Home / OPINION / Analysis / The development of cyber warfare in the United States

The development of cyber warfare in the United States

Print Friendly, PDF & Email

Giancarlo Elia Valori

In December 2021 the U.S. Navy announced the authorization of an additional transaction agreement with Advanced Technology International (ATI) to manage the second part of the Information Warfare Research Program (IWRP 2). As part of the consortium’s management of IWRP 2 activities, ATI will provide the mechanism for Naval Information Warfare Systems Command (NAVWAR) to reach out to a broad range of traditional and non-traditional defense contractors in various areas of information warfare technology to address specific information technology challenges through prototyping (i.e. the creation of a prototype, the first example of a product that a company intends to subsequently develop).

IWRP 2 will include all major application areas relating to information warfare, including cyber warfare; cloud computing; data science and analytics; assured communications; enterprise resource tools; autonomy; mobility; assured command and control; integrated firepower; battlespace awareness; model-driven systems engineering; on-demand manufacturing; DevSecOps (Development Security Operations) and AI/Machine Learning.

In February 2022 the U.S. Marine Corps issued a statement informing that it sought to develop an intelligence tool to analyze online public threat information. The announcement states that the Marine Corps is modernizing its forces and composition to better prepare for operations in the information domain and trying to keep up with adversaries that use large amounts of publicly shared information through intelligence gathering, as well as information and cyber operations to gain an advantage. The Marine Corps currently uses a system called the Integrated Intelligence Platform, which provides open source intelligence and a common operational picture of the network by rapidly measuring data sets, identifying hidden trends, and generating targeted control operations.

The Marine Corps hopes the new system will manage the planning and direction, collection and processing, production and dissemination of open information and the aforementioned open source intelligence. The specific desired functionalities of the platform include: attribution; Edge Analytics; Commercial Threat Intelligence; Geospatial Selection Discovery; Graph Analytics; Dark Web Surveillance; Social Media/Media Analytics; Intelligence Orchestration and Dissemination; Open Information Data Mining; Battlegrounds Aware; all with distributable capabilities. The platform is not designed to directly counter these capabilities, but will provide analytics and cyber intelligence to reduce the effectiveness of enemy operations. The system must also follow the Joint Cyber Warfare Architecture (JCWA) of the US Cyber Command.

Another key task is the establishment of a military research and development ecosystem to provide flexible software support. As the US military increasingly relies on software for automation and operational decision-making and execution, there is an urgent need to improve the ability to rapidly produce secure and resilient software to maintain a great power competitive advantage. With a view to changing the current situation of heavy reliance on contractors and improve wartime contingency and emergency mobilization capabilities, the US military has begun to focus on developing in-house software teams and using in-house programmers to faster build mission execution capabilities.

While industry software experts continue to support the internal work of the US military, each of the network components serving the US Cyber Command organizes teams of programmers, engineers and tool developers. These individuals build rapid prototypes and new solutions; extend existing platforms; conduct vulnerability research and malware analysis; test and evaluate software; support Cyber Mission Force operations; and provide a wide range of their services in cyberspace and vulnerability experience. These services continue to gain contractor support for efforts to build larger platforms, but they also recognize the urgent need for their personnel to perform related mission functions more timely.

The US Cyber Command is seeking to secure a greater amount of developers to provide direct support to a variety of cyber teams, including: combat mission teams conducting the most offensive cyber operations on behalf of the Commands; engagement with States to defend teams operating in transnational missions; and sending cyber teams to execute ground cyber and radio frequency operations with a tactical focus to support ground commanders.

The Army Cyber Command said internal software and tool builders were more flexible and had the experience to provide commanders with more options than in the past, thus enabling the Command to rely less on industry to accomplish its mission. Intelligence is more effectively instructed in the hands of developers, who can test capabilities in mission-relevant environments that may be difficult for external partners.

The US Naval Cyber Command provided developers with requirements for Naval Sea Systems Command to determine how adversaries could undermine shipboard systems, and within a week the developers identified potential cyber vulnerabilities and recommended corrections and fixes. The US Naval Cyber Command said the Navy’s cyber workforce had already grown and was mature, but not easily replicable in the acquisition process. While contractors provide critical support across DOD, the operational pace and effective integration require government employees to lead and make efforts in this regard. Operating personnel have demonstrated their ability to identify capability gaps during operations, develop solutions, and deliver capabilities, changing operational solutions in less than 24 hours.

The U.S. Naval Cyber Command stated that industry was an important partner as it provided experience and scales of actionable experience that cannot be generated within the Navy. However, a quick and agile development process ranging from the generation/modification of requirements to testing and acceptance requires integration with internal operational elements with tight synchronization. If all capability development were outsourced to industry, the US Naval Cyber Command would lose the ability to lay the foundations for professional development and growth of government employees into more advanced technical and leadership positions.

The Marine Corps combines developers, analysts, and warfighters to achieve the best mission outcomes, emphasizing that there is no fixed relationship between developers and warfighters, but rather a flexibility of applicability. The US Air Force carries out its own software development projects relating to its cyber mission set, as is the case with the 67th Cyberspace Wing-16th Air Force (based in San Antonio-Lackland), which is testing the “software factory as a service” approach, leasing commercial areas for software factories to provide cyber development tools to bolster and strengthen possible missions. Commander Col. Jeffrey A. Phillips said the 90th Cyber Operations Squadron, and part of the 318th Cyberspace Operations Group, constituted a unit focused on developing these capabilities. The Cyber Protection Team (CPT) and Combat Mission Team (CMT) work closely together to determine the capabilities they need. The 67th Cyberspace Wing has moved away from waterfall software development, adopting an integrated DevSecOps approach that generates capabilities more quickly. It has created the so-called “cyber firing chambers” with capability developers, and CPT and CMT personnel. Personnel from the 25th Space Range Squadron are in the same place for DevSecOps capability tool development.