In 1921, the US Army Air Corps was struggling to find a voice. Caught between conflicting ideas of what the role of aircraft is in combat, they were searching for independence. Since the First World War and the development of aircraft as a tool of war, they had mainly been used in support of ground forces, filling roles such as aerial reconnaissance, spotting targets for artillery, and limited dog fighting. During the period between the two World Wars, a maverick named Brigadier General Billy Mitchell, disobeyed orders and dropped a large payload from his bomber during a Navy test of air power, sinking the Ostfriesland, a captured German warship. This highly publicized event facilitated a large shift in the defense budget towards the development of air power. By the Second World War, strategic bombing was coming to a head. This helped prove their role in decisive combat action; they could make a difference on their own. The end of WWII saw the most impressive display of airpower yet. The dropping of a hydrogen bomb that could annihilate entire cities at a time decisively demonstrated that airpower had outgrown its role of purely combat support for ground forces.
In our time, we are seeing a new branch of the Army struggling with a similar dilemma. The US Army cyber branch is struggling to find a voice of their choosing. At this time, US cyber forces are separated with forces under each service branch as well as the Department of Homeland Security. In their defensive mission, as outlined in the DoD publication “The DoD Cyber Strategy”, the Cyber branch is being forced into a game of catch up. Defensively minded, they fight off cyber-attacks while looking for ways to expand relevance. However, where is their freedom to operate? Within a restrictive job description of defense, our cyber forces will not have an opportunity to grow.
What the cyber branch needs now is a maverick and their own “Ostfriesland” to sink. Without a maverick, the idea of cyber warfare in the US cannot reach its full potential.
In the current strategic climate, a stagnated cyber branch is unacceptable. In the Chinese white paper “China’s Military Strategy”, the nation confirmed the development of an offensively minded and independent cyber force. The Chinese government has gone so far as to declare cyberspace the “new commanding heights in strategic competition,” a competition the United States cannot afford to lose.
What the cyber branch needs now is a maverick and their own “Ostfriesland” to sink. Without a maverick, the idea of cyber warfare in the US cannot reach its full potential. A maverick of the Billy Mitchell variety, conducting a cyber attack challenge where cyber warriors from each branch and from the Department of Homeland Security would attempt to hack a segment of the Department of Defense within 24 hours, or another high profile action, could draw resources to the branch. These resources would allow cyber forces to expand and increase their relevance and set the stage for a true showing of force, as the sinking of the Ostfriesland did for the Air Corps during the interwar period.
It is possible that the branch is simply too young to have developed the cadre of mavericks that would be required for such an action, or that the existing mavericks have called in their favors and used the extent of their “sway” among the higher echelons in merely establishing a cyber branch within the existing service branches. In any case, they desperately need to prove their offensive capabilities in a high profile manner.
Once the cyber branch can demonstrate their relevance, and control of a new domain of war, they will hopefully be able to break new ground into a more independent combat role, or even go the way of the Army Air Corps and transition into their own service branch. Following the Air Corps model, they would first need a demonstration of combat relevance, an attack able to cause physical damage rather than relying on follow on exploitation by ground or air forces, followed by a decisive contribution to the conclusion of a conflict.
Opponents to this idea would argue that the aspects of cyber war are best used in conjunction with ground forces. However, with the increasing networking of nearly every aspect of our life, from refrigerators to phones, a cyber-force free to act of its own accord will have many opportunities to strike on its own. Hackers during the Russo-Georgian War showed the physical application of a cyber-attack. White hats working for Target showed how easily an attack could hop from system to system on a network. Moving from a deli scale in one retail store, all the way to a cash register in a different state. All without any physical contact from the hackers themselves.
A cyber force acting with autonomy to train, man, and equip a force for both offensive and defensive operations, with its own funding, would help exploit the potential of this new domain of warfare. The cyber community should be looking for a medium to demonstrate their relevance and self-reliance. Other countries, such as China, have already shown the application of a cyber force and have funded it as such. Ours too must make a greater effort into this new domain or risk being left behind.
Bravo Cadet Iacovelli!
You should see if you can get invited to Locked Shields to assess whether your proposal is already being played out in the Fifth Dimension by cyber warriors from around the world.
Locked Shields is a real-time network defence exercise, organised annually since 2010 by the NATO Cooperative Cyber Defence Centre of Excellence.
In 2010 the Centre organised, together with Swedish National Defence College and Estonian Cyber Defence League, an exercise titled Baltic Cyber Shield. After a small break, the exercise returned under the name Locked Shields and it has continued as a series ever since, taking place every spring.
In addition they are also contributing to the NATO Cyber Defence Exercise Cyber Coalition since 2009 by helping to plan, develop, and execute the exercise. Cyber Coalition is designed to give its participants a better understanding of NATO’s Cyber Defence capabilities and to identify areas for improvement within the NATO-wide Cyber Defence community.
The Estonian Cyber Range forms the backbone of the game-based exercise, with new attack vectors and technologies being introduced every year, in sync with market developments.
P.S.: you may enjoy reading this book too:
Cyber War – Law and Ethics for Virtual Conflicts, https://global.oup.com/academic/product/cyber-war-9780198717508?cc=us&lang=en&
I saw this on the BBC News App and thought you should see it:
Pentagon invites hackers in and backs encryption
The US defence secretary Ash Carter invites hackers to help find security holes and backs strong encryption, amid the fight between Apple and the FBI.
Disclaimer: The BBC is not responsible for the content of this email, and anything written in this email does not necessarily reflect the BBC’s views or opinions. Please note that neither the email address nor name of the sender have been verified.
Sent from my iPhone
There were many great points made in this article, but nothing that has not been said before.
I was curious to read about innovative cybersecurity ideas, yet this story starts off about airforce doctrine after the period after the first world war. The title does not even match with the information given later on…
"A greater challenge is needed for cyber forces" is completely dismissed after the history lesson, when you pointed out that China is becoming increasingly potent with their offensive cyber capabilities. Maybe, if you titled this with the word 'challenge' being replaced with 'training', it may be acceptable.
Everything after this is too repetitious and displays a good example of constant bitching.
Start thinking of your own ideas and communicate them successfully. Stop dragging us down Mr. Iacovelli.