As the Army’s overall troops levels have decreased over the past year and a half, it has established and grown a new branch responsible for offensive and defensive cyber operations and electronic warfare.
Army Cyber Command is the service’s first new branch since the establishment of Special Forces in 1987. In the year since its inception, Army Cyber has set off on an exponential growth path, even as the service’s overall end strength is reduced.
In a one-day cyber event hosted by AUSA on Thursday, Vice Chief of Staff of the Army Gen. Daniel Allyn said establishing dominion over cyberspace in future conflicts is one of the service’s top modernization and training priorities.
“This is in the top-priority category for [Chief of Staff of the Army Gen. Mark Milley] and the Secretary [of the Army Eric Fanning],” Allyn said. “The fact that we’ve been growing our cyber force at a time when the rest of our Army is getting smaller, ought to tell you how serious we are about it.”
When Russia invaded Ukraine, its forces demonstrated a sophisticated ability to operate within the electromagnetic spectrum and cyberspace, to include disruption of opposing force communications, jamming weapon systems and launching offensive cyber attacks. The Russian and Chinese militaries also regularly probe the Army’s information networks for weaknesses and opportunities for intrusion, Allyn said.
“Historically, cyberspace operations have been the exclusive domain of a small group of technical professionals,” he said. “Looking forward, we will diverge from the days when cyberspace operations were the discrete responsibility of someone at Fort Meade towards where cyberspace represents part of our common battlefield framework in the Army.”
Still, the concept of cyberspace as an operational domain is difficult to grasp, which makes tactical and strategic networks a challenge to defend, he said.
“It is difficult to describe, let alone conceptualize,” Allyn said. “The most seasoned strategists have struggled with how to tackle this emerging battleground. The good news is we have made a lot of progress and are determined to address these issues moving forward.”
From the founding six officers in 2014, the branch has grown to 397 officers, 141 warrant officers and 560 noncommissioned officers and soldiers. It now has 30 cyber mission teams up and running at full operational capability. Another 11 teams are operating at initial operational capability. All 62 planned teams should be fielded and operational by September 2017.
The first 21 lieutenants graduated the basic cyber officers leadership course this year. Next year the first group of candidates will receive advanced individual cyber training.
Lt. Gen. Paul Nakasone was pulled from serving as chief of the Cyber National Mission Force at U.S. Cyber Command (CYBERCOM) to lead Army Cyber Command and U.S. 2nd Army.
Nakasone will take charge of an effort to push cyber capabilities to echelons below corps and across the service. He will also oversee the assessment of the cyber capabilities and protection of all Army platforms and its 1.1 million end-user devices.
“It has been a very significant fiscal year for the Army,” Nakasone said at the AUSA cyber event. “We have continued momentum in this domain. … “Our number-one priority right now is to aggressively defend our networks, our data and our weapon systems. I have all the authorities today that I need to defend the Army portion of the DoD information network.”
A plan is in place that prioritizes which Army platforms and vehicles need cyber assessments most urgently, Nakasone said. He would not say which platforms would be assessed first.
In a world where almost every piece of equipment, every weapon system, vehicle, aircraft and sensor is software-defined and connected in some way to the Army’s battlefield network, protecting the service’s communication and information systems is hard work, Nakasone said.
“Anything connecting to our network has an impact on security. That’s why it is so important that we are going through our network modernization,” Nakasone said. “If we are looking at a system at the very last moment to see if their security is baked in, that’s a tough point to look at it. Hopefully, we have done our homework all the way from the development document to the initial prototypes to the presentation of the capability.”
Working with Defense Department leadership, the Army is pursuing accelerated delivery schedules for cyber capabilities and formal programs of record, Allyn said. Nakasone and other cyber officers have been given access to the Army Requirement Oversight Committee process that determines parameters for new systems. Development and procurement efforts are focused on offensive and defensive cyber capabilities for infrastructure, platforms and software.
“We are all leveraging rapid acquisition processes as we move forward – things like other transaction authority to procure defensive cyber tools for our cyber protection teams in theater so they can actively map and protect our diverse networks in the event of attack, conduct initial forensics on site,” Allyn said.
The Army also is buying infrastructure cyber capabilities compatible with the Warfighter Information Network-Tactical (WIN-T) that provide stateside support for deployed communications networks.
Already the Army is practicing embedding cyber officers with combat units and practicing with the capabilities they would bring to a future fight. As part of the program to provide cyber capabilities to corps echelon and below, the 1st Armored Brigade Combat Team of the 1st Infantry Division in a recent wargame used cyber officers to launch an integrated offensive cyber and electronic warfare attack on a simulated enemy network. They also successfully defended their own tactical network against multiple enemy cyberattacks, Allyn said.
“Looking ahead, we must also view every training event, including joint and combined operations, as opportunities for integrated cyberspace and electronic warfare operations,” Allyn said.