Cyberwarfare in the United States

As a major developed economy, the United States is highly dependent on the Internet and therefore greatly exposed to cyber attacks. At the same time, the United States has substantial capabilities in both defense and power projection thanks to its advanced technology and large military budget. Cyber warfare continues to be a growing threat as more physical systems and infrastructure are linked to the internet. Malicious hacking from domestic or foreign enemies remains a constant threat to the United States. In response to these growing threats, the United States has developed significant cyber capabilities.

The United States Department of Defense recognizes the use of computers and the Internet to conduct warfare in cyberspace as a threat to national security, but also as a platform for attack.

The United States Cyber Command centralizes command of cyberspace operations, organizes existing cyber resources and synchronizes defense of U.S. military networks. It is an armed forces sub-unified command subordinate to United States Strategic Command.

The Department of Defense Cyber Strategy

In April 2015, the U.S. Department of Defense (DoD) published its latest Cyber Strategy[1] building upon the previous DoD Strategy for Operating in Cyberspace published in July 2011.[2] The DoD Cyber strategy focuses on building capabilities to protect, secure, and defend its own DoD networks, systems and information; defend the nation against cyber attacks; and support contingency plans. This includes being prepared to operate and continue to carry out missions in environments impacted by cyber attacks.

The DoD outlines three cyber missions:

  1. Defend DoD networks, systems, and information.
  2. Defend the United States and its interests against cyberattacks of significant consequence.
  3. Provide integrated cyber capabilities to support military operations and contingency plans.

In addition the Cyber Strategy emphasizes the need to build bridges to the private sector, so that the best talent and technology the United States has to offer is at disposal to the DoD.[1]

The Five Pillars

1. Build and maintain ready forces and capabilities to conduct cyberspace operations;

2. Defend the DoD information network, secure DoD data, and mitigate risks to DoD missions;

3. Be prepared to defend the U.S. homeland and U.S. vital interests from disruptive or destructive cyberattacks of significant consequence;

4. Build and maintain viable cyber options and plan to use those options to control conflict escalation and to shape the conflict environment at all stages;

5. Build and maintain robust international alliances and partnerships to deter shared threats and increase international security and stability.

US Department of Defense Cyber Strategy, US DoD, April 2015.

The five pillars is the base of the Department of Defense's strategy for cyberwarfare. The first pillar is to recognize that the new domain for warfare is cyberspace and that it is similar to the other elements in the battlespace. The key objectives of this pillar is to build up technical capabilities and accelerate research and development to provide the United States with a technological advantage. The second pillar is proactive defenses as opposed to passive defense. Two examples of passive defense are computer hygiene and firewalls. The balance of the attacks require active defense using sensors to provide a rapid response to detect and stop a cyber attack on a computer network. This would provide military tactics to backtrace, hunt down and attack an enemy intruder. The third pillar is critical infrastructure protection (CIP) to ensure the protection of critical infrastructure by developing warning systems to anticipate threats. The fourth pillar is the use of collective defense which would provide the ability of early detection, and to incorporate it into the cyberwarfare defense structure. The goal of this pillar being to explore all options in the face of a conflict, and to minimize loss of life and destruction of property. The fifth pillar is build and maintain international alliances and partnerships to deter shared threats, and to remain adaptive and flexible to build new alliances as required. This is focused on "priority regions, to include the Middle East, Asia-Pacific, and Europe".[1]

Cyberattack as an act of war

In 2011, The White House published an "International Strategy for Cyberspace" that reserved the right to use military force in response to a cyberattack:[3][4]

When warranted, the United States will respond to hostile acts in cyberspace as we would to any other threat to our country. We reserve the right to use all necessary means — diplomatic, informational, military, and economic — as appropriate and consistent with applicable international law, in order to defend our Nation, our allies, our partners, and our interests. In so doing, we will exhaust all options before military force whenever we can; will carefully weigh the costs and risks of action against the costs of inaction; and will act in a way that reflects our values and strengthens our legitimacy, seeking broad international support whenever possible.

International Strategy for Cyberspace, The White House, 2011

In 2013, the Defense Science Board, an independent advisory committee to the U.S. Secretary of Defense, went further, stating that "The cyber threat is serious, with potential consequences similar in some ways to the nuclear threat of the Cold War," and recommending, in response to the "most extreme case" (described as a "catastrophic full spectrum cyber attack"), that "Nuclear weapons would remain the ultimate response and anchor the deterrence ladder."[5]

Attacks on other nations

Iran

In June 2010, Iran was the victim of a cyber attack when its nuclear facility in Natanz was infiltrated by the cyber-worm ‘Stuxnet’, said to be the most advanced piece of malware ever discovered and significantly increases the profile of cyberwarfare.[6][7] It destroyed perhaps over 1000 nuclear centrifuges and, according to a Business Insider article, "[set] Tehran's atomic program back by at least two years."[8]

Despite a lack of official confirmation, Gary Samore, White House Coordinator for Arms Control and Weapons of Mass Destruction, made a public statement, in which he said, "we're glad they [the Iranians] are having trouble with their centrifuge machine and that we—the US and its allies—are doing everything we can to make sure that we complicate matters for them", offering "winking acknowledgement" of US involvement in Stuxnet.[9]

China

In 2013, Edward Snowden, a former systems administrator for the Central Intelligence Agency (CIA) and a counterintelligence trainer at the Defense Intelligence Agency (DIA), revealed that the United States government had hacked into Chinese mobile phone companies to collect text messages and had spied on Tsinghua University, one of China's biggest research institutions, as well as home to one of China's six major backbone networks, the China Education and Research Network (CERNET), from where internet data from millions of Chinese citizens could be mined. He said U.S. spy agencies has been watching China and Hong Kong for years.[10]

According to classified documents provided by Edward Snowden, the National Security Agency (NSA) has also infiltrated the servers in the headquarters of Huawei, China's largest telecommunications company and the largest telecommunications equipment maker in the world. The plan is to exploit Huawei's technology so that when the company sold equipment to other countries—including both allies and nations that avoid buying American products—the NSA could roam through their computer and telephone networks to conduct surveillance and, if ordered by the president, offensive cyberoperations.[11]

Other

Cyber threat information sharing

The Pentagon has had an information sharing arrangement, the Defense Industrial Base Cybersecurity and Information Assurance (DIBCIA) program, in place with some private defense contractors since 2007[18] to which access was widened in 2012.[19]

A number of other information sharing initiatives such as the Cyber Intelligence Sharing and Protection Act (CISPA) and Cybersecurity Information Sharing Act (CISA) have been proposed, but failed for various reasons including over fears that they have too few limits, and could be used to spy on the general public.

United States Cyber Command

The United States Cyber Command (USCYBERCOM) is a United States armed forces sub-unified command subordinate to United States Strategic Command. USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: defend Department of Defense information networks and; prepare to conduct "full spectrum military cyberspace operations" to ensure US/Allied freedom of action in cyberspace and deny the same to adversaries.[20]

Army

The Army Cyber Command (ARCYBER) is an Army component command for the U.S. Cyber Command.[21] ARCYBER has the following components:

Marine Corps

United States Marine Corps Forces Cyberspace Command is a functional formation of the United States Marine Corps to protect infrastructure from cyberwarfare.[25]

Air Force

The Twenty-Fourth Air Force (24 AF) will be the United States Air Force component of United States Cyber Command (USCYBER).[26] It has the following components:

The Navy Cyber Forces (CYBERFOR) is the type commander for the U.S. Navy's global cyber workforce. The headquarters is located at Joint Expeditionary Base Little Creek-Fort Story. CYBERFOR provides forces and equipment in cryptology/signals intelligence, cyber, electronic warfare, information operations, intelligence, networks, and space. In September 2013, the United States Naval Academy will offer undergraduate students the opportunity to major in Cyber Operations.[27]

Fleet Cyber Command is an operating force of the United States Navy responsible for the Navy's cyber warfare programs.[28] Tenth Fleet is a force provider for Fleet Cyber Command.[29] The fleet components are:

Timeline

Cyberwar defense team

See also

References

  1. 1 2 3 4 US Department of Defense Cyber Strategy. http://www.defense.gov/Portals/1/features/2015/0415_cyber-strategy/Final_2015_DoD_CYBER_STRATEGY_for_web.pdf: US Department of Defense. 2015. pp. 2–8.
  2. 1 2 Department of Defense Strategy for Operating In Cyberspace. http://csrc.nist.gov/groups/SMA/ispab/documents/DOD-Strategy-for-Operating-in-Cyberspace.pdf: US DoD. 2011.
  3. "International Strategy for Cyberspace" (PDF). The White House. 2011. Retrieved 4 September 2014.
  4. Alexander, David (15 November 2011). "U.S. reserves right to meet cyber attack with force". Reuters. Retrieved 4 September 2014.
  5. (PDF). Missing or empty |title= (help);
  6. AFP: Stuxnet worm brings cyber warfare out of virtual world. Google.com (1 October 2010). Retrieved 8 November 2011.
  7. Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon | Video on. Ted.com. Retrieved 8 November 2011.
  8. "US General: Iran's Cyber War Machine 'A Force To Be Reckoned With'". Business Insider. Retrieved September 15, 2016.
  9. Gary Samore speaking at the 10 December 2010 Washington Forum of the Foundation for Defense of Democracies in Washington DC, reported by C-Span and contained in the PBS program Need to Know ("Cracking the code: Defending against the superweapons of the 21st century cyberwar", 4 minutes into piece)
  10. Rapoza, Kenneth (2013-06-22). "U.S. Hacked China Universities, Mobile Phones, Snowden Tells China Press". Forbes.
  11. SANGER, DAVID; PERLROTH, NICOLE (22 March 2014). "N.S.A. Breached Chinese Servers Seen as Security Threat". The New York Times.
  12. 1 2 3 Markoff, John (26 October 2009). "Cyberwar: Old Trick Threatens the Newest Weapons". The New York Times. Retrieved 30 July 2015.
  13. "Cyberwar: War in the fifth domain". The Economist. 1 July 2010. Retrieved 4 July 2010.
  14. Medetsky, Anatoly (18 March 2004). "KGB Veteran Denies CIA Caused '82 Blast". Moscow Times. Retrieved 30 July 2015.
  15. Hesseldahl, Arik; Kharif, Olga (10 October 2014). "Cyber Crime and Information Warfare: A 30-Year History". Bloomberg Business. p. 2. Retrieved 30 July 2015.
  16. Gantz, John (1 April 1991). "Tech Street". InfoWorld. Retrieved 13 November 2015.
  17. Smith, George (10 March 2003). "Iraqi Cyberwar: an Ageless Joke". SecurityFocus. Retrieved 13 November 2015.
  18. "Increased trust boosts Pentagon-industry info sharing", Sean Lyngaas, 22 April 2014, FCW.com
  19. Reed, John. "Pentagon expanding public-private cyber information sharing program." Foreign Policy Magazine, 27 September 2012.
  20. U.S. Department of Defense, Cyber Command Fact Sheet, 21 May 2010 http://www.stratcom.mil/factsheets/cc/
  21. US Department of Defense (24 May 2010). "DoD Release No. 420-10 Establishment of Army Forces Cyber Command". defense.gov. Archived from the original on 29 May 2011. Retrieved 24 May 2010.
  22. "20091203 IO Newsletter v10 no 03".
  23. Patrick Jackson (15 March 2010). "Meet USCybercom: Why the US is fielding a cyber army". BBC News. Retrieved 10 July 2010.
  24. "News Release: Army Forces Cyber Command Headquarters Standup Plan Announced". Defense.gov. Archived from the original on 29 May 2011. Retrieved 10 July 2010.
  25. "Fort Mead News: USMC Cyber Command". Ftmeade.army.mil. 28 January 2010. Retrieved 10 July 2010.
  26. Frequently Asked Questions
  27. Mike Hoffman (8 June 2013). "Naval Academy Launches Cyber Operations Major". DefenseTech.org.
  28. DOD News Release 827-09
  29. Navy Stands Up Fleet Cyber Command, Reestablishes U.S. 10th Fleet, NNS100129-24
  30. "Cyber War: Sabotaging the System". CBS News. 6 November 2009.
  31. The Washington Post: Pentagon computers attacked with flash drive
  32. "White House Eyes Cyber Security Plan". CBS News. 9 February 2009.
  33. Warrick, Joby; Pincus, Walter (1 April 2009). "Senate Legislation Would Federalize Cybersecurity". Washingtonpost.com.
  34. Greenwald, Glenn; Gallagher, Ryan (2014-03-12). "How the NSA Plans to Infect ‘Millions’ of Computers with Malware". The Intercept.
  35. "Pentagon Bill To Fix Cyber Attacks: $100M". CBS News. 7 April 2009.
  36. "A new approach to China". Blogspot. 12 January 2010. Retrieved 17 January 2010.
  37. "Google Attack Is Tip Of Iceberg", McAfee Security Insights, 13 January 2010
  38. "The Joint Operating Environment", Report released, 18 Feb 2010, pp. 34–36
  39. pdf
  40. Senators Say Cybersecurity Bill Has No 'Kill Switch', informationweek.com, 24 June 2010. Retrieved on 25 June 2010.
  41. "ANNUAL REPORT TO CONGRESS Military and Security Developments Involving the People's Republic of China 2010" (PDF).
  42. AP: Pentagon takes aim at China cyber threat
  43. Etzioni, Amitai (20 September 2013). "MAR: A Model for US-China Relations". The Diplomat. Retrieved 2 December 2015.
  44. "WSJ: U.S. Backs Talks on Cyber Warfare". Online.wsj.com. 4 June 2010.
  45. Haroon Meer (11 March 2011). "Lessons from Anonymous on cyberwar". Al Jazeera English.
  46. Shane, Scott (26 September 2012). "U.S. Officials Opening Up on Cyberwarfare". The New York Times.
  47. "Chase, NYSE Websites Targeted in Cyber Attacks.". Retrieved 15 March 2013.
  48. "Phase 2 Operation Ababil.". Retrieved 15 March 2013.
  49. "Bank Attackers Restart Operation Ababil DDoS Disruptions.". Retrieved 15 March 2013.
  50. NATO Cooperative Cyber Defence Centre of Excellence (2013). Tallinn Manual. http://issuu.com/nato_ccd_coe/docs/tallinnmanual/1: Cambridge University Press. ISBN 978-1-107-02443-4.
  51. "Executive Order -- Improving Critical Infrastructure Cybersecurity". whitehouse.gov. Retrieved 2015-10-25.
  52. "Presidential Policy Directive -- Signals Intelligence Activities". whitehouse.gov. Retrieved 2015-10-25.
  53. Michael Riley; Jordan Robertson (27 August 2014). "FBI Examining Whether Russia Is Tied to JPMorgan Hacking". Bloomberg. Retrieved 5 September 2014.
  54. Jordan Robertson; Michael Riley (3 September 2014). "Computers for Hire Send JPMorgan Data to Russia". Bloomberg. Retrieved 5 September 2014.
  55. Finkle, Jim (29 May 2014). Tiffany Wu, ed. "Iranian hackers use fake Facebook accounts to spy on U.S., others". Reuters. Retrieved 30 March 2015.
  56. Riley, Michael A; Robertson, Jordan (2 December 2014). "Iran-Backed Hackers Target Airports, Carriers: Report". Bloomberg News. Retrieved 30 March 2015.
  57. Finkle, Jim (2 December 2014). Richard Valdmanis, Christian Plumb and W Simon, ed. "Iran hackers targeted airlines, energy firms: report". Reuters. Retrieved 30 March 2015.
  58. "U.S. Sanctions North Korea Over Sony Hack". Time. Retrieved 2017-04-09.
  59. Evans, Stephen (2014-12-23). "Why did North Korea's internet go down?". BBC News. Retrieved 2017-04-09.
  60. Barrett, Devlin (5 June 2015). "U.S. Suspects Hackers in China Breached About four (4) Million People's Records, Officials Say". Wall Street Journal. Retrieved 5 June 2015.
  61. Risen, Tom (5 June 2015). "China Suspected in Theft of Federal Employee Records". US News & World Report. Retrieved 5 June 2015.
  62. Sanders, Sam (4 June 2015). "Massive Data Breach Puts 4 Million Federal Employees' Records At Risk". NPR. Retrieved 5 June 2015.
  63. 1 2 Department of Defense Law of War. http://www.dod.mil/dodgc/images/law_war_manual15.pdf: US Department of Defense. 2015. p. 994.
  64. "ISIS Targeted by Cyberattacks in a New U.S. Line of Combat". NYT. 24 April 2016.

Further reading

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.