The Pentagon's Cyberstrategy, One Year Later
Defending Against the Next Cyberattack
Article Summary and Author Biography
More destructive cyberweapons are being created every day, and an increasingly sophisticated technology black market virtually guarantees that they will eventually land in the hands of the United States' enemies. Robust defenses are no longer a luxury, they are a necessity.
WILLIAM J. LYNN III is U.S. Deputy Secretary of Defense.
Essay
Right now, more than 100 foreign intelligence organizations are trying to hack into the digital networks that undergird U.S. military operations. The Pentagon recognizes the catastrophic threat posed by cyberwarfare, and is partnering with allied governments and private companies to prepare itself.
Snapshot
Despite the hype, cyberwarfare is a seldom-used, relatively toothless tactic that will not change foreign policy calculations anytime soon.
For almost all of human history, man has waged war on land and at sea. Air and space emerged as potential battlefields only in the past few generations. Now, the danger of cyberwarfare rivals that of traditional war. The advent of more destructive technologies -- and of their inevitable proliferation among actors willing to use them -- means that the United States must strengthen its critical national networks against ever worse threats.
In "Defending a New Domain" (September/October 2010), I announced that the Pentagon had officially recognized cyberspace as an operational domain and went on to describe the military's cyberstrategy. One year later, U.S. military networks are better defended, the U.S. Cyber Command is fully operational, and we have made progress working with private industry to secure critical infrastructure. Meanwhile, the Obama administration has committed half a billion dollars to develop advanced defensive technologies, including novel approaches to improving network security. But much remains to be done, and the window for doing it is short.
CYBERCONFLICT
Our assessment is that cyberattacks will be a significant component of future conflicts. Over thirty countries are creating cyber units in their militaries. It is unrealistic to believe that each one will limit its capabilities to defense. Moreover, the centrality of information technology to the U.S. military and society virtually guarantees that future adversaries will target it.
The United States is now in the midst of a strategic shift in the cyberthreat. Until now, intrusions have largely been for the purpose of exploitation: stealing intellectual property from commercial networks or spying on the government. There have also been disruptive cyberattacks, for example on Estonia, in 2007, and Georgia, in 2008. In a development of extraordinary importance, cyber technologies now exist that are capable of destroying critical networks, causing physical damage, or altering the performance of key systems. In the twenty-first century, bits and bytes are as threatening as bullets and bombs...
