22 janvier 2020 | International, C4ISR, Sécurité

What new documents reveal about Cyber Command’s biggest operation

Mark Pomerleau

New documents provide insight into the growing pains U.S. Cyber Command faced in building a force while simultaneously conducting operations.

The documents, which were released as part of a Freedom of Information Act request from the National Security Archive at George Washington University and later shared with journalists, are a series of internal briefings and lessons from the Defense Department's most complex cyber operation at the time, Operation Glowing Symphony.

That operation was part of the larger counter-ISIS operations — Joint Task Force-Ares — but specifically targeted ISIS's media and online operations, taking out infrastructure and preventing ISIS members from communicating and posting propaganda.

While Cyber Command described the operation, which took place in November of 2016, as a victory in the sense that it “successfully contested [ISIS] in the information domain,” the documents demonstrate the extent to which the command was still learning how to conduct operations and the exact steps to follow.

“Process maturation is something they pull out a lot. Obviously, as CYBERCOM was standing up, it was pulling together plans for how they were going to operate. They actually hadn't operated that much,” Michael Martelle, cyber vault fellow at the National Security Archive, told reporters. “A lot of these frameworks were formed in theory. Now they go to try them out in practice.”

Cyber Command leaders have stressed in public remarks for years that the command was building its force while operating. But the extent of those operations has been limited. Officials in recent years have explained that the command didn't undertake many offensive operations. One official said last year he could count on less than two fingers the number of operations, Cyber Command conducted in the last decade or so. One member of Congress said DoD didn't conduct an offensive cyber operation in five years.

But when they were in action, in this case with Operation Glowing Symphony, Martelle said the documents show cyber leaders did not anticipate the amount of data they would access.

“They actually weren't prepared for the amount of data they were pulling off of ISIS servers ... CYBERCOM was not set up for an operation of this magnitude from day one,” he said. “They had to learn on the fly, they had to acquire on the fly, they had to grow on the fly.”

The documents note that Cyber Command's capability development group, is “developing USCYBERCOM data storage solutions.”

The capabilities develop group, now known as the J9, serves as the advanced concepts and technology directorate and worked to plan and synchronizing cyber capability development and developed capabilities to meet urgent operational needs.

Experts had noted that in the past the CDG/J9 had been stressed in recent years by a limited staff and burdened by developing tools for operational needs, namely Joint Task Force-Ares.

Another example of potential growing pains the documents point to was the fact that updates to operations checklists were not made available readily to the team.

Finally, the documents note that authorities and processes the command was operating under that the time were restrictive in some cases.

“Absent of significant policy changes from [the office of the secretary of defense], USCYBERCOM is limited in its ability to challenge ISIS [redacted]. As a result, USCYBERCOM has [redacted] to achieve our objectives,” the executive summary of a 120-day assessment of Operation Glowing Symphony says.

Those authorities and processes have been streamlined by the executive branch and Congress in recent years.

Commanders now follow a process that defaults toward action, Maj. Gen. Dennis Crall, deputy principal cyber adviser and senior military adviser for cyber policy, said during an event Jan. 9. He explained the updated process provides continuity, tempo, pace and timing.

Ultimately, Martelle noted that the real importance behind Operation Glowing Symphony is that Cyber Command used the experience from those events and Joint Task Force-Ares more broadly as a template for future operations.

Cyber Command's top official, Gen. Paul Nakasone, who was also led Joint Task Force-Ares, has noted that the task force laid the foundation for the Russia Small Group, which was created to combat election interference in the 2018 midterms.

“This concept of a task force lives on. A lot of that thinking came from what we were doing in 2016,” he told NPR.

That task force has now evolved to be more all encompassing covering election threats more broadly.

https://www.fifthdomain.com/dod/cybercom/2020/01/21/what-new-documents-reveal-about-cyber-commands-biggest-operation/

Sur le même sujet

  • Canadian companies eligible for UK – US International Space Pitch Day (deadline Aug 19)

    3 août 2020 | International, Aérospatial

    Canadian companies eligible for UK – US International Space Pitch Day (deadline Aug 19)

    An email was recently circulated from the U.S. Embassy in Montreal regarding a new competition jointly organized by U.S. and the UK called the International Space Pitch Day that is open to “space entrepreneurs” around the world. The registration questionnaire deadline for the International Space Pitch Day is Wednesday, August 19, 2020 7:00 a.m. EDT (12:00 p.m. BST). Proposals must then be submitted by 7:00 a.m. EDT (12:00 p.m. BST) on Wednesday, September 2nd, 2020. The email provides the following information: The International Space Pitch Day is a joint U.S. – UK initiative that aims to find, fund and fast-track innovation and technology that gives advantage to military operations in space. The competition is open to innovators from all over the world and delivered through the UK Defence and Security Accelerator (DASA). The endeavour is jointly funded by the UK's Defence Science and Technology Laboratory (Dstl), Royal Air Force and the U.S. Air Force. A grand coalition of Dstl, DASA, Royal Air Force, UK Strategic Command, the U.S. Air Force, U.S. Space Force, and the North Atlantic Treaty Organisation (NATO) has been assembled to find, fund, and fast-track the best ideas from start-up innovators to the front line. The competition is seeking solutions to six challenges set by the U.S. and UK Space teams: Visualisation of key events and information for combined space operations with allies and commercial partners. Understanding current satellite systems relevant to the operations of a particular commander. Understanding the present and potential impact of space weather on users across all domains. Provision of training against realistic threats and opportunities, incorporating live data, and integrating space across multiple domains. Enabling common and user-defined operational pictures to support multi-national space domain awareness and command and control. A verification and comparison tool for Space domain awareness, which can take orbital observation data from a variety of sources and in a variety of formats and produce a single, reliable operational picture. £800k (approximately US$1M) is available to fund up to 15 proposals, with a maximum value of £53k (approximately US$67k) each. The duration of each of the funded projects is to be no longer than 3 months.

  • How to leverage the best of European defense capabilities

    9 juin 2023 | International, Autre défense

    How to leverage the best of European defense capabilities

    When it comes to defense-industrial collaboration, the best time to start was 20 years ago, and the second best time is now.

  • Troops aim to be made ‘first-class voters’ with new DARPA tech

    18 février 2024 | International, Sécurité

    Troops aim to be made ‘first-class voters’ with new DARPA tech

    The technology proposal from VotingWorks would change the game with portable one-stop voting stations for troops stationed far from home.

Toutes les nouvelles