Cy­ber op­er­a­tions headed for re­vamp

The Oklahoman (Sunday) - - OPINION - BY LOLITA C. BAL­DOR

WASH­ING­TON — Af­ter months of de­lay, the Trump ad­min­is­tra­tion is fi­nal­iz­ing plans to re­vamp the na­tion’s mil­i­tary com­mand for de­fen­sive and of­fen­sive cy­ber op­er­a­tions in hopes of in­ten­si­fy­ing Amer­ica’s abil­ity to wage cy­ber­war against the Is­lamic State group and other foes, ac­cord­ing to U.S. of­fi­cials.

Un­der the plans, U.S. Cy­ber Com­mand would even­tu­ally be split off from the in­tel­li­gence-fo­cused Na­tional Se­cu­rity Agency.

De­tails are still be­ing worked out, but of­fi­cials say they ex­pect a de­ci­sion and an­nounce­ment in the com­ing weeks. The of­fi­cials weren’t au­tho­rized to speak pub­licly on the mat­ter so re­quested anonymity.

The goal, they said, is to give U.S. Cy­ber Com­mand more au­ton­omy, free­ing it from any con­straints that stem from work­ing along­side the NSA, which is re­spon­si­ble for mon­i­tor­ing and col­lect­ing tele­phone, in­ter­net and other in­tel­li­gence data from around the world — a re­spon­si­bil­ity that can some­times clash with mil­i­tary op­er­a­tions against en­emy forces.

Mak­ing cy­ber an in­de­pen­dent mil­i­tary com­mand will put the fight in dig­i­tal space on the same foot­ing as more tra­di­tional realms of bat­tle on land, in the air, at sea and in space. The move re­flects the es­ca­lat­ing threat of cy­ber­at­tacks and in­tru­sions from other na­tion states, ter­ror­ist groups and hack­ers, and comes as the U.S. faces ever-widen­ing fears about Rus­sian hack­ing fol­low­ing Moscow’s ef­forts to med­dle in the 2016 Amer­i­can elec­tion.

The U.S. has long op­er­ated qui­etly in cy­berspace, us­ing it to col­lect in­for­ma­tion, dis­rupt en­emy net­works and aid con­ven­tional mil­i­tary mis­sions. But as other na­tions and foes ex­pand their use of cy­ber­spy­ing and at­tacks, the U.S. is de­ter­mined to im­prove its abil­ity to in­cor­po­rate cy­ber op­er­a­tions into its ev­ery­day warfight­ing.

Ex­perts said the com­mand will need time to find its foot­ing.

“Right now I think it’s in­evitable, but it’s on a very slow glide path,” said Jim Lewis, a cy­ber­se­cu­rity ex­pert with the Cen­ter for Strate­gic and In­ter­na­tional Stud­ies. But, he added, “A new en­tity is not go­ing to be able to du­pli­cate NSA’s ca­pa­bil­i­ties.”

The NSA, for ex­am­ples, has 300 of the coun­try’s lead­ing math­e­ma­ti­cians “and a gi­gan­tic su­per com­puter,” Lewis said. “Things like this are hard to du­pli­cate.”

He added, how­ever, that over time, the U.S. has in­creas­ingly used cy­ber as a tac­ti­cal weapon, bol­ster­ing the ar­gu­ment for sep­a­rat­ing it from the NSA.

The two highly se­cre­tive or­ga­ni­za­tions, based at Fort Meade, Mary­land, have been un­der the same four-star com­man­der since Cy­ber Com­mand’s cre­ation in 2009.

But the De­fense De­part­ment has been ag­i­tat­ing for a sep­a­ra­tion, per­ceiv­ing the NSA and in­tel­li­gence com­mu­nity as re­sis­tant to more ag­gres­sive cy­ber­war­fare, par­tic­u­larly af­ter the Is­lamic State’s trans­for­ma­tion in re­cent years from an ob­scure in­sur­gent force into an or­ga­ni­za­tion hold­ing sig­nif­i­cant ter­ri­tory across Iraq and Syria and with a world­wide re­cruit­ing net­work.

While the mil­i­tary wanted to at­tack IS net­works, in­tel­li­gence ob­jec­tives pri­or­i­tized gath­er­ing in­for­ma­tion from them, ac­cord­ing to U.S. of­fi­cials fa­mil­iar with the de­bate. They weren’t au­tho­rized to dis­cuss in­ter­nal de­lib­er­a­tions pub­licly and re­quested anonymity.

Then-De­fense Sec­re­tary Ash Carter sent a plan to Pres­i­dent Barack Obama last year to make Cy­ber Com­mand an in­de­pen­dent mil­i­tary head­quar­ters and break it away from the NSA, be­liev­ing that the agency’s de­sire to col­lect in­tel­li­gence was at times pre­vent­ing the mil­i­tary from elim­i­nat­ing IS’ abil­ity to raise money, in­spire at­tacks and com­mand its widely dis­persed net­work of fight­ers.

Carter, at the time, also pushed for the ouster of Adm. Mike Rogers, who still heads both bod­ies. The Pen­tagon, he warned, was los­ing the war in the cy­ber do­main, fo­cus­ing on cy­berthreats from na­tions such as Iran, Rus­sia and China, rather than on coun­ter­ing the com­mu­ni­ca­tions and pro­pa­ganda cam­paigns of in­ter­net­savvy in­sur­gents.

Of­fi­cials also grew alarmed by the grow­ing num­ber of cy­ber­at­tacks against the U.S. gov­ern­ment, in­clud­ing sev­eral se­ri­ous, high-level De­fense De­part­ment breaches that oc­curred un­der Rogers’ watch.

“NSA is truly an in­tel­li­gence-col­lec­tion or­ga­ni­za­tion,” said Lau­ren Fish, a re­search as­so­ciate with the Cen­ter for a New Amer­i­can Se­cu­rity. “It should be col­lect­ing in­for­ma­tion, writ­ing re­ports on it. Cy­ber Com­mand is meant to be an or­ga­ni­za­tion that uses tools to have mil­i­tary oper­a­tional ef­fect.”

Af­ter Pres­i­dent Don­ald Trump’s in­au­gu­ra­tion, of­fi­cials said De­fense Sec­re­tary Jim Mat­tis en­dorsed much of the plan. But de­bate over de­tails has dragged on for months.

It’s un­clear how fast the Cy­ber Com­mand will break off on its own. Some of­fi­cials be­lieve the new com­mand isn’t bat­tle-ready, given its cur­rent re­liance on the NSA’s ex­per­tise, staff and equip­ment. That ef­fort will re­quire the de­part­ment to con­tinue to at­tract and re­tain cy­ber ex­perts.

Cy­ber Com­mand was cre­ated in 2009 by the Obama ad­min­is­tra­tion to ad­dress threats of cy­ber es­pi­onage and other at­tacks. It was set up as a sub-unit un­der U.S. Strate­gic Com­mand to co­or­di­nate the Pen­tagon’s abil­ity to con­duct cy­ber­war­fare and to de­fend its own net­works, in­clud­ing those that are used by com­bat forces in bat­tle.

Of­fi­cials orig­i­nally said the new cy­ber ef­fort would likely in­volve hun­dreds, rather than thou­sands, of new em­ploy­ees.

Since then, the com­mand has grown to more than 700 mil­i­tary and civil­ian em­ploy­ees. The mil­i­tary ser­vices also have their own cy­ber units, with a goal of hav­ing 133 fully oper­a­tional teams with as many as 6,200 per­son­nel.

Its pro­posed bud­get for next year is $647 mil­lion. Rogers told Congress in May that rep­re­sents a 16 per­cent in­crease over this year’s bud­get to cover costs as­so­ci­ated with build­ing the cy­ber force, fight­ing IS and be­com­ing an in­de­pen­dent com­mand.

Un­der the new plan be­ing for­warded by the Pen­tagon to the White House, of­fi­cials said Army Lt. Gen. Wil­liam Mayville would be nom­i­nated to lead Cy­ber Com­mand. Lead­er­ship of the NSA could be turned over to a civil­ian.

Mayville is cur­rently the di­rec­tor of the mil­i­tary’s joint staff and has ex­ten­sive ex­pe­ri­ence as a com­bat-hard­ened com­man­der. He de­ployed to both Iraq and Afghanistan, lead­ing the 173rd Air­borne Bri­gade when it made its as­sault into Iraq in March 2003 and later head­ing coali­tion op­er­a­tions in eastern Afghanistan.


This file photo shows the Na­tional Se­cu­rity Ad­min­is­tra­tion cam­pus June 6, 2013, in Fort Meade, Md., where the US Cy­ber Com­mand is lo­cated.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.