In March, U.S. Cyber Command held its annual legal conference, where members of the command and experts weighed in on the cyber landscape, particularly its legal and national security challenges for the U.S.
“Cyber Command attorneys are tackling unprecedented constitutional issues while the United States faces some of the most serious threats in its history,” Paul Nakasone, the command’s leader, said at the conference, which was held virtually on March 10.
Nakasone also indicated at the conference that Cyber Command has its eye on the digital front of Russia’s invasion of Ukraine. “The Russia-Ukraine conflict raises the possibility of Russian cyberspace operations targeting U.S. and allied interests,” he said. “The situation in Ukraine has energized our alliances and increased the appetite for combined operations among our international partners in cyberspace,” he added later.
Lt. Gen. Charles Moore, who serves as Nakasone’s deputy, explained that combining information operations with cyber measures could give the U.S. a strategic advantage against adversaries in the future. “Without a doubt, what we have learned is that cyber-effects operations in conjunction—in more of a combined arms approach—with what we call traditionally information operations, is an extremely powerful tool.” He said that the U.S. should adopt “a strategy that’s focused on affecting adversaries’ perceptions.”
The remarks came two weeks after Russia’s invasion of Ukraine, which stoked fears of a major cyberattack. They also offer a rare glimpse into Cyber Command’s thinking on the future of digital warfare. These priorities have been shaped by President Biden’s first year in office. Since his inauguration, cyber officials have responded to a variety of attacks, including a massive supply chain hack from Russia, a sprawling software attack by China and costly ransomware campaigns by foreign criminal actors.
In February, the Office of the Director of National Intelligence released its annual accounting of the most dangerous foreign threats facing the United States. The report emphasized cyber threats from Russia, China, Iran and North Korea. “Russia is particularly focused on improving its ability to target critical infrastructure, including underwater cables and industrial control systems,” the report stated. It also explained that China “presents the broadest, most active, and persistent cyber espionage threat” and is “almost certainly” capable of using cyberattacks to reach railways as well as oil and gas pipelines in the U.S.
At the conference, Cyber Command projected optimism in its ability to manage the changing digital landscape. Moore said that the command has overcome the bureaucratic and policy challenges that once prevented it from operating effectively on a regular basis. Previously, the command functioned as “the break-glass-in-time-of-war Command and the cleanup-on-aisle-six Command.”
Now, however, Moore said that the command has the approvals necessary to conduct daily operations aimed at engaging persistently with adversaries in cyberspace in order to uncover their cyber measures and impose costs on them. “We are showing that we can operate in this space below the level of use of force—below what we might consider armed conflict—and defend ourselves better without escalating,” he said. This strategy has helped the U.S. define the “red line” or “point of departure” that separates daily digital engagement from more aggressive actions “that might not be acceptable to another nation state and could lead to escalation or war.”
In addition to members of Cyber Command, top researchers also participated in talks and panels on their own views of the digital landscape. Adam Segal, director of the Digital and Cyberspace Policy program at the Council on Foreign Relations, offered further insight into China’s use of cyber and explained that intellectual property theft continues to be “the major threat.” Yet China is also engaged in “mapping of the battle field,” Segal said. This involves “preparation for using cyber in case a conflict in the Straits or the South China Sea moves to a kinetic conflict, so they are ready to use cyber for seizing information dominance.”
Segal explained that China has also used digital information operations to influence elections in Taiwan and undermine dissidents in Hong Kong. These tactics differ from those China has deployed in the U.S., which have primarily involved using inauthentic activity on Facebook and Twitter to amplify its state propaganda—for example, messages about the Uyghurs or China’s handling of the coronavirus pandemic—according to Segal. China’s strategy with respect to the U.S. may be undergoing a shift: “We see the Chinese thinking about information operations and how they use that to shape the narrative in the West about China and China’s interests,” Segal said.
Researchers at the conference also discussed how the U.S. might address Russian disinformation, which has consisted of aggressive social media campaigns in the U.S., including an operation by the Kremlin-backed Internet Research Agency (IRA) aimed at helping then-candidate Donald Trump win the 2016 presidential election.
Jacquelyn Schneider, a researcher at Stanford’s Hoover Institution, proposed a strategy in which the Department of Defense focuses on “countering cyber operations by using cyber operations” against Russian and Chinese actors. “If the Russian IRA is putting out a series of disinformation and meme campaigns, then we use the Department of Defense and its unique authorities and capabilities to degrade their ability to use the networks that they propagate disinformation on or to try to counter disinformation with internal disinformation,” she suggested.
Schneider also highlighted the important role that the private sector can play in defending against foreign disinformation campaigns, saying that social media companies could develop new technologies that “allow them to sift through disinformation and determine what is appropriate and not appropriate.”
“These are technical solutions that are based on policy decisions,” Schneider said. “I think we are seeing a lot of experimentation here, but there probably needs to be more work done coordinating the U.S. government and the social media outlets so that we can find some sort of consistency in how we think about navigating especially foreign disinformation on U.S. social media.”