Talk to the average person, and they might tell you U.S. Cyber Command is the first real effort the US military has made at addressing cyberspace. The Atlantic Council’s event yesterday, entitled “Lessons From Our Cyber Past: The First Military Cyber Units,” dispelled that myth, and revealed some insights into how exactly the US has been approaching the very real threats posed by our adversaries in the online realm.
Speaking at the event were the leaders of these first forays into cyber: Col. Walter “Dusty” Rhoads, USAF (Ret.), who was the Founding Commander of the 609th Information Warfare Squadron; Lt. Gen. John H. “Soup” Campbell, USAF (Ret.), who was the Founding Commander of Joint Task Force – Computer Network Defense; and Maj. Gen. James D. Bryan, US Army (Ret.), who was the Founding Commander of Joint Task Force, Computer Network Operations. The Atlantic Council’s Jason Healey moderated the event.
All three noted the difficulties they had with the beginnings of their commands. Col. Rhoads noted that his major challenge was the fact that very few people had an understanding of what information warfare (IW) was, meaning it was difficult to develop a mission mindset for it. Gen. Campbell noted that once Eligible Receiver ‘97 took place, in which NSA Red Teams infiltrated DoD computer systems as well as those of critical infrastructure and other systems throughout the country, the lessons learned from that exercise quickly lead to the creation of JTF-CND. Gen. Bryan, on the other hand, found that upon starting his work with JTF-CNO, situational awareness (SA) of the networks and infrastructure was not where it needed to be for the task force to fulfill its role. Within two weeks of working with his personnel, he says, they had full SA and began to recognize the importance of that in the broader mission context.
All three found that one of the major accomplishments of their units was simply getting things moving. Gen. Campbell said a major boon for JTF-CND was incorporating personnel from other fields into the mix, such as lawyers, law enforcement, and intelligence folks. Doing so added to the capabilities of JTF, and made cooperation with other institutions easier to foster. All three also noted that despite splitting their resources approximately 30% to offense and 70% to defense, the mission time spent on both was largely the opposite. Gen. Bryan observed, on the offensive side, whether you succeeded or failed the nation was still safe. But if you failed on defense, that put the nation at risk. Gen. Campbell echoed this, noting that the risk is much greater for the United States on the defensive side, and that our ability to leverage our cyber infrastructure makes us a big target. He questioned whether our defense of it is commensurate with how much we value it.
Despite the lessons learned and the wealth of experience gleaned from these units, the speakers admitted they weren’t entirely optimistic on the outlook for the future. Referencing Moonlight Maze, an incident in which it was believed hackers from Russia were infiltrating government and education systems, Gen. Campbell expressed concern that the US has seemingly “ceded the battleground to nation states who are stealing our intellectual property.” Gen. Bryan said that the pace of technological development makes strategic assessments and situational awareness difficult to achieve as well. However, Gen. Bryan also noted that as “digital natives” become field grade officers and replace the previous leadership, which he called “digital immigrants,” he sees a real trend coming in terms of knowledgeable people influencing policy in positive ways.
Cultivating knowledgeable digital natives may be easier said than done, however. Healey noted that as a professor, he wants to teach his students about some of these past incidents and threats, so they can learn lessons from them in order to address current policy questions facing the US. Given the extent to which such information is classified, he’s limited to telling his students to “go to Google,” if they want to learn anything about these incidents.
An interesting question that was left somewhat unanswered related to a broader cyber strategy. The questioner declared that the United States is relatively weak in terms of having a national cyber strategy, and suggested that cyber needs its own Alfred Thayer Mahan or Gen. William Mitchell. Gen. Campbell agreed with that assessment, but noted that in the beginning we believed cyber to be a major turning point for military conflict (for example, wars fought purely in cyberspace), but that so far that has turned out not to be the case.
I’ll end on that thought. Do we have an Alfred Mahan or William Mitchell to guide us into the next 10 years of cyberspace, and if so, who? And if not, how can we create an environment in which we can have such visionaries?