Gaining situational awareness in cyberspace is key to defending critical military information systems, but that awareness can only be achieved through a joint military approach and partnerships with other government agencies and commercial enterprises.
Detailing the challenges ahead during the May 5 professional development seminar panel “Cyber Warfare and Security” at the Sea-Air-Space Exposition were Coast Guard Rear Adm. David T. Glenn, Navy Vice Adm. Bernard J. “Barry” McCullough III, Air Force Brig. Gen. Charles K. Shugg and Army Maj. Gen. Steven Wade Smith. The panel was moderated by R. James Woolsey Jr., foreign policy specialist and former CIA director.
Glenn is director of command, control, communication and computer (C4) systems and chief information officer of the Consolidated Joint Functional Component Command-Network Warfare/Joint Task Force-Global Network Operationsstaff and, as such, served as the overall scene-setter with regard to joint operations and U.S. Cyber Command.
Appearing, in part, on behalf of Rear Adm. Robert E. Day, director of Coast Guard Cyber Command, Glenn showed a chart of Day’s home computer network that, like many homes in the United States, included computers belonging to his children, and a wireless network that connected not only computers, but also Day’s cell phone and DVR system for his television.
“All these are improvised cyber devices that can be used for obfuscation and spoofing. … All of these are potential threats to the dot-mil network. And that’s what we have to be wary of,” Glenn said.
While the Internet is a great tool for information sharing, in many cases, there is a lot of garbage out there and a fair amount of that garbage is toxic to the dot-mil network, he said.
Coast Guard Cyber Command was established to protect the service’s portion of that network. There are eight on staff now, but the second phase of the command standup calls for 20 billets and a focus on computer network defense operations, integrating that with the efforts of U.S. Cyber Command and the Department of Homeland Security (DHS).
The Coast Guard is unique among the military services in that it lives in the dot-mil domain but resides on the dot-gov network, and has dual reporting and information sharing.
“There’s tension in cyberspace. … We need strategic activity while providing agile, dynamic protection for our systems in the military,” Glenn said.
Yet to be resolved, he said, is how to manage the interagency and public-private relationships. Cyberspace operations, he explained, are peer-network operations, involving computer network defense, computer network exploitation and computer network attack, and defense of the Global Information Grid (GIG).
“That’s the dot-mil network,” he said.
To act with strategic superiority in cyberspace, a common operating environment is needed that sets the standards for seamless interoperability, operations at net speed, autonomous decision logic and a common operating picture for situational awareness.
Glenn said threat vectors — methods used to attack and exploit the dot-mil network — can come from nation states and non-nation states, which includes the criminal element; be non-kinetic, such as a computer network attack and exploitation, “not so much to destroy, but to disrupt, degrade, deny and basically steal DoD information;” and kinetic, such as a “free-ranging backhoe” that mistakenly cuts a cable, or a flood that wipes out communications capabilities in an area.
There are than 7 million information technology systems and 15,000 classified interfaces (like data, voice and video networks) in the DoD information grid, “servicing 3,500 DoD stations worldwide, including all 10 combatant commands and all four services and with a presence in 88 nations,” he said. The key point is that it enjoins the Internet through just 10 DoD access points, “and the 1.7 billion hacker/users out there are all potential threat vectors. We are attacked millions of times a day. It is our jobs to defend this,” he said of the assembled panel.
Partners are key to protecting and defending the grid. The GNO, Glenn said, interfaces daily with the U.S. Computer Emergency Readiness Team at DHS, as well as the Defense Information Systems Agency, which supports the GNO with the physical aspects of the GIG, and the FBI, which provides the law enforcement component.
McCullough is commander of U.S. Fleet Cyber Command/10th Fleet, which was commissioned Jan. 29. As such, he has been tasked by Adm. Gary Roughead, chief of naval operations, “with cyber operations, information operations, defensive operating in the networks, information warfare, signals intelligence and space.
“I think we understand signals intelligence, I think we do electronic warfare and we have strengths in those areas,” McCullough said. “But I’m acutely concerned about our ability to command and control through our cyber networks.”
Key concerns are: “How do you defend a network and operate a network in a dynamic manner? How do you show a picture and be able to operate from that picture in a non-reactive manner? How do you define the battlespace? Who owns the battlespace?”
Assessing systems and processes and then defining standards and making sure service members comply with those standards are critical, he said, noting that “if you follow standard operating procedures, you can take care of about 85 percent of the threat.”
Both Glenn and McCullough noted the necessary mixture of Title 10 and Title 50 rules and roles in the information domain and battlespace. Title 10 of the U.S. Code for the Armed Forces refers to the man, train and equip aspect, while Title 50 refers to intelligence.
“If you develop a picture under Title 50, how do you share that information with the Army, Navy, Air Force and Marine Corps? Now, we know how to do that in air defense and we know how to do it in submarine warfare. We know how to do it in surface warfare. It’s all inside the Navy. … We have yet to define how we do this in cyber operations,” McCullough said.
Shugg is vice commander of the 24th Air Force, which stood up at Lackland Air Force Base, Texas, in August. Initial operating capability was reached in December and he said it is expected to be fully mission-capable in October.
“One of our main goals is to operationalize the cyber force and cyber domain. … We rely heavily on the deliberate and crisis-action planning models, and we want to make sure that cyber is integrated into the planning process from the beginning,” Shugg told the audience.
“Our focus is on mission assurance and not network assurance,” he said. “We can’t be satisfied with building up a stronger wall, and we’ve got to learn how to fight through these cyber attacks.”
Again, situational awareness is critical to mission success, he said.
“We, too, have to partner with industry.”
Smith, chief cyber officer in the U.S. Army Chief Information Office, said the Army is building a cyber command that will be housed in the Intelligence and Security Command at Fort Belvoir, Va., “where our primary defenders are.
Army Chief of Staff of the Army Gen. George W. Casey Jr. tasked the office “to unify the efforts and command of all cyber forces within the Army,” Smith said. “This will be commanded by a three-star lieutenant general … and will align all of our Title 10 and Title 50 cyber warriors and defenders under a unified command.”
Copyright 2010. Navy League of the United States. All Rights Reserved.
