With troops and techies, US prepares for cyber warfare

On the site of a former military golf course where President Dwight Eisenhower once played, the future of US warfare is rising in the shape of the new $358 million headquarters for the military’s Cyber Command.
The command, based at Fort Meade, Maryland, about 25 miles north of Washington, is rushing to add between 3,000 and 4,000 new cyber warriors under its wing by late 2015, more than quadrupling its size.
Most of Cyber Command’s new troops will focus on defense, detecting and stopping computer penetrations of military and other critical networks by America’s adversaries like China, Iran or North Korea.
But there is an increasing focus on offense as military commanders beef up plans to execute cyber strikes or switch to attack mode if the nation comes under electronic assault.
“We’re going to train them to the highest standard we can,” Army Gen. Keith Alexander, head of Cyber Command, said at Cybersecurity Summit last month. “And not just on defense, but on both sides. You’ve got to have that.” Officials and experts have warned for years that US computer networks are falling prey to espionage, intellectual property theft and disruption from nations such as China and Russia, as well as hackers and criminal groups. President Barack Obama will bring up allegations of Chinese hacking when he meets President Xi Jinping at a summit in California— charges that Beijing has denied.
The Pentagon has accused China of using cyber espionage to modernize its military and a recent report said Chinese hackers had gained access to the designs of more than two dozen major US weapons systems in recent years. Earlier this year, US computer security company Mandiant said a secretive Chinese military unit was probably behind a series of hacking attacks that had stolen data from 100 US companies.
There is a growing fear that cyber threats will escalate from mainly espionage and disruptive activities to far more catastrophic attacks that destroy or severely degrade military systems, power grids, financial networks and air travel.
Now, the United States is redoubling its preparations to strike back if attacked, and is making cyber warfare an integral part of future military campaigns.
Experts and former officials say the United States is among the best — if not the best — in the world at penetrating adversaries’ computer networks and, if necessary, inserting viruses or other digital weapons.
Washington might say it will only strike back if attacked, but other countries disagree, pointing to the “Stuxnet” virus. Developed jointly by the US government and Israel, current and former US officials said last year, Stuxnet was highly sophisticated and damaged nuclear enrichment centrifuges at Iran’s Natanz facility.
US government officials frequently discuss America’s cyber vulnerabilities in public. By contrast, details about US offensive cyberwarfare capabilities and operations are almost all classified.
Possible US offensive cyber attacks could range from invading other nations’ command and control networks to disrupting military communications or air defenses — or even putting up decoy radar screens on an enemy’s computers to prevent US aircraft from being detected in its airspace.
The shift toward a greater reliance on offense is an important one for a nation which has mostly been cautious about wading into the uncertain arena of cyberwar — in part because gaps in US cybersecurity make it vulnerable to retaliation.
But former Homeland Security Secretary Michael Chertoff said the United States must be ready and should articulate — soon — what level of cyber aggression would be seen as an act of war, bringing a US response.
“One of the things the military learned, going back to 9/11, is whether you have a doctrine or not, if something really bad happens you’re going to be ordered to do something,” he said. “So you better have the capability and the plan to execute.” It has been learned that new Pentagon rules of engagement, detailing what actions military commanders can take to defend against cyber attacks, have been finalized after a year of “hard core” debate. The classified rules await Defense Secretary Chuck Hagel’s signature, a senior defense official said.
The official would not give details of the rules but said, “they will cover who has the authority to do specific actions if the nation is attacked.”
At Cyber Command, military officers in crisp uniforms mix with technical experts in T-shirts as the armed forces takes up the challenge of how to fend off cyber penetrations from individuals or rival countries. A January report by the Pentagon’s Defense Science Board gave a general picture of how the United States might exploit and then attack an adversary’s computer systems.
In some cases, US intelligence might already have gained access for spying, the report said. From there, Cyber Command “may desire to develop an order of battle plan against that target” and would require deeper access, “down to the terminal or device level in order to support attack plans,” it said.
Because gaining access to an enemy’s computers for sustained periods without detection is not easy, “offensive cyber will always be a fragile capability,” it said.
In cyberspace, reconnaissance of foreign networks is “almost always harder than the attack” itself because the challenging part is finding a way into a network and staying undetected, said Hayden, now with the Chertoff Group consulting firm.