ACUS – “The DoD plan calls for adding a new mission while bolstering two old ones:
1. “National Mission Forces,” a new counteroffensive mission to disrupt attacks incoming to private sector critical infrastructure such as power plants and electrical grids.
2. “Combat Mission Forces” to help combat commanders execute offensive operations. These regionally focused teams would likely support Pacific Command, for example, with cyber planning for North Korean contingencies.
3. “Cyber Protection Forces” to fortify DoD’s own networks as straightforward extension of their traditional missions of old-school information assurance and computer network defense.
The last two missions are simply expansions of traditional DoD missions and will generate only a few comments. The only real downside here is that the more offensive cyber capability the DoD has, the more willing it may be to use it, especially when covert actions and shadow wars are the in vogue.
The “national mission” however is new, as it seeks to disrupt or even pre-empt attacks on US infrastructure by taking actions in foreign networks – getting your hands in the face of their quarterback or sacking him, rather than covering their receivers.
According to Nakashima’s report, they would not operate in US networks, unless asked by civilian authorities such as the FBI or Department of Homeland Security.” [full article]
The move, requested by the head of the Defense Department’s Cyber Command, is part of an effort to turn an organization that has focused largely on defensive measures into the equivalent of an Internet-era fighting force. The command, made up of about 900 personnel, will expand to include 4,900 troops and civilians.
Details of the plan have not been finalized, but the decision to expand the Cyber Command was made by senior Pentagon officials late last year in recognition of a growing threat in cyberspace, said officials, who spoke on the condition of anonymity because the expansion has not been formally announced. The gravity of that threat, they said, has been highlighted by a string of sabotage attacks, including one in which a virus was used to wipe dat a from more than 30,000 computers at a Saudi Arabian state oil company last summer.
Although the command was established three years ago for some of these purposes, it has largely been consumed by the need to develop policy and legal frameworks and ensure that the military networks are defended. Current and former defense officials said the plan will allow the command to better fulfill its mission.
“Given the malicious actors that are out there and the development of the technology, in my mind, there’s little doubt that some adversary is going to attempt a significant cyberattack on the United States at some point,” said William J. Lynn III, a former deputy defense secretary who helped fashion the Pentagon’s cybersecurity strategy. “The only question is whether we’re going to take the necessary steps like this one to deflect the impact of the attack in advance or . . . read about the steps we should have taken in some post-attack commission report.”
Although generally agreed to by the military’s service chiefs, the plan has raised concerns about how the Army, Navy, Marines and Air Force will find so many qualified cybersecurity personnel and train them. It also raises deeper issues — which are likely to intensify as the Cyber Command grows over the years — about how closely the command should be aligned with the National Security Agency, the giant electronic-spying agency that provides much of its intelligence support.” [full article]