In the spring of 2018, the U.S. Cyber Command (Cybercom) was elevated from a subordinate unified command under the U.S. Strategic Command to the 10th unified combatant command under the U.S. Department of Defense. During his speech at the change-of-command ceremony, Deputy Secretary of Defense Patrick Shanaghan defined Cybercom’s next challenge as “build[ing] scale and strengthen[ing America’s] arsenal of cyber weapons, cyber shields and cyber warriors.” What exactly are cyber warriors, and why does America need them?
The transition of Cybercom to a combatant command signals the integration of cyber capabilities into the other four U.S. warfighting domains and demonstrates the increased importance of cyberspace. Over the years, cyberspace has evolved to become a leading domain for intelligence collection, covert operations, and warfare. However, due to the novelty surrounding this domain, the rules for operating within it remain underdeveloped, which is reflected in the nebulous nature of the term “cyber” itself. Definitions range from referring specifically to computer network operations and logical attacks against computer systems to information warfare and the manipulation of information. Thus, the definition of cyber warrior also has varying degrees of specificity and has been used to refer to non-cyber experts. I will use a relatively narrow conceptualization of the term: cyber experts assigned to both threat-oriented and vulnerability-oriented activities in the military. This includes personnel associated with offensive and defensive operations as well as vulnerability mitigation.
The cyberspace domain has become an increasingly popular arena where state and non-state actors locate and exploit each other’s vulnerabilities. Standing before the Senate committee on Armed Services in February 2019, General Paul M. Nakasone, commander of Cybercom, stated, “Cyberspace is a contested environment where we are in constant contact with adversaries … We see near-peer competitors [China and Russia] conducting sustained campaigns below the level of armed conflict to erode American strength and gain strategic advantage.” As U.S.-Sino relations evolve towards greater strategic competition, the threat posed by China’s growing command of cyberspace has generated concern among American scholars and military and defense officials.
While cybersecurity has played a prominent role in U.S.-Sino relations over the last decade, one factor has repeatedly impeded meaningful discussion and the establishment of norms of conduct on both sides: the deep distrust that permeates their relationship. This has been apparent through mutual accusations of misconduct over the years, such as when Beijing reprimanded the U.S. after Edward Snowden exposed American cyber operations against China and Chinese companies, and when Washington condemned China for cyber espionage during the Office of Personnel Management hack that affected 22.1 million personal records.
Furthermore, the U.S. and China have both constructed cyber strategies that will further damage trust between the countries. The 2018 Department of Defense Cyber Strategy expressed a shift from a U.S. strategy focused on extremism and counterterrosim to one focused on competition with Russia and China. It emphasized an assertive posture of ‘defending forward’ in order to “disrupt or halt malicious cyber activity at its source, including activity that falls below the level of armed conflict.” In accordance with this new posture, U.S. cyber warriors can operate outside of DoD networks for the first time to pursue and counter adversaries’ operations in foreign networks. Despite the lack of an official definition for the defend forward policy, there is a consensus among scholars that the 2018 strategy is more proactive than its 2015 predecessor and marked a pivot towards heightened aggression in cyberspace. In the 2019 Defense White Paper, Beijing responded to these shifts by announcing the accelerated building of China’s cyberspace and cyber defense capabilities and cyber security. While China stressed the defensive nature of these efforts and proclaimed its desire to avoid arms racing and cyber warfare, the U.S. should be weary of such professions.
The annual threat assessment released by the Office of the Director of National Intelligence last month suggests that this is indeed the case. The report listed China’s prolific cyber-espionage operations as a major threat. However, given the fact that cyber operations can exacerbate the risk of nuclear escalation, Washington must not overlook cyber threats to the U.S. nuclear command, control, and communications (NC3) systems. Since the U.S. NC3 systems and those of other nuclear-armed states are dependent on computers, they will always be vulnerable to cyber threats. While no computer can be completely invulnerable, the standard for the cybersecurity of NC3 systems must be extremely high given the ability of nuclear weapons to decimate mankind in just under 30 minutes. With around 900 nuclear weapons on hair-trigger alert status in the U.S., meaning they can be launched within minutes, the result of a cyberattack on the U.S. NC3 infrastructure could be devastating. The implications of the cyber-nuclear domain for potential crises between the U.S. and China is especially worrying because there currently exists no formal international agreement that links nuclear weapons and cyber capabilities. Thus, the threat of cyberattacks on NC3 systems poses the most significant risk to strategic stability and nuclear escalation. This makes the weakening of restrictions on offensive cyber operations as a result of the defend forward policy particularly worrisome.
While the U.S. should not be so naïve as to believe China’s stated preference for a cooperative cyberspace domain, it is also imperative that U.S. cyberwarriors avoid offensive cyberattacks on China’s NC3 system. Cyber attacks are attractive for many reasons. They are relatively inexpensive, effective, nonlethal, and they pose a much lower risk of escalation since they are less destructive than kinetic, or traditional, weapons. However, this does not hold true when it comes to NC3 systems. Instead, offensive attacks on China’s NC3 infrastructure increase the likelihood of a non-kinetic battle in cyberspace that could escalate to a kinetic one, and potentially a nuclear one. For example, the insertion of malware in NC3 systems increases the risk of nuclear escalation even without it being activated. If Chinese leaders suspect that China’s critical systems contain enemy malware, they may stop trusting their early-warning systems in a crisis and choose to strike first. They may also view attacks on China’s NC3 infrastructure as preparation for a larger one aimed at neutralizing its nuclear capabilities and decide to launch their nuclear weapons out of fear of a preemptive strike.
While a more proactive approach to cyber operations has led to defensive gains for the U.S., it comes with the risk of nuclear escalation when applied to the cyber-nuclear domain. Thus, in order to deter cyber attacks on U.S. NC3 systems without jeopardizing strategic stability, cyberwarriors must focus on monitoring, defending, and mitigating vulnerabilities in the systems. The U.S. NC3 systems have not been comprehensively updated since almost three decades ago, and many systems such as the Strategic Automatic Command and Control System are slowly becoming obsolete, rendering them vulnerable to attack. According to nuclear security expert Bruce G. Blair, one concern regarding the U.S. nuclear systems is the “weak custody over the supply chain during design, manufacture, installation, and operation.” Many components of the U.S. nuclear networks are purchased off the shelf and frequently from foreign suppliers, meaning they cannot be certified as bug-free and safeguarded against exploitative malware and cyberhacking. Thus, the U.S. NC3 systems are in desperate need of not only modernization, but also more cyberwarriors for both defensive operations and vulnerability mitigation.
Given the growing tensions between the U.S. and China, some experts have warned that Beijing views current and planned enhancements to America’s forces and NC3 system as strengthening the U.S. ‘s capacity for preemptive operations and thus offensive in nature. Even so, the U.S. needs more cyber warriors assigned to strengthening its NC3 infrastructure since mutual distrust is set to intensify with the heightening of strategic competition and downright hostility between the U.S. and China. Deep distrust spreads. It extends far beyond the cyberspace domain, increasing the risks of arm racing, crisis instability, and conflict escalation. This is why increasing the number of cyber warriors is merely the first step towards preserving cyber-nuclear stability. Sustained bilateral dialogue must also be established between the two goliaths to increase mutual tolerance, trust, and the likelihood of maintaining strategic stability in cyberspace. The establishment of such a foundation is the necessary next step towards addressing both sides’ concerns over potential cyber threats and nuclear postures and eradicating any potential for a 21st century cold war.
Processing…
Success! You're on the list.
Whoops! There was an error and we couldn't process your subscription. Please reload the page and try again.
___
___
__
Journal on World Affairs, UCLA 