# Cyber-INT?



## Marauder06 (Sep 26, 2010)

The Department of Defense recently stood up Cyber Command, a sub-unified command, led by GEN Keith Alexander (first MI four-star?). 

Given the rising profile of cyber, there have been several ideas tossed out as to who should have primacy for cyber security, and what the force structure should look like.  Some have said it should be run by G2, others say G3, still others say G6.  Some say it should be a specific inter-service specialty (e.g. MOS), or that it should be a new "INT" (i.e. intelligence specialization, like HUMINT or SIGINT).  Some go so far as to advocate for the creation of an entirely separate branch of service (on par with Army, Navy, Air Force, Marines). 

What do you think, and why?


----------



## madness unseen (Sep 26, 2010)

I understand how big of a deal the cyber network is, but why on earth would it require an new mikitary branch? Thats like an oxy-moron in and of itself. Super nerd-desk jockey-computer freak-special ops guy :uhh:  

Now, anything else probably wouldnt be too absurd of an idea.


----------



## Diamondback 2/2 (Sep 26, 2010)

I would say MI should be a front runner on this, due to the abilities and training that MI has already developed in this field. Maybe a new MI MOS that focuses on cyber Intel and another MI MOS that focuses on IT Security. The only issue is that I foresee a problem in retention for quality people in this field, when the private sector is willing to pay top dollar for an individual who is already in high demand. Maybe make them WO slots with special pay would do the trick?


----------



## Marauder06 (Sep 26, 2010)

That's kind of what I was thinking as well, but I think there could be a case for Signal Branch to take it on, or for it to be a separate branch/MOS.

edited to add:  if you look at what makes an intelligence discipline (A well defined area of intelligence collection, processing, exploitation, and reporting using a specific category of technical or human resources), then CYBERINT may be a viable course of action, ranking up with HUMIN,GEOINT, SIGINT, MASINT, OSINT, etc.


----------



## car (Sep 26, 2010)

When I was still in 1st IO we had the lead for defending the Army net, in cahoots with the Signal Corps. We also worked closely the 704th MI Bde (Army element at NSA) in doing exploitation and attack.The arrangement seemed to work well, but the money involved in future ops was the driving factor behind the G6 community wanting control. 1st IO was under the G3 and 704th under G2, and we had now real conflict. This was also the reason for the inter-service rivalry $$$$

As for MOS, the senior CSMs/SGMs decided the primary MOS for attack and expoitation would be 35N (old 98C) :). The defend piece has always been handled by the 25-series (B I think). Don't know about the officer MOS. It was still in discussion but looked like it would be a combo of MI and SIG.

As for a new branch.....that would take too long too stand up.

I left just as GEN ALexander (yes, Mara - 1st MI 4-star) had just been appointed, and the ougoingt INSCOM CG, MG Laquerment, had just been named his deputy. So there's definitely an MI flavor.

As a side note  - who remembers the AF Cyber commercial showing a SSgt sitting in a dark room in the Pentagon? It implied that he was protecting the entire Global Information Grid (GIG). The AF had just stood up it's Cyber Command, which was a shell HQ and no troops, and no clear mission in an effort to be "the first.". Hell, at that time, they (DoD) were still debating on the terms used - Cyber, inernet, or whatever.......Anyway, the boss and I wemt to visit the AF IO Cmd in San Antonio about a month later, when it was clear that the AF had fallen on its ass. The first thing out of their commander's mouth was, "I guess owe you guys an apology." ;)


----------



## SpitfireV (Sep 26, 2010)

Couldn't the NSA cover cyber security? I mean, they're the world leaders in That Sort Of Thing and at least you'd get an unbiased evaluation of any security issues since they wouldn't have a vested interest.


----------



## car (Sep 26, 2010)

Most of what I posted was about Army. Sorry I didn't make that clear. Yeah, NSA prolly has their hands in the pie.


----------



## Teufel (Sep 27, 2010)

I always pictured cyber as a communications field, not intelligence.  I could see a case for having training available for cyber intelligence but that sounds like something for civilian contractors to do from CONUS not necessarily a world wide deployable uniformed service member.  I don't think we have the capability of training, equipping and maintaining such a field and I don't think we really need to.  Do we want 19 year old privates to be hackers or should we just go to the next Star Trek convention and go hire some?  I really don't know.  I don't know a lot about cyber command.


----------



## DA SWO (Sep 27, 2010)

Cybercommand needs the best leadership, but don't put under and existing G (or J) office.  Make it a seperate directorate and staff it with sharp intel and comm guys/gals.
CAR_ AF Screwed the pooch with the (now) 24th AF by claiming a greater then existing capability, but I remember the other services questioning the need for a cyber-centric command.  SecDef directed the AF to stand their cyber command down (they downgraded it to a numbered AF), so DoD creating a cyber command actually validated the AF's viewpoint.


----------



## car (Sep 27, 2010)

Teufel said:


> I always pictured cyber as a communications field, not intelligence.  I could see a case for having training available for cyber intelligence but that sounds like something for civilian contractors to do from CONUS not necessarily a world wide deployable uniformed service member.  I don't think we have the capability of training, equipping and maintaining such a field and I don't think we really need to.  Do we want 19 year old privates to be hackers or should we just go to the next Star Trek convention and go hire some?  I really don't know.  I don't know a lot about cyber command.


 
That's something I forgot to mention - the majority of our folks who did/do that job were, indeed, contractors, for the very reasons/concerns you expressed.



SOWT said:


> Cybercommand needs the best leadership, but don't put under and existing G (or J) office.  Make it a seperate directorate and staff it with sharp intel and comm guys/gals.
> CAR_ AF Screwed the pooch with the (now) 24th AF by claiming a greater then existing capability, but I remember the other services questioning the need for a cyber-centric command.  SecDef directed the AF to stand their cyber command down (they downgraded it to a numbered AF), so DoD creating a cyber command actually validated the AF's viewpoint.



Why did they make it a numbered AF instead of just standing it down? Loss of high level officer and NCO slots? I'm not trying to be collegial to to the Army. I  have no idea what the Navy was doing. The Marine Corps came to us for help when they were were standing up their new command. We went as far as to send them a liason, and bring one of them them into our command, in the interest of everyone trying to start this thing out on the same page.

Like I said, I've been out of the game for six months, and it's a truly dynamic environment, so I'm a little uncomfortable speaking with any authority anymore. Just thought I could give a little history - from the perspective of an old guy who was learning Cyber on the run, as the 1st IO SGM - an Intel guy dealing with MI, Sig, and Cyber.


Sorry we kinda got off of your point, Mara, but I think all points here are valid.


----------



## Brooklynben (Sep 27, 2010)

I recently read that the Israelis are currently in the process of trying to create and train up some kind of super-geek squad that will be capable of being deployed with SpecOps teams at times.


----------



## DA SWO (Sep 27, 2010)

car said:


> Why did they make it a numbered AF instead of just standing it down? Loss of high level officer and NCO slots? I'm not trying to be collegial to to the Army. I  have no idea what the Navy was doing. The Marine Corps came to us for help when they were were standing up their new command. We went as far as to send them a liason, and bring one of them them into our command, in the interest of everyone trying to start this thing out on the same page., and Cyber.


 
Think they believed a cyber centric organization was/is necessary.They complied with SecDef direction by reducing from a four star command to a two (?) star numbered AF.


----------



## Marauder06 (Sep 28, 2010)

car said:


> ...
> 
> 
> Sorry we kinda got off of your point, Mara, but I think all points here are valid.


 
No problem at all, some good posts in this thread.


----------



## Scotth (Oct 4, 2010)

I can't really speak to the DoD issues and who should command or how it should be structured because I don't know enough about the INT community.

I foresee the command will be very dependent upon a continuous need for civilian contractors. They will need to attract people with the knowledge of what the latest and greatest technology trends are going to be. They will also need the biggest outside the box thinkers who can develop the next generation of technology. Not necessarily the normal skill sets most trainees coming into the military have.

My perspective from the civilian geek side of the world is the hope for information sharing. I'm talking about sharing information from the network defensive perspective. The way our country is setup we have many critical networks beyond the DoD that need the best protection possible. The information and practices developed need to move beyond just the DoD of DHS. At the end of the day I think the DoD will have the most concentrated big dollars committed to cyber-warfare issue and because of that will have the potential to be the biggest innovator. Plus if your looking for ways to attack other networks you naturally develop better defensive practices.

It's critical IMHO for information sharing when it comes to hardening networks. We can't be sitting on our own individual asses protecting our turf. We, as a nation, all have a vested interest with hardening all of our critical networks not just one sector of the nation information infrastructure. For that reason I hope there is a dissemination of information so that the whole nation can benefit from the resources being devoted to this issue.


----------



## AWP (Oct 4, 2010)

The AF's embrace of cyber warfare is.....interesting to me.

They took all of the communications/ signal AFSC's and converted them to 3DXXX, Cyberspace Support and they took officers from 33S to 17D. The latter is significant because the AF has a strict separation between Operations and Maintenance and putting the Comm Officers in the Operations community is very unusual for them. Even their radio maintainers are classified as "Cyberspace Support" now which if you saw what an AF PWCS shop does you'd really scratch your head on that one.

You guys are dead on about how unprepared the AF was for this. I spoke to several NCOs who PCS'ed to the new "Cyber Command" only to find themselves in limbo for their jobs. It seems the AF was assigning NCOs against the new command but didn't know where it was going to be based at the time. When the command was finalized, those assigned to it were PCS'ed to the new base so the AF had to fill those slots a second time.

I work with a 19 year captain who handles Information Assurance (19 commissioned years, he isn't prior enlisted) at a base and they receive a lot of certifications and schools but I have the feeling the AF is rather disjointed with the whole concept.

I think the AF will get there, but the start is rather ugly IMO. 

If I were in charge I'd give the mission (Army) to Signal and not MI. I don't say that as a former Signal guy, but I'd leave collection to MI and the "offensive" side to Signal. Such a division is likely to cause problems, however I'd give the nod to Signal to run the whole thing and create an MOS just for the mission.


----------



## LongTabSigO (Dec 12, 2010)

Free:
Would like to explore and expand on your thoughts here.  I'm building a Joint Cyberspace Ops course for the  Joint Forces Staff College.  A lot of ideas out there.  A lot of confusion.  All the Services, plus STRATCOM/CYBERCOM.


----------



## RetPara (Dec 14, 2010)

Missed something here.  I read about cyber Intelligence and defensive operations... but the Offense is vital, if not a major drive.  A new military discipline for lack of a better term that a CINC needs to have in the toolbox.


----------



## Marauder06 (Dec 14, 2010)

Separate branch, or separate intel discipline?


----------



## 104TN (Dec 14, 2010)

Interesting topic. Information systems is a pretty dynamic field that requires the ability to evalutate a problem and not just abstract a practical solution from theory, but physically implement it.
While I have no doubt the military has the ability to teach theory to service members, I can't help but wonder - how effective will most of those troops will be in applying it?
This isn't meant so much as a dig towards those in the military, but as an observation of those I work with daily in the civilian sector (where market rules apply).


----------



## LongTabSigO (Dec 15, 2010)

The considerations are vastly different than business because there are additional concerns regarding law of war and the desire to do physical harm to an adversary.

It is still going to be difficult to find that happy medium between "operating a network" and conducting full spectrum offensive and defensive operations in this new domain known as "cyberspace".


----------



## RetPara (Dec 15, 2010)

Since the Law of Land Warfare does not seem to cover cyberwar, it would seem that the potential is pretty wide open right now.  While there are numerous treaties, agreements, and international law (?) in the matter....  I think the conduct of hostile operations in cyberspace makes these agreements meaningless.

Cyber War  require a new, very different, service branch under DOD.  This would not have to be a huge branch, but should not fall under a traditional, uniformed service branchs.  Because of the nature of the talent and skill sets needed, salaries are going to be WAY beyond what the normal military services could afford.  Installations would be small, but expensive.

This is a whole new "thing".  While Sun Tsu and Clausewitz will apply; the practical applications of Cyber War would bring in more Machiavelli than before.


----------



## LongTabSigO (Dec 16, 2010)

> Since the Law of Land Warfare does not seem to cover cyberwar, it would seem that the potential is pretty wide open right now. While there are numerous treaties, agreements, and international law (?) in the matter.... I think the conduct of hostile operations in cyberspace makes these agreements meaningless.



What's your basis for this assertion?


----------



## RetPara (Dec 16, 2010)

I used to teach Law of Land Warfare for unit training before I retired.  After the ABG shit hit the fan; I spent a lot of time reviewing it.  No where have I seen offensive cyber operations specifically discussed, which opens the the argument that what is not forbidden is allowed.

The very nature of a cyber attack, or even active defensive operations, would have to their deny-ability.   To penetrate a system, reduce its capability or cause it not to perform as designed has to be done without leaving any trace.  At best it would appear to be a human command error, corrupted file, or error caused at random.   Those executing such an operation would not leave a calling card (txt file) reading "Brought To You by the 235th Cyber Attack Squadron, 69th Tactical (Cyber) Air Force."


----------



## LongTabSigO (Dec 16, 2010)

Lack of attribution does not mean that law of land warfare does not apply.  After all, it's not like the US will engage in cyber-type attacks and claim that they are outside that scope.  Neither will most of the West.

The question is, does the lack of state-sponsorship make response a "military" matter or a "law enforcement" one?


----------



## RetPara (Dec 16, 2010)

The lack of state sponsorship, under current USG_ policy_, would be to throw it at Law Enforcement.  That opens up the discussion of the wisdom of the continuation of the doctrine, first established in either the Truman or Eisenhower Administration to regard non-state actor terrorist incidents as a LE issue.  However, since the Regan administration and its actions against Palestinian\Islamic terrorist groups in Lebanon, that doctrine has been eroded.  The erosion of the doctrine continued with the military interventions in A'stan in 2001.

Most of international law and the law of land warfare is based on the premise that such actions can only take place between nation-state actors.  I would put forth that since the late 1970's that proclivity has decreased exponentially.  While much of Western Europe have recognized and actually been subject to extensive, violent campaigns by groups such as the Red Brigades, Red Army Faction, IRA, PIRA, and Basque groups; the US has not.  There have been a variety home grown groups such as the Weather Underground, Black Panthers, Posse Comitetus, their attacks and influence were limited in nature because of geographic and distant restraints.  While they made the national news, their impact on the major institutions of the US were minimal.

The major actions by the USG in response to the highly increased threat of terrorist actions (homegrown & imported) have been new laws and bureaucracies.  The root policy of responding to non-state actor terrorists with law enforcement has not changed, even if the capability to respond has.  There in lies the root level failure of the USG to recognize the threat and react with the tools in the box at the time.  As transportation and communication advances "shrink" the world, the ability of the non-state actor to influence governments and events grow daily.  In this context the non-state actor can be terrorist organizations or NGO's that act in an ad hoc manner to fill gaps in the basic hierarchy of human needs that failed state actors can't.

Since the major threat now seems to come from the non-state actor, there is precedent to go against the policy/doctrine of law enforcement response.  That is where a new branch of service, that operates only in the digital arena would come into play.  It would only be "deployed' in support of CINC level combat commands or Theater JSOTF's.  It would by nature have both a cyber recon and cyber direct action capability.


----------



## LongTabSigO (Dec 17, 2010)

Message received; can't reply appropriately at the moment; will do so as soon as i can..


----------



## PhredLegg (Jan 14, 2011)

I'm late on the posts here since I just joined the site. This is a very interesting topic, I was assigned to Western IO Center, a part of 1st IO (but a reserve unit). I also work cyber engineering for a government contractor. Cyber defense is great, since you can use contractors to support operations, but IMO, the weakness is always going to be the offensive side of IO or cyber (actually, I prefer the terms Information Warfare or Information Superiority, what happened to those?). Some cyber offensive operations must be conducted on the forward edge of the battle. I don't see pulling contractors (especially civilian contractors) into this type of enviornment. These positions need to be filled by fully trained and fully capable military (of which I KNOW there are not enough troops). More needs to be done to produce these types of warriors. I remember when I first started in IO, WIOC was an IA focused unit (mainly defense, such as CND), but our training was more hacker oriented, which meant a high degree of technical expertise and I don't mean policy makers. We have enough of those (too many if you go by certifications) but not enough with that hacker mentallity that are needed to win the battle (especially on the exploitation side of the house). This is a weakness I still see that is not being strongly addressed. As far as the subject about ownership, it should be unified command, don't much care who's in charge as long as everybody's on the same sheet of music (bad experiences in NATO!).


----------

