Stuxnet, Flame, Duqu - the intimidating digital weapons in a growing cyber arsenal - have been created to enable one nation-state to spy and/or virtually assault another nation-state.
Reports that the United States and Israel are behind these malware [see U.S., Israel Developed Flame] raise the question as to whether it's time to rethink how nations should organize their military to defend their national interests.
See Also: Securing the Borderless Enterprise
"If the political and national will remain strong, and the need remains dire - particularly if there is a cyber Pearl Harbor-like event - there is a chance that a separate cyber branch may be considered.
The United States military, recognizing the digital threat it faces, established in 2010 a cyber command, with the primary objective to defend the IT and communication systems that support its armed service. The cyber command, not coincidentally, is headed by the director of the National Security Agency, Army Gen. Keith Alexander, and collocated at Fort Meade, Md. It's not just digital defense on the mind of the Pentagon and NSA.
But should the United States military do more to organize for a growing threat to the nation's well-being and stability?
Three years ago, two Army officers, Lt. Col. Gregory Conti and Col. John "Buck" Surdu, proposed the creation of a fourth military branch [see New Cyber Warfare Branch Proposed] in an article, writing: "Adding an efficient and effective cyber branch alongside the Army, Navy and Air Force would provide our nation with the capability to defend our technological infrastructure and conduct offensive operations. Perhaps more important, the existence of this capability would serve as a strong deterrent for our nation's enemies."
I caught up earlier this month with Conti, now a colonel, who teaches cyber warfare at West Point, and asked him if the time is right to establish a cyber branch with so much attention focused on the likes of Stuxnet and Flame. Here's his response:
"I don't see a cyber warfare branch of the military being formed in the near future, but if we were to plot a straight line between where we were, where we are and where we are going, it is heading it that general direction.
"That being said, the question is how far down that path we progress, depending on how events unfold over the next two decades we might stop short, and that may be OK. Since the article came out in 2009, we've seen the birth of U.S., Army, Navy, Marine and Coast Guard cyber commands and the reaffirmation of Air Force cyber command. This is exceptionally rapid progress for the Department of Defense and U.S, government in only two to three years.
"I sense very broad recognition in the White House and Congress - and to a non-trivial extent, the American people - of the mortal danger and strategic advantage that cybersecurity and cyber warfare hold for the nation. The military services now are seeking to define the types of knowledge, skills and abilities required for cyber professionals and to create appropriate career fields. These efforts are in progress, but the results may ultimately conflict with the kinetic war-fighting cultures of each service [see Culture War: Making Cyber Career Military Friendly].
"I don't have full visibility, but I know the highest levels of leadership in the Army and Navy - and I suspect the others - are taking cyber very seriously and carefully considering significant dedication of resources and some structural reorganization to adapt to the cyber domain.
"We also hear serious talk in the press of promoting U.S. cyber command to a combatant command -- akin to special operations command - which would significantly raise the stature of cyber within DoD. We might see a plateau at this point as DoD refines the associated organizations, capabilities, authorities, training, doctrine, etc. If the result is viewed as and may very well be sufficient, things may stop there. Over the next two decades, if the political and national will remain strong, and the need remains dire - particularly if there is a cyber Pearl Harbor-like event - there is a chance that a separate cyber branch may be considered.
"We are living in historic times as all of the changes unfold. The trajectory of the future will depend on leadership, the successes of these emerging organizations, the effectiveness of detractors/competitors within the U.S, government and world events."
The idea of a fourth cyber branch is intriguing, more so now than when Conti and Surdu first broached the idea. As cyberthreats get more sophisticated, threatening the very fabric of our economy and society, and if our adversaries put significant resources behind developing digital weapons, it might not take 20 years for the United States to decide whether or not to create a cyber military branch.