November 24, 2015:
The U.S. Army has adopted a “terrify and train” approach to getting commanders, especially of combat units, ready for what they will face in wartime. Just putting officers through an “educate and familiarize” course on Cyber War is not enough so the army has also trained its cyber protection teams to give units they are assigned to a taste of what horrors await them in wartime on the network warfare front. This is an improvement over Cold War era policies that generally discouraged exposing combat units to realistic demonstrations of what kind of jamming and other electronic techniques the Russians had developed to cripple American military communications in wartime. That was the pre-Internet version of a network attack. Sometimes American units on training exercises did get a taste of electronic jamming and deception and it proved so disruptive to operations that it was discouraged. But many officers, and a lot of the tech-savvy troops knew that they type of ignorance would make the Russian electronic warfare even more effective in wartime.
American combat units got a small demonstration of how disruptive this could be in 1991 when Iraq used the few, generally older, Russian jammers and other electronic weapons against advancing coalition troops. These electronic weapons were more of a nuisance, but word got around that if these devices had been more recent models and used on a larger scale they would have made American operations less effective and gotten American troops killed. Partly as a result of this when the Internet arrived later in the 1990s and many young officers and troops quickly adopted it. After 2000 these Internet savvy officers were quick to realize that anyone who used the Internet a lot had a huge military advantage, but was also vulnerable. It took the army a while to get most senior officers on board but by 2010 the army was forming a separate command devoted to Cyber War and defense.
Progress continued and in 2014 the first Cyber Protection Brigade became active. This unit was created to provide quick and competent personnel for setting up and maintaining network defenses, as well as experienced personnel to investigate and deal with intrusions. The core of the brigade are the twenty cyber protection teams. Each contains 39 military and civilian network security experts. To provide the military personnel the army has created a special MOS (Military Occupational Specialty) so qualified personnel can make a career of this work. This MOS (25D, Cyber Network Defender) is open to all qualified military personnel. Currently there are nearly a thousand troops with the 25D MOS and more are being sought. The 25Ds are in high demand, and they are supplemented by qualified civilians, who are more expensive. Since highly skilled 25Ds will always be tempted to leave the army and take better paying civilian jobs the army will, as it does with other specialists (like Special Forces troops) offer big cash reenlistment bonuses to 25Ds they want to keep.
The 25Ds are similar to Special Forces troops in other ways. The Special Forces brigades (called groups) are smaller (1,500 troops) than regular combat brigades (over 4,000 personnel). There are other specialized brigades that have fewer troops, like the 1,100 or so in the Cyber Protection Brigades. What does make the Cyber Protection Brigades unique is the integration of so many civilian contractors with military personnel in the key elements (the cyber protection teams).
These new brigades are part of the army and the new U.S. Cyber Command (USCYBERCOM). There they join the new offensive cyber-teams, which began forming in 2013. The army is still creating new cyber protection teams and expects to have at least three Cyber Protection Brigades by 2016 or 2017.
The offensive and defensive teams benefit from Cyber Command intelligence and monitoring operations as well as a big budget for keeping the software library stocked with effective tools (including zero day exploits, which are not cheap at all). Cyber Command also has contacts throughout the American, and international, software engineer community. This can provide crucial expertise when needed. The effectiveness of these teams will vary a great deal because one highly skilled Internet software whiz on a team can make a huge difference.
The majority of these teams will be assigned to the nine major commands (like Centcom or Socom), but some of the offensive teams will be maintained separately to strike back at major attacks on the United States. Exactly what weapons would be used are not discussed, nor is the exact size and organization of offensive cyber-teams. What is known that there is work for such teams of Internet specialists if they work in conjunction with lawyers and the State Department. This kind of organization has already destroyed several Internet criminal organizations. NSA (National Security Agency) has also been even more active in carrying out offensive attacks.
Cyber Command became operational in late 2010. Headquartered in Fort Meade (outside Washington, DC), most of the manpower and capabilities for Cyber Command come from the Cyber War operations the services have already established. U.S. Cyber Command has some smaller organizations of its own that coordinate Cyber War activities among the services, as well as with other branches of the government and commercial organizations that are involved in network security. But most of Cyber Command manpower actually works for the Cyber War organizations of the four services.
Of the four services the U.S. Air Force is the most experienced in Cyber War matters. Back in 2008 the air force officially scrapped its own planned Cyber Command, which was supposed to operate more like USCYBERCOM. That new air force organization was supposed to officially begin operating by the end of 2008. Instead, many of the personnel that were sent to staff the new command were sent to the new Nuclear Command. This change was made in response to growing (at the time) problems with the management of air force nuclear weapons. Despite that, the air force continued trying to establish some kind of new Cyber War operation and use it to gain overall control for all Department of Defense Cyber War activities. The other services were not keen on this. That resistance, plus the nuclear weapons problems, led to the Cyber Command operation being scaled back to being the 24th Air Force. This organization handles electronic and Internet based warfare.
The U.S. Army, following the example of the air force, also established a Cyber War operation. Some 21,000 soldiers were pulled from a large variety of signal and intelligence outfits to form ARFORCYBER (Army Forces Cyber Command). It became fully operational in 2012 with its headquarters at Ft. Belvoir, Virginia.
In 2009 the U.S. Navy created an "Information Domination Corps", in the form of a new headquarters (the 10th Fleet), with over 40,000 people reassigned to staff it. While the new Cyber War command dealt mainly with intelligence and network security, it also included meteorology and oceanography. These last two items are very important for deep water navies, especially since a lot of the information about oceans, and the weather, is kept secret. The fleet calls upon the talents of 45,000 sailors and civilians. Most (44,000) of these personnel are reorganized into 10th Fleet jobs or will contribute from within other organizations. A thousand new positions were created, mainly for 10th Fleet. All this gave the navy a more powerful and secure position in cyberspace. The navy does not want to repeat the mistakes of the air force in this area.
The U.S. Marine Corps established a Forces Cyberspace Command in 2010, with about 800 personnel, to help provide network security for marine units. The marines are accustomed to doing more with less.
The Americans aren’t the only ones preparing for cyber war. In 2013 Russia revealed that it is organizing a Cyber War organization within the Defense Ministry. This would be a separate branch of the army, joining more traditional branches like infantry, armor, artillery and signal (where Cyber War operations already exist in most countries). Noting what’s going on in China and the United States, the Russians have decided to catch up.
The Chinese military already has a growing number of formal Cyber War units, as well as military sponsored college level Cyber War departments and extensive course offerings. These Cyber War units, plus the volunteer organizations and Golden Shield (Internet censors and monitors) bureaucrats apparently work closely with each other and have provided China with a formidable Cyber War capability. NET Force, with only a few thousand personnel, appears to be the controlling organization for all this. With the help of RHU and Golden Shield, they can mobilize formidable attacks, as well as great defensive potential. No other nation has anything like it.