Cybersecurity Dominates Asia-Pacific Agenda

Adm. Robert F. Willard, USN, commander of the U.S. Pacific Command, opens TechNet Asia-Pacific 2010 in Honolulu, Hawaii, with warnings of cyberspace hazards.

Kinetic concerns continue, but the digital domain reigns.

Cyberspace concerns extend throughout the Asia-Pacific region, and they increasingly are playing key roles in how nations define security—and threats. Traditional area geopolitical rivalries are enhanced by the potential for cyberoperations, and nations once secure behind rugged borders or vast bodies of water now face potential threats to their national infrastructure through a realm that knows no borders.

Issues of security in the cyberspace age were the focus of TechNet Asia-Pacific 2010, held in October in Honolulu, Hawaii. The three-day conference and exposition featured speakers from several countries across the hemisphere, and they discussed both cyberspace and conventional security issues.

The event began with a warning about cyberspace from the man tasked with ensuring regional security throughout the vast Asia-Pacific region. Adm. Robert F. Willard, USN, commander of the U.S. Pacific Command (PACOM), told the opening breakfast audience that network situational awareness is an essential discipline that largely is being overlooked. He warned that military networks may become useless in battle if operators do not know what is happening inside cyberspace.

“In command and control, you can’t control what you can’t see, and you must be able to control everything in these domains,” Adm. Willard said.

He cited as an example a recent area exercise that included experts from the U.S. Cyber Command, industry and other organizations. Despite these experts working on the cyberspace element weeks before the exercise began, officials had visibility into only 50 percent of cyberspace. Worse, leadership had the ability to sense and command in only 10 percent.

“You can’t command and control that domain unless you can see into it, sense inside it and control it,” the admiral declared.

Saying that he has been “a C² [command and control] zealot for some time,” Adm. Willard recalled that the information age came upon the military 30 years ago “in almost a subtle and not very organized way.” With the advent of the Internet, the military is using networks with the expectation that they will support the force in wartime.

Vice Adm. Richard W. Hunt, USN, commander of the U.S. Third Fleet, emphasizes the importance of cyber in military operations.

Adm. Willard’s cautionary remarks were expanded by Vice Adm. Richard W. Hunt, USN, commander of the U.S. Third Fleet. Adm. Hunt warned that a denial of U.S. military cyber capabilities would cripple U.S. forces to the extent that they would not be able to conduct operations effectively.

“Cyber is the key spot in virtually every warfighting discussion and planning I’ve been in since I got to Third Fleet,” he declared. “But, the focus now is on computers over communications, and that’s a problem.”

Without vital information delivery, the force actually might be worse off than it was before the advent of network-centric operations. Many systems are built around information technology, and a loss of data would leave them useless. As examples, Adm. Hunt cited precision-guided weapons that rely on Global Positioning System data and systems that rely on reach-back for logistics and maintenance.

Adm. Hunt echoed Adm. Willard’s comments about network situational awareness, and added that cyberforces must be trained to respond quickly. The thought process has not evolved to understand cyberattack, and the ability to respond is not as clear as it was when the threat was kinetic.

Adm. Hunt called for industry to partner with the military, stating that the knowledge base to make proper network decisions resides more in industry than in the military. “Your active help is requested,” he said to private-sector members of the audience.

Many speakers warned of national cyber catastrophes, but others declared that the United States could dominate cyberspace. Vice Adm. Mike McConnell, USN (Ret.), executive vice president of Booz Allen Hamilton and former director of national intelligence (DNI), warned that the United States faces the possibility of another catastrophic homeland attack, this time through cyberspace.

Vice Adm. Mike McConnell, USN (Ret.), executive vice president of Booz Allen Hamilton and former director of national intelligence (DNI), warns of potentially serious cyberspace attacks.

The admiral explained that the United States has a $14 billion economy. Two banks in New York move $7 billion in one single day. This money is not hard cash or gold, but instead data moving electronically, and those banks’ backup systems are interconnected. All that data is vulnerable to cyberspace attack, and the results of a successful terror attack would be devastating.

Adm. McConnell shared with the audience how his concerns over the vulnerability of the banking sector date back to when he was named DNI by then-President George W. Bush. This type of attack can be prevented, and both the Bush and Obama administrations have taken some steps toward addressing it. However, preventing this potential disaster—which could happen tomorrow—will require a legal framework to empower necessary policies. This goal could be reached within a year if the government acts decisively.

Without that action, the admiral sees three potential scenarios developing in sequence: First, the country talks about what needs to be done, but never gets around to doing it. Then, as a consequence, the United States suffers a catastrophic event. Third, with history as a guide, the country overreacts. Historical cycles have shown that major events that affect the public bring about a change in the role of government.

Ultimately, the United States may end up developing a “dot-secure” cyber realm in which the vital infrastructure operates outside of public Internet access, Adm. McConnell suggested.

Air Cdre. Chris Westwood, RAAF, director general, joint capability coordination division, Vice Chief of Defence Group (r), discusses warfighter needs with other panelists (r-l) Brig. Gen. William Scott, USA, commander, 311th Signal Command; Brig. Gen. Earl D. Matthews, USAF, director, command, control, communications and computer systems, U.S. Transportation Command; Randall Cieslak, chief information officer, PACOM; and panel moderator William Brougham, vice director, Network Services Directorate, Defense Information Systems Agency.

In a panel focusing on the warfighter, Brig. Gen. Earl D. Matthews, USAF, director, command, control, communications and computer systems, U.S. Transportation Command, offered that the military needs to stop thinking of J-6s as systems people. They are defending the network every day, he pointed out, and as network defenders they also are intelligence producers. His command’s J-2 and J-6 are totally integrated in cyberspace, he said.

Gen. Matthews also noted that, as Defense Department network defense has improved, more attacks are taking place against contractors and code developers. He called for a clear set of responsibilities to be defined for all players. People must be held legally responsible for their own piece of the net, the general declared.

Randall Cieslak, chief information officer, PACOM, offered that the United States can—and should—establish cyber dominance in the same manner it has control of the air. He said that the United States can achieve supremacy in cyberspace despite the advantages seemingly held by malevolent organizations and nations.

“We can achieve supremacy in cyberspace. We have it in SIPRNET [secret Internet protocol router network],” Cieslak stated. “I have confidence that the enemy cannot operate in it.”

He added that the military routinely shares information without fear of interception in domains that are secure. There is no reason that the U.S. military cannot take over part of the Internet and not allow anyone else to use it, he proposed.

Cieslak did offer his own cautionary notes. While other panelists warned of cyberattacks that constituted “weapons of mass disruption,” Cieslak warned of cyber “weapons of mass deception.” In this scenario, data would be corrupted to the extent that forces would be unable to function as a result of cyberspace failures.

One industry panelist suggested that it may be time for the military to develop advanced cyber weapons. Richard Holzer, director of information assurance, Army Enterprise IT Solutions Sector, General Dynamics Information Technology, said that the United States may need to develop weapons for cyberspace as it does for land, sea and air.

One key to successful cyberoperations will be the ability to develop coordinated responses. Holzer likened this to an infantry force calling in air support. New doctrines also must emerge for elements such as developing targeting information, for example. “We deploy covering fire before landing on a beach; how do we do that in cyberspace?” Holzer asked.

In addition to defining cyberspace policies, the nation may need to define cyberspace itself. Marcus H. Sachs, executive director of government affairs for national security and cyber policy, Verizon, told a panel audience that the nation still lacks a precise definition of cyberspace, and that definition may be vital to make necessary changes in that realm.

Sachs pointed out that cyberspace is the one basic operational environment that is man-made. Land, sea and air cannot be altered substantially; however, people built cyberspace and people can alter it to suit their needs. Unfortunately, he said, people seem all too willing just to accept cyberspace as it is without addressing their concerns.

“Fundamentally, the network’s core is rotten. It’s optimized for criminal activities,” Sachs said, adding that this was not the intent of the network designers in the 1970s.

Discussing how to command and control cyberspace are (l-r) panel moderator Brig Gen. Brett Williams, USAF, PACOM J-6; Rear Adm. William E. Leigher, USN, deputy commander, U.S. Fleet Cyber Command/10th Fleet; Rear Adm. Scott H. Swift, USN, PACOM J-3; and Rear Adm. Elizabeth L. Train, USN, director for intelligence, PACOM.

“We must rethink what we want the network to be, and we must get past these old protocols,” he offered. “We need to write the rules. Right now, our adversaries are writing the rules.”

One way of rewriting the rules is to change the way networks are designed. Vince Lee, director of cyber systems, Oceanit Laboratories, called for cross-domain innovation in developing new networks. Existing networks largely consist of cookie-cutter designs built around best practices, which is wonderful for those with malevolent intent. They know what they’re dealing with as networks have become too predictable, Lee stated.

One game change that the military may need to consider is the elimination of service network operation and support centers, or NOSCs. Maj. Gen. Ronnie D. Hawkins Jr., USAF, vice director, Defense Information Systems Agency (DISA), told the Wednesday breakfast audience that the service NOSCs must go so that DISA can work to eliminate stovepipes.

“We must get rid of service NOSCs; they are hindering our capability,” Gen. Hawkins declared, adding that he believes that any combatant command J-6 will say the same thing.

The general called for an even greater transformation that would begin with a change in terminology. He wants the military to stop using the term “network centric,” because it refers to ownership. Because cyberspace has no owner, the military instead should adopt the term “cyber centric” as it continues to exploit information technologies.

One dissenting voice on Gen. Hawkins’ view came from Rear Adm. David Glenn, USCG, U.S. Cyber Command J-6, who gave a breakfast address. Where Gen. Hawkins suggested the elimination of the services’ NOSCs, Adm. Glenn offered that NOSCs still could serve a role. He suggested consolidating the number of NOSCs down to five. Each service then would be the executive agent for a NOSC.

While many speeches and discussions focused on the “what” and “why” of cybersecurity, some sessions featured the “how.” A panel that included high-ranking officers from PACOM offered a host of suggestions to master cyberspace. Brig Gen. Brett Williams, USAF, PACOM J-6, stated that defense, not offense, is the dominant mission in cyberspace. The U.S. military does not have the capability to guarantee its ability to operate by using offensive measures. Instead, the military needs to ensure that it can have the necessary defense to operate firmly in that domain.

“Networks will always be vulnerable—disconnecting is not an option; we must fight through the attack,” he said.

And, successful network defense will require broad teamwork. “You don’t deter a cyber event with other cyber action–you deter with the full strength of national action,” the general declared. “It’s bad to pigeonhole cyber in this area.”

Panelists from the Asia-Pacific Center for Security Studies addressing regional challenges include (l-r) panel moderator Dr. Edwin P. Smith, center director; Charlie Salmon, foreign policy adviser; former ambassador Lauren Moriarty; Dr. J. Scott Hauger, associate professor; Dr. Virginia Watson, associate professor for science and technology; and Shyamsunder Tekwani, associate professor for counterterrorism, international security, media and conflict.

That defense must become more active. Rear Adm. William E. Leigher, USN, deputy commander, U.S. Fleet Cyber Command/10th Fleet, noted that cyber predominantly is a defensive domain. In the 1990s, a structure was set up in which a computer emergency response team waits for something to happen, then patches it and waits for the next incident to happen. “Can you imagine doing ASW [antisubmarine warfare] that way?” he suggested.

“We have not ever demonstrated the inherent right of self defense in cyberspace,” the admiral declared.

Rear Adm. Scott H. Swift, USN, PACOM J-3, stated that the military still does not think of cyber as a warfighting system. It is as important as any other element of battle, such as tanks and aircraft, he added, and it should be thought of accordingly.

Continuing the analogy, he noted that weapon systems have both a trigger and a safety. He said he is comfortable if someone else owns the cyberspace safety; but he wants his boss to hold the trigger because its use might have unintended consequences, and his boss is the one whose judgment he trusts most.

Brig. Gen. William Scott, USA, commander, 311th Signal Command, offered his own slant on Adm. Swift’s tank analogy. “We need to build a network the way we build a tank—not piecemeal all over the place,” he said. Gen. Scott called for a common technical standard as a way of ensuring effective networking.

For warfighters and commanders to have the cyber elements and systems that they need, they must interoperate better with the technologists who are designing them. Gen. Williams charged that a huge chasm exists between cyber operators and the technical community. Operators often do not understand the technical language of the systems that are being designed for them. As a result, they are not able to effectively input design advice, and they often are faced with the challenge of adapting a system to suit their needs.

Conversely, technicians often do not fully understand operators’ needs, he added. Both need to reach out to the other group to begin system design with a better understanding of everyone’s points of view. Gen. Williams suggested that operators learn about cyber systems in the same manner that pilots learn about their aircraft before they set foot in them to fly.

For dealing with broader cyber acquisition issues, Adm. Leigher recommended the creation of a cyber acquisition force. Characteristics of cyberspace are greatly different than those of the platform world, especially the pace of change. He noted that the military buys carriers from a limited number of shipyards, but it buys information technology from many sources, which calls for a new way of doing business.

Adm. Glenn of the U.S. Cyber Command endorsed the concept of security through simplification. He stated that offering an adversary fewer ways of penetrating a network also would simplify security measures and responses. These types of measures will reduce attack surfaces and allow for rapid re-configuration when an attack occurs,

“We need to simplify GIG [Global Information Grid] architecture, reduce and simplify our networks, and reduce the hundreds of security enclaves down to one,” he said.

Currently, most cyberthreat activity involves stealing data rather than corrupting it, the admiral stated. However, both kinetic and nonkinetic threats could disrupt or even destroy GIG systems.

The admiral called for better agility, possibly through virtualization of servers, routers and switches. The Cyber Command is adopting a thin-client approach so that the command’s few remaining enclaves can go to a single desktop, he reported.

Rear Adm. Danilo M. Cortez, AFP, acting flag officer in command, Philippine Navy, describes Philippine navy efforts to master cyberspace.

Securing cyberspace may require new concepts of supporting and supportive command in the cyber arena. One strong solution might be the establishment of a cyber joint operational area, or JOA, Adm. Glenn suggested. Figuring out that JOA will be the hard part, he added.

Adm. Glenn agreed with the concept of a more active cyberdefense. He noted that the Cyber Command will need to look at computer network defense in a fundamentally different way—away from a passive approach to a dynamic one.

While the United States fights for cyberspace security across a broad front, other nations may be engaged in more limited challenges. Rear Adm. Danilo M. Cortez, AFP, acting flag officer in command, Philippine Navy, compared the challenge of cyberspace to that of his command, his country’s navy.

“Cyberspace mirrors the maritime world both in the way it serves us and in the peril it brings,” the admiral told a luncheon audience.

Adm. Cortez described how the Philippines is incorporating a new interagency maritime security architecture that comprises three components: command and control, surveillance and response. It is building this architecture with assistance from two of its key allies, Australia and the United States.

The admiral observed that, like water, cyberspace observes no borders. Just as his island nation sits astride key maritime trade routes, so does it face diverse challenges in maritime C² as well as in cyberspace.

Photography by Bob Goodwin

Diverse Pacific Nations Share Concerns A panel of experts from the Asia-PacificCenter for Security Studies discussed many issues that compound stability efforts in the vast region. Dr. J. Scott Hauger, associate professor at the center, described cybersecurity as the top problem facing the region. Society increasingly is dependent on cyber, and thus increasingly vulnerable to cyberthreats. Cyberattacks can paralyze commerce; they can be used to weaponize infrastructure; and they can create panic, distrust and exploitable instability, he warned. Saying that too many cyberdefense activities are the work of individuals, Hauger called for international forums to coordinate countermeasures, as well as the creation of international treaties on cyberwarfare similar to those on nuclear weapons. India is one nation that is worried about cyberattacks, reported Shyamsunder Tekwani, an associate professor for counterterrorism, international security, media and conflict at the center. Tekwani made his remarks in the context of an overview of security throughout the South Asia region. He offered that India’s greatest threat comes from home-grown extremist groups rather than from external sources, and he cited Hindu extremists as the most dangerous. These groups have been largely responsible for Muslim terror because of the way they have treated Muslims throughout India. Many Muslim attacks in India are a direct response to the activities of Hindu extremists, Tekwani charged. While India has not viewed China as its primary threat, Chinese actions in recent months have generated significant concern in India, Tekwani noted. Other panelists discussed China and problems in its relations with neighbors. Former U.S. ambassador Lauren Moriarty said, “It’s pretty remarkable that China has managed to get all of its neighbors, with the exception of North Korea, mad at it.” Charlie Salmon, foreign policy adviser with the center, noted that China is a rising power that wants to be treated with respect. “How do we enable that?” he asked. “How does a teenager learn to act like a grownup on the world stage?” While the panelists agreed that China has been behaving badly lately, Salmon offered that China and the United States are unlikely to fall into conflict because the Chinese leadership knows it is not in the nation’s best interest. China has no reason to adopt game-changing strategies with regard to U.S. military power in the Pacific because it has too many challenges at home to upset the regional security status quo. “They’re smart enough to realize that, if they tried to do that even over the next 30 or 40 years, they would not be successful,” he said. Salmon called for the United States to strengthen its existing bilateral relationships and expand relationships with other nations, particularly through existing organizations, he offered. And, the United States should use the six-party talks, which include China, as a nucleus for a Northeast Asia security dialogue. Those six-party talks focus on North Korea, and no conference on Asia-Pacific security would be complete without a focus on the rogue nation. Adm. Robert F. Willard, USN, commander of the U.S. Pacific Command, warned in his earlier remarks that the world may be entering a dangerous period with North Korea. The country is entering a period of leadership transition, the last of which covered 20 years. When Kim Jong-Il took the reins, North Korea engaged in a series of violent attacks on its neighbors ranging from assassinations to an airliner bombing. His actions served to strengthen his standing with the country’s military, and his designated heir Kim Jong-Un may follow the same path. With Kim Jong-Il in failing health, the transition likely will be shorter but no less violent and destructive. Adm. Willard made this prediction before North Korea’s artillery attack that killed four South Koreans.