Cyber operations poised to take centre stage in US

Transcription

1 Cyber operations poised to take centre stage in US [Content preview Subscribe to Jane s Intelligence Review for full article] US President Donald Trump announced on 18 August the elevation of the United States Cyber Command to a full combatant command. Tanner Johnson examines the implications of the elevation for the US intelligence community, and the opportunities and challenges that the new status will bring US Cyber Command (USCYBERCOM), the nexus of the burgeoning arsenal of cyber capabilities of the United States, is set to be elevated to a unified combatant command (COCOM) after an 18 August order from President Donald Trump. The move will place the organisation on the same level as the existing six geographical and three functional unified COCOMs, and will set in motion its eventual separation from the National Security Agency (NSA) and the maturation of its role as the provider of military cyber options. However, six years after the command began operations, the question that is still occupying policy-makers is how military cyber operations and espionage will be divided. NSA director and USCYBERCOM commander Admiral Michael Rogers takes questions during his keynote address to the Armed Forces Communications and Electronics Association's sixth annual Cybersecurity Technology Summit at the Capitol Hilton on 2 April 2015 in Washington, DC. USCYBERCOM is set to be elevated to a unified COCOM, with Adm Rogers possibly a candidate for re-nomination. (Chip Somodevilla/Getty Images) Since its creation as a sub-unified COCOM in 2009, USCYBERCOM has been jointly housed and commanded with the NSA, first by General Keith Alexander, and since 2014 by Admiral Michael Rogers. The dual-hat role was intended to take advantage of the NSA's existing expertise in cyber Page 1 of 6

2 while enabling USCYBERCOM to rapidly develop its own abilities. Although the two organisations have shared space at Fort Meade, Maryland, their legal authorities are starkly divided. Espionage is largely omitted from international law, whereas the laws for military operations are much more specifically delineated. In the US, this division exists between two sections of the US Code, Title 10 (which covers the roles of the armed forces) and Title 50 (which includes chapters on espionage and similar activities). These provide differing legal justifications for the intelligence community and the military. The NSA got its start in cyber because of its responsibilities for signals intelligence, a role that inevitably led to an emphasis on cyber capacity given the development of computer technology. However, beyond intercepting communications, how the intelligence community will operate in the cyber domain, whether in offensive actions or more passive collection techniques, is still being mapped out. "The intelligence community is disproportionately in the business of collecting intelligence," Sue Gordon, the principal deputy director of national intelligence told Jane's in September "It's a blurry domain where we have to deconflict our activities, but what governs those activities is pretty clear." USCYBERCOM and the NSA: Vital statistics (IHS Markit/US government) Details about the elevation of USCYBERCOM to a unified COCOM are still being determined, and no candidate has been formally nominated yet to run the command, although Adm Rogers could be re-nominated. Trump's decision also did not specifically require that the NSA and USCYBERCOM split, although officials appear to acknowledge that a split will follow soon after USCYBERCOM achieves its new heightened position. Several sources familiar with thinking within Page 2 of 6

3 the NSA described in early September to Jane's a sense of relief and excitement that the agency was going to have the opportunity to return to its position in the intelligence community and would not be encumbered by its responsibilities to help a military command. Still, separating military from intelligence cyber operations will likely require years of work. Roots of USCYBERCOM USCYBERCOM was created on 23 June 2009 as a subordinate unified COCOM under the authority of the US Strategic Command (USSTRATCOM). The command was ultimately conceived in an effort to consolidate cyberspace operations, unify the direction of cyberspace operations, strengthen US Department of Defense (DoD) cyberspace capabilities, and integrate and bolster the DoD's cyber expertise. The newly created subordinate COCOM grew rapidly. USCYBERCOM achieved full operational capability on 31 October 2010, and outlined three primary areas of focus as part of its overall organisational effort: to provide defence for the DoD Information Network, to provide support to combatant commanders for execution of their missions around the world, and to strengthen the nation's ability to withstand and respond to cyber attacks. Command structure: Glossary of terms (IHS Markit) The mission statement for USCYBERCOM is contained within the emblem of the command itself, as the text string '9ec4c12949a4f31474f299058ce2b22a' can be found on the inner ring of the emblem. Pressure to promote Since its inception, there has been substantial pressure within the national security and defence communities to elevate USCYBERCOM to a unified COCOM. Gen Alexander, the first commander of USCYBERCOM, began to publicly discuss the possibility of elevation almost immediately after the command's creation. The ultimate decision to classify USCYBERCOM as a subordinate Page 3 of 6

4 command was originally based on several concerns, including the nature of the perceived threat at the time of the command's inception and the expectation that a more thorough understanding of the various risks to the DoD's cyber infrastructure would be needed, which was a substantial task. The demand for a substantive response capability had grown increasingly urgent, given the escalating frequency of attempted or actual penetrations of US government and military networks by foreign powers. Exact figures are not available, but many millions of cyber attacks have been mounted against the Pentagon leading it even to sponsor a 'Hack the Pentagon' programme of penetration testing against its own networks and thousands of automated but easily blocked cyber attacks occur every hour. The development and deployment of a subordinate COCOM under USSTRATCOM was intended to alleviate some of the more immediate and crucial cyber-capability demands across the DoD. This intermediate step was intended to give the newly established command the time needed to gestate and mature while under USSTRATCOM, eventually developing a unified strategy towards the synchronisation of all cyber efforts and capabilities across the DoD under its own COCOM. Official elevation The overall goal of a unified military cyber COCOM officially materialised during a White House press conference on 18 August During this announcement, Trump declared that the status of USCYBERCOM would finally be elevated to that of a fully fledged and independent unified COCOM for the country's cyberspace operations. Trump said that the "United States Cyber Command's elevation will also help streamline command and control of time-sensitive cyberspace operations by consolidating them under a single commander with authorities commensurate with the importance of such operations". He added, "Elevation will also ensure that critical cyberspace operations are adequately funded." Trump also acknowledged that such an effort would ultimately require USCYBERCOM to be effectively separated from the NSA. The decision to elevate USCYBERCOM to its own COCOM places all US military cyber operations on the same level as the military's more traditional combat environments. However, such a move is likely to be costly, in both time and financial resources. For instance, during congressional testimony in May, Adm Rogers requested a budget of roughly USD647 million for USCYBERCOM for fiscal year (FY) This is nearly a 16% increase from FY 2017 funding for its efforts as a subcommand. Adm Rogers went on to argue that cyber security was a national security issue, not limited to just the private or public sectors. This thinking was echoed in a May article published in Defense Media Activity by Cheryl Pellerin, a reporter for the DoD, which argued that such a classification demanded a 'whole-of-nation' approach in order to effectively address future threats. In a special report available on its website, the DoD specifically recognised that "state and nonstate actors threaten disruptive and destructive attacks against the United States and conduct cyber-enabled theft of intellectual property to undercut the United States' technological and military advantage. DoD must develop its cyber forces and strengthen its cyber defense and cyber deterrence posture". In order to accomplish its missions, one of the primary objectives of the new COCOM is to build up a comprehensive Cyber Mission Force. Page 4 of 6

5 The seals of USCYBERCOM, the NSA, and the Central Security Service greet employees and visitors at the campus that the three organisations share, 13 March 2015, Fort Meade, Maryland. USCYBERCOM's elevation to a unified COCOM will lead to its split from the NSA. (Chip Somodevilla/Getty Images) Opposition Despite Trump's announcement, Jane's judges that based on the execution timeline of similar congressional initiatives the status elevation of USCYBERCOM is likely to take more than a year to generate tangible results. For example, although there appears to be a shared consensus among all divisions of the DoD regarding the fundamental requirement for a properly unified cyber authority, as well as a common understanding and respect for the risks posed by potential cyber threats, there is likely to be a considerable amount of internal opposition to this effort. Although the incubation of USCYBERCOM as a subordinate command provided a stopgap for the most imperative cyber requirements across the DoD, it simultaneously created an environment that could hinder its own future development. In the absence of a previously established and independent cyber COCOM, each military operational command and defence agency has had to develop an individual and customised cyber-security capability to effectively meet their own unique security demands. However, such an effort is no simple task. Due to the amount of time it takes such specialised cyber-security efforts to become fully established, let alone effective, it is likely that these divisions would prefer to maintain their independence in this domain. The desire to retain this hard-fought autonomy could provide substantial resistance to any effort that requires such authority to be relinquished to that of another COCOM. Additional opposition stems from a concern that the current DoD cyber requirement does not warrant an elevation to a unified COCOM. For example, former chair of the Joint Chiefs of Staff General Martin Dempsey told the Senate Armed Services Committee in 2013 that an independent USCYBERCOM would make sense down the road but served little current purpose. Another risk is that if the current substantial public and media focus on cyber security fades, a senior-level cyber COCOM could lose momentum akin to US Space Command (USSPACECOM). Page 5 of 6

6 Created as a full-fledged COCOM in 1985 amid the fervour over the Strategic Defense Initiative, USSPACECOM ultimately merged with USSTRATCOM in 2002 as part of a new Unified Command Plan intended to transform and consolidate military command operations. Furthermore, this change comes in the context of ongoing uncertainty surrounding the Trump administration's commitment to cyber-security-related programmes and their respective efforts. Eight of the 27 members of the US government's National Infrastructure Advisory Council (NIAC) resigned en masse in August. The group, with various tasks that also include overseeing national cyber-security concerns, cited apprehension about the Trump administration's attention to and respect for the severity of the various cyber threats facing the infrastructure of the nation as a whole. On the web Joint UK-US cyber exercise tests preparednesseu and NATO design response to cyber-attacks Author Tanner Johnson is a Senior Research Analyst for Intelligence, Cyber Operations, and Services at Jane's Markets Forecast. Additional reporting by Zachary Fryer-Biggs, senior Pentagon reporter for Jane's. For the full version and more content: Jane's Military & Security Assessments Intelligence Centre This analysis is taken from Jane s Military & Security Assessments Intelligence Centre, which delivers comprehensive and reliable country risk and military capabilities information, analysis and daily insight. IHS country risk and military capabilities news and analysis is also available within Jane s Intelligence Review. To learn more and to subscribe to Jane s Intelligence Review online, offline or print visit: For advertising solutions visit Jane s Advertising Page 6 of 6