EP 09: U.S. Cyber Command (USCYBERCOM), America’s Elite Cyber Operations

EP 09: U.S. Cyber Command (USCYBERCOM), America’s Elite Cyber Operations U.S. Cyber Command (USCYBERCOM), located at Fort Meade, Maryland, is the nation’s 10th Unified Combatant Command. USCYBERCOM is responsible for directing, synchronizing, and coordinating cyberspace planning and operations in defense of the United States and its interests. As early as 1972, external consultants to the […]

EP 09: U.S. Cyber Command (USCYBERCOM), America’s Elite Cyber Operations

U.S. Cyber Command (USCYBERCOM), located at Fort Meade, Maryland, is the nation’s 10th Unified Combatant Command. USCYBERCOM is responsible for directing, synchronizing, and coordinating cyberspace planning and operations in defense of the United States and its interests.

As early as 1972, external consultants to the Department of Defense warned of grave dangers in terms of vulnerabilities in computers and network security. Fast forward to 1995, and then Director of the Defense Information Systems Agency (DISA) – Air Force Lt. Gen. Albert Edmonds told a gathering at the John F. Kennedy School of Government that the United States military was indeed vulnerable to remote network attacks. Aware of the growing threats, the DoD and the armed forces responded with a series of measures aimed at addressing the issue head on.

Various task forces and operations were created, yet it wasn’t until then Secretary of Defense Bob Gates inquired about – and ultimately put forth – a new sub-unified command – known as U.S. Cyber Command (USCYBERCOM) on November 12, 2008, to which USCYBERCOM achieved operational status on May 1, 2010. With the launch of USCYBERCOM, the United States was ready and armed for battle in the new world of cyberwarfare.

In a memo sent to the top brass of the entire United States military, Secretary Gates reinforced the importance of such unit like USCYBERCOM, noting how “Cyberspace and its associated technologies offer unprecedented opportunities to the United States and are vital to our Nation’s security…To address this risk effectively and to secure freedom of action in cyberspace, the Department of Defense requires a command that possesses the required technical capability and…must be capable of synchronizing warfighting effects across the global security environment…”

And a massive data breach that occurred in 2008 within the Department of Defense highlighted the need for a unit such as USCYBERCOM. It all began when an infected flash drive was inserted into a U.S. military laptop at a base in the Middle East, whereby the flash drive’s malicious computer code then uploaded itself onto a network run by the U.S. Central Command.

According to a cybersecurity report published by the DoD, it noted the following “That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control. It was a network administrator’s worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary.”

This previously classified incident was the most significant breach of U.S. military computers ever, and it served as an important wakeup call. The Pentagon’s operation to counter the attack, known as Operation Buckshot Yankee, marked a turning point in U.S. cyber defense strategy.

According to USCYBERCOM, they have three main focus areas:

(1).Defending the Department of Defense Information Network (DoDIN)

(2). Providing support to combatant commanders for execution of their missions around the world, and

(3). Strengthening our nation’s ability to withstand and respond to significant cyber-attacks.

So, a quick note to technology gurus out there, if you’re interested in an exciting government job, USCYBERCOM is seeking the following types of professionals: Cyber security specialists, cyber operations specialists, along with Network and Database Administrators.

USCYBERCOM also played a role in the 2020 presidential election. Weeks before election day – November 3, 2020 – the United Stated deployed cyber operatives to Estonia in an effort to learn more about Russia’s cyberattack measures. Because Estonia has one of the more advanced I.T. networks in Europe, it allows the United States to work side-by-side with another country who has expertise in combatting ongoing Russian cyberattacks. This exercise, just prior to America’s election, gave USCYBERCOM an opportunity to observe and learn more about Russia’s cyber techniques. According to Brig. Gen. William J. Hartman, the commander of the Cyber National Mission Force, “The ability to share that information back with our whole of government partners is a key component of the defense of the elections,” General Hartman said. Estonian officials said Russia did not attack its military networks while the American team was deployed there, from Sept. 23 to Nov. 6.”

And USCYBERCOM is reaching out thousands of miles away, to Australian, one of America’ longstanding allies, in developing joint cybersecurity initiatives. Specifically, the United States and Australia have signed an agreement to jointly develop and share a virtual cyber training range as the two countries seek to strengthen their partnership in cyberspace. The bilateral agreement will enable the US Cyber Command to incorporate the Australian Defense Force’s (ADF) feedback into its simulated training domain called Persistent Cyber Training Environment (PCTE). The PCTE, an essential component of the US military’s Joint Cyber Warfighting Architecture, allows for supporting of multiple independent cyber operations training activities simultaneously.

And just in a blink of the eye, USCYBERCOM turned a young ten years old in 2020, and much has changed in the world of cybersecurity, which in turn, will require USCYBERCOM to change also – and it has. Specifically, USCYBERCOM began with the assumption that their core task was preventing attacks on the military’s networks – a defensive posture. But that has proven to be inadequate. Waiting for attacks to come the military’s way is not a method to success, which has resulted in USCYBERCOM initiating operations outside of its military networks – that’s code for saying that they’re on the offensive now, a shift from its original intent. But also, a shift that had to happen.

In response to growing threats against America’s military, USCYBERCOM has the ability to “defend forward” anywhere in the world, in effect, responding to cyber threats before they reach America’s digital doorstep. That, according to Madeline Mortelmans, Senior Director for Cybersecurity Policy at the U.S. Department of Defense Additionally, she also acknowledged that USCYBERCOM has the resources and expertise to conduct both defensive and offensive cyber operations.

In all reality, USCYBERCOM has no choice but to go on offense as growing threats from China, Russia, Iran, North Korea – and other nation states – are forcing America’s hand in cyberspace. While the public is well aware of recent high-profile cyber attacks from these countries – such as the Sony Picture hack in 2014 by North Korea, or the attack on Saudi-Aramco in 2012 by Iran, there’s been a plethora of other nefarious cyber-attacks not as well-known.

But going on the offensive also means having highly capable, well-trained personnel ready to take USCYBERCOM’s missions. And that’s a big challenge for USCYBERCOM – and many other federal agencies – finding talented cyberwarriors ready to serve their country.

According to the NSA, “Our greatest challenge—also our greatest opportunity—is recruiting, training, and retaining a world-class force”.

As these countries – and others – see it, they see their cyber capabilities as a way to level the playing in field in terms of offensive weaponry in today’s digital world. If they are going to continue to be denied nuclear weapons – as is America’s firm stance regarding North Korea and Iran – then why not turn to cyber? That’s exactly what countries are doing, and it’s exactly why USCYBERCOM is going on offense in recent years, and will continue to do so.

To learn more about cybersecurity and how to protect your organization, visit charlesdenyer.com today and get access to a wide range of world-class resources on all things cyber. Additionally, my companies offer comprehensive cybersecurity, data privacy, and regulatory compliance services & solutions for businesses all across the globe. Book a call with me today at charlesdenyer.com/contact and let’s discuss your needs.