The recent incidents between U.S. and Iranian forces demonstrate the importance of cyberwarfare for national security and reinforce the importance of funding and developing the cyber capabilities of the United States.
Following the June attacks by Iran on oil tankers and then the downing of a U.S. unmanned drone, President Donald Trump chose not to retaliate with physical attacks. Instead, he reportedly approved an offensive cyberstrike that disabled the computer systems used to control Iran’s rocket and missile launches.
That was considered a more proportionate retaliation for the downing of the drone.
America’s adversaries are operating with cyber in the so-called gray zone between diplomacy and war, choosing actions that fall short of sparking a conventional military retaliation.
In 2007, Russia used cyber to disrupt communications channels in the Baltic states as part of its unconventional strategy to destabilize the region.
In 2015, China hacked the Office of Personnel Management and stole the records of employees holding security clearances. That’s in addition to ongoing theft of intellectual property.
Given these threats, and the challenges of defending networks, offensive cyberattacks are an important tool for the U.S. against its adversaries.
In 2018, U.S. Cyber Command confirmed it had launched an offensive cyberattack in order to silence a Russian troll farm, an organization used to spread disinformation and sway public opinion during the 2018 U.S. midterm elections.
Sometimes, offense is the best defense.
The release of National Security Presidential Memorandum 13 in 2018 allows for offensive and defensive cyber operations to be conducted without presidential approval.
Last year, the Department of Defense also released a plan that confirmed its commitment to using cyberattacks “to advance U.S. interests” and “defend forward.” The U.S. retaliatory offensive cyberattacks on Iran and Russia are examples of this type of approach.
Unlike nuclear weapons, which are held in reserve and used to deter other nations through the threat of use, cyber capabilities are readily available, and cyber forces are in near-constant contact with one another.
While many cyberattacks seem immediate, as though a button was pushed to trigger it at will, most are actually the result of months of work and planning. Constant effort goes into identifying cyber targets and ensuring that there is still an ability to access them.
If the target updates its software, for example, that means an entirely new plan of attack must be laid out.
The organization primarily responsible for these missions is U.S. Cyber Command. It has come a long way from its humble origins, recently filling out its Cyber Mission Forces, the operational units within the command, to full operational capacity.
In 2018, it was promoted to a full unified combatant command. That designation made it equal in rank to the other nine combat commands, such as Special Operations and Central Command.
That’s not to suggest that Cyber Command does not have more work to do. It still needs to train those forces up to a high level of readiness and continue to develop its infrastructure. Fully staffed does not necessarily mean fully mission-ready and capable.
Cyber Command is constantly deterring, disrupting, and defeating cyberthreats. Its capabilities must be able to handle the persistent nature of cyberwarfare.
Just as we maintain our ships and improve our conventional military forces, we must do the same with our cyber capability. The U.S. should continue to develop Cyber Command’s capacity and readiness so it can meet those challenges into the future.
The United States cannot afford to rest on its current cyber capabilities. Our adversaries continue to sharpen their cyber forces, and the U.S. cannot afford to lose that competition.
We must stay ahead of our adversaries and continue to invest in the U.S. Cyber Command so it can reach its full potential.