The U.S. Indo-Pacific Command is incorporating new cyber technologies and standards as it strives for greater interoperability among a growing number of allies and potential partners. This increased reliance on cyber is viewed by command leadership as essential for maintaining effective military capabilities in the face of a growing kinetic and cyber presence by diverse adversaries.
The Cyber Edge
For more than a decade, the U.S. Army has been improving the Logistics Information Systems Network, which is specifically designed to sustain and maintain warfighters deployed across the globe. However, although the technology has far exceeded the service’s goals, today’s management practices are almost identical to those used when the network was created in 2004. With the increase in cybersecurity policies and advances in capabilities, the need for highly trained, designated network and systems administration personnel has become abundantly clear, and the requirement for better management processes even more evident.
The May 7th ransomware attack against Baltimore has crippled much of the local government’s IT infrastructure while holding its network hostage. Not since the March 2018 attacks against Atlanta has a major U.S. city been so digitally impaired.
The subsequent media coverage of Baltimore’s struggle has generated some misplaced criticism of the U.S. government. Initial news reports erroneously claimed that the ransomware leveraged an NSA-developed exploit to compromise Baltimore’s municipal systems. Unfortunately, this snowballed into numerous sources placing blame on the NSA, claiming that they mismanaged their cyber weaponry.
This is grossly incorrect.
The U.S. Army is building a tighter relationship with industry to tap commercial expertise and avoid long procurement delays that often render new information technologies obsolete before they are fielded.
At the heart of this effort is Cherie A. Smith, program executive officer for enterprise information systems (PEO EIS), U.S. Army. After she assumed her position last year, Smith relates, she focused on making promises and seeking help. Since then, she has emphasized a shared relationship with industry.
Global, asymmetrical threats now dominate attacks on nations and businesses alike, and the enemy is not always immediately knowable, identifiable or even seen. These realities are forcing leaders to invest more resources into analytics, as well as intelligence, surveillance, reconnaissance and other 21st century responses to cyber bombardments today.
Adversaries are exploiting the inherent vulnerabilities of U.S. military supply chains that involve tens of thousands of private sector providers from all over the globe. Attack operations include stealing valuable technical data; striking critical infrastructure, manufacturing and weapon systems control systems; corrupting the quality and assurance across a broad range of product types and categories; and manipulating software to access connected systems and to degrade systems operation integrity.
As emerging technologies and capabilities permeate and dominate the military and critical infrastructure, a different skill set is required to secure the increasingly complex cyberspace realm. The Internet of Things will be both an asset and a liability in the future when the military incorporates it into operations, and urban environments will complicate these efforts.
Cyber warfare continues to evolve with ever-changing innovation and technology, increasing critical infrastructure defense. In addition, with the onset of smart cities, the U.S. military in general, and the U.S. Army in particular, is exploring gaps in training and education related to operating in dense, super-connected urban areas.
Members of the Missouri National Guard Cyber Team are launching a nonprofit organization to share RockNSM, a system initially built by cyber warriors for cyber warriors.
RockNSM is a network security monitoring platform that uses open source technologies, such as CentOS, which is an operating system derived from the RedHat enterprise-level open source system. RockNSM formed the basis for a Task Force Echo network anomaly detection system used for real-world cyber operations.
Artificial intelligence and machine learning techniques could help information and network defenders recognize patterns of potential attackers so their next moves can be proactively blocked. In addition, cyber tools enhanced with these capabilities could provide a much more detailed picture of the cyber battlefield and increase the potential of success in a cyber campaign. This knowledge would complement the kinetic battlefield and could permit war planners to choose the appropriate mix of cyber and kinetic operations.
National Guard members conducting cyber operations found themselves poorly equipped to meet some of the real-world challenges they faced, so they banded together and built the system they needed on a shoestring budget. That system detects anomalous behavior on the network, reduces the number of analysts and enriches network data provided to data scientists.
If cyber is the ultimate team sport, as many in the U.S. Defense Department like to say, then artificial intelligence (AI) would likely be the number one draft pick for the Defense Information Systems Agency (DISA).
Anthony “Tony” Montemarano, DISA’s executive deputy director, stressed the importance of AI during a luncheon plenary on the final day of the AFCEA TechNet Cyber conference in Baltimore. “We’ve heard about it time and again. Artificial intelligence is probably the most significant technology we have to come to grips with.”
Personnel working in cyber must continually look for opportunities to learn, say cyber professionals from across government.
During a morning panel discussion on the final day of the AFCEA TechNet Cyber conference in Baltimore, high-ranking officials from the Defense Department, Department of Homeland Security and National Security Agency discussed a wide range of issues concerning the cyber workforce today and tomorrow.
The Defense Information Systems Agency (DISA) is increasing its focus on innovation and rapid acquisition through the use of other transactional authority (OTA) contracts.
Organizations across the Department of Defense and military services have begun using OTA contracts, which help cut much of the time and costs of developing technologies and acquiring systems. They also allow the military to work more closely with smaller, more agile startups and small businesses that may have creative products but don’t traditionally work with the government.
The Defense Information Systems Agency (DISA) is challenged with a significant personnel shortage, including information technology, spectrum and cybersecurity experts.
Vice Adm. Nancy A. Norton, DISA director and commander of the Joint Forces Headquarters-Department of Defense Information Network (JFHQ-DODIN), told the audience at the AFCEA TechNet Cyber 2019 conference in Baltimore that the agency is seeking to hire personnel in a number of areas.
Legislators on Capitol Hill have formed the Cyberspace Solarium Commission, known as the CSC, which will put together a comprehensive U.S. cyber policy. Sen. Angus King (I-Maine), who is co-chairing the new organization with Rep. Michael Gallagher (R-Wisc.), announced the formation of the Geneva Convention-type commission in a call with reporters on May 13. The establishment of the commission was outlined in last year’s National Defense Authorization Act (NDAA), Sen. King said.
The FBI has a full plate: fighting public corruption, organized and white-collar crime and domestic and foreign terrorism; solving violent crimes; protecting civil rights; neutralizing national security threats, espionage and counterintelligence; and mitigating threats of weapons of mass destruction, among other responsibilities. And one part of the bureau is growing to protect the nation against cyber threats.
The Defense Information Systems Agency is a combat support agency, and as such, is charged with supplying key information technology to warfighters and civilians around the globe. The agency provides voice, data, video, spectrum, computing and other communication capabilities to combatant commands, the Joint Staff, the services, offices and agencies in Department of Defense and the intelligence community.
The cybersecurity workforce gap is real, and it’s growing. Based on a state-by-state analysis on CompTIA’s cyberstates.org, there are currently 320,000 open cyber jobs in the United States. By 2022, the projected shortage of cybersecurity professionals worldwide will reach 1.8 million, according to the Center for Cyber Safety and Education.
Schooling at an early age, an appeal to patriotism and a government program that trades tuition support for public sector work may be necessary to produce the skilled cyber professionals so badly needed across the spectrum of technology jobs in the United States. While the current number of cyber workers is woefully insufficient, the demand increases. For government, the cyber threat escalates daily. For industry, cyber applications proliferate constantly.
Recruiting and maintaining a cybersecurity workforce is a complicated challenge for the government. According to the Information System Security Certification Consortium, 85 percent of cybersecurity professionals would consider leaving their current jobs. Information technologists do not need to search for positions that are exciting, respect their expertise, help them become more marketable and pay well because as many as 18 percent of non-active job seekers are contacted daily by employers seeking them out.