Information Warfare: USCYBERCOM Still Forbidden To Shoot Back

Archives

March 27, 2012:  U.S. Cyber Command (USCYBERCOM) became operational in late 2010, but it still has not established an official (approved by the government) policy stipulating how Internet based attacks can be responded to. While Cyber Command has been asking for permission to fight back, technical, legal, and political problems have delayed agreement on how that can be done. It's not for want of trying. Three months ago the U.S. Congress approved a new law that allows the Department of Defense to conduct offensive Cyber War operations in response to Cyber War attacks on the United States. That is, the U.S. military is now authorized to make war via the Internet. The new law stipulates that all the rules that apply to conventional war also apply to Cyber War. This includes the international law of armed conflict (meant to prevent war crimes and horrid behavior in general) and the U.S. War Powers Resolution (which requires a U.S. president to get permission from Congress within 90 days of entering into a war). Meeting with all the fine print has so far delayed actually allowing a legal counterstrike to a Cyber War attack.

Meanwhile, there are some related serious problems with finding qualified people to carry out such counterattacks. Headquartered in Fort Meade (outside Washington, DC), most of the manpower and capabilities for Cyber Command come from the Cyber War operations the services have already established. U.S. Cyber Command has some smaller organizations of its own that coordinate Cyber War activities among the services, as well as with other branches of the government and commercial organizations that are involved in network security. But most of Cyber Command manpower actually work for the Cyber War organizations of the four services.

Of the four services the U.S. Air Force is the most experienced in Cyber War matters. It was four years ago that the air force officially scrapped its own planned Cyber Command, which was supposed to operate more like USCYBERCOM. That new air force organization was supposed to officially begin operating by the end of 2008. Instead, many of the personnel that were sent to staff the new command were sent to the new Nuclear Command. This change was made in response to growing (at the time) problems with the management of air force nuclear weapons. Despite that, the air force continued trying to establish some kind of new Cyber War operation and use it to gain overall control for all Department of Defense Cyber War activities. The other services were not keen on this. That resistance, plus the nuclear weapons problems, led to the Cyber Command operation being scaled back to being the 24th Air Force. This organization handles electronic and Internet based warfare.

While the Air Force Cyber Command did not become reality, work continued on building a Cyber Control System. This is a hardware and software system that enables the 24th Air Force to monitor, in real time, the security state of all air force (or Department of Defense) networks. If any of these networks were attacked the Cyber Control System software would immediately alert 24th Air Force controllers and recommend a course of action. Think of this as a war room for Cyber War. Many people, deluged with TV and movie representations of high tech military command centers, believe such a Cyber War center already existed. It didn't, until the air force recently built it. This is now used as the main Cyber Command operations center. But all it can do at the moment is watch as the enemy attacks. USCYBERCOM cannot hit back.

The U.S. Army, following the example of the air force, also established a Cyber War operation. Some 21,000 soldiers were pulled from a large variety of signal and intelligence outfits to form ARFORCYBER (Army Forces Cyber Command). It became fully operational late last year, with its headquarters at Ft. Belvoir, Virginia.

Three years ago the U.S. Navy created an "Information Domination Corps", in the form of a new headquarters (the 10th Fleet), with over 40,000 people reassigned to staff it. While the new Cyber War command will mainly deal with intelligence and network security, it will also include meteorology and oceanography. These last two items are very important for deep water navies, especially since a lot of the information about oceans, and the weather, is kept secret. The fleet will call upon the talents of 45,000 sailors and civilians. Most (44,000) of these personnel are reorganized into 10th Fleet jobs or will contribute from within other organizations. A thousand new positions will be created, mainly for 10th Fleet. All this is for giving the navy a more powerful and secure position in cyberspace. The navy does not want to repeat the mistakes of the air force in this area.

The U.S. Marine Corps established a Forces Cyberspace Command two years ago, with about 800 personnel, to help provide network security for marine units. The marines are accustomed to doing more with less.

All those Cyber War operations are dependent on contract workers (civilians) for their top technical talent. There is always a shortage of these people, partly because they have to be capable of getting a security clearance. This rules out a lot of the best hacking talent, who had misbehaved in the past and were identified or even prosecuted for it. A lot of otherwise qualified technical personnel won't even apply for these Department of Defense jobs because a background check might reveal earlier hacking misadventures they would rather keep secret. Meanwhile, the Department of Defense has assembled a growing group of civilian Cyber War volunteers. Not all have security clearances but in the event of a national Cyber War crisis, that would be less of an issue.