This morning I did a very loud and painful facepalm when reading an analysis of the new DoD Cyber Strategy. I shall leave the guilty party unidentified, it’s really that bad.
A large portion of the analysis focused on the “where” of “defending forward”.
It doesn’t matter.
In the relatively short period of time in which “cyber” has been active within the Department of Defense, I have seen the locations for cyber activities – almost literally – everywhere.
This is the most fascinating part of cyber, the location usually does not matter. That little tidbit, alone, should be enough to drive the state security elements of potential adversarial nations absolutely crazy. I would say that is probably an unspoken and unwritten intention of the writers and planners of cyber doctrine and operations.
Just think. Just in the US Army alone, everything started with the Land Information Warfare Activity located in the basement of a building just south of Washington DC. Eventually, a lot of the cyber activity rented a building a mile away from there and life went on, nobody noticed and nobody cared. Then they rented another building a couple of miles away from there, and nobody bothered, and nobody was hurt. In the meantime, cyber went from an OSD (Joint Staff IO Response Cell and J-38/39)/DISA/NSA operation, was replaced by JTF-CND, which changed to JTF-CNO, to JTF-GNO, and eventually, this all was replaced by the US Cyber Command, a four-star Functional Combatant Command, headquartered at Ft. Meade, Maryland. All in less than 20 short years. Cyber Command has liaisons with every US combatant command in the world and elsewhere.
It would be crazy to think all 133 operational cyber teams are operating from Ft. Meade, not with connectivity everywhere. Think of all the geographical and functional Combatant Commands distributed all over the world with operations, both short and long-term, again, all over the world. I recently read an article where SOCOM had teams in 144 countries of the world at any one time.
Then think of all the embassies, worldwide. Then remember all the consulates. Then think of all the rental properties distributed globally. Think of all the forward military bases, posts, and other installations. Most of them require high-speed connectivity.
Then think of what “forward” means in cyberspace. There are nodes where your information must travel through which may be monitored, and those nodes can be accessed from almost anywhere. Then think of all the firewalls which have known exploits, have unpatched versions, or still have default passwords. There are a wide number of peripherals, all susceptible.
Since most systems are compromised by phishing links, don’t you think that works against potential adversaries as well?
Now factor in all the allied countries doing exactly the same things, and more, often with our help.
Now, factor in all the piggyback technology enabling anyone to trace, to track, to copy information, to plant information, onto and from almost smartphone in the world. We all seem to carry supercomputers in our pocket, in every country, with almost universal access. Geographical borders, quite often, just don’t matter anymore. Signature code recognition almost doesn’t matter anymore, with code splitting into an almost unlimited number of parts.
That is just the overt stuff.
This is war in the 21st century, where we are all on the front line, we are all targets. We are all combatants of a sort. Only it’s not just cyber, although that is a sexy part. It is the war for our minds, for our governments, for our culture, for everything we hold near and dear to our hearts. We have been at war, whether we know it or not, for years.
Why would someone be concerned about the geographical nature of “Defending Forward” in 2018? My answer is that the writer does not understand the nature of warfare in the 21st century, has limited experience, and does not get out enough.
“Defend forward” can mean many things to many people. Welcome to the 21st Century.