A U.S. cyberwarfare command: Better late than never

In a class at the National Security Agency, I learned that prior to one World War II battle in the Pacific, key U.S. commanders knew an attack was coming but didn't warn anyone. The result was a major loss of life and equipment. But the decision not to warn anyone was a strategic consideration. Preparing people for an imminent attack would have given the Japanese an indication that their command communications had been compromised and that U.S. commanders were aware of all Japanese troop movements throughout the Pacific. Strategically, this single loss was preferable to losing the war.

This type of quandary becomes extremely more problematic when we are talking about cyberwarfare, where multiple units are doing the same type of work. For example, the Air Force Information Warfare Command (AFIWC) might want to break into foreign air defense facilities and blind them immediately before an air attack. That would provide a tactical advantage, at the price of showing that the AFIWC had compromised the facility. That much is comparable to the World War II scenario. But then add in the fact that the NSA might have separately compromised the same air defense facility and was using it to monitor deployments or to dig into the adversary's entire military network.

In a different scenario, the NSA could be working on a long-term project to enter false information into an adversary's database, unaware that the Army had hacked into the same database to try to track military movements. In that case, the Army intelligence efforts would be misled by the NSA's independent efforts to confound the adversary.

Between the CIA, NSA, Army, Air Force, Navy and other U.S. agencies, there are probably more than a dozen independent units that have information warfare or cyberwarfare responsibilities; both offensive and defensive. All of them have independent missions and goals. Some are responsible for collecting intelligence, which means maintaining long-term access to adversary networks, while others care about taking down the networks.

Similarly, if multiple organizations are compromising the same targets, there is a greater chance that at least one of the attacks will be detected, potentially compromising all efforts.

In the recent Iraq wars, the U.S. military and intelligence agencies had to coordinate their efforts. For example, you don't want the Navy shooting missiles at Baghdad while the Air Force is sending in low-level attacks. You don't want to have Army units overrunning an Iraqi base, while the base is being bombed by Air Force or Navy airplanes.

Such coordination, while tricky to effect, is relatively easy when you're dealing with a very clearly defined geographic region. Just imagine the coordination required for cyberspace, with millions of potential targets that are very difficult to define.

For all of these reasons, I am extremely surprised that we are only now talking about a unified cyber command. Actually, I should say that I am dismayed. I am all in favor of a single command coordinating cyberwarfare defensive and offensive efforts.

The question that arises once it is decided to form a single command is who should run it. Clearly, the NSA is the most capable with regard to the scope of effort. Admittedly, I am biased. But at the same time, I realize that the NSA's primary mission is to support the Department of Defense, and from a mission perspective, it needs to support the military, not rule the military. That doesn't mean that the bulk of the operations can't be at Fort Meade.

A unified cyber command is long overdue. I like the idea of borrowing the model of the other military commands and their rotating commanders. You need someone who can coordinate the dozens of involved units, as well as balance the competing needs of gathering intelligence, preparing the cyber battlefield and offensively attacking units.

Ira Winkler is president of Internet Security Advisors Group and author of the book Spies Among Us. He can be contacted through his Web site, irawinkler.com.

Related:
8 highly useful Slack bots for teams
  
Shop Tech Products at Amazon