Defending cyberspace has the same aspects as defense of other domain but there are some distinct differences between them. Cyber-attacks can be carried out from anywhere in the world at any time with great anonymity and low cost of entry. These capabilities bring a completely new set of challenges for defending cyberspace over the other domains. The military plays an important role in the defense of the networks. They have five strategic goals:
Ensure that there are forces and capabilities ready to carry out cyber operations
Defend the DoD network and data as well as mitigate the risks to the mission
Defend the U.S. and its vital interests against cyberattacks that could disrupt or destroy them.
Build cyber capabilities to control conflict escalation and shape the conflict.
Increase international security by building alliances that will deter shared threats (DOD 2015).
There can be many issues involved with these tasks. Much of the critical infrastructure is owned by civilian companies. It does not fall under the direct control of the government. This can bring a conflict of interest for those that own the systems. The goal of these companies is to make money. On the other hand network defense costs money and it is difficult to show the return on investment that companies are looking for when they invest in something. Another aspect is perception. Does the military involvement in helping to secure a civilian asset give the perception that the military is watching your controlling the population? These examples show the importance of collaboration between the military and the private sector. The military must understand what type of support the companies need in order to be able to provide that support. Private sector companies must have not only security in place but also contingency plans and define what help they will need from the military to be able to carry those out (Kramer, Butler and Lotrionte 2017). The challenges of cybersecurity are too great for any one entity to tackle alone. There must be cooperation with military, CIA, FBI, local law enforcement, private sector companies, and other countries. Each play a role in cyber defense. There must be intelligence gathering, defense of our own assets, and possible retaliation against the attacker.
Retaliation brings its own set of new challenges. One of the advantages of cyberattacks for the attacker is anonymity. Unlike traditional warfare in can be difficult to tell where the attack came from. Even if it is possible to track down where the attack originated can we be sure that the attack came from a nation state or just an individual within that nation without ties to the government? Can we be sure that the person that it was tracked to actually carried out the attack? Sometimes there are definite answers to these questions but sometimes they cannot be answered for sure. In addition to these challenges there are international laws to consider. If the attacker is found any retaliation must be within legal bounds of the U.S. and Geneva Convention at a minimum but also include the laws of the originating country. These are just a few of the challenges that are faced when discussing cyber defense.
DOD. “The Department of Defense Cyber Strategy.” April 2015.
Kramer, Franklin D., Robert J. Butler, and Catherine Lotrionte. The Role of the US Military in Defending Essential Infrastructure in a High End Cyber Conflict . January 3, 2017. http://www.atlanticcouncil.org/blogs/natosource/the-role-of-the-us-military-in-defending-essential-infrastructure-in-a-high-end-cyber-conflict (accessed August 14, 2018).
Example of someone who already response to avobe post
Rodney, great post. I think my post is very similar, so I don’t have any points of contention with your analysis. You wrote, “Much of the critical infrastructure is owned by civilian companies. It does not fall under the direct control of the government. This can bring a conflict of interest for those that own the systems. The goal of these companies is to make money. On the other hand network defense costs money and it is difficult to show the return on investment that companies are looking for when they invest in something.” This is certainly an important dynamic of civil-military cooperation—which is essential if we are to successfully defend cyberspace and consequently, our critical infrastructure. I would add to your points that companies may be hesitant to report compromises out of fear that their stock value will decline or that customers will choose their competitors that haven’t been associated with a compromise. Shareholders might be spooked by the sight of a military task force where they have invested.
To address this, I think it is important to have a confidential reporting and response protocol that alleviates this concern. I also think it is important that any evidence of wrongdoing discovered during an incident response would be inadmissible in court. I say this not because I want to incentivize organizations to act unlawfully; I say this because I think protecting our information infrastructure is simply too important to our national security to risk a cooperative relationship between government and industry on this issue. In the U.S. Government’s own words, “To succeed in its missions the Defense Department must operate in partnership with other Departments and Agencies, international allies and partners, state and local governments, and, most importantly, the private sector” (U.S. Government 2015, 3). The government must be willing to think outside the box in order to succeed.
U.S. Government. Department of Defense (DoD). The DoD Cyber Strategy. Washington, DC: Government Printing Press, 2015.