Reform

Cyber Teams Safeguard National Security

Sept. 16, 2019 | BY Gary Sheftick

During the midterm elections last year, U.S. Cyber Command had three teams deployed in Europe working with partner nations to hunt and track adversaries attempting to disrupt U.S. democratic processes, Cybercom's commander said.

Army Gen. Paul M. Nakasone spoke at the Association of the U.S. Army's "Hot Topics" forum on Army cyber and networks today. He said the big difference between defensive cyberspace operations today those of more than a few years ago is the ability to deploy teams forward and project power.

Four-star Army general speaks at lectern.
Topics Talk
Army Gen. Paul M. Nakasone, commander of U.S. Cyber Command, speaks at the Association of the U.S. Army’s “Hot Topics” forum in Arlington, Va., Sept. 16, 2019.
Photo By: Luc Dunn, courtesy of AUSA
VIRIN: 190916-O-ZZ999-004Y

"This was done exquisitely in the midterm elections," he said, "with three different elements being able to move forward into Europe," the general said, noting that Cybercom was able to tell partner nations, "We know that adversaries are within your network, and let's identify them."

The small deployed elements were able to fall back on larger capabilities here in the states, he said. "Among the key players: an Army team that was able to get on the net and provide effects in support of the defense of our midterm elections," he added.

Stopping attempts to interfere with democratic processes is one of the ways Cybercom supports national security objectives, Nakasone said. Another is stopping adversaries from stealing intellectual property and even personally identifiable information, known as PII.

A mix of military and civilian personnel sit at a table and operate computers.  One female service member is standing and looking over the shoulder of the only civilian computer operator.
Cyber Training
U.S. service members and civilians, as well as partner nation military personnel, participated in the Cyber Flag 19-1 exercise, June 21-28, in Suffolk, Virginia. The tactical-level exercise focused on the continued building of a community of defensive cyber operators and the improvement of the overall capability of the U.S. and partner nations.
Photo By: U.S. Cyber Command Public Affairs
VIRIN: 190625-N-JP302-3411

Recent ransomware attacks in Louisiana and Texas had governors call out their National Guard cyber teams, he said. Ransomware attacks last month that affected 23 local governments in Texas had that state's governor call out Army and Air Guard cyber personnel to conduct an assessment and help with recovery efforts.

In July, three different school districts in Louisiana came under cyberattacks, and the governor declared an emergency, asking National Guard cyber personnel to help so that thousands of students could get back into their classrooms.

"This is a new venue. This is a new capability," Nakasone said. 

Four-star Army general speaks at lectern.
Nakasone Remarks
Army Gen. Paul M. Nakasone, commander of U.S. Cyber Command, speaks at the Association of the U.S. Army’s “Hot Topics” forum in Arlington, Va., Sept. 16, 2019.
Photo By: Luc Dunn, courtesy of AUSA
VIRIN: 190916-O-ZZ999-003

The National Guard and Army Reserve are adding 21 cyber teams to the 20 defensive cyber protective teams already in the active component, he said.

The nation invests just under $2 billion annually in its cyber force, and it gets much more in return in terms of its capabilities, its options and its response times, he said.

In the last 10 years, the Army has stood up a cyber branch and a Cyber cchool at Fort Gordon, Georgia, Nakasone noted. Since 2015, more than 330 cyber officers have been trained at Fort Gordon, and the school's capacity is growing. Soon, about 200 officers a year should be trained there, he said.

About 250 soldiers have been trained so far as 17C cyber operations specialists, he said, and that number will also grow dramatically. 

Service members sit at computer screens.
Cyber Shield 19
Soldiers, airmen and industry partners conduct network surveillance during Cyber Shield 19 training week at Camp Atterbury, Ind., April 7, 2019.
Photo By: Army Staff Sgt. George B. Davis
VIRIN: 190411-Z-XR817-037C

The Army will stand up a "persistent cyber training environment" within the next six to 12 months, he said. Cyber teams will be able to train virtually on realistic adversary networks, similar to how brigade combat teams face a realistic enemy at the National Training Center on Fort Irwin, California.

"How do you actually take a look at the network that you're going to have to access, to move through, and get to some type of effect at an end state?" Nakasone said, explaining that's what the persistent training environment will soon provide. It will make a huge difference in collective training for cyber teams and improve their readiness, he said.

Four-star Army general speaks at lectern.
Forum Remarks
Army Gen. Paul M. Nakasone, commander of U.S. Cyber Command, speaks at the Association of the U.S. Army’s “Hot Topics” forum in Arlington, Va., Sept. 16, 2019.
Photo By: Luc Dunn, courtesy of AUSA
VIRIN: 190916-O-ZZ999-005Y

Some cyber teams have already deployed with brigade combat teams to the National Training Center and the Joint Readiness Training Center, he said, and those lessons learned are becoming doctrine. 

An integrated network of cyber, electronic warfare and information operations is already bringing capabilities to commanders around the globe, he said, adding that capability will continue to grow exponentially.

"Every single day as we take a look at operations in Afghanistan and Iraq and other places within Central Command, [they are] leveraging the capabilities of Army Cyber," he said.