The recent incidents between U.S. and Iranian forces demonstrate the importance of cyberwarfare for national security and reinforce the importance of funding and developing the cyber capabilities of the United States.
Following the June attacks by Iran on oil tankers
and then the downing of a U.S. unmanned drone, President Donald Trump chose not
to retaliate with physical attacks. Instead, he reportedly approved an offensive cyberstrike that disabled the computer
systems used to control Iran’s rocket and missile launches.
That was considered a more proportionate
retaliation for the downing of the drone.
America’s adversaries are operating with cyber in the
so-called “gray zone” between diplomacy and war, choosing actions that fall
short of sparking a conventional military retaliation.
In 2007, Russia used cyber to disrupt communications channels in the Baltic states as part of its unconventional strategy to destabilize the region.
In 2015, China hacked the Office of Personnel Management and stole the records of employees holding security clearances. That’s in addition to ongoing theft of intellectual property.
Given these threats, and the challenges of defending
networks, offensive cyberattacks are an important tool for the U.S. against its
adversaries. In 2018, U.S. Cyber Command confirmed it had launched an offensive cyberattack in
order to silence a Russian troll farm, an organization used to spread
disinformation and sway public opinion during the 2018 U.S. midterm elections.
Sometimes, offense is the best defense.
The release of National Security Presidential Memorandum 13 in 2018 allows for offensive and defensive cyber operations to be conducted without presidential approval.
Last year, the Department of Defense also
released a plan that confirmed its commitment to using cyberattacks “to
advance U.S. interests” and “defend forward.” The U.S. retaliatory offensive
cyberattacks on Iran and Russia are examples of this type of approach.
Unlike nuclear weapons, which are held in reserve and used to deter other nations through the threat of use, cyber capabilities are readily available, and cyber forces are in near-constant contact with one another.
While many cyberattacks seem immediate, as though a button was pushed to trigger it at will, most are actually the result of months of work and planning. Constant effort goes into identifying cyber targets and ensuring that there is still an ability to access them.
the target updates its software, for example, that means an entirely new plan
of attack must be laid out.
The organization primarily responsible for these
missions is U.S. Cyber Command. It has come a long way from its humble origins,
recently filling out its Cyber Mission Forces, the operational units within the
command, to full operational
In 2018, it was promoted to a full unified combatant
command. That designation made it equal in rank to the other nine combat
commands, such as Special Operations and Central Command.
That’s not to suggest that Cyber Command does
not have more work to do. It still needs
to train those forces up to a high level of readiness and continue to develop
its infrastructure. Fully staffed does not necessarily mean fully mission-ready
Cyber Command is constantly deterring, disrupting,
and defeating cyberthreats. Its capabilities must be able to handle the persistent
nature of cyberwarfare.
Just as we maintain our ships and improve our conventional military forces, we must do the same with our cyber capability. The U.S. should continue to develop Cyber Command’s capacity and readiness so it can meet those challenges into the future.
The United States cannot afford to rest on its current cyber capabilities. Our adversaries continue to sharpen their cyber forces, and the U.S. cannot afford to lose that competition.
We must stay ahead of our adversaries and continue to invest in the U.S. Cyber Command so it can reach its full potential.
Source material can be found at this site.