The New Battleground: Cybersecurity and the Department of Defense

Because the Department of Defense (DoD) is broadly charged with defending the country against all threats, military and otherwise, cybersecurity has always been part of its portfolio. The DoD first warned about potential vulnerabilities in computer networks almost fifty years ago, and over the years the individual branches of the military set up their own cybersecurity operations.

However, it wasn’t until 2010 that the DoD consolidated the majority of its cybersecurity operations, known as Defensive Cyber Operations and DoD Information Network Operations, into a single sub-unified command: U.S. Cyber Command (USCYBERCOM). The military service cyber components (Army, Navy, Air Force, and Marines) then aligned under the command as the means by which it executes its cybersecurity missions.

USCYBERCOM is responsible for directing, synchronizing, and coordinating cyberspace planning and operations in the defense of the United States and its interests. This inherently includes protecting, securing, and defending DoD networks and systems, defending the Nation and its interests against disruptive cyber attacks, and building international alliances to combat shared cyber threats.

Shifts in the National Defense Strategy

Cyberthreats from China and Russia

These and other countries, such as North Korea and Iran, are using technology to change the nature of war. Otherwise innocuous new technologies are quickly becoming weaponized. Artificial intelligence, big data analytics, and other advanced computing technologies are being used today for cyber espionage and will be used to fight the cyber wars of the future. The adoption and adaptation of these and other new technologies will continue to shape our country’s evolving defense strategy.

The Russian Attack

This attack proves an assertion made in the NDS: the U.S. homeland is no longer a sanctuary. For most of its existence, our country has enjoyed a respite from attacks on U.S. soil, due in part to our physical distance from likely attackers. When we’re dealing with technology-based malicious activity in and through cyberspace, however, the vastness of the Atlantic and Pacific Oceans no longer serve as effective barriers. A malicious actor ensconced thousands of miles away can infiltrate a sensitive system just as easily as one living next door. The virtual environment is contested.

The reality is that the U.S. has been a primary target for malicious cyber activity against personal, commercial, and government infrastructure. These attacks can come from both state and non-state (terrorist) actors, from anywhere in the world.

Impact of the COVID-19 Pandemic

This “work from anywhere” posture has increased risk by introducing vulnerabilities in the way remote workers communicate and collaborate. With more remote workers accessing and transmitting sensitive information from unsecured locations, there are more potential attack vectors. This change in how we work makes it both easier and more attractive for malicious actors to prioritize their operations for near-term execution. Obviously, that time is now. We should assume our competitors are on shift working around the clock to establish a foothold in as many systems as possible, given the current prominence of remote work.

Securing the Future

Protecting the Security of Our Nation

Originally published at on December 30, 2020.

Secure Ephemeral Communications. Built for the enterprise. End-to-end encrypted messaging. Secure rooms. Peer-to-peer encrypted file sharing. Multi-platform.