Cyberwarfare in the United States
Cyberwarfare in the United States is the United States Cyber Command's military strategy of Proactive Cyber Defence and the use of cyberwarfare as a platform for attack. The United States Department of Defense sees the use of computers and the Internet to conduct warfare in cyberspace as a threat to national security. The Joint Forces Command issued a statement: "Cyberspace technology is emerging as an "instrument of power" in societies, and is becoming more available to a country's opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. With low barriers to entry, coupled with the anonymous nature of activities in cyberspace, the list of potential adversaries is broad. Furthermore, the globe-spanning range of cyberspace and its disregard for national borders will challenge legal systems and complicate a nation's ability to deter threats and respond to contingencies."
However, decades of failure to learn between "silos" in agencies or departments has led to the failure of major United States Armed Forces IT projects and the waste of billions of dollars. Also while the United States federal government has invested heavily in cybersecurity contractors, it has failed to establish standards for these companies or properly manage them. In addition these contractors cost nearly twice as much as federal employees who do the same jobs.
- 1 The Five Pillars
- 2 Cyberattack an act of war
- 3 United States Cyber Command components
- 4 Cyberwarfare activities in the U.S.
- 5 See also
- 6 Further reading
- 7 References
The Five Pillars
The five pillars is the framework for the United States military strategy for cyberwarfare. The first pillar is to recognize that the new domain for warfare is cyberspace similar to the other elements in the battlespace. The second pillar is proactive defenses as opposed to passive defense. Two examples of passive defense are computer hygiene and firewalls. The balance of the attacks require active defense using sensors to provide a rapid response to detect and stop a cyber attack on a computer network. This would provide military tactics to backtrace, hunt down and attack an enemy intruder. The third pillar is critical infrastructure protection (CIP) to ensure the protection of critical infrastructure. The fourth pillar is the use of collective defense, which would provide the ability of early detection and to incorporate them into the cyberwarfare defence structure. The fifth pillar is maintain and enhance the advantage of technological change. This would include improved computer literacy and increasing artificial intelligence capabilities.
Cyberattack an act of war
The new United States military strategy, makes explicit that a cyberattack is casus belli for a traditional act of war. This is controversial; Howard Schmidt, the cybersecurity leader of the US, said in March 2010 that "there is no cyberwar... I think that is a terrible metaphor and I think that is a terrible concept. There are no winners in that environment."
In September 2012, the State Department chief legal advisor, Harold Koh, announced that certain cyber attacks may constitute a "use of force", and are subject to international law and rules of war.
In 2013, a U.S. Department of Defense task force stated that nuclear weapons could be used in response to a cyber attack.
United States Cyber Command components
United States Cyber Command
The United States Cyber Command (USCYBERCOM) is a United States armed forces sub-unified command subordinate to United States Strategic Command. USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries."
Army Cyber Command
- Army Network Enterprise Technology Command / 9th Army Signal Command
- Portions of 1st Information Operations Command (Land)
- United States Army Intelligence and Security Command will be under the operational control of ARCYBER for cyber-related actions.
Marine Corps Forces Cyberspace Command
United States Marine Corps Forces Cyberspace Command is a functional formation of the United States Marine Corps to protect infrastructure from cyberwarfare.
The Navy Cyber Forces (CYBERFOR) is the type commander for the U.S. Navy's global cyber workforce. The headquarters is located at Joint Expeditionary Base Little Creek-Fort Story. CYBERFOR provides forces and equipment in cryptology/signals intelligence, cyber, electronic warfare, information operations, intelligence, networks, and space. In September 2013, the United States Naval Academy will offer undergraduate students the opportunity to major in Cyber Operations.
Twenty-Fourth Air Force
The Twenty-Fourth Air Force (24 AF) is a Numbered Air Force (NAF) with the United States Air Force (USAF). The USAF is consolidating its cyberspace combat forces into 24 AF. The Twenty-Fourth Air Force, will be the Air Force component of United States Cyber Command (USCYBER). The 24AF has the following components:
United States Tenth Fleet
The United States Tenth Fleet is a functional formation of the United States Navy. It was first created as an anti submarine warfare coordinating organization during the Battle of the Atlantic in the Second World War. It has been reactivated as Fleet Cyber Command. The tenth fleet components are:
- Naval Network Warfare Command
- Navy Cyber Defense Operations Command
- Naval Information Operation Commands
- Combined Task Forces
Cyberwarfare activities in the U.S.
- In 1982, a computer control system stolen from a Canadian company by Soviet spies caused a Soviet gas pipeline to explode. The code for the control system had been modified by the CIA to include a logic bomb which changed the pump speeds to cause the explosion.
- In 1991, it was reported by the US Air Force that a computer virus named AF/91 was created and was installed on a printer chip and made its way to Iraq via Amman, Jordan. Its job was to make the Iraqi anti-aircraft guns malfunction; however, according to the story, the central command center was bombed and the virus was destroyed. The virus, however, was found to be a fake.
- In 1998, in order for US and NATO to bomb Serbian targets successfully in Kosovo, the USA needed to hack into the Serbian air defense system and trick the Serbian Air Traffic Controllers. The US accomplished its goal so well that there was concern about continuing or escalating the attacks because the US didn't want to hack into any further Serbian targets because of fear of damaging civilian targets.
- Systems in the US military and private research institutions were penetrated from March 1998 for almost two years in an incident called Moonlight Maze. The United States Department of Defense traced the trail back to a mainframe computer in the former Soviet Union but the sponsor of the attacks is unknown and Russia denies any involvement.
- Titan Rain was the U.S. government's designation given to a series of coordinated attacks on American computer systems since 2003. The attacks were labeled as Chinese in origin, although their precise nature (i.e., state-sponsored espionage, corporate espionage, or random hacker attacks) and their real identities (i.e., masked by proxy, zombie computer, spyware/virus infected) remain unknown.
- In 2007, the United States government suffered "an espionage Pearl Harbor" in which an unknown foreign power...broke into all of the high tech agencies, all of the military agencies, and downloaded terabytes of information.
- In 2008, a hacking incident occurred on a U.S. Military facility in the Middle East. United States Deputy Secretary of Defense William J. Lynn III had the Pentagon release a document, which reflected a "malicious code" on a USB flash drive spread undetected on both classified and unclassified Pentagon systems, establishing a digital beachhead, from which data could be transferred to servers under foreign control. "It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary. This ... was the most significant breach of U.S. military computers ever and it served as an important wake-up call", Lynn wrote in an article for Foreign Affairs.
- On 9 February 2009, the White House announced that it will conduct a review of the nation's cyber security to ensure that the Federal government of the United States cyber security initiatives are appropriately integrated, resourced and coordinated with the United States Congress and the private sector.
- On 1 April 2009, U.S. lawmakers pushed for the appointment of a White House cyber security "czar" to dramatically escalate U.S. defenses against cyber attacks, crafting proposals that would empower the government to set and enforce security standards for private industry for the first time.
- On 7 April 2009, The Pentagon announced they spent more than $100 million in the last six months responding to and repairing damage from cyber attacks and other computer network problems.
- In December 2009 through January 2010, a cyber attack, dubbed Operation Aurora, was launched from China against Google and over 20 other companies. Google said the attacks originated from China and that it would "review the feasibility" of its business operations in China following the incident. According to Google, at least 20 other companies in various sectors had been targeted by the attacks. McAfee spokespersons claim that "this is the highest profile attack of its kind that we have seen in recent memory."
- In February 2010, the United States Joint Forces Command released a study which included a summary of the threats posed by the internet:
- On 19 June 2010, United States Senator Joe Lieberman (I-CT) introduced a bill called "Protecting Cyberspace as a National Asset Act of 2010", which he co-wrote with Senator Susan Collins (R-ME) and Senator Thomas Carper (D-DE). If signed into law, this controversial bill, which the American media dubbed the "Kill switch bill", would grant the President emergency powers over parts of the Internet. However, all three co-authors of the bill issued a statement that instead, the bill "[narrowed] existing broad Presidential authority to take over telecommunications networks".
- In August 2010, the U.S. for the first time is publicly warning about the Chinese military's use of civilian computer experts in clandestine cyber attacks aimed at American companies and government agencies. The Pentagon also pointed to an alleged China-based computer spying network dubbed GhostNet that was revealed in a research report last year. The Pentagon stated: "The People's Liberation Army is using "information warfare units" to develop viruses to attack enemy computer systems and networks, and those units include civilian computer professionals. Commander Bob Mehal, will monitor the PLA's buildup of its cyberwarfare capabilities and will continue to develop capabilities to counter any potential threat."
- In 2011 as part of The Anonymous attack on HBGary Federal information about private companies such as Endgame systems who design offensive software for the Department of Defense were revealed. It was shown that Endgame systems job applicants had previously "managed team of 15 persons, responsible for coordinating offensive computer network operations for the United States Department of Defense and other federal agencies."
- In 2012, the Pentagon plans to host contractors who "want to propose revolutionary technologies for understanding, planning and managing cyberwarfare. It is part of an ambitious program that the Defense Advanced Research Projects Agency, or DARPA, calls Plan X, and the public description talks about 'understanding the cyber battlespace', quantifying 'battle damage' and working in DARPA's 'cyberwar laboratory.'"
- Starting in September 2012, denial of service attacks, were carried out against the New York Stock Exchange and a number of banks including J.P. Morgan Chase. Credit for these attacks was claimed by a hacktivist group called the Qassam Cyber Fighters who have labeled the attacks Operation Ababil. The attacks had been executed in several phases and were restarted in March 2013.
Cyberwarfare limitation treaty
Defense Industrial Base Cybersecurity and Information Assurance
In response to cyberattacks that occurred during the Bush years, and denied stronger tools by the Republican congress, Obama has used executive authority to join together government and private sector cyber security to be able to respond to cyber attacks directed at the American defense industry in general.
- Air Force Cyber Command (Provisional)
- Computer insecurity
- Cyber spying
- Cyber terrorism
- Cyberwarfare by Russian state
- Defense Information Systems Network
- Denial-of-service attack
- Electronic warfare
- Hacker (computer security)
- Information warfare
- List of cyber attack threat trends
- Penetration testing
- Proactive Cyber Defence
- Siberian pipeline sabotage
- Signals intelligence
- Chinese Intelligence Operations in the United States
- Chinese Information Operations and Warfare
- Economic and Industrial Espionage
- U.S. Cyber Command
- Obama Order Sped Up Wave of Cyberattacks Against Iran with diagram, 1 June 2012
- "American Forces Press Service: Lynn Explains the U.S Cybersecurity Strategy". Defense.gov.
- DOD – Cyberspace[dead link]
- "The Joint Operating Environment", Report released, 18 Feb 2010, pp. 34–36
- Nolan, John. "Reports: Air Force's troubled technology projects cost millions." Dayton Daily News, Ohio, 17 June 2012.
- Thompson, Loren. "Five Things The Government's Cybersecurity Providers Should Have – And Usually Don't." Lexington Institute, 18 June 2012.
- Rahija, Bryan. "The Cost of Contractor Computer Engineering Services." POGO, 25 June 2012.
- "Official: NATO Should Build A 'Cyber Shield'". Red Orbit. 16 September 2010.
- New York Times: Pentagon to Consider Cyberattacks Acts of War
- "White House Cyber Czar: ‘There Is No Cyberwar’" Wired magazine, 4 March 2010
- Aram Roston (18 September 2012). "U.S.: Laws of war apply to cyber attacks". Army Times. Retrieved 24 February 2013.
- Conte, Andrew. ""Nuke option necessary in case of massive cyberwar, report concludes."". Stripes.com.
- U.S. Department of Defense, Cyber Command Fact Sheet, 21 May 2010 http://www.stratcom.mil/factsheets/cc/
- US Department of Defense (24 May 2010). "DoD Release No. 420-10 Establishment of Army Forces Cyber Command". defense.gov. Retrieved 24 May 2010.
- "20091203 IO Newsletter v10 no 03".
- Patrick Jackson (15 March 2010). "Meet USCybercom: Why the US is fielding a cyber army". BBC News. Retrieved 10 July 2010.
- "News Release: Army Forces Cyber Command Headquarters Standup Plan Announced". Defense.gov. Retrieved 10 July 2010.
- "Fort Mead News: USMC Cyber Command". Ftmeade.army.mil. 28 January 2010. Retrieved 10 July 2010.
- Mike Hoffman (8 June 2013). "Naval Academy Launches Cyber Operations Major". DefenseTech.org.
- Frequently Asked Questions
- "Cyberwar: War in the fifth domain". The Economist. 1 July 2010. Retrieved 4 July 2010.
- Smith, George. "Iraqi Cyberwar: an Ageless Joke." SecurityFocus. 10 Mar 2003. Web. 11 Oct 2009. <http://www.securityfocus.com/columnists/147>.
- George Smith (10 March 2003). "Iraqi Cyberwar: an Ageless Joke". Securityfocus.com.
- Hancock, Bill. "Security Views." Computers & Security 18 (1999): 553–64. ScienceDirect. Web. 11 October 2009. <http://www.sciencedirect.com/science?_ob=MImg&_imagekey=B6V8G-463GSGP-2-1&_cdi=5870&_user=47004&_orig=search&_coverDate=12%2F31%2F1999&_sk=999819992&view=c&wchp=dGLzVlz-zSkWA&md5=a6d6590f9a8954864a1abbd91dd0a981&ie=/sdarticle.pdf>.
- "Cyber War: Sabotaging the System". CBS News. 6 November 2009.
- The Washington Post: Pentagon computers attacked with flash drive[dead link]
- "White House Eyes Cyber Security Plan". CBS News. 9 February 2009.
- "Senate Legislation Would Federalize Cybersecurity". Washingtonpost.com.
- "Pentagon Bill To Fix Cyber Attacks: $100M". CBS News. 7 April 2009.
- "A new approach to China". Blogspot. 12 January 2010. Retrieved 17 January 2010.
- "Google Attack Is Tip Of Iceberg", McAfee Security Insights, 13 January 2010
- Senators Say Cybersecurity Bill Has No 'Kill Switch', informationweek.com, 24 June 2010. Retrieved on 25 June 2010.
- "ANNUAL REPORT TO CONGRESS Military and Security Developments Involving the People's Republic of China 2010" (PDF).
- AP: Pentagon takes aim at China cyber threat[dead link]
- Haroon Meer (11 March 2011). "Lessons from Anonymous on cyberwar". Al Jazeera English.
- "U.S. Officials Opening Up on Cyberwarfare".
- "Chase, NYSE Websites Targeted in Cyber Attacks.". Retrieved 15 March 2013.
- "Phase 2 Operation Ababil.". Retrieved 15 March 2013.
- "Bank Attackers Restart Operation Ababil DDoS Disruptions.". Retrieved 15 March 2013.
- Post (4 June 2010). "WSJ: U.S. Backs Talks on Cyber Warfare". Online.wsj.com.
- Reed, John. "Pentagon expanding public-private cyber information sharing program." Foreign Policy Magazine, 27 September 2012.