The Pentagon and Cyberwar

At the end of last April, U.S. Secretary of Defense Ashton Carter presented the Pentagon’s new cybersecurity strategy. Entitled “The DoD Cyber Strategy,” this document, which replaces the strategy released in 2011, outlines the path to follow and the objectives to achieve in regard to cyber matters for the Department of Defense (DOD) during the period of 2015 to 2018. This is the first document of its kind that openly states that Washington will be able to perform cyberwar activities after claiming that the country “must be capable of resorting to cyber operations to destroy command and control networks, critical infrastructure or weapon systems of potential adversaries of the country.”*

The strategy also points out that cyber operations will be fully integrated into the planning and conducting of military operations. For this reason, in addition to promoting the creation of cyber capabilities conjointly, the Pentagon plans to create a cyberforce composed of 6,200 people organized into 133 teams whose main tasks are related to defense, intelligence, and attacks in cyberspace. Also, the DOD understands that the training and the career path of its cyberwarriors are inadequate. Therefore, the Pentagon has plans to develop exchange programs with the private sector, which has more advanced and adequate training programs.

Paradoxically, even though this strategy provides some ideas about how the cyber element can be used in joint military operations, it openly asserts that the U.S. will be able to utilize cyber capabilities in an offensive manner (and not only in cyberdefense or operational tasks after a cyberattack). In addition, the strategy briefly explicates the doctrine of deterrence and addresses the need to increase cooperation on matters of cybersecurity among the different administrations in the country, that is, between public and private actors and between key partners and allies.

This last aspect is very important, since it allows us to discover who Washington’s allies are. On the one hand, there are the members of Five Eyes** (Canada, Great Britain, Australia and New Zealand), followed by some countries in the Middle East and Asia-Pacific (which will be employed to support the third offset strategy in matters of defense) and some members of NATO. In other words, NATO, as an organization, is not considered a player in the matter due to the large deficiencies that some of the members have and which compromise its ability to perform. It should be noted that the cyber abilities of NATO meet the operational needs of a headquarters, command structure and partner agencies, and are available to its member nations if necessary. Neither is the European Union, which is more interested in legal and privacy issues than in strategic and security issues, considered a player. This fact conceals a clear statement of intentions, and it puts Brussels, once again, in a difficult situation, because it remains on the border of cyber limbo and does not assume the strategic dimension that cyberspace has.

Furthermore, one must not lose sight of the fact that the integration and development of this U.S. strategy will be carried out within the framework of the defense innovation initiative, which is considered the technological pillar of the third offset strategy and aims to promote basic and applied research, the cooperation of the industry, and the attraction of experts to maintain military and cyber supremacy against any potential, present or future adversary. And the matter is in keeping with the lessons learned from the Revolution in Military Affairs (RMA), a hypothesis which was involved in defense planning during the 90s and offered products like invisible aircraft, drones or precision weapons: that one of the technological pillars of this offset strategy is probably the cyber element, which is essential for conventional and nuclear deterrence, cyberwar and to enable the conducting of military operations.

In short, with the Pentagon’s new strategy, the U.S. has added a new piece in the construction of its cyberdefense structure and has taken one step further – if there was not sufficient evidence before – to militarize cyberspace. Let’s not dismiss the idea that in the upcoming months we may see new developments and actions in this direction.

*Editor’s Note: This quote, while accurately translated, could not be exactly verified.

**Editor’s Note: The term “Five Eyes,” refers to an intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom and the United States.