US Military Gearing Up for Cyberwar

March 15, 2012 Updated: October 1, 2015
U.S. Air Force Gen. Gregory L. Brundidge (L) speaks at the Cyber Defense
U.S. Air Force Gen. Gregory L. Brundidge (L) speaks at the Cyber Defense/Information Assurance Conference in General Rogers Conference Center on Patch Barracks in Stuttgart, Germany, in February 2011. The U.S. military is working to secure networks against cyber-attacks while developing offensive cyberwarfare capabilities. (U.S. Army photo by Martin Greeson/Released)

The U.S. military is working overtime to secure its networks against cyber-attacks, while also developing new systems to strike back. Details of why there’s a sudden push are vague in public speeches, yet the threat has been made clear in government reports: the Chinese regime is quickly advancing offensive cyberwar capabilities, and it is already putting these to use against the American government, military, and business sector.

In the course of the last several weeks alone, two more breaches by Chinese hackers have been discovered, including their taking control of NASA satellites, and of social engineering espionage campaigns through Facebook.

On Dec. 12, Congress authorized the military’s use of offensive cyber-attacks “to defend our nation, allies, and interests” under the direction of the president, as long as it’s within the boundaries of the War Powers Resolution and current laws for armed conflict.

This was described in the Conference Report on H.R. 1540, National Defense Authorization Act for Fiscal Year 2012. It adds that in some circumstances, “the most effective way to deal with threats and protect U.S. and coalition forces is to undertake offensive military cyber-activities, including where the role of the U.S. government is not apparent or to be acknowledged.”

Ken Gabriel, deputy director of the Defense Advanced Research Projects Agency (DARPA), the military’s research and development branch, outlined the agency’s plans to increase research and development for “offensive cybercapabilities,” before a House Armed Services subcommittee on Feb. 12.

Amid widespread cuts to military spending, Gabriel announced that DARPA was increasing funding for cyberresearch by 8 percent this year and 12 percent next year. This ties back to a November statement where DARPA announced a 50 percent increase in cyberspending over the next 5 years.

To do this, they plan to “spend much less on energy and autonomous systems,” states a DARPA press release.

DARPA director Regina E. Dugan stated May 12 that the risks posed by cyber-attacks are “not merely an existential threat to our bits and bytes,” but rather, “They are a real threat to our physical systems, including our military systems.”

Her statement came just several days after arms developer Northrop Grumman released a 136-page report on the Chinese regime’s cybercapabilities for warfare and espionage.

Given that a key problem with cyberwar comes up when tracing the source of an attack, part of the report is dedicated to how the Chinese regime’s use of cyber-attacks for espionage differ from common cybercrime. Part of this states that the scale, focus, and complexity of Chinese cyber-attacks “reveals a degree of financial, staffing, and analytic resources that exceed what even the largest organized cybercriminal operations could likely manage for even short periods of time.”

The report concludes that the Chinese military ‘is pursuing the means to seize and occupy the ‘information high ground’ in the modern battlespace by employing these concepts and new technologies to exert control over information and information systems.”

Coinciding with the release of this report, the day before its release, on March 6, Northrop Grumman announced a $189 million contract to secure U.S. military and intelligence networks. It will be deploying the Host Based Security System (HBSS), which is the Pentagon’s software that guards its computers from internal and external threats, according to a press release.

The day after the Northrop Grumman report was released, on March 8, it signed a similar contract to secure NATO’s networks—which NATO states will enable its “already operating NATO Computer Incident Response Capability (NCIRC) to achieve full operational capability by the end of 2012.”

The 58 million euro (approx. $75.5 million) contract is the largest NATO has ever made toward cyberdefense, according to a NATO statement.

On March 9, the Senate Committee on Commerce, Science, and Transportation announced they were still pushing for the Cybersecurity Act of 2012, meant to guard U.S. companies against cyber-attacks and cyber-espionage.

The bill is branded, in part, as a guard against corporate espionage, but stretches further than that—aiming to guard the nation’s most critical infrastructures from cyber-attacks.

Stealing Secrets

Now, the financial lifeblood of a country is regarded as one of the “critical infrastructures” we hear so much about when the military discusses threats of cyberwar (in addition to the energy grid and other key elements that keep a country running).

This is the third piece of a sweeping effort toward securing the nation’s networks. Other efforts are securing government and military networks, but business networks are outside of this, and the business sector has been a common target by Chinese hackers—including Operation Aurora against Google, and its Operation Night Dragon campaign for business espionage.

An open letter from Commerce Secretary John Bryson states that over the last 5 years, “a highly sophisticated team of operatives have stealthily infiltrated more than 70 U.S. corporations and organizations to steal priceless company secrets.”

“In the aggregate, the theft of this property, including everything from sensitive defense technology to innovative industrial designs, insidiously erodes government and corporate competitive advantages among global peers,” Bryson states.

In a March 13 speech, DARPA director Dugan again raised the issue of cybersecurity, noting that while Pentagon networks are safer than before, current systems are “not convergent with an evolving threat.”

This was included in a DARPA press release that states: “The U.S. will not prevail against these threats simply by scaling current approaches.”

According to Dugan, “With respect to cyber-offense, it is our firm belief that the Department [of Defense], indeed the nation, is at an inflection point … To be relevant, the DoD needs cybertools that are matched in diversity of effect and scale, address different timescales and entirely new targets. It will require the integration of cyber- and electronic warfare at unprecedented levels.”

Follow Joshua on Twitter: @JoshJPhilipp