Current and Future Cyber Threats Spur Collaboration

More than two decades ago, John Arquilla and David Ronfeldt warned in "Cyberwar is Coming!," published in Comparative Strategy Vol. 12, that both "netwar" and "cyberwar" were imminent and could impact the 21st century security landscape as significantly as combined arms maneuver warfare had impacted the security landscape of the 20th century.

The prophetic warning has come to light in many ways and on many fronts, from the data breach of millions of security clearance records from the Office of Personnel Management, to emails stolen from Hollywood studios and hacking into the U.S. political process. The federal government even designated every October as Cyber Security Awareness Month.

"The first shots of the next actual war will likely be fired in cyberspace, and likely with devastating effect," said Chief of Staff of the Army Gen. Mark A. Milley. "Many analysts and senior government officials have said their greatest fear is a cyber Pearl Harbor. Very serious cyber capability right now is being developed and deployed by major nation states, some of them not our friends. It is entirely possible to inflict widespread damage on a country's economy and military through cyber attacks."

How to combat what has become a pervasive battlefront, now and in the future, occupies the thinking of many, both within and outside the military environment. DOD has identified cyberspace as an operational domain much like air, land, maritime and space.

However, unlike the other domains, no specific military service or component deals with cyber. The U.S. Army Communications-Electronics Command (CECOM), headquartered at Aberdeen Proving round (APG), Maryland, is taking on the cyber warfare challenge in four ways: Security Engineering -- designing and delivering resilient architectures and cyber capabilities; Threat Assessments -- providing intelligence and threat analysis for command, control, communications, computers, intelligence, surveillance and reconnaissance (C4ISR) programs; Contract Language -- incorporating cyber requirements in performance work statements, requests for proposals, and contract awards to mitigate supply chain and software and hardware risk; and Software Assurance -- supporting mission assurance by providing tactics, techniques and procedures to ensure that software functions

under adverse conditions.

The U.S. Army Cyber Command (ARCYBER) has become the lead for Army missions, actions and functions related to cyberspace, including the responsibility for planning, coordinating, integrating, synchronizing, directing and conducting Army network operations and the defense of all Army networks. Directly supporting ARCYBER's mission at APG, CECOM, the U.S. Army Communications-

Electronics Research, Development and Engineering Center (CERDEC), Program Executive Office Command, Control, Communications-Tactical, and Program Executive Office Intelligence Electronic Warfare and Sensors (PEO IEW&S) lead the technical charge in researching, testing, developing and fielding the tools and software needed to conduct offensive and defensive cyber operations.

The cyber and software communities, with a common nexus among those front-line technical commands at APG, find themselves inexorably tied together due to their critical importance on the battlefield.

CECOM recently addressed the complexity of the cyber and software challenge by convening the first Software Solarium at APG. This event brought together more than 100 senior leaders in the Army software community, along with representatives from sister services and academia.

"This is an opportunity to bring all the leaders and the stakeholders in software to have a meaningful discussion on the future of software and the challenges we face," said Medhat Abuhantash, CECOM Software Engineering Center acting director.

Presenters from the National Security Agency and the U.S. Army Research Laboratory set the stage with deep looks into threats, vulnerabilities, assurances and the long-term future of software development. The solarium involved panel discussions, targeting distinct lines of effort. A panel on enabling a more defensible network by improving integration of software assurance and acquisition life cycle activities related directly to the cyber landscape.

Future Software Solariums will continue to explore the need for integration of ARCYBER with the software enterprise. The 2016 Cyber ElectroMagnetic Activities (CEMA) conference, held in October 2016 on the C4ISR campus at APG, gathered the leaders of the cyber community from the Army, other federal services, industry, academia, and coalition partners from the United Kingdom, Canada and Australia. Co-hosted by the International Association of Old Crows and Maj. Gen. Kirk Vollmecke's team at PEO IEW&S, the four-day CEMA conference focused on achieving overmatch through the convergence of cyber, signal, electronic warfare, intelligence and space capabilities.

Maj. Gen. Bruce Crawford, CECOM commanding general, charged attendees to integrate developing technologies to current hardware, and get capabilities to the Soldier in the field.

"What investments do we need to make to address the new strategic realities of the future?" Crawford asked. "The Army does not fight alone. It is connected to provide capabilities to Combatant Commands. My biggest concern rests with the potential for missed opportunities to get this right for the Soldiers."

Internally, CECOM professionals who help provide tools that develop, defend and sustain Army networks range from the headquarters at APG to the Cyber Center of Excellence at Fort Gordon, Georgia, and the U.S. Army Information Systems Command at Fort Huachuca, Arizona. While CERDEC develops future cyber capabilities, CECOM ensures systems remain mission ready, defensible and protected after they are fielded, said Terry Kalka, team lead for the CECOM Cyber Sustainment Integration Cell.

"The cyber battle of the future will require an automated, responsive defense, much like the stock exchange is now mostly automated and moves at faster-than-human speed," said Kalka. "We will need to research and develop self-healing, self-defending networks and systems to keep up with, and ahead of, potential threats."

CERDEC operates a key part of APG's unique laboratory capabilities, networked together to support cyber offensive and defensive development efforts. The center uses its facilities to develop large-scale network visualization; conduct modeling, simulation and emulation; ensure compliance and accreditation; perform supercomputing; and develop tools for information assurance.

"With cyber, it is a lot harder to pin down the threat," said John Willison, director of the Space Terrestrial Communications Directorate at CERDEC. "We have different categories of threats; the insider threat is one category we're worried about. Cyber attacks are obviously another. Depending on which category of threat we're worried about and depending on where we're operating, we look at different technologies or employ different tools to help the network operators and network defenders within that space."

Those cyber-related threats will continue to be addressed by the C4ISR community in many ways, with events like the first cyber blitz held by CERDEC in 2015. The cyber blitz allowed Soldiers from the 25th Infantry Division in Hawaii and the 7th Signal Command Cyber Protection Brigade from Fort Gordon to spend two weeks proofing new operations concepts in a realistic training scenario similar to what they would see at a National Training Center. These activities, and the work CECOM contributes toward the DOD National Cyber Range for training in field cyber operations, show the distinct alignment of cyber and operational readiness, and the path to future dominance of the cyber battlefield.