Cyber Warfare Training Should Begin in Military Basic Training
Cyber is changing the way conflicts and combat unfold, and many of the principles of kinetic warfare can be translated into fighting the ever-evolving cyber threat.
The future of cyber warfare starts as early as military basic training.
“One of the most remarkable things about boot camp is that a kid can go in not knowing what an M16 looks like, and come out able to assemble one while taking enemy fire,” said William Leigher, Raytheon director of government cyber solutions and a retired Navy rear admiral. “Cyber warfare demands the same type of weapon – powerful, portable and effective even in the hands of novices. Experts call it the ‘easy button,’ and they caution that the enemy already has it.
Hackers no longer need to know lines upon lines of computer commands; today they simply launch a program and tap or click their way to calamity. Our service men and women deserve cyber capabilities with the same ease of use – powerful software running on a cleanly designed interface that will allow even the greenest soldiers, sailors, Marines and airmen to venture out into the field and knock out power to an enemy base or jam a computer network to thwart an incoming attack, Leigher said.
Deterrence looks different
Deterrence is a classic military tactic: The more visible power you have, the less likely your adversaries are to attack.
“Deterrence has worked brilliantly throughout history, but when it comes to cybersecurity, we haven’t developed a deterrent strategy,” said Leigher. “Think about conventional deterrence–like an army parading its tanks down the street. Now imagine if showing off those tanks gave away every possible means of defeating them? That’s the analogy for cyber warfare. Showing adversaries what you have allows them to render it useless.”
Unlike other acts of war, cyberattacks don’t necessarily happen in close combat – they take place from afar. The perpetrators aren’t flying their national flag – they often operate in isolation and secrecy. A country can deter a hostile nation-state’s military by having them outnumbered and outgunned, but keeping a shadowy cyber force at bay is far more complicated.
Attacks aren’t obvious
“There’s a lot of talk in cyber circles about how the next major act of war will happen online – a ‘cyber Pearl Harbor,’” Leigher said. “The problem with the comparison is that the attack on Pearl Harbor became obvious as soon as the ambush started. Skilled cyberattacks are far more insidious.”
They unfold slowly and strategically. Just like military operations, they begin with intelligence – information-gathering. Dossiers. Reconnaissance. Then comes the analysis – picking the information apart, creating aim-points and deciding how, when and where to attack. But unlike traditional military attacks, the intelligence breaches and battle damage from cyber strikes isn’t always immediately obvious – in fact, it can take months or even years to detect.
“For years, cybersecurity experts have warned that high-stakes hacks were inevitable – a matter of when, not if,” Leigher said. “It’s time to take the thinking one step farther. It’s time to assume the attacks, or at least the groundwork for them, are happening now.”
Measuring megabytes like missiles
All the tools of traditional warfare have something in common: They are quantifiable. Every radar has a range, and every missile has a blast radius. Commanders understand lethality and use it to plan a campaign. They can also use physics and other science to extrapolate the damage it can do to its target. All that analysis goes into the very same battle simulations the military uses to ensure efficiency and effectiveness.
“The problem with cyber warfare is that it doesn’t yet conform to the operational research methods,” Leigher said. “Without some meaningful method of measurement, it’s infinitely more complicated to say what something can do and how well it works. That’s where a lot of the hard thinking is right now – figuring out what a cyber blast radius looks like, and how best to measure it.”
A Battlefield View from Virtual Ops Center
Military operations centers allow commanders to carry out orders, communicate with troops and coordinate movements, and to supervise tasks. Leaders in these command posts get situational and intelligence reports from the field so they can make informed decisions on how to deal with threats and enemy movements.
Similarly, in the cyber realm, a cybersecurity operations center provides situational awareness through the detection, containment and remediation of IT threats.
"Virtual centers help an organization outsource CSOC functions, and the best of these have cyber hunters on the team. Proactively hunting for advanced threats involves recognizing suspicious behavior nobody has ever seen before, tagging the threat, reverse-engineering it and eradicating it," Leigher said. "It's like calling in a special ops team with skills a commander's brigade doesn't have to complete its mission."