“We live in a wired world. Companies and countries rely on cyberspace for everything from financial transactions to the movement of military forces,” reads the 2015 Department of Defense cyber strategy. “Computer code blurs the line between the cyber and physical world and connects millions of objects to the Internet or private networks.”
Living in that connected world might bring great benefit but it also makes society vulnerable to state and non-state actors, criminal enterprises, terrorist threat organizations, and “hacktivists.” Each of these threats has access to cyber capabilities and is able to use that access to strike down important networks, destroying data and shutting down critical systems from thousands of miles away, according to the study.
“Cyber threats have changed the way Army looks at the network, data, and networked systems,” said Lt. Gen. Paul Nakasone, who commands U.S. Army Cyber Command. “[The network] is not only an enabler for mission command and day-to-day business operations but also a weapons platform for cyberspace operations.”
During the 2017 Association of the U.S. Army Annual Meeting and Exposition, Oct. 9-11 in Washington, D.C., Maj. Gen. Garrett Yee, the military deputy for cybersecurity within the Army’s CIO G-6, and Brig. Gen. Joseph McGee, the deputy commander of operations for ARCYBER, will further discuss the borderless nature of cyber-attacks. Their “Warrior’s Corner” presentation will be live-streamed Oct. 11 at 12:35 p.m. Eastern time on www.dvidshub.net.
The biggest risk
To stay relevant in the cyber domain, ARCYBER operates and aggressively defends the Defense Department’s information network. The command employs both offensive and defensive cyberspace techniques to keep the United States safe from threats posed by global adversaries, for instance. Additionally, they rapidly develop and deploy new capabilities to defend against a resilient, adaptive enemy.
Defending the network can be difficult, Nakasone said. In the cyber environment, attackers have a considerable advantage as they “only have to be right once.”
“To defend against these threats requires unfailing defense of our networks, systems, and weapons platforms,” Nakasone said. “To put this complex challenge in perspective, remember that our baseline Army network alone entails over 1 million endpoints.”
The biggest risk to the DOD network is the uniformed user, as adversaries continue to exploit phishing techniques, he added.
“It’s no longer the Nigerian prince that’s offering you a million dollars,” he said. “It’s someone that has perhaps done some social research with regards to social media.”
User-generated vulnerabilities create a larger concern, as it provides adversaries an opportunity to establish a presence and extract information from the DOD network — putting personally identifiable information and mission-critical data for military weapons and transport systems at risk, he said.
As part of its mission, ARCYBER constantly conducts passive and active cyberspace operations to preserve the ability to use friendly cyberspace capabilities and protect data, networks, net-centric capabilities and other designated systems. ARCYBER also aggressively defends DOD networks, data, and weapons systems through network hardening, modernization, and an active defense.
Additionally, ARCYBER is now engaged in designing, building and delivering integrated capabilities for the future fight, focusing on defensive and offensive cyberspace operations. The command supports Army readiness as it continues to build 62 total-force cyber mission teams.
Growing cyber force
“If you think about what makes us successful, I would offer that there are probably four areas: our people, our teams, our experiences, and our future,” Nakasone said.
Maj. Gen. John Morrison, the commanding general of the Army Cyber Center of Excellence, and Maj. Gen. James Mingus, the director of the Army Mission Command Center of Excellence, will elaborate on future plans for all four of those success areas during another Warrior’s Corner presentation Oct. 10 titled “The Network Way Ahead.” That AUSA presentation will be livestreamed at 2:30 p.m. Eastern time.
The cyber workforce will be further discussed at an Institute of Land Warfare Contemporary Military Forum Oct. 11 at 2 p.m., “A New Kind of Force for a New Fighting Domain: Cyber Talent Management.” Panelists include leaders in industry and Maj. Gen. John B. Morrison Jr., commanding general of the Cyber Center of Excellence, along with Brig. Gen. Stephen J Hager, deputy commander of Operations at Cyber National Mission Force, U.S. Cyber Command. This panel is also scheduled to be livestreamed on www.dvidshub.net.
ARCYBER employs 20,000 people in four states, Nakasone said, and there is a strong emphasis from the Army to properly train and develop personnel at all levels — junior enlisted, noncommissioned officers, warrant officers, officers, and civilians — for the duration of their career.
“We don’t compete with the private sector in terms of money and salary — but the pay is not the only factor to [retain] talented employees,” Nakasone said. “The Army is unique in that we offer unmatched mission and teamwork against adversaries to our nation. Few private sector outlets can offer that rare opportunity.”