We’ve posted about this before but you need to hear it again.  The next big war between nation states probably won’t be fought using tanks and planes; it will probably be fought in cyberspace.  The war could be over before a single shot is fired, with the winner being the first to shut down the other side’s electrical and information grids.  The soldiers of the next war are in training now.  And the United States is way behind other nations in training and equipping its cybersoldiers.

In this article, we told you about French Rafale fighters being grounded because the Conflicker worm invaded the French Navy’s mission planning system via an infected thumb drive, and we reported that the British Ministry of Defense and its aircraft carrier HMS Ark Royal were similarly attacked by computer viruses.  In response to pervasive cyber threats, in June 2009 the Pentagon established USCYBERCOM as a subordinate unified command under the U.S. Strategic Command.

"My own view is that the only way to counteract both criminal and espionage activity online is to be proactive. If the US is taking a formal approach to this, then that has to be a good thing. The Chinese are viewed as the source of a great many attacks on western infrastructure and just recently, the US electrical grid. If that is determined to be an organized attack, I would want to go and take down the source of those attacks." – Lt. Gen. Keith Alexander, nominated USCYBERCOM Commander, May 2009 (quoted here)

In another article, we told you about the U.S. Cyber Challenge, where children as young as high-school age are invited to participate in “contests” (that look an awful like training exercises) in which their nascent skills in cyber attack and defense are “nurtured and developed”.  Those participants who stand out from the rest will be offered grants, scholarships, advanced training, and/or full-time employment, in order to become full-fledged “cyber-security practitioners, researchers, and warriors.”  We noted that the impetus for this effort was the fact that the U.S. had belatedly recognized how far behind China it had fallen in this area.

More recently, media outlets carried reports of China’s apparent involvement in a sophisticated attack on Google, in which “the e-mail accounts of several Chinese human rights activists had been compromised.”  This Reuters article discusses China’s Hong Ke (Red Visitors) and quotes a blogger as saying, “China may not be where the U.S. is militarily, but it clearly has invested a lot of brainpower in developing capabilities that can offset the U.S. advantage in force-on-force conflict.”

The foregoing is but a bit of background to the discussion of the Comprehensive National Cyber Security Initiative, the Department of Homeland Security’s National Cyber Security Center, and DARPA’s National Cyber Range.  It is in these arenas that the United States is developing its offensive and defensive doctrines for fighting the next war.

The Comprehensive National Cyber Security Initiative (CNCI) dates back to 2008, when then-President George W. Bush issued National Security Presidential Directive 54 to improve how the Federal government protects sensitive information from hackers and nation states trying to break into agency networks.  Much of the details surrounding CNCI are classified, but reports indicate that its multi-year budget may be as much as $40 billion. 

Apparently, the Department of Homeland Security (DHS) is the lead CNCI agency.  Reports assert that DHS uses an automated system known as Einstein to collect security information, such as notifications of intrusions via sensors deployed in agencies’ networks, and reporting that information to the U.S. Computer Emergency Readiness Team (US-CERT).  In addition, one article reported that “Defense and intelligence agencies were assigned an operational role, particularly for computer systems and networks deemed more sensitive to national security. Those agencies were expected to focus on counterterrorism efforts.”

The National Cyber Security Center (NCSC) is tasked with protecting the Federal government’s communication networks from domestic and foreign threats.  After a rough start in which the NCSC head quit over allegations of undue influence by the National Security Agency (NSA), the NCSC has lowered its profile under the direction of long-time Microsoft Executive Phil Reitinger.  In a rare interview posted on Govinfosecurity.com, Mr. Reitinger let drop some tidbits about the NCSC.  He said, “I was talking before about the National Cybersecurity Division, which is part of cybersecurity communications. The National Cybersecurity Center is an even smaller group that will be growing form perhaps somewhere in the neighborhood of five people to perhaps 25 by the end of the year, so it is going to be much more than doubling but it is a smaller group of people.” 

Finally, let’s discuss DARPA’s National Cyber Range (NCR).  According to the DARPA press release:  “The goal of the NCR program is to revolutionize the state of the art of the Nation’s cyber testing technology, and develop a computer systems test bed on which cyber scenarios can be evaluated simultaneously to provide a comprehensive, qualitative and quantitative assessment of the security of information and automated control systems that are under development.”  DARPA’s vision for the NCR is to “simulate the entire internet, allowing soldiers to drill in virtual simulations ranging from a small scale computer virus to a World War III-sized conflict,” according to this article.  Northrop Grumman won the Phase I concept design work, but contracts for Phase II efforts, which include building and evaluating “prototype ranges and their corresponding technology,” were awarded to John Hopkins University-Applied Physics Laboratory and to Lockheed Martin.

While Aviation Week & Space Technology magazine is excited about the Next Generation Jammer (NGJ), focusing on new techniques in Electronic Attack and Electronic Warfare, the real future of warfare is already taking shape behind computer screens and in large-scale testbeds and laboratories.  For example, the January 18, 2010 edition of AW&ST describes that the future of electronic attack weapons as including “a magazine filled with electron pulses, information scrambling data streams and invasive algorithms.”  That may well be true, but if the planes that carry the NGJ and its science fiction weapons can’t take off because the military command and control structure has been hacked from abroad, or if the mission planning and guidance maps have been altered via undetected intrusion, then those weapons will avail us very little.  Instead, AW&ST might want to think about getting excited about cyber.