Last week, Army General Paul M. Nakasone, the commander of US Cyber Command (CYBERCOM) testified in Congress about the state of US military cyber operations.
The Cyber Command was established in 2010 and became a unified combatant command in 2018 as a response to the increasing cyber threat posed by near-peer and other state and non-state actors such as Russia, China, North Korea, and Iran.
According to Gen. Nakasone, China is one of the more dangerous cyber adversaries and has fully integrated cyber warfare into its military and national strategy. Chinese cyber capabilities are sophisticated and are used for espionage and other operations, such as information warfare. Further, the Chinese don’t care if their cyber operations are exposed after the fact. As long as they succeed, they don’t seem to care about visibility. Of course, they deny allegations of cyberattacks and espionage despite overwhelming evidence. Crucially, the Chinese are exploiting the US and other Western networks and systems to get an advantage in the cyber domain. But China isn’t the only cyber threat to U.S. national security.
Russia is also a strong cyber player. It has utilized its cyber capabilities to influence elections and referenda in the U.S. and Europe. In addition to election meddling, Moscow is using its cyber capabilities for espionage.
North Korea also uses its cyberwarfare capabilities but in an interesting way for a country. Instead of using cyber for espionage or offensive operations against other countries, North Korea primarily utilizes the cyber domain for financial gains and to evade United Nations sanctions. Essentially, Pyongyang acts as an organized crime group.
Finally, Iran employs its cyberwarfare capabilities offensive against the US but also for influence operations in the Middle East and Europe.
“In recent months our priority has been mitigating the threat to federal systems from malicious cyber actors compromising widely-used SolarWinds software and exposing thousands of public and private systems to targeted exploitation,” Nakasone said referring to the unprecedented cyberattack that took place throughout most of 2020 but was only discovered in December.
Nakasone also said that Cyber Command is working closely with the National Security Agency (NSA) to investigate the intrusion and mitigate any damage caused. The top cyber officer mentioned that thus far the joint Cyber Command-NSA team hasn’t discovered a compromise in the Pentagon’s networks.
“For the year to come our priorities are set,” added Nakasone. “We will focus on great power competition through persistent engagement, especially in support of USINDOPACOM [US Indo-Pacific Command], and particularly through improving the efficiency and effectiveness of DoDIN [Department of Defence Information Network] operations and defensive cyberspace missions.”
Cyber Command is responsible for planning and executing cyberspace operations, activities, and missions across the full spectrum of competition and conflict to defend and advance US national security interests.
Cyber Command operates primarily through the Cyber National Mission Force (CNMF), which is responsible for offensive and defensive operations. But Cyber Command has two additional units that conduct cyber operations. The Cyber Combat Mission Force (CCMF), is divided among the different combatant commands and conducts cyber operations on their area of operations. And the Cyber Protection Force (CPF), which assists in the operation and defense of the DoD’s information network.
Cyber is an unregulated realm where countries, non-state actors, and even individuals can inflict harm. It also allows for a disproportionate for its size and investment threat. Russia, for example, is a declining power but its cyber capabilities are allowing her to remain not only relevant but quite dangerous.