Cyber Operations in DOD Policy and Plans: Issues for Congress Catherine A. Theohary Specialist in National Security Policy and Information Operations Anne I. Harrington APSA Congressional Fellow January 5, 2015 Congressional Research Service 7-5700 www.crs.gov R43848 Cyber Operations in DOD Policy and Plans: Issues for Congress Summary Cyberspace is defined by the Department of Defense as a global domain consisting of the interdependent networks of information technology infrastructures and resident data, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. Attacks in cyberspace have seemingly been on the rise in recent years with a variety of participating actors and methods. As the United States has grown more reliant on information technology and networked critical infrastructure components, many questions arise about whether the nation is properly organized to defend its digital strategic assets. Cyberspace integrates the operation of critical infrastructures, as well as commerce, government, and national security. Because cyberspace transcends geographic boundaries, much of it is outside the reach of U.S. control and influence. The Department of Homeland Security is the lead federal agency responsible for securing the nation’s non-security related digital assets. The Department of Defense also plays a role in defense of cyberspace. The National Military Strategy for Cyberspace Operations instructs DOD to support the DHS, as the lead federal agency, in national incident response and support to other departments and agencies in critical infrastructure and key resources protection. DOD is responsible for defensive operations on its own information networks as well as the sector- specific agency for the defense of the Defense Industrial Base. Multiple strategy documents and directives guide the conduct of military operations in cyberspace, sometimes referred to as cyberwarfare, as well as the delineation of roles and responsibilities for national cybersecurity. Nonetheless, the overarching defense strategy for securing cyberspace is vague and evolving. This report presents an overview of the threat landscape in cyberspace, including the types of offensive weapons available, the targets they are designed to attack, and the types of actors carrying out the attacks. It presents a picture of what kinds of offensive and defensive tools exist and a brief overview of recent attacks. The report then describes the current status of U.S. capabilities, and the national and international authorities under which the U.S. Department of Defense carries out cyber operations. Of particular interest for policy makers are questions raised by the tension between legal authorities codified at 10 U.S.C., which authorizes U.S. Cyber Command to initiate computer network attacks, and those stated at 50 U.S.C., which enables the National Security Agency to manipulate and extrapolate intelligence data—a tension that Presidential Policy Directive 20 on U.S. Cyber Operations Policy manages by clarifying the Pentagon’s rules of engagement for cyberspace. With the task of defending the nation from cyberattack, the lines of command, jurisdiction, and authorities may be blurred as they apply to offensive and defensive cyberspace operations. A closely related issue is whether U.S. Cyber Command should remain a sub-unified command under U.S. Strategic Command that shares assets and its commander with the NSA. Additionally, the unique nature of cyberspace raises new jurisdictional issues as U.S. Cyber Command organizes, trains, and equips its forces to protect the networks that undergird critical infrastructure. International law governing cyberspace operations is evolving, and may have gaps for determining the rules of cyberwarfare, what constitutes an “armed attack” or “use of force” in cyberspace, and what treaty obligations may be invoked. Congressional Research Service Cyber Operations in DOD Policy and Plans: Issues for Congress Contents Introduction ...................................................................................................................................... 1 Background ...................................................................................................................................... 2 Cyberspace: The Operating Environment ................................................................................. 2 Cyber Weapons .......................................................................................................................... 3 Malware ............................................................................................................................... 3 Botnets ................................................................................................................................. 3 Distributed Denial of Service Attacks ................................................................................. 4 Automated Defense Systems ............................................................................................... 5 Targets ....................................................................................................................................... 5 Government and Military Networks.................................................................................... 5 Critical Infrastructure and Industrial Control Systems ........................................................ 6 Actors and Attribution ............................................................................................................... 6 Nation States ....................................................................................................................... 6 Politically Motivated Hacktivists ........................................................................................ 7 Terrorists and Organized Crime .......................................................................................... 7 Advanced Persistent Threats ............................................................................................... 7 Attribution Issues ................................................................................................................ 7 Threat Environment ................................................................................................................... 8 Cyberattack Case Studies .................................................................................................... 8 The DOD and U.S. Cyber Command ............................................................................................ 13 Cyber Command Mission and Force Structure ....................................................................... 13 USCYBERCOM and Information Sharing ....................................................................... 15 Authorities ..................................................................................................................................... 15 Legislative Authorities ............................................................................................................. 16 Executive Authorities .............................................................................................................. 17 International Authorities .......................................................................................................... 21 The U.S. Position on International Authorities ................................................................. 21 International Consensus-Building Activities ..................................................................... 22 Existing International Instruments That Bear on Cyberwarfare ........................................ 23 Issues for Congress ........................................................................................................................ 27 Authorities: Is Current Law Enough? ...................................................................................... 27 How Do DOD and Cyber Command Responsibilities for Cybersecurity Fit Within the Interagency and Private Sector? ........................................................................................... 28 Should U.S. Cyber Command Be Its Own Unified Combatant Command? ........................... 28 Is a Separate Cyber Force Necessary? ..................................................................................... 28 What Are the Authorizing and Oversight Committees and Jurisdictional Implications? ........ 28 Current Legislation .................................................................................................................. 28 Appendixes Appendix. Timeline of International Attacks ................................................................................. 30 Congressional Research Service Cyber Operations in DOD Policy and Plans: Issues for Congress Contacts Author Contact Information........................................................................................................... 33 Congressional Research Service Cyber Operations in DOD Policy and Plans: Issues for Congress Introduction1 Cyberspace has taken on increased strategic importance as states have begun to think of it as yet another domain—similar to land, sea, and air—that must be secured to protect their national interests. Cyberspace is another dimension, with the potential for both cooperation and conflict. The Obama Administration’s 2010 National Security Strategy identifies cybersecurity threats “as
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages37 Page
-
File Size-