Cyber Maven: US & China Cyber Militarization

Since taking power, the Trump administration has taken several steps to militarize cyberspace

By Ross Rustici - Warrior Maven Columnist and Senior Contributor -

Rustici Previously Served as a Technical Lead, Intrusion Analyst and East Asia Cyber Lead at the Department of Defense

Militarization of Cyberspace: Is the US acquiescing to the Beijing Cyber Consensus?

Since taking power, the Trump administration has taken several steps to militarize cyberspace. The administration’s actions appear to be broadcasting a single very straight forward message: The United States will have the largest stick, and we are unconcerned with how others wield theirs.

The hollowing out of the United States’ diplomatic and global influence on the spirit of the Internet started with the remodeling of the State department under Secretary Tillerson. The loss of Chris Painter without a successor ever being named greatly undermined America’s ability to adequately prepare for, or succeed in, discussions in such forums as the UN-GGE on cyber or the ITU where Russia and China both have a very large and organized presence focusing on a specific Orwellian view of how information technology can be used to enhance government power.

America’s diplomatic absence left our European allies towing the line in a relatively hostile environment. Trying to build an international coalition of African and Latin American states with England, France and Germany as the leading voices has been problematic to say the least.

A momentary retreat from global leadership on these issues, while damaging, would not be irreversible. However, the administration has doubled down on this approach with two recent moves. The first is the elevation of U.S. Cyber Command to a full combatant command while not separating it from the National Security Agency.

The second is the restructuring of the National Security Council that eliminates the senior most cybersecurity position. These domestic moves send a very strong signal to the rest of the world that cyber is a Department of Defense problem, and it only has one real solution, an arms race for the 21st century.

The systematic removal and marginalization of civilian opinions on the legitimate use of cyber space is already having consequences for how the United States seeks to operate in this domain. General Nakasone, the newly minted Commander of Cyber Command and head of the NSA’s comments about responding to Russia and other potential cyber adversaries during his confirmation hearings notes a far more aggressive tone than either of his predecessors took. Noting that a series of offensive plans have been developed against Russia and that the department can improve cyber deterrence by conducting operations to frustrate the adversary and demonstrate the ability to hold assets at risk. This aggressive posture can be directly tied to the elevation of Cyber Command. Any leader who is dual hatted between a full combatant command, a four-star posting, and the NSA which is a three-star posting is always going to give more energy, effort, and time to the post that is perceived by their organization as being the more important of the two.

This means that civilian voices within the NSA are likely to continue to be drowned out by the need to demonstrate the prowess of a newly minted command. Furthermore, the tension that has always existed between a war fighting unit whose express authorization is overt hostile and defensive actions with a clandestine unit that’s entire pedigree is silent and undetected is shifting irrevocably in favor of loud and pronounced.

This shift will degrade America’s ability to collect critical intelligence on its adversaries, but also fundamentally changes the gentleman’s agreement that has dictated information operations for the last five hundred years. The use of previously covert infrastructure to demonstrate U.S. cyber preeminence is only going to burn intelligence assets while degrading overall capability as the previously black projects, by necessity, become public knowledge.

The removal of the cybersecurity position within the NSC is perhaps the largest indicator that all other voices will be drowned out. Regardless of the efficacy of the position or those who occupied it, the fact that the position existed demonstrated a commitment to understanding, managing, and responding to cyber threats in a way that was on part with the other major global issues of the day. The absorption of that position into someone else’s duties makes cyber outside of the military context an “other duties as assigned” mission.

This will lead to a marginalization of the knowledge and strategy leaving the administration flat footed the next time a major cyber event does happen. In situations where minutes matter, the most prepared person in the room almost always carries the day. In a room full of decision makers with no cyber security background and a general who is in charge of fighting cyber wars, it is a foregone conclusion as to whom will have the strongest voice in the room.

What is most detrimental about these moves is that the rational self interest of the anointed institutions is now aligned with China, Russia, and Iran when it comes to how the global Internet is governed and modified. Beijing’s consistent approach to international negotiations has been to support a balkanization of the Internet. Simply put, rather than a global network that openly exchanges information, the Internet should be an amalgamation of national internets that are governed by each state respectively. The United States along with its European allies have fought against this idea in every international forum for at least the last decade.

This approach to the Internet not only undermines the nature of what makes it so exceptional, but it also creates a condition that allows national governments to use the Internet as the ultimate means of repression with impunity. An Internet policy approach led by the military however, sees this Beijing’s proposal as having a significant upside that the diplomatic core for the most part thought was an acceptable cost.

That being the ability to defend at the border. The current blind trust, ephemeral model of the Internet leaves no defensible front for many countries. If each nation were to essentially nationalize the Internet, suddenly internet landing sites have the ability to become significant defensive bastions for a military currently losing one of its two core mandates. Greater control creates a stronger ability to influence and implement. This in general is how the military operates with efficacy and speed.

But in this particular case, it also will come at the cost of the Internet as we currently know it. The trade off between privacy and security will be fundamentally altered and the United States will be abandoning the idealism that defined its foreign policy over the last 60 years. Worse, every cyber incident is starting to look like a military problem which is only going to create a spiral of incidents as the great powers of the world trade blows looking for soft and non-escalatory targets, feasting mostly on the private sector and civil society causing massive aggregate collateral damage without rising to the level of cross domain retaliation.

-- Stay Tuned for more CYBER MAVEN Columns --

Ross Rustici - A Warrior Maven Columnist and Senior Contributor -

He Currently Serves as Senior Director, Intelligence Services, Cybereason. Cybereason

Ross previously served as Technical Lead - DoD, East Asia Cyber Lead - DoD, and Intrusion Analyst - DoD.

Comments