US Cyber Command Is A Tool Of Foreign Policy

The US National Security Strategy announced by President Trump at the end of 2017 was aimed at “redefining its cyber security mission” and stemming the tide of nation-state attacks on the US. This  has include the open use of cyber weapons to influence,deter and punish other nation states.

Much of the information we have about recent US cyber activities has come from unnamed, but most likely authorised, government sources which have been used as a foreign policy too to signal to adversaries that certain actions are infringing upon US national interests. 

By 2013 US domestic networks were overwhelmed by  constant attack from sophisticated nation-state actors. Hackers stole millions of sensitive records from the Office of Personnel Management, gained access to White House networks and destroyed dozens of computers at Sony Pictures from thousands of miles away. At that time the US Department of Defense’s own cyber teams couldn’t hit back or work on enemy networks abroad because the rules for such operations were incredibly stringent. In fact, one US senator said DoD didn’t conduct an offensive operation for five years. 

That’s not to say the United States sat idly by in cyberspace, experts pointed to covert strikes and intrusions, but it does mean the Pentagon rarely or never used cyber operations as an overt response or to flex its power.

The way Cyber Command meets those goals is through persistent engagement, which means challenging adversary activities wherever they operate, however, cyber tools and networks are a limited commodity; publicising them makes them harder to use a second time. The hope is that using this scarce commodity effectively will persuade potential challengers of American resolve.  

This represents a shift from the Obama administration, which was far more reticent to combine covert cyber activities with more overt signaling. Surely, the United States undertook secret operations to degrade, disrupt, destroy, manipulate, operations in cyberspace. The most famous Obama-era cyber operation was Stuxnet, a worm that caused Iranian nuclear centrifuges to tear themselves apart.  Obama Administration officials engaged only reluctantly in overt signaling. They officially denied involvement, only talking with select reporters on deep background and after the operation was being discussed in the media.

In comparison, the Trump administration is  more openly using cyberspace activities to signal to adversaries that when certain lines are crossed it will result in consequences. 

Examples include operations against Iran after the Saudi oil attack in August 2019 and after the drone downing in September; and operations against Russia after the 2018 midterm elections.

The administration is clearly signaling to Russa in its efforts to deter Moscow’s meddling in the 2020 elections. Officials have told media outlets of efforts to develop information warfare tactics that target Russia’s senior leaders and elites. Such open declarations represent even larger costs because they cannot be easily backed away from. If it works and the threat proves credible enough to deter Russian meddling in the upcoming elections, the US will likely continue with this type signaling

The new philosophy has engendered praise, criticism and confusion among experts. One lawmaker said the White House is stonewalling oversight of the new operations. Academics have questioned whether the strategy will indeed slow hacking from the United States’ enemies. 

Because of the sensitivity of operational details, the Pentagon rarely discusses how the new strategies have worked. But based on interviews with military officials and several cyber experts this is the story of how, in two years, a new strategy is forcing the national security community to rethink cyber operations and the strategy’s long-term effects.

Ultimately, cyber is one tool in the US arsenal and experts have cautioned that it will be hard to point directly to a more assertive cyber posture as the one thing that changes the calculus of adversaries.

New Statesman:       Fifth Domain:            Defense One:

You Might Also Read:

Shockwave - A Global Transformation In Warfare:

 

« Electric Grids Targeted For Cyber Attacks
Cyber Stocks Soaring From Conflict With Iran »

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

WEBINAR: How to improve threat detection and hunting in the AWS Cloud

WEBINAR: How to improve threat detection and hunting in the AWS Cloud

Thursday, August 20, 2020 - Join SANS and AWS Marketplace to learn the exercise of applying MITRE’s ATT&CK Matrix to the AWS Cloud and how to enhance threat detection and hunting in an AWS environment

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cloudflare

Cloudflare

Cloudflare provides protection against all types of threats to keep your website safe.

Corero Network Security

Corero Network Security

Corero Network Security is dedicated to improving the security of the Internet through the deployment of its innovative DDoS & Network Security Solutions.

Intelligent Business Solutions Cyprus (IBSCY)

Intelligent Business Solutions Cyprus (IBSCY)

IBSCY Ltd is a leading provider of total IT solutions and services in Cyprus specializing in the areas of cloud services and applications, systems integration, IT infrastructure and security.

Cybersecurity Competence Center (C3)

Cybersecurity Competence Center (C3)

The Cybersecurity Competence Center was created to further strengthen the Luxembourg economy in the field of cybersecurity.

Clym

Clym

Clym is the data privacy platform that helps organisations meet their data protection obligations. Cookies, Consent, Requests, Policies and more are all managed in a secure and adaptive application.

DataCloak

DataCloak

DataCloak is an innovation company that focus on providing enterprise data-in-motion security solutions based on zero-trust security technology.

LevelOps

LevelOps

LevelOps is an industry application security platform that tracks and develops your application security.

CyberCube

CyberCube

CyberCube provide world-leading cyber risk analytics for the cyber insurance market.