Following the doctrine of American supremacy, the United States administration outlined a new strategy for protecting cyberspace, declaring with certainty that the country would respond without any hesitation in the case of cyber attacks, even using military force if necessary.
23 April this year US Secretary of Defense Ashton Carter spoke about the new cybersecurity strategy in a speech at Stanford University, stating that “opponents should know that the preference we give to deterrence and our defensive doctrine do not detract from our willingness to use cyber tools. Moreover, in response to actions in cyberspace, we can use other means. ”
Recall that one of the first American cyber attacks was carried out in 1998, at the beginning of the operation in Kosovo. Then the American intelligence connected to the communication line, which integrated the air defense systems of Serbia. As a result, dozens of false targets began to appear on the screens of Serbian radars. It allowed aviation NATO to bomb Serbia’s military and civilian facilities with impunity.
The first concept of action in cyberspace, the United States adopted in 2003 year. In 2005, the Pentagon recognized that there is a special unit that is intended both for the defense of the US computer networks and for conducting offensive actions against the information infrastructure of the enemy. Subsequently, several more documents were prepared that regulated the actions of the United States security forces. The latest US Department of Defense strategy was published in 2011 year.
The new strategy noted that state and non-state actors are acting against America more and more brazenly and shamelessly to achieve various political, economic or military goals. The strategy focuses on the fact that the United States is most vulnerable in cyber domain, in the military, financial, economic and technological areas of confrontation. In accordance with this, the task has been set of an exemplary reflection of cyber threats, i.e. in the bud.
One of the most recent examples in strategy is the attack in November 2014 of the year on Sony Pictures. The attack was carried out by the North Korean combat computer unit in retaliation for the release of a satirical film about the North Korean dictator. As a result of the attack, thousands of computers of the corporation were disabled and access to confidential business information from Sony was obtained. At the same time, North Koreans stole digital copies of a number of films not yet launched, as well as thousands of confidential documents containing data relating to the personal life and activities of famous people working with Sony. At the same time, Sony employees received warnings and threats from hackers about further punitive sanctions against them if the corporation pursues a policy of ridiculing North Korea. North Korea’s attack on Sony was one of the most devastating and arrogant attacks against a corporation operating in the United States.
The developers of new cyberstrategies proceed from the fact that the increasing use of cyber attacks as a political tool reflects a dangerous tendency in international relations. Vulnerabilities in the cybersecurity of state structures and businesses make the attack on the territory of the United States habitual and acceptable to the opponents of the United States.
The US Department of Defense states in the strategy that it has more and more evidence that, along with hacker attacks against the USA, there are state and non-state structures that are seeking to place their combat and reconnaissance programs in the midst of critical infrastructure and in military networks so that direct confrontation to paralyze the American ability to respond adequately to any aggressive actions.
In addition to the attacks described above, the industrial systems SCADA connected to the Internet, the Internet networks of the housing and utilities and energy sector of the country, as well as the server and networks related to the storage of medical data are increasingly being put at risk.
The achieved program level allows the opponents of America for the first time in stories get effective means of causing destructive, paralyzing attacks, with unacceptable consequences for the United States.
The strategy calls for all of America to unite in actions aimed at reducing cyber risks. Federal government, states, companies, organizations, etc. must carefully align priorities in the protection of systems and data, assess risks and hazards, weighed, taking into account the real possibilities, determine the amount of investment that can be spent on these goals. At the same time, the Ministry of Defense intends to pay special attention not only to cybersecurity, but also to unconditional provision of opportunities for the US armed forces, government, business to work in a degraded cyber environment, where the use of certain components of the infrastructure and program code is impossible.
The strategy explicitly stated the task of developing comprehensive measures to counter, and if necessary, “destroy the enemy who dared to fight with the United States in cyberspace.”
The strategy highlights several key areas of cybersecurity.
Information sharing and inter-agency coordination. To ensure security and promote US interests around the world in cyberspace, the Department of Defense seeks to share information and coordinate its activities on a comprehensive basis on a variety of cybersecurity issues with all relevant federal authorities in the United States. For example, if the Department of Defense learns about malicious programs and actions that can be aimed at damaging the critical infrastructure of the United States, thanks to its capabilities, the Department of Defense will immediately share information and begin to work together with such structures as the Department of Homeland Security and the FBI. The US Department of Defense also provides all the necessary information so that other government agencies can best protect themselves against hacker and spy attacks. The Ministry of Defense is also in favor of creating a unified information base for identifying and defining cyber attacks against state institutions, and subsequently creating a unified incident management system.
Construction of bridges with private business. The US Department of Defense sees its top priority in establishing contacts and interaction with private business. The Ministry of Defense constantly exchanges with Internet service providers, software makers, information necessary for a persistent reflection of cyber intrusions, not only in relation to state institutions, but also to the corporate environment.
Creating alliances, coalitions and partnerships abroad. The US Department of Defense has direct contacts with US allies and partners abroad, and is working to strengthen all sorts of alliances and coalitions, including, inter alia, addressing the issues of protecting critical infrastructures, networks and databases. The strategically single coalition that the United States forms should ultimately form a single cyberspace. It will be protected by relevant collective defense acts.
The US Department of Defense performs three major missions in cyberspace:
First, the Ministry of Defense protects its own networks, systems and databases. The dependence of the success of military missions on the state of cybersecurity and the effectiveness of cyber operations prompted, as early as 2011, to declare cyberspace the operational scope of US forces.
Along with defense, the US Department of Defense is preparing for activities in an environment where access to cyberspace is being challenged. During the Cold War, the US armed forces were ready to work in the conditions of interrupted communications, including the use of an electromagnetic pulse that would disable not only telecommunications lines, but also satellite constellations. Today, the American army revives these traditions. The commanders again began to conduct classes and exercises, where the activities of the units were worked out in the absence of communication and the necessary level of communications.
Second, the US Department of Defense is preparing to protect the United States and its interests from destructive global cyber attacks. Although so far the overwhelming majority of cyber attacks are aimed at data theft, the President of the United States, the National Security Council and the Department of Defense consider it quite likely that the enemy will try to inflict maximum material damage on the US infrastructure, not using traditional weapons, but using a program code. At the direction of the President or the Secretary of Defense, the US military can and will carry out cyber operations aimed at eliminating the possibility of an imminent or ongoing attack on the territory and people of the United States, and infringe upon the interests of the country in cyberspace. The purpose of preventive defensive actions is to suppress the attack in the bud and prevent on this basis the destruction of property and the loss of human lives.
The US Department of Defense seeks to synchronize its own capabilities with those of other government agencies, whose competencies include reflection of cyber threats. As part of the coordination, the Ministry of Defense will carry out actions together with law enforcement agencies, the intelligence community, and the State Department.
The strategy noted that the United States government has a limited and definite role in protecting the country from cyber attacks. Currently, the private sector owns and manages more than 90% of all networks and objects in cyberspace. It is the cyberspace of the private sector that is the first line of cyber defense of America. Therefore, one of the most important steps to improve the strategic security of the United States in the strategy is to increase the attention and resources directed by business towards solving their own cybersecurity problems. Strategy developers proceed from the fact that the overwhelming majority of cyber attacks in the United States do not require the involvement of federal government forces to reflect, but can be successfully eliminated by American companies and corporations.
Thirdly, in accordance with the instructions of the President or the Secretary of Defense, the American armed forces are preparing to provide cyber support opportunities for the implementation of contingency and military action plans. As part of this mission, the Ministry of Defense, in accordance with the instructions of the President or the Minister of Defense, must be capable of offensive cyber operations, including suppressing military cyber networks of opponents and disabling their critical infrastructure. For example, the US military can use cyber operations to end a permanent military conflict on American terms, thwart the enemy’s preparations for any aggressive actions, or to preemptively prevent the use of force against American interests.
The US Cyber Command (USCYBERCOM) can also carry out cyber operations in coordination with other US government agencies to deter various strategic threats in other areas not mentioned in this document.
To ensure the functioning of the Internet as an open, safe cyberspace, the United States intends to carry out cyber operations under the Doctrine of Containment where and when the interests of the United States require it, protecting human lives and preventing the destruction of property. In strategy, offensive and defensive cyber operations are called an integral part of global defense policy.
In 2012, the Department of Defense began the creation of the Cyber Mission Forces (CMF). CMFs will include military, civilian and technical support 6200. By their importance, CMFs are comparable to America’s missile defense system.
The CMF will consist of cyber operators combined into 133 teams. Their main priorities will be: cyber defense of the priority networks of the Ministry of Defense against priority threats; protection of the territory and population of the country from especially large and destructive cyber attacks; integration function in the framework of the creation of integrated teams to carry out missions in the event of military conflicts and emergencies. The implementation of these priorities is meant to be realized through the creation of a National Mission Group within USCYBERCOM. In the context of a military conflict or emergency, the Group undertakes to coordinate and integrate the efforts of integrated teams operating directly on various battlefields and in areas of emergency. In 2013, the Department of Defense began to integrate CMF into the already established organizational, command, planning, procedural, personnel, material (weapons) and operational environments of the activities of the American armed forces.
As noted, the adopted strategy is based on the assumption that effective cyber security implies the closest cooperation of the Ministry of Defense and other federal authorities with business, international allies and partners, as well as state and local authorities. The key role in synchronizing all these efforts will continue to be played by the US Strategic Command (USSTRATCOM).
In the strategy, the US Department of Defense sets five strategic goals for its missions in cyberspace:
Creating and maintaining the combat readiness of the forces operating in cyberspace.
Protection of information networks and data of the Ministry of Defense, a sharp reduction in the risk of unauthorized entry into these networks.
Willingness to defend the territories and people of the United States, the country's vital interests from destructive and destructive cyber attacks.
Providing cyber war with hardware, software weapons and human resources necessary and sufficient to fully control the process of escalating future potential conflicts and to ensure in the event of a cyber collision the absolute superiority of American cyber divisions in cyberspace as a battlefield.
Build and maintain reliable international alliances and partnerships to contain common threats and increase international security and stability.
Key cyber threats
The strategy noted that in 2013-2015. The director of US national intelligence in speeches has repeatedly called cyber attacks strategic threat number one for the United States, giving them priority over terrorism. Strategy developers believe that cyber threats are prioritized by the fact that potential adversaries and non-state rivals are increasing their aggressive actions in order to check the limits to which the United States and the international community are ready to tolerate their offensive activity further.
The strategy assumes that potential adversaries of the United States are constantly increasing investments in cyber-armaments and at the same time make efforts to disguise the use in order to plausibly deny their own involvement in attacks against targets in the United States. The most successful in this, according to the leadership of the US Department of Defense, Russia and China, which possess the most advanced offensive and defensive cyber military weapons. At the same time, between these two countries, according to the developers of the strategy, there are differences. According to the developers of the strategy, Russian actors, in general, can be identified as criminal groups that carry out their attacks ultimately for the sake of profit.
This emphasis on Russian cyber attacks in the United States is supported by a massive media campaign. For example, one of the May issues of Newsweek magazine is dedicated to Russian hackers, who are named the most formidable weapons Russia. True, the article does not directly mention their ties with the state.
As for China, then according to the developers of the strategy, hacking is here put on a state basis. The overwhelming majority of Chinese offensive cyber operations are associated with the targeted theft of intellectual property and commercial secrets of American companies. State-owned Chinese hacking is aimed not only at building up Chinese military capabilities, but also creating advantages for Chinese companies and criminally eliminating the legitimate competitive advantages available to American businesses. Iran and North Korea, according to strategy developers, have much less developed cyber potential and potential in the field of information technology. However, they showed a marginal level of hostility towards the United States and American interests in cyberspace. According to the US Defense Department, these countries, unlike Russia and China, do not disdain to use offensive cyber weapons in the direct sense of the word, associated with the destruction of facilities and critical infrastructures in the military and civilian spheres.
In addition to government threats, non-state actors, and above all, the Islamic State, have recently stepped up their activity. Terrorist networks are not limited to using cyberspace to recruit fighters and spread information. They announced their intention to soon have at their disposal destructive cyber weapons and use them against America. A serious threat in cyberspace is represented by various kinds of criminal subjects and, first of all, shadow financial institutions and hacktivist ideological groups. State and non-state threats often merge and intertwine. The so-called patriotic, independent hackers often act as proxies for warriors of the armed forces and special services of potential adversaries, and non-state actors, including terrorist networks, receive cover from state structures and, according to data, use hardware and software tools developed for public money. The strategy noted that such behavior of states, especially failed, weak, corrupt ones, makes deterrence of cyberthreats much more difficult and expensive and reduces the chances of overcoming the escalation of cybernacle, cyberthreats and cyberwar in the electromagnetic environment.
The strategy assumes that the current and expanding network of global distribution of malicious code multiplies the risks and threats to the United States. The document notes that potential adversaries of the United States are spending billions of dollars on the creation of cyber-weapons. At the same time, malicious states, non-state groups of various kinds, and even individual hackers can acquire destructive malware on the black computer market. Its volumes are growing at a faster pace than the global drug traffic.
At the same time, state and non-state actors launched a worldwide hunt for hackers, whom they are trying to convert to public service. As a result, a dangerous and uncontrolled hacker software market has emerged, which serves not only hundreds of thousands of hackers and hundreds of criminal gangs, but also potential opponents of the United States, as well as malicious states. As a result, even the most destructive types of offensive cyber weapons are becoming more and more accessible to an ever wider range of customers every year. The US Department of Defense believes that these processes will continue to evolve, accelerating in time and expanding in scale.
Risks for infrastructure networks of the Ministry of Defense
Own defense networks and systems are vulnerable to attack and attack. Control systems and networks of critical infrastructures that are routinely used by the US Department of Defense are also very vulnerable to cyber attacks. These facilities and networks are vital to the operational viability of the US military and the effectiveness of their use in conflict and emergency zones. The US Department of Defense has recently achieved some success in creating a system of advanced monitoring of critical vulnerabilities. The Ministry of Defense assessed the priority of various telecommunication networks, infrastructure facilities and their degree of vulnerability. Begin implementation of specific measures to address these vulnerabilities.
In addition to the destructive destructive cyber attacks, cybercriminals steal intelligence, intellectual property of government and commercial organizations associated with the US Department of Defense. The first place among the victims of hackers who hunt for intellectual property, is occupied by contractors of the Ministry of Defense, developers and manufacturers of weapons. Non-state actors have stolen huge amounts of intellectual property belonging to the Ministry of Defense. These thefts questioned the strategic and technological superiority of the United States and saved many billions of dollars to the customers of thefts.
Contributions to the future safety of the environment
Due to the diversity and multiplicity of state and non-state actors using cyberspace for military, destructive and criminal purposes, the strategy includes a number of strategic subprograms that provide effective deterrence and ideally elimination of threats from various actors in different segments of the electromagnetic environment, and using various destructive tools. The Department of Defense, building its CMF, assumes that the reflection, deterrence and elimination of cyber threats will not be limited exclusively to cyberspace. For the same purpose, the entire arsenal of capabilities of the United States will be involved - from diplomacy to financial and economic instruments.
Deanonymization is named in the strategy as a fundamental part of an effective cyber strategy for deterrence. Anonymity on the Internet creates advantages for malicious state and non-state actors. In recent years, the US Department of Defense and the intelligence community have strengthened the legal and investigative de-anonymization of the Internet, identified a number of actors trying to escape, responsible or plotting cyber attacks and other aggressive actions against the United States of America. The programmer community, university students, etc. will be involved in this work.
The strategy aims to develop a detailed, large-scale program of measures that would make it inevitable responsibility for any violation of America’s national interests. The main tools for ensuring such responsibility of individuals or hacker groups should be depriving them of the right to visit the United States, applying American law to them, ensuring their extradition to America, and using a wide range of economic sanctions for individuals and groups of hackers.
The United States intends to be more active in cases of theft of intellectual property. In April of this year. United States officials have notified the Chinese side of the potential risks to the strategic stability of the Chinese economy if the country continues to engage in large-scale cyber espionage. At the same time, the Department of Justice indicted five PLA members for stealing American property, and the Department of Defense went to the Department of Justice to conduct a total check on Chinese companies for the use of American intellectual property, not acquired, but stolen by Chinese hackers.
The new cybersecurity strategy of the US Department of Defense highlights five strategic goals and specific operational objectives.
The strategic goal of 1: Creating and maintaining the combat readiness of forces capable of offensive cyber operations
Creation of cyber force. The main priority of the Department of Defense of the USA is investments in attracting, enhancing the professional level, improving the skills of military and civilian specialists who are part of CFM. The US Department of Defense will focus its efforts on three components that will address this challenge: creating a permanent system of continuous retraining and professional development of military and civilian personnel; contracting the military and hiring civilian CFM specialists; maximum support from the private sector and from the private sector.
Build a career development system. As part of the implementation of the strategy and in accordance with the decision on CFM from 2013, the US Department of Defense will form an integrated system for ensuring the career growth of all military personnel, civilian specialists and support personnel, who regularly carry out their official duties and instructions.
Caring for the US National Guard and Reserve. This strategy differs from other special emphasis on the fullest use of opportunities to attract successful highly skilled entrepreneurs in the field of IT technologies, programmers, developers, etc. into the ranks of the US National Guard and reserve. On this basis, the US Department of Defense intends to significantly improve interaction not only with traditional contractors and universities, but also with high-tech companies in the commercial sector, including start-ups. In today's environment, this decision is critical for American defense in cyberspace.
Improving civilian recruitment and payment terms. In addition to the ongoing program to increase the money contentment of highly skilled military personnel, the US Department of Defense announces a program of attraction and retention by increasing wages and providing pension and other social packages to civilians, including technical personnel. The goal of the Department of Defense is to create wage conditions for civilian personnel that are competitive with America’s best companies this year. This will allow attracting the most trained, highly professional civilian personnel to the CFM ranks.
Creation of technical capabilities for cyber operations. In 2013, the US Department of Defense developed a model containing the necessary technical, software, and other tools to ensure the success of combat missions. Model reported to the US President. Key fragments of the model are:
Development of a unified platform. Based on the goal setting and planning requirements, the US Department of Defense will develop detailed terms of reference for creating an integration platform that will connect heterogeneous cyber platforms and cyber devices to it.
Accelerate research and development. The Ministry of Defense, even with a reduction in the military budget, will expand and accelerate innovative developments in the field of cyber weapons and the provision of cyber security tools. To these studies, the Ministry of Defense will attract, based on the principles laid down in the Third Defense Initiative, partners from the private sector. While focusing on current and future tasks, the US Department of Defense will continue, despite all budgetary constraints, to increase the share of spending on basic research, which in the long term should ensure American superiority.
Adaptive command and control of cyber operations. In recent years, the US Department of Defense has made significant progress in improving the command and control of missions. The decisive role in this was played by the rejection of one-sided hierarchical and network models in favor of adaptive control systems, which ensure the anticipatory response to challenges. USCYBERCOM and front-line teams at all levels will continue the steady restructuring of command and control based on the adaptive model.
The widespread use of cybermodeling and data mining. The US Department of Defense, in collaboration with the intelligence community, will develop opportunities to use the potential of Big Data and process it based not only on statistical, but also on other algorithmic cores, and thus ensure an increase in the effectiveness of cyber operations.
CFM potential assessment. The primary task is to assess the potential of combatant CFM when they perform combat missions under unforeseen circumstances.
2 Strategic Goal: Protecting the US Department of Defense Information Network and Databases, Minimizing Risks for US Department of Defense Missions
Creating a unified information environment. The US Department of Defense creates a unified information environment built on the basis of an adaptive security architecture. In forming the environment, best practices in the field of cybersecurity and ensuring the viability of technical and information systems are taken into account. The integrated information environment will allow the US Department of Defense, USCYBERCOM, and military teams to maintain comprehensive informational awareness of network threats and risks.
A unified security architecture will shift the emphasis from protecting specific unrelated disparate systems towards a multi-shielded unified security platform and targeted applications and components mounted on it.
The US Department of Defense plans to gradually deploy a unified information environment based on an integration platform, as it repeatedly checks out vulnerable modules of the system, as well as the data encryption systems used.
Evaluating and ensuring the effectiveness of network information for the US Department of Defense. A single information network (DoDIN) will be created within the Ministry of Defense. DoDIN, acting under USCYBERCOM and CFM, will interact with the information systems of other military structures and defense enterprises.
Reducing known vulnerabilities. The Ministry of Defense will aggressively close all known vulnerabilities that pose a great danger to the networks of the Ministry of Defense. In addition to zero-day vulnerabilities, analysis shows that significant risks to US military networks create known vulnerabilities that are not paid due attention. In the coming years, the Ministry of Defense plans to create and implement an automated system for fixing and eliminating vulnerabilities, which covers the moment of their appearance.
Evaluation of the cyber force of the Ministry of Defense. The Department of Defense will assess the ability of its cyber-defensive forces to provide adaptive and dynamic defensive operations.
Improving the efficiency of service departments of the Ministry of Defense. The Department of Defense will consistently tighten the requirements for cybersecurity providers and solutions providers. The Ministry of Defense will determine whether their decisions satisfy the criteria for security of the Ministry of Defense networks not only from known, but also from predictable threats in cyberspace. It will be checked whether the solutions have opportunities for improvement and escalation in the face of growing threats to the networks of the Ministry of Defense on the part of the cyber environment.
Network defense and sustainability plan. The Department of Defense will continue to plan activities that provide comprehensive protection for networks. This planning will be carried out on the basis of a thorough assessment of the priorities of the assets and the existing levels of their vulnerabilities.
Improving the system of cyber weapons. The US Department of Defense will consistently evaluate and initiate initiatives in the development of offensive and defensive cyber weapons. Acquisition of new cyber weapons systems will occur strictly within the framework of their compliance with pre-established technical standards. The periodicity and cyclicality of the purchase of cyber weapons will strictly comply with the requirements of the product life cycle.
Ensure continuity plans. The US Department of Defense will ensure the sustainability of activities through the mandatory preservation of the continuity of the most important operations, even in conditions of disturbed or degraded environments. The military plans of companies will fully take into account the possibility of working in a degraded cyber environment, when certain elements of cyber systems or cyber networks will be disabled. When developing the cyber systems of the US Department of Defense, special attention will be paid to their viability, duplication and fractality.
Red team. The US Department of Defense has developed special methods for testing the viability of networks and components of the Department’s critical infrastructure, USCYBERCOM and CFM. This means regularly conducting maneuvers and simulating enemy attacks on networks and data of the Ministry of Defense in order to work out software, hardware and personnel counter-protection.
Reducing the risk of internal threats. The country's defense depends on the loyalty of the military and civilian personnel to their oath, the terms of the contract and the obligations to maintain state secrets. This year, the US Department of Defense carried out a number of measures aimed at preliminary identifying threats, especially in terms of personnel. The US Department of Defense is deploying a system of continuous monitoring of all information flows, which allows it to respond ahead of the emerging threats and doubtful cases that could in the future create risks to the national security of the country.
Improved accountability and responsibility for data protection. The Department of Defense will ensure that its policies are fully based on the laws of the United States and ensure the complete safety of data and non-access by third parties. A cybercrime center of the US Department of Defense will be created as part of a policy to improve data integrity.
Strengthen cyber security standards. The Department of Defense will consistently pursue a policy of integrating federal cybersecurity standards and research standards and development and procurement standards. The Ministry of Defense, in cases where certain federal standards will not meet the requirements of the department, will introduce its own additional standards of cyber security that ensure the viability and invulnerability of the networks of the Ministry of Defense.
Ensuring cooperation with intelligence, counterintelligence and law enforcement agencies in order to prevent, mitigate and respond to data loss
The Ministry of Defense together with other military, intelligence and law enforcement agencies will create a unified JAPEC system. This system integrates all departmental databases of the intelligence community and law enforcement agencies on cases of unauthorized access to databases or attempts to make such access, including time, place, software used, as well as information about stolen or intended to steal data, etc. Along with this, the base will include full profiles of established and / or suspected and / or probable individuals and groups seeking access to data from organizations leading to JAPEC.
In the future, it is planned to create joint investigative and operational interdepartmental teams of the JAPEC network.
Use by the Ministry of Defense of counterintelligence capabilities to protect against intruders
The US Deputy Secretary of Defense for Intelligence together with the chief cyber security and cyber security adviser will develop a strategy for the Secretary of Defense to involve military counterintelligence agencies in investigating cyber crime and protecting against cyber criminals and cyber attackers. Counterintelligence is in a unique position, allowing it to make a decisive contribution to the victory over cyber espionage. Currently, military counterintelligence is limited in its actions exclusively to the tasks of protecting the US armed forces. The Department of Defense in the framework of the new concept will ensure the cooperation of military counterintelligence with all services of the intelligence community of the United States and law enforcement officers at all levels. Within the framework of the new doctrine, for the first time, intelligence agencies subordinate to the US Secretary of Defense are involved in combating cybercrime, cyber espionage and other destructive actions not only against the US Armed Forces, but also of any government structures and private business in the country.
Supporting a nationwide policy against intellectual property theft
The United States Department of Defense will henceforth regard as its first combat task, along with other US government agencies, to counteract threats related to theft of intellectual property in cyberspace. Within the framework of the concept, the Ministry of Defense uses all its informational, counterintelligence, intelligence and combat capabilities in order to end the theft of intellectual property.
3's strategic goal: Preparedness to defend the territory of the United States and the country's vital interests against massive cyber attacks
Development of intelligence, early warning systems, forecasting and proactive response to threats. The Ministry of Defense, together with agencies of the intelligence community, will continue to work actively to increase capacity and improve the effectiveness of intelligence in early warning, forecasting and proactive response to cyber threats. The purpose of this work will be an opportunistic response to cyber risks associated with possible cyber attacks and cyber threats. Along with this, the US Department of Defense will increase its own intelligence capabilities and potential in case of various unforeseen circumstances. The Ministry of Defense, within its own intelligence structures, activates the cyber-exploration direction, ensuring, as far as possible, complete situational awareness at all stages of management, political and combat cycles of operations.
Improving the system of national civil cyber defense. The Department of Defense, in conjunction with its inter-agency partners, will train and train relevant personnel of state, private, public organizations, American citizens, actions to counter various cyber operations, as well as actions in the context of large-scale cyber attacks. In addition, the Ministry of Defense is activating work at all levels and in all components with FEMA, aimed at coordinated proactive actions in emergency situations when, for one reason or another, telecommunications networks and facilities may fail or be damaged.
As part of the prevention of destructive cyber threats and attacks, the Ministry of Defense will strengthen coordination with the FBI, the NSA, the CIA and other agencies. The result of this work should be the creation of an integrated system that the President of the United States can use to respond to cyber attacks, with significant consequences for the United States or national interests of the United States around the world.
It is envisaged to increase attention and, if necessary, to allocate additional resources to DARPA in terms of developing PlanX - a program for creating strategic cyber weapons, based on an integrated developing program of the Ministry of Defense.
Developing innovative approaches to protecting the critical infrastructure of the United States. The Ministry of Defense will actively cooperate with the Department of Homeland Security on the implementation of an expanded program to ensure unconditional cybersecurity of facilities and networks of the country's critical infrastructure, with a special focus on increasing the number of defense participants of critical infrastructure.
Development of automated information exchange tools.
To improve overall situational awareness, the US Department of Defense will work with the Department of Homeland Security and other departments to develop an integrated, automated multilateral information exchange system within the US government, followed by expansion of the system to military contractors, state and local authorities, and then the private sector in general. . As a result, there should be a unified nationwide closed, integrated network, including secure communication channels and databases, replenished online, as well as tools to work with them to analyze and predict cybersecurity, cyber threats, cyber attacks and cybercrime.
Estimates of cyber threats. The task force of the Defense Science Council under the US Strategic Command (USSTRSTCOM), in coordination with the Committee of the Chiefs of Staff and the US Department of Defense, will have the function of assessing the ability of the Department of Defense to prevent attempts by state and non-state actors to carry out cyber attacks of significant scale and impact on territories and / or against US interests. At the same time, attacks of this kind include attacks that include such consequences (cumulatively or one by one), such as: victims or disability and the possibility of normal life activity by Americans; large-scale destruction of property belonging to citizens, private business or the state; significant changes in American foreign policy, as well as changes in the macroeconomic situation or collapses, changes in trends, etc. in financial markets.
In the course of the analysis, the USSTRATCOM Task Force should determine whether the US Department of Defense and its structures have the necessary capacity to anticipate deterring state and non-state actors, as well as to eliminate the threats of such attacks.
4 strategic goal: Creating and maintaining sustainable cyber force and using it to manage the escalation of cyber conflict
Integration of cyber actions into integrated plans. The US Department of Defense will steadily work to integrate the capabilities of cyber subdivisions not only in carrying out actions in cyberspace, but also as part of integrated teams operating on all battlefields — on land, at sea, in the air, in space and in cyberspace. To this end, the US Department of Defense, together with other government agencies, American allies and partners, will consistently integrate plans for cyber operations into general plans for complex actions in various zones of actual or potential conflicts.
The function of integrating cyber commands, cyber forces and cyber capabilities into the actions of all branches of troops and complex teams will be implemented by USSTRATCOM. This command will make recommendations to the Chairman of the Joint Chiefs of Staff on the distribution, interaction and use of CNF.
5 Strategic Goal: Build and strengthen international alliances and partnerships to counter common threats and increase international stability and security
Building partnerships in key regions. The Department of Defense will continue to work with key allies and partners to build the capacity of the partnership potential, ensure the cybersecurity of the joint critical infrastructure and key resources. This work will be carried out by the Department of Defense together with other US government agencies and, above all, with the State Department. The Ministry of Defense ranks the Middle East, South and Southeast Asia and Europe among the priority regions.
Developing solutions to counter the spread of destructive malware. Government and non-state actors seek to acquire destructive malware. The uncontrolled spread of such programs and the ability of destructive actors to use them is one of the greatest risks to the international security system, politics and economics. Working with the US Department of State, other government agencies, allies, and partners, the US Department of Defense will use all the advanced methods, practices, and technologies available to it to counter the spread of destructive malware, detect non-state, terrorist, criminal, and other groups, as well as malicious states that promote production and distribution of similar programs. In addition to international regimes, the US Government will continue to actively use export control tools related to the transfer of dual-use technologies, etc.
Implementation of the United States cyber dialogue with China to enhance strategic stability. The US Department of Defense as part of the advisory to the US-China defense talks, including the cyber-workgroup, will continue discussions with China on cybersecurity and cybercrime issues. The purpose of this dialogue is to reduce the risks associated with the incorrect perception of the values and legislation of each country and the prevention of miscalculations that may contribute to escalation and destabilization. The Department of Defense supports the government’s efforts to build confidence-building measures aimed at bringing American-Chinese relations to a new level. At the same time, the US Department of Defense will continue to take concrete steps to prevent China from stealing American intellectual property, trade secrets and confidential business information.
Management and Strategy
To achieve the goals set and solve the tasks defined by the strategy, the tension of all forces and capabilities of the Ministry of Defense is required. The financial capabilities that the Ministry of Defense will have to implement this strategy will in no small measure determine the face of the world for many years. The Ministry of Defense will effectively spend the funds, use them most carefully and purposefully. To this end, the Ministry of Defense will carry out a series of practical actions.
Introduction of the post of Chief Adviser to the Minister of Defense on Cybersecurity. In the 2014 National Defense Act, Congress required the Department of Defense to introduce the post of Chief Adviser to the Minister of Defense, coordinating hostilities in cyberspace, conducting offensive and defensive cyber operations and cyber missions, developing and purchasing software and hardware, and training for CMF. In addition, the Chief Adviser will be responsible for the policy and strategy of the Ministry of Defense in cyberspace. The chief cyber advisor will lead the cyber administration of the Ministry of Defense, as well as the newly created council, the Cyber Council on Investments and Management (CIMB). He will not replace or replace already existing officials in the Ministry of Defense. He will be the only person responsible to the Minister of Defense, Congress and the President for cybersecurity within the Ministry of Defense and the Committee of Chiefs of Staff.
Large-scale reform and development of the entire cybersecurity system of the United States implies adequate measures in this direction on the part of our state and private companies. First of all, there is a need for a programmatic audit of information-analytical and other systems used by Russian state bodies and business structures at the federal, regional and local levels. As part of such a software audit, it is necessary to check all software products, including those created by domestic companies, for the use of components and software solutions of US corporations in them. Decisions must be made to minimize the risks of cyber attacks and information leaks. Cyber warfare, which is being conducted with increasing intensity, which has neither beginning, nor end, nor any time or territorial restrictions, has become a reality of our days. The future will belong to those who will be able to protect their national interests in cyberspace.