US Cyber Command recently celebrated its fifth year as the nation's premier military cyber headquarters.
In the wake of its birthday party, let's agree to act like we normally would about a 5-year-old. Let's coo over how smart it is and how much it can do for itself. We should also congratulate its parents for having raised such a strapping young command.
But Cyber Command still acts like any 5-year old: It likes to keep secrets and hit things, and its attention wanders. It still says "mine!" more than it should. And it blatantly favors one of its parents (the Pentagon) over the other (Strategic Command).
Cyber Command has siblings going back to 1988, when the Morris Worm took down perhaps 10 percent of all computers on the Internet. The Department of Defense, which was still the responsible agency for the Internet at the time, created a civilian Computer Emergency Response Team at Carnegie Mellon University. There was now a dedicated team looking for vulnerabilities and coordinating during major incidents.
About 10 years later, DoD had two additional scares: Eligible Receiver, an alarming US military cyber exercise that revealed the ease of disrupting US infrastructure in 1997; and Solar Sunrise, an intrusion mistakenly thought to be conducted by Saddam Hussein, in February 1998. The deputy secretary of defense and Joint Staff quickly realized they needed a military commander to handle operational-level command and control for cyber, including the ability to issue binding orders to defend the network, rather than just coordinate.
The following year, JTF-CND began coordinating offensive cyber ops and planning, along with cyber defense, and the unit was renamed Joint Task Force-Computer Network Operations (JTF-CNO).
Within a few years, however, DoD decided to split offense from defense. By 2005, the defensive mission went to the newly created Joint Task Force-Global Network Operations, essentially an operational arm of DISA, while offense went to the National Security Agency acting as an operational arm of Strategic Command.
These units lasted until 2010, when offense and defense were recombined into Cyber Command. The restructuring was driven in part by Operation Buckshot Yankee, a severe intrusion into DoD.
Though few if any of the decision-makers noticed the parallel at the time, they were treading down the same paths as the parent organizations of the other cyber commands after Morris Worm in 1988 and Solar Sunrise in 1998. In each case, initial confusion about a seemingly dangerous incident fed demand for a larger, more dedicated group run by a commander with a greater ability to command.
Thus, DoD went from a two-star with 25 people; to two three-stars with perhaps 1,000; to a four-star with over 6,000. Unfortunately few in DoD knew the background of these older siblings so they found themselves repeating mistakes.
For example, earlier this year, Cyber Command announced the creation of Joint Task Force-DoD Information Networks. The entity is run by a one-star with up to 200 staff members at DISA and tasked with computer network defense.
So the Pentagon has consolidated offense and defense into the same unit twice (in 2000 and 2009) only to then split them out again (2005 and 2015). With this new JTF, the military has re-created essentially the same unit with the same mission at the same agency as the JTF-CND in 1998, or even the JTF-GNO in 2005.
Despite this mindless flip-flopping, the good news is Cyber Command has an idea of what it wants to be when it grows up.
By 2016, it seeks to have completely built out the new Cyber Mission Force: 13 national mission teams with eight national support teams; 27 combat mission teams with 17 combat support teams; 18 national cyber protection teams (CPTs); 24 service CPTs; and 26 combatant command and DoD Information Network CPTs.
In the meantime, Cyber Command still wants to be treated as a unified, full-scale combatant command, not a sub-unified command answering to Strategic Command.
Once the Cyber Mission Force is in place, the Pentagon will rethink whether Cyber Command should remain a sub-unified command — or maybe even a separate service.
But core questions remain: Is America's cyber power really the military, or the IT and cybersecurity sectors? Can a nation pursue hard cyber power without compromising its soft power and IT sector? Does being feared in cyberspace actually lead to better national security and economic outcomes?
Until we understand the true nature of cyber power, let's keep teaching Cyber Command to look both ways before crossing into network traffic.