The long wrangle among the US military about who gets to be in charge of cyber warfare and who gets all the resulting pork appears to have been settled. Questions remain, however, regarding the level of America's readiness to take offensive military cyber action against enemies presumably overseas.
Reuters reports that the main decisions on the US military cyber command were announced yesterday at the Pentagon. Defense Secretary Robert Gates signed an order to create the new organisation, intended to be based at Fort Meade outside Washington and subordinated to the head of the US National Security Agency (NSA), widely believed to be the most powerful crypto, intercept and eavesdropping agency in the world.
The news wire quotes Department of Defense (DoD) spokesman Bryan Whitman, responding to questions about "offensive" as opposed to "defensive" cyber warfare by the US forces, as remaining noncommital.
"This command is going to focus on the protection and operation of DoD's networks," he said. "This command is going to do what is necessary to be able to do that."
The Pentagon has previously stated on many occasions that its networks and those of the US government in general are nowadays constantly subject to cyber attacks, most of which appear to emanate from abroad. China is the foreign country most often mentioned in this context, but Deputy SecDef William Lynn has recently stated that "more than 100" foreign intelligence organisations have tried to penetrate the US military's cyber grid on various occasions.
"There is simply no exaggerating our military dependence on our information networks: the command and control of our forces, the intelligence and logistics on which they depend, the weapons technologies we develop and field – they all depend on our computer systems and networks,” said Lynn earlier this month. “Indeed, our 21st century military simply cannot function without them.”
The American Forces Press Service, indeed, characterised Lynn's assessment as amounting to a "clear and present danger" from cyberwarfare. This is a powerful phrase in US law: where a clear and present danger is deemed to exist, the authorities may be able to suspend the First Amendment right of free speech (or in this case, perhaps free net traffic). On the other hand, the term does get tossed around quite casually these days, having been popularised by Tom Clancy.
As for the matter of the US taking the cyber offensive (as opposed to defensive) this would seem to be a foregone conclusion. The very meaning of the word "Defence" in modern English has now changed to mean "activities formerly carried out by ministries or offices of War - including attack and offence as required". It's a universally acknowledged military truism that defence of one's own territory is often best conducted on someone else's.
If that wasn't enough, it should also be noted that the US military is at present engaged in building a cyber firing range - in effect a Matrix-esque virtual world - in which to test the effects of cyber weapons.
The new command's subordination to the NSA makes sense - the NSA is already hugely expert in crypto and other useful subjects. Not everyone remembers that it is a military organisation, but unlike the CIA it is indeed "a Combat Support Agency of the Department of Defense".
The cyber command is due to kick off in October, and reportedly will be fully up and running a year later. ®