Cybercom nominee: U.S. intrusions in foreign networks to deter China and Russia
American military cyber warriors are ready to shut critical infrastructures in China and Russia during a future conflict by conducting cyber intrusions into their networks, according to the general set to lead Cyber Command.
Both China and Russia have been detected conducting similar cyber battlefield reconnaissance against the U.S. networks used to control critical infrastructure in the United States, including electric grids, transportation, financial, and other critical systems.
U.S. military plans for similar cyber attacks on foreign infrastructure was disclosed last month in a little-noticed written Senate testimony from Army Lt. Gen. Paul Nakasone, nominee for the dual positions of commander of Cyber Command and director of the National Security Agency.
Nakasone stated in advance policy questions posed by the Senate Intelligence Committee that cyber attacks against infrastructure networks are a “critical vulnerability in the nation’s armor” that poses a significant danger to U.S. security.
“We face a challenging and volatile threat environment, and cyber threats to our national security interests and critical infrastructure rank at the top of the list,” he said.
Written answers to senators’ questions about cyber plans and intelligence gathering from Nakasone included some of the first public details on how the military will wage war in cyber space.
Nakasone revealed the U.S. military has taken steps to prepare for cyber attacks against foreign nations’ critical infrastructure. The goal is to announce the ability to shut down or disrupt foreign infrastructures as part of a deterrence strategy.
The disclosure came in response to questions about a February 2017 Defense Science Board report on deterrence that warned the United States will be unable for the foreseeable future to prevent cyber attacks against critical U.S. infrastructure through defensive means.
Nakasone stated “yes” when asked by the committee if Cyber Command and the military are “actively developing capabilities to threaten the critical infrastructure of peer adversaries.”
The comment was the first time U.S. cyber attack capabilities against foreign infrastructure were discussed in public. Most cyber attack capabilities and preparations are kept secret or discussed only in vague terms in public forums.
The three-star general was then asked if the United States should inform peer adversaries such as Russia and China that U.S. military forces will retaliate against their critical infrastructure to deter attacks on U.S. infrastructure. Nakasone said: “Yes. The ability to respond appropriately and effectively is an essential element of any deterrence strategy.”
Secret activities such as mapping foreign infrastructures prior to the outbreak of a war are currently permitted under U.S. military authorities for commanders, he added.
“To be operationally effective in cyberspace, U.S. forces must have the ability to conduct a range of preparatory activities which may include gaining clandestine access to operationally relevant cyber systems or networks,” Nakasone said.
The Defense Science Board report contained a dire conclusion that U.S. infrastructures like the electrical grid will remain vulnerable to cyber attacks from Russia and China for at least 10 years.
“A large-scale cyber attack on civilian critical infrastructure could cause chaos by disrupting the flow of electricity, money, communications, fuel, and water,” the report stated. “Thus far, we have only seen the virtual tip of the cyber attack iceberg.”
“Russia and China have both been part of the problem to date, and could take this threat to the next level by using cyber in sustained campaigns to undermine U.S. economic growth, financial services and systems, political institutions (e.g., elections), and social cohesion,” the report added.
The FBI and Department of Homeland Security issued a public alert to American companies in October warning of ongoing attacks on critical infrastructure by cyber actors that were not identified.
Little is known about U.S. intrusions into the state-run companies in China and Russia that run critical infrastructures such as electric grids, transportation, or financial networks.
Full article: Military Set for Cyber Attacks on Foreign Infrastructure (Washington Free Beacon)