The US Steps Up Its Cyberwar Capability

In the 21st century military attack and defence increasingly involves the use of cyber operations between rival states. Cyberspace is a warfighting domain, and the US military is beginning to take an active role in cyber defending the country and its allies from threats in that realm, US Defense Secretary Mark T. Esper has said.

US military superiority in the air, land, sea, and space domains is critical to its ability to defend their interests and protect values. Achieving superiority in the physical domains now often depends on superiority in cyberspace. The security of the US has become also partly dependent on cyber security and this issue will increase with th development AI and cyber-attacks.

China and Russia are honing their offensive cyber capabilities. Both have been focused on extracting COVID-19-related research, but post-pandemic China’s cyber campaigns will go back to targeting Western intellectual property and other valuable commercial information, while Russia will pursue anti-Western political manipulation.

Technological decoupling, most apparent in geopolitical divisions over Huawei’s role in building 5G telecoms infrastructure, forms part of the West’s defensive cyber security strategy.

US Defense policy and processes need to keep pace with the speed of events in cyberspace to maintain a decisive advantage and superior strategic effects depend on the alignment of operations, capabilities, and processes, and the seamless integration of intelligence with operations. Indeed, some military analysts have promoted the idea of a coming “Cyber Pearl Harbor,” but instead the domain is littered with covert operations meant to manage escalation and deter future attacks. Cyber strategy and policy must start from an accurate understanding of the domain, not imagined realities.

Recently Montenegro has faced increased harassment from Russia since joining NATO in 2017, and the Cyber Command team has been there to investigate signs that hackers had penetrated the Montenegrin government’s networks. Working side by side with Montenegrin partners, the team saw an opportunity to improve American cyber defenses ahead of the 2020 election. 

The 'Hunt Forward' mission to Montenegro represented a new, more proactive strategy to counter online threats that reflects Cyber Command’s evolution over the last ten years from a reactive, defensive posture to a more effective, proactive posture called “persistent engagement.” The findings enable the US government to defend critical networks more effectively and allow large antivirus companies to update their products to better protect their users.

When Cyber Command was established in 2010, the assumption was that its focus should be on trying to prevent the military’s networks from being infiltrated or disabled. But a reactive and defensive posture proved inadequate to manage evolving threats.​ Even as the military learned to better protect its networks, adversaries’ attacks became more frequent, sophisticated, and severe.
 
Russia uses cyberspace for espionage and theft and to disrupt US infrastructure while attempting to erode confidence in the nation’s democratic processes. Iran undertakes online influence campaigns, espionage efforts, and outright attacks against government and industrial sectors. In the face of these threats, the US government has changed how it will respond. In 2018, Congress clarified the statutory authority for military cyber operations to enable Cyber Command to conduct traditional military activities in addition to the mostly preparatory operations to which it had been limited previously.

The White House also released a National Cyber Strategy, which aligned economic, diplomatic, intelligence, and military efforts in cyberspace.

Some specialists have speculated that competing with adversaries in cyberspace will increase the risk of escalation, from hacking to physical war. The thinking goes that by competing more proactively in cyberspace, the risk of miscalculation, error, or accident increases and could escalate to a crisis.

US Cyber Command takes these concerns seriously, and reducing this risk is a critical part of the planning process, however, cyberspace operations are not silver bullets and to be most effective, they require much planning and preparation. Cyber Command thus works closely with other combatant commands to integrate the planning of kinetic and non-kinetic effects.

Cyber Command’s capabilities are meant to complement, not replace, other military capabilities, as well as the tools of diplomacy, sanctions, and law enforcement. Controlling cyberspace as a military domain is a challenge that demands critically assessing issues, questions, and assumptions, especially those at the foundation of the military’s decision making for operations and requirements. 

Foreign Affairs:      US  Cyber Command:      CATO Institute:      US Dept. of Defense

You Might Also Read:

Cyber Command’s Plan to ‘frustrate’ Hackers Is Working:

 

« Superhuman Brain-Hacking Device
Fixing Britain's Digital Skills Gap »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

VdS

VdS

VdS is an independent safety and security testing institution. Cybersecurity services include standards, audit/assessment and certification for SMEs.

Avast Software

Avast Software

Avast Software is a security software company that develops antivirus software and internet security services.

NNIT

NNIT

NNIT​ is one of Denmark’s leading consultancies in IT development, implementation and operations, including cyber security.

AEI Cybersecurity

AEI Cybersecurity

AEI brings together companies, Research Centres, Universities, and other organizations interested in promoting new cybersecurity technologies.

Managed Security Solutions (MSS)

Managed Security Solutions (MSS)

MSS deliver consultancy services and managed security services for IT departments who may lack the time, resources, or expertise themselves.

CERT NZ

CERT NZ

CERT NZ supports businesses, organisations and individuals affected by cyber security incidents, and provide trusted and authoritative information and advice.

Magtech Solutions

Magtech Solutions

Magtech Solutions is a one-stop IT Solutions provider offering Cloud Computing, IT Security, Unified Email Solutions and ERP systems.

Blancco Technology Group

Blancco Technology Group

Blancco Technology Group is a leading global provider of mobile device diagnostics and secure data erasure solutions.

ComoNExT Innovation Hub

ComoNExT Innovation Hub

ComoNExT is a Digital Innovation Hub and a startup incubator with a focus on the issues of digital transformation and Industry 4.0.

Abion

Abion

At Abion (formerly BRANDIT), we empower your business by providing comprehensive brand protection and web security services.

CounterFind

CounterFind

CounterFind is turnkey technology that allows brands to find and remove counterfeit and infringing merchandise from online marketplaces and social media sites.

WheelHouse IT

WheelHouse IT

WheelHouse IT secures, manages, and advances businesses with innovative, cost-effective IT solutions.

Centre for Cyber Security Research & Innovation

Centre for Cyber Security Research & Innovation

The Centre for Cyber Security Research & Innovation is Nepal's First Academic Research Institute to focus on understanding the overall Information Security of Nepalese Organizations.

D.med Software

D.med Software

D.med Software is a company with a focus on cybersecurity for embedded software and cloud applications for the medical industry.

Semgrep

Semgrep

Semgrep is a fast, open-source, static analysis tool for profoundly improving software security and reliability.

HIFENCE

HIFENCE

HIFENCE delivers cybersecurity and networking services that make your company safer and more secure. That’s all we do, so you can concentrate on all the things that you do best.