Because the Department of Defense (DoD) is broadly charged with defending the country against all threats, military and otherwise, cybersecurity has always been part of its portfolio. The DoD first warned about potential vulnerabilities in computer networks almost fifty years ago, and over the years the individual branches of the military set up their own cybersecurity operations.
However, it wasn’t until 2010 that the DoD consolidated the majority of its cybersecurity operations, known as Defensive Cyber Operations and DoD Information Network Operations, into a single sub-unified command: U.S. Cyber Command (USCYBERCOM). The military service cyber components (Army, Navy, Air Force, and Marines) then aligned under the command as the means by which it executes its cybersecurity missions.
USCYBERCOM is responsible for directing, synchronizing, and coordinating cyberspace planning and operations in the defense of the United States and its interests. This inherently includes protecting, securing, and defending DoD networks and systems, defending the Nation and its interests against disruptive cyber attacks, and building international alliances to combat shared cyber threats.
Shifts in the National Defense Strategy
The DoD regularly analyzes global threats and, in response, publishes a National Defense Strategy (NDS). The NDS outlines how the U.S. intends to maintain prosperity and security worldwide and is usually updated every four years. The most recent NDS was issued in 2018 and reflected changing conditions around the world.
Cyberthreats from China and Russia
This 2018 National Defense Strategy report details the reemergence of long-term, strategic competition with China and Russia. Both of these “revisionist powers,” as the NDS calls them, represent military, economic, and cyber threats to the United States. They want to create a global environment that is consistent with their internal authoritarian models.
These and other countries, such as North Korea and Iran, are using technology to change the nature of war. Otherwise innocuous new technologies are quickly becoming weaponized. Artificial intelligence, big data analytics, and other advanced computing technologies are being used today for cyber espionage and will be used to fight the cyber wars of the future. The adoption and adaptation of these and other new technologies will continue to shape our country’s evolving defense strategy.
The Russian Attack
The most recent example of Russia’s aggressive intentions is the compromise of public and private entities over the past several months. Numerous private companies and government agencies were affected, including the Departments of Commerce, Defense, Energy, Homeland Security, State, and Treasury, along with the National Nuclear Security Administration and the National Institutes of Health. The U.S. Cybersecurity and Infrastructure Security Agency said that the intrusion posed a “grave risk” to both federal and state governments.
This attack proves an assertion made in the NDS: the U.S. homeland is no longer a sanctuary. For most of its existence, our country has enjoyed a respite from attacks on U.S. soil, due in part to our physical distance from likely attackers. When we’re dealing with technology-based malicious activity in and through cyberspace, however, the vastness of the Atlantic and Pacific Oceans no longer serve as effective barriers. A malicious actor ensconced thousands of miles away can infiltrate a sensitive system just as easily as one living next door. The virtual environment is contested.
The reality is that the U.S. has been a primary target for malicious cyber activity against personal, commercial, and government infrastructure. These attacks can come from both state and non-state (terrorist) actors, from anywhere in the world.
Impact of the COVID-19 Pandemic
The escalating cyber threats become amplified when the effects of the COVID-19 crisis are taken into account. The pandemic has forced the government and private companies to retool existing workforces into remote workforces, resulting in exponential increases in digital connectivity and thus, the network attack surface.
This “work from anywhere” posture has increased risk by introducing vulnerabilities in the way remote workers communicate and collaborate. With more remote workers accessing and transmitting sensitive information from unsecured locations, there are more potential attack vectors. This change in how we work makes it both easier and more attractive for malicious actors to prioritize their operations for near-term execution. Obviously, that time is now. We should assume our competitors are on shift working around the clock to establish a foothold in as many systems as possible, given the current prominence of remote work.
Securing the Future
With more determined opponents and a larger remote workforce, the risk of a significant, cascading, or debilitating cyber incident has never been higher. Going forward, both the DoD and private enterprises must now focus on prioritizing the integration and use of user-friendly, end-to-end-encrypted collaboration platforms that are resilient, survivable, interoperable, compliant, and secure. These platforms should be deployed regardless of setting: from the tactical edge in cyber contested, austere environments to the back-office business functions of a company headquarters. The highest level of unified communications security must not be a feature that can be compromised.
Protecting the Security of Our Nation
While exacerbated by the COVID-19 crisis, the increased use of remote workers is not a temporary phenomenon. “Work from anywhere” in government is here to stay, and so is our adversaries’ interest in exploiting it. I recognize the great strides the DoD has made in strengthening our defenses against malicious cyber activity, but much more now needs to be done considering the real-time change in the attack surface. A strengthened “whole-of-society” cybersecurity stance — from the government, academia, and private enterprises — is necessary to protect the security of our Nation.