Cyberwarfare is becoming an increasingly important tool in US policymakers’ toolbox.
Established in 2010, the U.S. Cyber Command is the American military’s response to the Russian, Chinese, North Korean, and Iranian, and other actors’ threats in the digital realm. And the danger is real.
In the last few years, the Russian military has displayed its potent cyber warfare capabilities during several instances. From interfering with the 2016 US presidential election to meddling in several European independence referenda (for example, in Catalonia and Scotland) to hijacking the recent social unrest to sow division in the American society, Russian hackers, a combination of troops, intelligence officers, and civilians, have proved their danger.
The Cyber National Mission Force (CNMF) is the action arm of the US Cyber Command and specializes in both offensive and defensive cyberwarfare.
There are two additional units that specialize in cyberwarfare: The Cyber Combat Mission Force (CCMF), which is divided among the different combatant commands and conducts cyber operations on their area of operations, and the Cyber Protection Force (CPF), which assists in the operation and defense of the DoD’s information network.
In the past few months, American cyber troops had the opportunity to put their skills into practice alongside some of the world’s best. From September to November, the US and Estonian military conducted a combined defensive cyber operation on the Baltic country’s defense systems.
American and Estonian cyber troops integrated in combined hunter teams that went after malicious cyber actors that were targeting sensitive networks and platforms.
“Despite the challenges of a global pandemic, we safely deployed to Estonia, and other European countries, for several weeks to gain unique insight into our adversaries’ activities that may impact the U.S.,” said U.S. Army Brigadier General Joe Hartman, Commander of Cyber National Mission Force, in a press release. “Our teams proactively hunt, identify and mitigate adversary malware and indicators. We then share that malware broadly, not just with the U.S. government but with private cybersecurity industry and allies, which directly increases the overall security of U.S. critical infrastructure and related networks.”
But why Estonia?
Everything began in 2007 when a dispute between Estonia and Russia about a World War 2 cemetery went south for the small European country. The websites of government agencies, banks, and news outlets went down by a cyberattack, with Russia being the primary suspect. But the damage wasn’t confined to the cyber domain. Fake news spread by the hackers sent the significant Russian-speaking minority of Estonia to the streets for two days of riots and looting.
As a result, Estonia had to up its cyber game. Fast forward to today, and the small Baltic country is a pioneer in cyberwarfare and digital security. NATO has hosted cyberwarfare exercises in Estonia, and many countries have been seeking the advice and expertise of the Estonians.
“Combined operations with our closest allies like U.S. are vital for ensuring security of our services. These kind of operations provide our operators an opportunity to exchange best practices as well as give us objective feedback on our current defense posture in cyber domain. This operation is another successful milestone in our cooperation with U.S. partners,” said Mihkel Tikk, Deputy Commander of Estonian Defense Forces Cyber Command.
Then there is the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, the capital of Estonia, that provides technical and non-technical training and education to NATO members and also conducts cyberwarfare research and development.
As US cyber officials say, cyberwarfare is a combined effort that often transcends national boundaries. The US cybersecurity strategy relies on strong collaborations with allied and partnered nations but also with academia and the private sector.
“U.S European Command’s robust Cyber Security Cooperation program is focused on building Allied and partner cyberspace operational capabilities, which strengthens trust and cultivates strong ties with our cyber partners throughout Europe. Through bilateral and regional security cooperation efforts and information sharing initiatives, we are able to further enhance our collective cybersecurity posture as well as enable Hunt Forward operations in our area of responsibility,” said U.S. Army Brig. Gen. Maria Biank, director of the U.S. European Command’s C4 and cyberspace directorate.
Much like several special operations mission sets, such as foreign internal defense (the training of foreign troops or guerillas) civil affairs, and psychological operations, cyberwarfare is a flexible tool that can be applied both in the below armed conflict and declared conflict levels.
As the US military focuses on Great Power Competition (GPC), cyberwarfare has more potential to shine. GPC doesn’t necessarily mean open warfare. It can very well take place in the below armed conflict level. Consequently, this flexible application of force matches perfectly with cyberwarfare.