Senior Army officials said Tuesday that it is working to develop the service’s offensive cyber warfare capabilities to go along with its cyber security capabilities to allow soldier to launch as well as detect and defeat threats.
Military service leaders have spoken in detail about their ability to protect their networks. They have repeatedly avoided discussing growing offensive capabilities to utilize against enemies.
Defense Secretary Leon Panetta made the first cyber policy speech by a defense secretary earlier this month in New York City where he warned Americans that ignoring growing cyber threats has made the U.S. vulnerable. He made it clear the U.S. military, along with partners in the private sector, were fully ready and capable of bringing the battle to any one launching a cyber “Pearl Harbor.”
The Defense Department routinely repels thousands of attacks daily, some by rogue hackers interested in testing their skills but others pose more serious threats from state and non-state actors.
None of the services have taken the lead in cyber warfare. Officials have discussed here at the AUSA conference that the Army is interested in taking that lead now through U.S. Army Cyber Command.
Since it was stood up in 2010 it has developed capabilities and a growing force of cyber warriors through its Army Network Enterprise Technology Command, Army Intelligence and Security Command, 1st Information Operations Command (Land) and the 780th Military Intelligence Brigade (Cyber).
Its ranks currently include 21,000 soldiers, Department of the Army civilians and contractors.
Officials developing the Army’s cyber warfare capabilities liken it to a period 20 years ago when service leaders began to learn to use space as a platform. The difference is that the U.S. doesn't have 20 years, because of the numerous cyber threats that already exist and threaten U.S. national security, Campbell said.
“It’s got to happen right now. So we got to make sure it is ‘operationalized’ throughout the force from a leader development standpoint,” Campbell said.
Lt. Gen. Donald Campbell Jr., commander of III Corps and Fort Hood, Texas, said the Army must work out where “the release authority” should be at different command levels to take offensive action.
“We’re going to have to, as a service and as a military, decide what levels of permission can go for what,” he said.
U.S. Army Cyber Command does not see its role as a defender or attacker operating only from a higher headquarters location. The Army’s strategy demands presence “in two domains – cyber and land,” said Lt. Gen. Rhett A. Hernandez, the head of U.S. Army Cyber Command.
Just what capabilities eventually will reside with commanders closest to the action “still has to be determined, based on what kind we want them to have and what capabilities we may be able to produce,” he said.
Asked whether a platoon leader may one day be able to call up for a network attack the way they call in artillery or air support, Hernandez was not able to say.
“I’m not there yet or ready to go that far, but I would focus on what you can do to protect first, and second what they can do to help them continue to operate,” he said. “And then after that I’m not ready to say what might be next,” he said.