Fleet Boosts Cyber Might

Sailors in the Navy Cyber Defense Operations Command monitor, analyze, detect and respond to unauthorized activity within U.S. Navy information systems and computer networks.

Information operations move out with the force.

With the ascension to full operational capability, the U.S. Fleet Cyber Command/10th Fleet is moving the U.S. Navy’s role in cyberspace alongside the ranks of space, air, surface and subsurface in defending the United States from attack. No longer viewed merely in a support role, information professionals are in operational mode worldwide. Their mission is to protect U.S. networks while contributing as a force multiplier by assisting in kinetic warfare and wielding nonkinetic effects.

Vice Adm. Barry McCullough, USN, commander, U.S. Fleet Cyber Command and U.S. 10th Fleet (FCC/C10F), Fort Meade, Maryland, explains that the Navy’s first move in its cyberevolution was the establishment of the Network Warfare Command in 2002. This command’s focus was on the “man, train and equip” side of information operations, which laid the groundwork to move the Navy’s mission in cyberspace into operational mode. Now, the stars are aligned across the services to increase cybersecurity and solve many of the technical interoperability problems the services continue to experience.

“The U.S. Defense Department does not have the resources to maintain the lead in this domain. We can influence it, but we don’t have the resources to drive it like we need to. So [the questions are] how do we position with industry, how do we partner with academia and federally funded research and development centers to leverage their knowledge and resources in this area to do that?” the admiral posits.

On the national level, Gen. Keith B. Alexander, USA, commands U.S. Cyber Command (CYBERCOM), a subunified command under the U.S. Strategic Command, Offutt Air Force Base, Nebraska. In addition, the services’ current cyberchiefs have long-established working relationships, which Adm. McCullough believes will guide the current leadership toward securing and exploiting the cyber domain.

“We have a confluence of people who all know and trust each other that have come together at one time to start an organization so we get it right. Some of us are a little further down the road than others. But I’ve told my folks what I’m trying to put in my operations center. I cannot lose sight of what the U.S. Air Force has in Lackland [Air Force Base, San Antonio, Texas] or what Gen. Alexander put here [at Fort Meade] in his operations center headquarters building because we need to be able to leverage off of each other, so that nobody ever talks about [problems with] interoperability again. If we can see it [a cyberattack] here, I ought to be able to get the same thing to Maj. Gen. Dick Webber [USAF] in San Antonio; I ought to be able to walk across the street and see the same thing on a different screen in Gen. Alexander’s office. It ought to be the same thing—the same stuff—built to the same interface standards, and if we don’t get that right, they ought to fire all of us,” the admiral says.

In addition to interoperability, Adm. McCullough is referring to the unprecedented opportunity to integrate cyber into operations and support the individual services as well as the joint community. On the Navy side, the FCC/C10F consists of approximately 2,100 sailors; on the national side approximately 3,400 sailors are part of the command and fleet. The FCC/C10F is assessing command and fleet resources to determine if they have the right mix of resources—people, facilities and funding—to conduct the mission sets it has been assigned.

The first person to command the FCC/C10F, Adm. McCullough leads an organization that comprises service cryptologic component operations, information operations, the network operations and defense group, fleet and theater operations, and research and development. Its reach extends worldwide with the exception of South America, the admiral explains. Specific responsibilities range from signal intelligence to electronic warfare to cyberspace in what the admiral will only refer to as “nonkinetic effects.”

From the time the FCC/C10F was officially established on January 29, 2010, to full operational capability on October 1, 2010, the command has been focusing on bringing the right equipment together to have total situational awareness of the networks. These include those within and outside of the continental United States, to the networks on ships and aircraft, to the Global Information Grid and even to attacks on commercial networks. This continuing effort involves both determining what types of information are needed for awareness and how best to display that data so analysts are not overwhelmed by it. “I will tell you that it’s a plethora of information. Then once we have all of the information, we need to know how to integrate it into current operations for the cyberdomain and the information domain…So how do you build that warfare picture in this new domain? That’s what we are going to try to do,” Adm. McCullough states.

Adm. Gary Roughead, USN, chief of naval operations, salutes Adm. McCullough at the January 2010 commissioning ceremony for the U.S. Fleet Cyber Command, which took place at Fort Meade, Maryland, the homeport for the command.

Because cyberattackers are continuously moving targets, the command and fleet must learn how to evolve as technology evolves—at breakneck speed. To accomplish this task, the services must carry on the work of improving both engineering and acquisition processes. The admiral has seen strong leadership to tackle the challenges in these areas, and he believes the key lies in both spiral development and the type of rapid insertion that was used to build the acoustics and sensor systems for submarines. “We have to apply that process to the cyberdomain,” the admiral maintains.

Adm. McCullough has three top priorities to move in this direction, and the first is achieving and maintaining dynamic situational awareness of the Navy’s networks globally, with the ability to share that information with the service’s component commanders. The quandary the admiral and his teams must solve is how to sift through and deliver to each component commander only the information necessary and appropriate for an area of responsibility (AOR). This would be a simple process if not for the domino effect: cyberactivity in one AOR most certainly could affect other AORs, the admiral explains.

Dynamic situational awareness and the right intelligence leads to Adm. McCullough’s second priority: dynamic network defense. The goal  is to determine how to achieve this capability in real time. Currently, network defense is in reactionary mode. “You have to be able to do it [network defense] now. By the time we find the attacks, it takes too long,” he states. Dynamic defense operations are needed that include intelligence information and dynamic situational awareness, the admiral adds.

Adm. McCullough’s third priority is full-spectrum operations to support all of the combatant commanders. These operations comprise network defense, network operations, network exploitation and network attacks, otherwise known as nonkinetic operations. This goal can be achieved only by working with industry and academia, and the challenge now is determining how to build relationships between the military and these organizations. To support university work, the admiral and his teams have been working with academic institutions that range from Carnegie Mellon University to community colleges.

“We want to start establishing relationships in other locations where we have [cyber operation] centers, where we have to start building hubs. We also have to determine how to recruit, train and maintain the force we have,” Adm. McCullough says. Achieving this goal is a challenge because the Navy is competing for people with other organizations such as laboratories and industry. Because of the salary structure, the amount of financial compensation is fixed. However, the admiral points out, the Navy as well as the other services must convince potential recruits of the importance of their mission, which includes helping to ensure national security, the opportunity to rise into leadership roles quickly and the educational benefits.

Currently, recruitment efforts are focused on reaching out to high school students, but Adm. McCullough believes that it is time to start reaching out to middle school students and telling them about the benefits of enlisting in the military. He points out that high unemployment makes joining the military more attractive. Although this is the current economic situation, the military cannot count on high unemployment rates as a means of attracting new recruits. “The country as a whole has a focus on this challenge,” he states.

In the area of creating partnerships with industry, Adm. McCullough notes that he meets on a regular basis with many of the large corporations and small companies that specialize in the areas of information technology, telecommunications and intelligence collection.

Vice Adm. David J. Dorsett, USN, deputy chief of naval operations for information dominance (N-2/N-6) and director of naval intelligence, is another Navy leader who is responsible for network operations. Adm. Dorsett is an integral part of achieving cyberdefense because he is responsible for determining policy, strategy, programs and the budget to support it. In October, Adm. Dorsett was in the process of pulling together the 2012 budget and beginning to examine the resources that will be needed for 2013. Adm. McCullough explains that his organizations cannot wait for the determination of these resources to begin the work they know is necessary immediately; however, he must build on what the command and fleet have now and determine what is and will be needed in the near future to accomplish FCC/C10F missions. By providing this input to Adm. Dorsett now, Adm. McCullough is supplying the information Adm. Dorsett needs to make informed decisions.

“Take our line of operations across the Navy and globally. Now, we are at T=0+. How do we integrate across the Navy as we are asked to handle other mission sets in the .mil world? We have to get the authorities, the rules of engagement, and command and control aligned, then we have to practice [through exercises],” Adm. McCullough explains.

FCC/C10F personnel must ensure that they are proficient at these tasks, he says. In the past, information technology and the cyberdomain were a staff function—part of the “6” functions. Now these must be operationalized—add the “3” responsibilities, he explains. “This is what we do to enable combat operations at sea. We are a force multiplier for kinetic operations that come out of intelligence collection. We have to move away from being reactive and not just be proactive but predictive. This is a huge mindset shift,” the admiral states.

Adm. McCullough views cyberspace like any other domain. He points out that in the 1990s, the buildup of U.S. military kinetic force compelled adversaries to find new ways to attack the United States, so they turned to another realm: cyberspace. “Potential adversaries operate in it. We have to be able to operate through the degradations of attacks from the mundane to the malicious. If we don’t operate and think like that, it’s going to hurt us in the long run,” the admiral states.

WEB RESOURCE
Fleet Cyber Command/10th Fleet: www.fcc.navy.mil