It's Time to Aim Ahead of the Cyberspace Target

October 2002
By Vice Adm. Herbert A. Browne, USN (Ret.)

In the past year there has been spirited public debate about the future of the intelligence community. While this debate largely is rooted in the attacks of September 11, 2001, many of the issues currently being addressed go far beyond the war on terrorism. One of the central issues includes key aspects of the intelligence community’s functions in an infocentric democracy that is transforming its military into a network-centric fighting force.

Successful homeland protection must guard against a variety of different weapons that could be employed in a terrorist attack. These include weapons of mass destruction as well as other threats such as radioactive explosive devices and vehicle and aircraft bombs. Everyone recognizes that effective intelligence is essential to forestalling these types of onslaughts.

As AFCEANs, we must do our part to ensure that our nation also recognizes the continuing threat to cyberspace. While the public may be more worried about physical perils, the information technology community’s concern about our infostructure has not lessened. If anything, it has increased amid fears that al Qaida may target the nation’s critical infrastructure for its next offensive.

We are at war, and merely resorting to close-in defensive measures that allow the enemy to maintain the initiative will not win this war, especially in cyberspace. Building better firewalls is not enough. Instead of establishing defense close to our precious information resources, we must push the battlefield forward.

If we are going to engage in a cyberspace defense in depth, then the farthest-forward deployed tool is intelligence. For conventional combat, defense in depth includes characterizing the battlefield, identifying adversaries and moving inside an enemy’s decision cycle. In cyberspace, we should do exactly the same thing and extend the digital battlefield all the way to the enemy’s front lines. To win, we will need to concentrate more resources in cyberintelligence, acknowledge the intelligence community’s leadership role and find a way to support its programs and plans.

This issue spans the breadth of the intelligence community. The more the intelligence community can do to identify the bad actors in cyberspace, the better the chances that we can prevent cyberattacks that would bring down vital networks. Ensuring the security of our national infostructure, both government and commercial, means a better economy, a stronger military and a more vibrant society.

The intelligence community must deal with two challenges in cyberspace: speed and the unknown origin of an attack. In cyberspace, we operate at the speed of light. By the time a threat is observed, it already is at hand. And, the reach of cyberspace has rendered national borders virtually obsolete. By the time experts determine the origins of an information attack, the next attack may already be underway. These two factors combine to create a threat that can materialize without warning and from an unknown origin. The task is enormous but not overwhelming.

Winning the war on terrorism in cyberspace will require new technologies and methodologies that must be developed by both the intelligence community and industry. Both groups must work together to develop the tools necessary to win. Our country is blessed with stellar expertise in government and the private sector, and these human resources must be tapped to enable cyberspace supremacy.

Cyberspace is a new warfare area with nontraditional roles and missions.  A cultural change is required, and here too technology can serve an important function. The intelligence community is built on stovepipe organizations characterized by separate databases and interoperability problems that prevent complementary data from being consolidated into a valuable product. It will take the information technology community to integrate the various intelligence stovepipes.

To round out intelligence support to cyberwarfare, human intelligence, or HUMINT, must play a role. Just as with other types of intelligence collection, there is room for spies. We need to infiltrate the various cybergroups that are training grounds for the infowarriors of tomorrow. We need individuals who are trusted agents capable of helping to prevent an infostructure disaster. Their valuable information could range from alerting us to new hacking techniques to outright HUMINT on imminent cyberterror attacks. Given our economic dependency on information, we must have people actively engaged in every way possible to protect the infosphere—including spying.

Enough has been said about restructuring our intelligence community. Enough has been said about guarding against the new threats that we face in the war on terrorism. Enough has been said about the need for protecting our vital infostructure. Now is the time for the intelligence community to lead us into combat in cyberspace against al Qaida and all other would-be digital marauders. Now is the time for our side to stop reacting and begin taking the fight to our adversaries in cyberspace. In targeting terms, now is the time for the information technology and intelligence communities to provide a 5 mil lead on the cyberspace rabbit.