United States Cyber Command


United States Cyber Command is one of the eleven unified commands of the United States' Department of Defense. It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integrates and bolsters DoD's cyber expertise.
USCYBERCOM was created in mid-2009 at the National Security Agency headquarters in Fort George G. Meade, Maryland. It cooperates with NSA networks and has been concurrently headed by the Director of the National Security Agency since its inception. While originally created with a defensive mission in mind, it has increasingly been viewed as an offensive force. On 18 August 2017, it was announced that USCYBERCOM would be elevated to the status of a full and independent unified combatant command. This elevation occurred on 4 May 2018.

Mission statement

According to the US Department of Defense :
The text "9ec4c12949a4f31474f299058ce2b22a", located in the command's emblem, is the MD5 hash of their mission statement.
The command is charged with pulling together existing cyberspace resources, creating synergies and synchronizing war-fighting effects to defend the information security environment. USCYBERCOM is tasked with centralizing command of cyberspace operations, strengthening DoD cyberspace capabilities, and integrating and bolstering DoD's cyber expertise.

Organization

USCYBERCOM is an armed forces unified command under Department of Defense.

Service components

U.S. Cyber Command is composed of several service components, units from military services who will provide Joint services to Cyber Command.
In 2015, the U.S. Cyber Command added 133 new cyber teams. The breakdown was:
An intention by the U.S. Air Force to create a 'cyber command' was announced in October 2006. An Air Force Cyber Command was created in a provisional status in November 2006. However, in October 2008, it was announced the command would not be brought into permanent activation.
On 23 June 2009, the Secretary of Defense directed the Commander of U.S. Strategic Command to establish USCYBERCOM. In May 2010, General Keith Alexander outlined his views in a report for the United States House Committee on Armed Services subcommittee:
Initial operational capability was attained on 21 May 2010. General Alexander was promoted to four-star rank, becoming one of 38 U.S. generals, and took charge of U.S. Cyber Command in a ceremony at Fort Meade that was attended by Commander of U.S. Central Command GEN David Petraeus, and Secretary of Defense Robert M. Gates.
USCYBERCOM reached full operational capability on 31 October 2010.
The command assumed responsibility for several existing organizations. The Joint Task Force for Global Network Operations and the Joint Functional Component Command for Network Warfare were absorbed by the command. The Defense Information Systems Agency, where JTF-GNO operated, provides technical assistance for network and information assurance to USCYBERCOM, and is moving its headquarters to Fort Meade.
President Obama signed into law, on 23 December 2016, the National Defense Authorization Act for fiscal year 2017, which elevated USCYBERCOM to a unified combatant command. The FY 2017 NDAA also specified that the dual-hatted arrangement of the commander of USCYBERCOM will not be terminated until the Secretary of Defense and Chairman of the Joint Chiefs of Staff jointly certify that ending this arrangement will not pose risks to the military effectiveness of CYBERCOM that are unacceptable to the national security interests of the United States.

Concerns

There are concerns that the Pentagon and NSA will overshadow any civilian cyber defense efforts. There are also concerns on whether the command will assist in civilian cyber defense efforts. According to Deputy Secretary of Defense William J. Lynn, the command "will lead day-to-day defense and protection of all DoD networks. It will be responsible for DoD's networks – the dot-mil world. Responsibility for federal civilian networks – dot-gov – stays with the Department of Homeland Security, and that's exactly how it should be." Alexander notes, however, that if faced with cyber hostilities an executive order could expand Cyber Command's spectrum of operations to include, for instance, assisting the Department of Homeland Security in defense of their networks.
Some military leaders claim that the existing cultures of the Army, Navy, and Air Force are fundamentally incompatible with that of cyber warfare. Major Robert Costa even suggested a sixth branch of the military, an Information Service with Title 10 responsibilities analogous to its sister services in 2002 noting:
Others have also discussed the creation of a cyber-warfare branch. Lieutenant Colonel Gregory Conti and Colonel John "Buck" Surdu stated that the three major services are properly positioned to fight kinetic wars, and they value skills such as marksmanship, physical strength, the ability to leap out of airplanes and lead combat units under enemy fire.
Conti and Surdu reasoned, "Adding an efficient and effective cyber branch alongside the Army, Navy and Air Force would provide our nation with the capability to defend our technological infrastructure and conduct offensive operations. Perhaps more important, the existence of this capability would serve as a strong deterrent for our nation's enemies."
In response to concerns about the military's right to respond to cyber attacks, General Alexander stated "The U.S. must fire back against cyber attacks swiftly and strongly and should act to counter or disable a threat even when the identity of the attacker is unknown" prior to his confirmation hearings before the United States Congress. This came in response to incidents such as a 2008 operation to take down a government-run extremist honeypot in Saudi Arabia. "Elite U.S. military computer specialists, over the objections of the CIA, mounted a cyberattack that dismantled the online forum".
"The new U.S. Cyber Command needs to strike a balance between protecting military assets and personal privacy." stated Alexander, in a Defense Department release. If confirmed, Alexander said, his main focus will be on building capacity and capability to secure the networks and educating the public on the command's intent.
"This command is not about an effort to militarize cyber space," he said. "Rather, it's about safeguarding our military assets."
In July 2011, Deputy Defense Secretary William Lynn announced in a conference that "We have, within Cyber Command, a full spectrum of capabilities, but the thrust of the strategy is defensive." "The strategy rests on five pillars, he said: treat cyber as a domain; employ more active defenses; support the Department of Homeland Security in protecting critical infrastructure networks; practice collective defense with allies and international partners; and reduce the advantages attackers have on the Internet."
In 2013, USCYBERCOM held a classified exercise in which reserve officers easily defeated active duty cybermen. In 2015 Eric Rosenbach, the principal cyber adviser to Defense Secretary Ash Carter, said DoD was looking at alternatives to staffing with just active-duty military. Beginning that year, USCYBERCOM added 133 teams, with the intent that at least 15% of the personnel would be reserve cyber operations airmen. These new teams had achieved "initial operating capability" as of 21 October 2016. Officials noted that IOC is not the same as combat readiness, but is the first step in that direction.
President Barack Obama's Commission on Enhancing National Cybersecurity is expected to release its substantial report prior to 20 January 2017. The report will make recommendations regarding the intertwining roles of the military, government administration and the private sector in providing cyber security. Incoming President Trump has indicated that he wants a full review of Cyber Command.

International effects and reactions

The creation of U.S. Cyber Command appears to have motivated other countries in this arena. In December 2009, South Korea announced the creation of a cyber warfare command. Reportedly, this was in response to North Korea's creation of a cyber warfare unit. In addition, the British GCHQ has begun preparing a cyber force. Furthermore, a shift in military interest in cyber warfare has motivated the creation of the first U.S. Cyber Warfare Intelligence Center. In 2010, China introduced a department dedicated to defensive cyber war and information security in response to the creation of USCYBERCOM.

Operations

In June 2019, Russia has conceded that it is "possible" its electrical grid was under cyberattack by the United States. The New York Times reported that hackers from the U.S. Cyber Command planted malware potentially capable of disrupting the Russian electrical grid.

List of commanders