Cybersecurity

Dunford: U.S. has work to do in cyber deterrence

Joint Chiefs of Staff Chairman Gen. Joseph Dunford stressed the need to beef up resiliency and improve the government's ability to attribute activity in cyberspace.

The U.S. military still has a lot of work to do to improve its ability to deter adversaries in cyberspace, according to the country's top general.

"We...need to develop a framework within which to deter cyberthreats, and obviously attributing threats and managing escalation and hardening ourselves against cyberattacks are all areas that require more work," said Gen. Joseph Dunford, chairman of the Joint Chiefs of Staff, during a March 29 appearance at the Center for Strategic and International Studies in Washington.

The Obama administration sent a cyber deterrence policy to lawmakers last December after long-standing criticism from Capitol Hill that the administration lacked a strategy. All instruments of power, including military and economic means, should be used to "create uncertainty in adversaries' minds about the effectiveness of any malicious cyber activities," the plan states.

In response to questions after his remarks, Dunford said he was not referencing the administration's broad deterrence strategy but instead talking about "operationalizing" cyber deterrence. Beefing up resiliency and improving the government's ability to attribute activity in cyberspace to its source are part of that effort, he added.

A deterrence framework is one thing, but "operationalizing that and actually having the tools to implement that, those are all different things," Dunford said.

Although U.S officials have generally said the government's ability to identify hackers or other actors in cyberspace has improved, the progress comes with a caveat, said Adm. Michael Rogers, commander of U.S. Cyber Command. Nation-states could increasingly turn to surrogate actors to cloak their operations in cyberspace, he has predicted.

The Joint Chiefs' unclassified email network suffered a debilitating hack beginning in July 2015 that shut down the network for about two weeks. Dunford has said the hack, which news reports have attributed to Russian spear phishers, showed that the Defense Department had made insufficient investments in cyberspace.

In response to an array of cyberthreats to defense systems and out of a desire to boost the military's own hacking capabilities, Dunford and Defense Secretary Ash Carter have asked Congress for about $6.7 billion to spend on cybersecurity in fiscal 2017. That is $900 million more than DOD spent in fiscal 2016.

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Featured

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.