Pentagon raises the alarm over daily cyber conflicts

U.S. military leaders say they are engaged in a heightened global conflict every day in the information space and are becoming very vocal about the threat.

“I don’t think the salvo has been fired, they’re firing. We’re at war right now in cyber. We’ve been at war for a decade. If Gen. [Paul] Nakasone or Gen. Glavy, they’d tell you, we’re pouring oil over the castle walls every day,” Gen. Robert Neller, the commandant of the Marine Corps, said during a panel discussion, in mid-February.

“I’ll reaffirm that we are in phase 3 in the cyber domain today. There’s no question about that in my mind,” Vice Adm. Nancy Norton, director of the Defense Information Systems Agency and commander of Joint Force Headquarters-Department of Defense Information Networks, said on 14 February, during the West 2019 conference.

Within the military’s six-phase cycle for each conflict, phase 3 refers to dominating adversaries in which forces focus on the exploitation, pursuit, and destruction of the enemy in order to break the will to resist. JFHQ-DoDIN is a subordinate headquarters to U.S. Cyber Command that is responsible for defending DoD’s networks.

“We very definitely are in contact with adversaries — not always knowing who that adversary is in the cyber domain — but certainly that there are those trying to attack our networks, whether that’s our defense networks, contractor networks or the commercial aspects of the network that we ride on,” Norton said.

Gen. Paul Nakasone, commander of Cyber Command, wrote in testimony to the Senate Armed Services Committee on 14 February that adversaries are taking risks to gain advantages without escalating to armed conflict. They’re doing this as a way to gain an advantage through theft of intellectual property, influence, election interference and actions against critical infrastructure, all of which are conducted through the information domain.

Nakasone added that JFHQ-DoDIN uses network sensors as a way to determine cyber risks and to help build the requirements finding vulnerabilities in DoD networks.