyber Command meets those goals is through persistent engagement, which means challenging adversary activities wherever they operate, however, cyber tools and networks are a limited commodity; publicising them makes them harder to use a second time. The hope is that using this scarce commodity effectively will persuade potential challengers of American resolve.  

This represents a shift from the Obama administration, which was far more reticent to combine covert cyber activities with more overt signaling. Surely, the United States undertook secret operations to degrade, disrupt, destroy, manipulate, operations in cyberspace. The most famous Obama-era cyber operation was Stuxnet, a worm that caused Iranian nuclear centrifuges to tear themselves apart.  Obama Administration officials engaged only reluctantly in overt signaling. They officially denied involvement, only talking with select reporters on deep background and after the operation was being discussed in the media.

In comparison, the Trump administration is  more openly using cyberspace activities to signal to adversaries that when certain lines are crossed it will result in consequences. 

Examples include operations against Iran after the Saudi oil attack in August 2019 and after the drone downing in September; and operations against Russia after the 2018 midterm elections.

The administration is clearly signaling to Russa in its efforts to deter Moscow’s meddling in the 2020 elections. Officials have told media outlets of efforts to develop information warfare tactics that target Russia’s senior leaders and elites. Such open declarations represent even larger costs because they cannot be easily backed away from. If it works and the threat proves credible enough to deter Russian meddling in the upcoming elections, the US will likely continue with this type signaling

The new philosophy has engendered praise, criticism and confusion among experts. One lawmaker said the White House is stonewalling oversight of the new operations. Academics have questioned whether the strategy will indeed slow hacking from the United States’ enemies. 

Because of the sensitivity of operational details, the Pentagon rarely discusses how the new strategies have worked. But based on interviews with military officials and several cyber experts this is the story of how, in two years, a new strategy is forcing the national security community to rethink cyber operations and the strategy’s long-term effects.

Ultimately, cyber is one tool in the US arsenal and experts have cautioned that it will be hard to point directly to a more assertive cyber posture as the one thing that changes the calculus of adversaries.

New Statesman:       Fifth Domain:            Defense One:

You Might Also Read:

Shockwave - A Global Transformation In Warfare:

 

« Electric Grids Targeted For Cyber Attacks
Cyber Stocks Soaring From Conflict With Iran »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DoSarrest Internet Security Ltd

DoSarrest Internet Security Ltd

DOSarrest is a fully managed security firm specializing in cloud based DDoS protection services to a worldwide client base.

CROW - University of Waikato

CROW - University of Waikato

CROW is the first cyber security lab established in a New Zealand educational institution at the University of Waikato.

Pole SCS (Secure Communicating Solutions)

Pole SCS (Secure Communicating Solutions)

SCS is a world-class competitiveness cluster dedicated to digital technologies in the fields of Microelectronics, Internet Of Things, Digital Security, Artificial Intelligence And Big Data.

International Computer Science Institute (ICSI)

International Computer Science Institute (ICSI)

ICSI is a leading independent, nonprofit center for research in computer science. Research areas include network security and privacy.

BlueVoyant

BlueVoyant

BlueVoyant's Cyber Defense Platform is security operations platform that provides real-time threat monitoring for networks, endpoints, and supply chains.

CyberSecurity Non-Profit (CSNP)

CyberSecurity Non-Profit (CSNP)

CyberSecurity Non-Profit (CSNP) is a 501(c)(3) non-profit organization dedicated to promoting cybersecurity awareness and education.

Wayra

Wayra

Wayra connects Telefónica and technological disruptors around the world. As their preferred strategic partner, we scale them up to accelerate their business and ours.

ClearHub

ClearHub

The aim of ClearHub is simple: to give businesses like yours access to the best talent, all screened and technically tested by Clearvision’s expert team.

ClosingLock

ClosingLock

ClosingLock is the leading provider of wire fraud prevention software for the real estate industry.

CySecK

CySecK

CySecK is a Centre of Excellence in Cybersecurity formed in 2017 by the Government of Karnataka, as part of the Technology Innovation Strategy.

National Coordinator for Security and Counterterrorism (NCTV) - Netherlands

National Coordinator for Security and Counterterrorism (NCTV) - Netherlands

The NCTV serves the Netherlands’ national security. We protect national interests, identify threats and strengthen resilience.

Roberts & Obradovic Law

Roberts & Obradovic Law

Roberts & Obradovic Law Group is a corporate, privacy, employment and litigation law firm.

Falconfeeds

Falconfeeds

Falconfeeds empowers businesses and security professionals with immediate access to the latest and historical threat intelligence data.

DACTA Global

DACTA Global

DACTA was established with the aim of simplifying the perception of complexity surrounding digital security challenges and solutions.

Skillfield

Skillfield

Skillfield is a Melbourne based Cyber Security and Data Services consultancy and professional services company.

SecureKloud Technologies

SecureKloud Technologies

SecureKloud is a global leader in the Cloud services arena. Our experience in cloud consulting and servicing for highly regulated industries extends more than a decade.