DOD issues new policy on electronic warfare

Policy could be the first of many for dealing with cyberthreats from Chinese hackers

The Defense Department said it will respond to increasing threats from what some military officials characterize as nation-state hackers by consolidating and coordinating DOD’s substantial but disparate cyber resources. The response must include new policies and procedures for electronic warfare, military leaders said.

DOD cannot pursue cyberattackers in foreign countries because of sovereignty protections and restrictive rules of engagement, said Air Force Gen. Ronald Keys, commander of Air Combat Command.

“This is an area where technology has outstripped our ability to make policy,” Keys said. “We need to have a debate and figure out how to defend ourselves.”

DOD issued the first of what could be many new policies to deal with cyberthreats. “Joint Publication 3-13.1, Electronic Warfare,” published Jan. 25, establishes rules for electronic-warfare planning, preparation, execution and assessment. Those activities will support joint operations across U.S. military services and be a policy basis for the United States’ involvement in multinational cyber operations. The publication outlines the scope of electronic warfare and addresses the organizational responsibilities for protecting spectrum use and disrupting enemy forces’ spectrum use.

The largest cyberthreat comes from Chinese hackers, said a senior official of the Naval Network Warfare Command. The official, who spoke on background at a briefing with reporters earlier this month, said Chinese hackers are waging nonstop, unrestricted warfare on government computer networks in what has become a campaign-style, force-on-force engagement.

Netwarcom officials said they suspect but cannot prove that the Chinese government is behind the campaign, but they report that attacks from Chinese servers now outpace all other threats to DOD networks in number, volume, proficiency and sophistication. 

DOD networks are attacked or probed hundreds of times each day by hackers who military officials say include amateurs, organized criminals and others gathering nation-state intelligence. The Netwarcom official said the command spends most of its time countering the actions of hackers who use servers located in China.

“They will exploit anything and everything,” the official said. “It’s hard to believe it’s not government-driven.”

Evidence that China is a major source of cyberthreats against DOD networks has been building for some time. Chinese hackers were responsible for an intrusion in November 2006 at the Naval War College that forced the institution to shut down its e-mail and Internet-connected computer system for several weeks, the Netwarcom official said.

The intentions of Chinese hackers are varied and appear to include stealing information about technology, gathering intelligence, conducting research on DOD operations and creating dormant presences in DOD networks, the official said.

In light of such threats, DOD officials are working on plans to treat cyberspace as a warfighting domain of comparable importance to land, sea, air and space. Netwarcom, for example, is developing command-and-control capabilities, and the Air Force is planning to open a Cyber Command that officials say will become a major warfighting command by 2009.

One concern of military officials is that DOD’s cyber forces operate as fiefdoms, an organizational weakness that undermines U.S. cyberspace operations, said Gen. James Cartwright, who leads the U.S. Strategic Command. Stratcom’s Joint Task Force for Global Network Operations is leading an effort integrate U.S. military cyberspace activities.

Keys said it would probably take a cyber version of the 2001 terrorist attacks to force the United States to re-evaluate the constraints on its activities in cyberspace. But he said DOD should consider taking more aggressive action against attackers by penetrating enemy networks and phishing for passwords, for example.

Targeting NIPRNET
Experts disagree on whether attacks originating from Chinese servers can be blamed on the ruling Chinese government. Hackers often relay attacks through several notoriously vulnerable Chinese servers, and forensic analysis of Chinese code fails to prove culpability, military experts say. But the nature of the information sought points to the Chinese military, said James Mulvenon, deputy director for advanced analysis at the Center for Intelligence Research and Analysis in Washington, D.C.

Chinese doctrine specifically calls for targeting unclassified U.S. defense networks that support logistics and deployment, Mulvenon said. “In a crisis, they want to bring down [DOD’s Non-secure IP Router Network] with the goal of delaying and disrupting our logistics deployment of military forces to a Taiwan scenario.”

Patience Wait, a senior writer at the 1105 Government Information Group, contributed  to this story.
Chinese military plots ‘informationized wars’China’s military doctrine details the transformation of the People’s Liberation Army (PLA) into a networked, information-based fighting force that seeks to wage asymmetrical warfare against U.S. defense networks in the event of a crisis.

According to the most recent Chinese military white paper, released in December, China’s goal is to be “capable of winning informationized wars by the mid-21st century.”

To that end, the PLA is developing information warfare reserve and militia units and has begun incorporating them into broader exercises and training. China is also developing the ability to launch pre-emptive attacks against enemy computer networks in a crisis, according to the Pentagon’s 2006 report to Congress on that country’s military modernization.

“We’re in the intelligence preparation of the battlefield stage,” said James Mulvenon, a leading analyst on the Chinese military.

The Fed 100

Read the profiles of all this year's winners.

Featured

  • Then-presidential candidate Donald Trump at a 2016 campaign event. Image: Shutterstock

    'Buy American' order puts procurement in the spotlight

    Some IT contractors are worried that the "buy American" executive order from President Trump could squeeze key innovators out of the market.

  • OMB chief Mick Mulvaney, shown here in as a member of Congress in 2013. (Photo credit Gage Skidmore/Flickr)

    White House taps old policies for new government makeover

    New guidance from OMB advises agencies to use shared services, GWACs and federal schedules for acquisition, and to leverage IT wherever possible in restructuring plans.

  • Shutterstock image (by Everett Historical): aerial of the Pentagon.

    What DOD's next CIO will have to deal with

    It could be months before the Defense Department has a new CIO, and he or she will face a host of organizational and operational challenges from Day One

  • USAF Gen. John Hyten

    General: Cyber Command needs new platform before NSA split

    U.S. Cyber Command should be elevated to a full combatant command as soon as possible, the head of Strategic Command told Congress, but it cannot be separated from the NSA until it has its own cyber platform.

  • Image from Shutterstock.

    DLA goes virtual

    The Defense Logistics Agency is in the midst of an ambitious campaign to eliminate its IT infrastructure and transition to using exclusively shared, hosted and virtual services.

  • Fed 100 logo

    The 2017 Federal 100

    The women and men who make up this year's Fed 100 are proof positive of what one person can make possibile in federal IT. Read on to learn more about each and every winner's accomplishments.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group