U.S. 2023 Cyber Strategy: Lessons from Ukraine and the New Paradigm for Global Cybersecurity
Cyber warfare policy is adapting to growing threats, capitalizing on experience from the Ukraine war.
“Both the People's Republic of China (PRC) and Russia have embraced malicious cyber activity as a means to counter U.S. conventional military power and degrade the combat capability of the Joint Force,” the published version of the 2023 Cyber Strategy document stated.
The declassified text laid out four lines of effort:
- Defend the Nation is the first line in which the key is to “defend forward,” disrupting and degrading malicious cyber actors' capabilities and supporting ecosystems.
This has been a concept repeatedly discussed by Gen. Paul Nakasone, USA, as part of the cyber warfare lessons acquired in Ukraine while deploying dozens of service members to support the European country. “The first thing is presence matters,” Gen. Nakasone told SIGNAL Media in May. “On the 3rd of December 2021, we sent a hunt forward team to Kyiv.”
The remaining three lines are:
- Prepare To Fight and Win the Nation's Wars, which entails the cybersecurity of the Department of Defense Information Network (DODIN) and defensive cyberspace operations to protect it.
- Protect the Cyber Domain With Allies and Partners is about building ally capabilities in cyberspace.
- Build Enduring Advantages in Cyberspace is the last line of effort, which refers to optimizing, organizing, training and equipping the Cyberspace Operations Forces and Service-retained cyber forces.
These work guidelines were later explained in terms of military strategy.
“It's about integrated deterrence and how to cyber-play a role alongside of all the other elements of national power, all the other capabilities, the Department of Defense, to enable to provide optionality with those other things,” said Mieke Eoyang, deputy assistant secretary of defense for cyber policy.
The third line of effort is about cooperation with allies. In this realm, Eastern European countries have faced the most imminent cyber threats in the recent past.
“We are learning really important lessons from the Estonians, from the Ukrainians, about the values of resistance, how to engineer your networks in ways that are helpful things like tactics, techniques and procedures,” Eoyang said.
The Department of Defense engages in "hunt forward" cyber operations. These entail activities that work toward the lessons Eoyang addressed in following the Cyber Strategy.
This text describes this activity as "illuminating adversary actions in cyberspace and frustrating the designs of malicious cyber actors."
John Plumb, assistant secretary of defense for space policy, later added more context and explained how it was mainly focused on information gathering.
“We conduct intelligence-driven hunt forward operations to generate insights into our competitors’ tactics while defending U.S. allies and partner computer networks,” Plumb told Congress.
This type of cyber presence increases capabilities and security for all those under U.S. protection, Eoyang said.
“Our hunt forward operations are designed to help us understand better from those partners what kinds of malicious activity they're seeing and how we can use that knowledge to better strengthen our networks collectively,” Eoyang added.
Recently, voices were raised in the media and policy circles to regulate cyber activities by all governments, suggesting that nuclear arms regimes could serve as a model.
Eoyang did not see this as an alternative.
“Cyber is a clandestine capability, works best as a clandestine capability; if the other side knows what you are doing, they will take technical steps to stop you from doing it; so this arms control model has some real challenges when applied to the cyber domain,” Eoyang told journalists.
Eoyang spoke September 15 at an event organized by the Project for Media and National Security.