Cyber Defense Review

Senior Snake-Eater’s Predictions On The Future Of Terrorism And How It Can Inspire The Future Of DOD Cyber

By CPT Erick Waage | August 14, 2015

Many, many people are writing great things about using U.S. Special Operations Command (SOCOM) as a model for the development of U.S. Cyber Command (CYBERCOM), and many, many people are writing great things about the potential of raising CYBERCOM to a full unified command. However, cyberspace has yet to be recognized as a functional domain deserving of its own dedicated unified command. The comments made by GEN Joseph Votel, commander of SOCOM, at the West Point Senior Conference this past April illustrate the military’s increased emphasis on understanding the vulnerabilities and advantages that cyberspace brings to conflict. The Department of Defense should heed GEN Votel’s words and elevate CYBERCOM to unified command status, and, moreover, use SOCOM as model in developing CYBERCOM. Thanks to our friends at the Combating Terrorism Center at West Point, below is an excerpt from GEN Votel’s speech* dedicated to describing the implications of terrorism in the future operating environment:

* I have bolded cyberspace-related nouns to emphasize the targets and attack/influence vectors future terrorist may affect and use to achieve their ends.

I firmly believe that the ability of terrorists to rapidly adapt in our complex world, combined with our lack of persistence and imagination, will continue to create blind spots in our counterterrorism efforts. The implications of these gaps are significant.

 

Terrorist attacks, like the case studies mentioned earlier, are a reflection of the kind of terrorism we’re familiar with today. But, we can ill afford to think that we will continue to face the same foes in the same way using the same tactics.

 

In the future, we will have to come to grips with new types of terrorists, such as the computer-savvy individual who knows how to exploit rapid technological advances and the ubiquity of the internet. Terrorists in the future will be even more sophisticated and will continually improve their capabilities in virtually all aspects of their operations and support.

 

As societies become more connected and interdependent, many more will become aware of their cultural disenfranchisement and economic disadvantages. Across the country and around the globe, connected youth are becoming more and more desensitized to unacceptable and violent behavior through absorption of various electronic inputs, to include streaming news, entertainment mediums, and video games.

 

Computerized traffic and public safety systems and electronic banking will be among the new terrorist targets. It might be that the spectacular attack in the future will lie not in how many people you kill or injure, but in how effectively you can paralyze major urban areas by changing a few ones and zeros, or potentially disrupt the functions of financial systems. Just imagine the lasting impacts of those types of events happening without warning.

 

The incredible proliferation of devices that connect us to the “internet of everything” will be both tools and targets for terrorists. Experts say that by 2020 there will be more than 40 billion wirelessly connected devices, and that all of them could be easily hacked.

 

In the future, we should think of disparate and isolated “lone wolves,” still independent, anonymous, and elusive, but now connected to each other in cyberspace—forming “wolf packs.”

 

These packs can share tactics, techniques, and procedures with one another, instantaneously move resources across the web anonymously—all while they collectively plan and execute their attacks.

GEN Votel’s succinct, yet chilling, prediction of future battlefields arguably places great emphasis on cyberspace and the information environment. To solve problems posed by the millennial-generation of terrorists, GEN Votel goes on in his speech to eloquently emphasize the need for a human-driven network-of-networks to assist in addressing the root, often intangible, causes of terrorism versus attacking the tangible symptoms of terrorism.  Luckily for SOCOM, when it comes to counterterrorism and other special operations forces core activities, it possesses the Title 10 authorities, responsibilities, and acquisition authorities that enable it to effectively achieve its mission.

Approved by congress in 1986, the Goldwater-Nichols Defense Reorganization Act allows SOCOM to “carry out assigned missions and, if directed by the President or Secretary of Defense, to plan for and conduct special operations. Along with its Title 10 Authorities and Responsibilities, is the acquisition authority, autonomous from the other Services, to buy equipment, supplies, and services for the command. Within its organizational construct, SOCOM contains special operations components from the Army, Air Force, Navy, and Marines as well as a sub-unified command, the Joint Special Operations Command. The assigned Title 10 authorities and responsibilities, acquisition authority, and component and sub-unified manning, make SOCOM one of the most flexible and resilient organizations and the best fit to address the counterterrorism issues, among other SOF core activities, our nation will face in the coming decades. However, peppering GEN Votel’s counterterrorism predictions is a strong language indicating that the counterterrorist’s will rely on cyber professionals to “sling electrons” rather than “sling lead” to support future counterterror campaigns in hotspots across the globe.

As per Joint Publications 1-0 and 3-0, within the Department of Defense are nine Unified Commands. Of those commands, six are Geographic Combatant Commands (GCC) and account for all the air, land, and maritime across the globe. Three are Functional Combatant Commands (FCC) and account for areas unique to special operations (SOCOM), areas unique to strategic capabilities (STRATCOM), and areas unique to global mobility (TRANSCOM). Currently, U.S. Cyber Command is housed within STRATCOM as a subordinate unified command established on a cyber functional basis. Similarly to the catalytic affect that Operation Eagle Claw had on the creation of SOCOM, let us hope that a decision is made before a strategic catastrophe precipitates the decision out of necessity. GEN Votel’s words at this year’s West Point Senior Conference are inspire both a possible organizational model, in SOCOM, to follow for the development of a cyber-dedicated FCC and a possible need for a cyber-dedicated FCC.

The robust Title 10 authorities and responsibilities and unique acquisition authorities that have empowered SOCOM’s numerous successes over the last decade could prove as a valuable handrail in guiding USCYBERCOM’s ascendance to FCC status. Further, a direct line-of-communication to the Joint Chiefs of Staff will likely generate efficiencies while operating in the time-sensitive information environment. Moreover, given that SOCOM traverses all GCCs as well as all warfighting domains (land, maritime, air, and space), and given that cyberspace is itself a globally traversing domain, SOCOM possesses the doctrinal similarities to model CYBERCOM as a FCC.

In his speech, GEN Votel placed special emphasis on cyberspace as a vulnerable domain in which terrorism will find sanctuary. Rather, he identified the information environment, highlighting cyberspace, as vectors through and in which terrorist will attack. Though the criticality of this domain to one unified combatant command may not be enough to support the elevation of CYBERCOM to a FCC, the vulnerabilities and potential advantages of cyberspace are likely felt equally across the other unified combatant commands. Therefore, a FCC, autonomous to any other combatant command’s priorities, could more effectively support all unified combatant commands in this critical domain.

In sum, establishing a FCC, armed with Title 10 responsibilities and authorities and acquisition authorities similar in nature to SOCOM, as the Department of Defenses agent for cyberspace operations may prove a decisive investment when preparing for tomorrow’s conflicts. Unfortunately, to paraphrase one of the Special Operations Forces Truths, “competent [Cyber] Forces cannot be created after emergencies occur”.



US Army Comments Policy
If you wish to comment, use the text box below. Army reserves the right to modify this policy at any time.

This is a moderated forum. That means all comments will be reviewed before posting. In addition, we expect that participants will treat each other, as well as our agency and our employees, with respect. We will not post comments that contain abusive or vulgar language, spam, hate speech, personal attacks, violate EEO policy, are offensive to other or similar content. We will not post comments that are spam, are clearly "off topic", promote services or products, infringe copyright protected material, or contain any links that don't contribute to the discussion. Comments that make unsupported accusations will also not be posted. The Army and the Army alone will make a determination as to which comments will be posted. Any references to commercial entities, products, services, or other non-governmental organizations or individuals that remain on the site are provided solely for the information of individuals using this page. These references are not intended to reflect the opinion of the Army, DoD, the United States, or its officers or employees concerning the significance, priority, or importance to be given the referenced entity, product, service, or organization. Such references are not an official or personal endorsement of any product, person, or service, and may not be quoted or reproduced for the purpose of stating or implying Army endorsement or approval of any product, person, or service.

Any comments that report criminal activity including: suicidal behaviour or sexual assault will be reported to appropriate authorities including OSI. This forum is not:

  • This forum is not to be used to report criminal activity. If you have information for law enforcement, please contact OSI or your local police agency.
  • Do not submit unsolicited proposals, or other business ideas or inquiries to this forum. This site is not to be used for contracting or commercial business.
  • This forum may not be used for the submission of any claim, demand, informal or formal complaint, or any other form of legal and/or administrative notice or process, or for the exhaustion of any legal and/or administrative remedy.

Army does not guarantee or warrant that any information posted by individuals on this forum is correct, and disclaims any liability for any loss or damage resulting from reliance on any such information. Army may not be able to verify, does not warrant or guarantee, and assumes no liability for anything posted on this website by any other person. Army does not endorse, support or otherwise promote any private or commercial entity or the information, products or services contained on those websites that may be reached through links on our website.

Members of the media are asked to send questions to the public affairs through their normal channels and to refrain from submitting questions here as comments. Reporter questions will not be posted. We recognize that the Web is a 24/7 medium, and your comments are welcome at any time. However, given the need to manage federal resources, moderating and posting of comments will occur during regular business hours Monday through Friday. Comments submitted after hours or on weekends will be read and posted as early as possible; in most cases, this means the next business day.

For the benefit of robust discussion, we ask that comments remain "on-topic." This means that comments will be posted only as it relates to the topic that is being discussed within the blog post. The views expressed on the site by non-federal commentators do not necessarily reflect the official views of the Army or the Federal Government.

To protect your own privacy and the privacy of others, please do not include personally identifiable information, such as name, Social Security number, DoD ID number, OSI Case number, phone numbers or email addresses in the body of your comment. If you do voluntarily include personally identifiable information in your comment, such as your name, that comment may or may not be posted on the page. If your comment is posted, your name will not be redacted or removed. In no circumstances will comments be posted that contain Social Security numbers, DoD ID numbers, OSI case numbers, addresses, email address or phone numbers. The default for the posting of comments is "anonymous", but if you opt not to, any information, including your login name, may be displayed on our site.

Thank you for taking the time to read this comment policy. We encourage your participation in our discussion and look forward to an active exchange of ideas.