As U.S. and Chinese leaders reportedly negotiate red lines in cyberspace, there is a hacker troop build-up playing out in their respective countries.
It is believed China’s People’s Liberation Army has the deeper bench, with an estimated 100,000 code warriors recruited over the past two decades, and the world’s most powerful supercomputer. By comparison, U.S. Cyber Command started from near-scratch in 2010 and wants to reach a force size of 6,200 by 2016.
But it’s anyone’s guess as to which cyber military has the most aptitude.
“As we have continued to grow the cyber mission force, we’re getting the right numbers of people,” said Vice Adm. Jan Tighe, commander of U.S. Fleet Cyber Command. “Whether we are getting the right people is still yet to be determined,”
The Pentagon is deploying the recruits immediately, anyway, because the threat has arrived.
“We are using teams that are pre-[initial operating capability] and we can’t wait for them to be necessarily fully trained, fully equipped, when there is an adversary that needs to be dealt with inside of our networks,” she said.
CYBERCOM is in the middle of organizing 133 cyber teams across the military branches, according to Defense Department officials.
Lt. Gen. Kevin McLaughlin, deputy commander of CYBERCOM, said components are being dispatched “when they have recognizable units that can function” because the need is “so dire.” Both he and Tighe spoke at the Billington Cybersecurity Summit in Washington on Sept. 17.
China is not the only cyber power of concern to the United States. As of November 2010, Iran had positioned 1,500 cyberwarriors at the keyboards, according to a 2013 Middle East Media Research Institute study. North Korea reportedly maintains a 6,000-strong cyber militia.
China, however, has incessantly struck at the heart of the U.S. economy. On Wednesday, Obama told Business Roundtable members that cybersecurity “will probably be one of the biggest topics that I discuss with President Xi [Jinping]” when the two meet later this week.
The aggravation for U.S. officials is not so much the excavation of U.S. government data, but rather the gross theft of intellectual property.
Intelligence gathering “is fundamentally different from your government or its proxies engaging directly in industrial espionage and stealing trade secrets” from companies, Obama said. “That we consider an act of aggression that has to stop.”
He went as far suggesting U.S. government coders could outhack any rival, if push comes to shove.
“Although the Chinese and Russians are close, we’re still the best at this,” Obama said. “And if we wanted to go on offense, a whole bunch of countries would have some significant problems” that America would rather not inflict on the Internet.
‘Start With 9th Graders’
The age range of U.S. cyber troops trends low, a distinction that carries benefits and risks. Pentagon computer whizzes might have little military experience, but their talent impresses top brass.
There is no such thing as a 20-year veteran of CYBERCOM. Right now, “we bring them out of high school, mostly enlisted,” McLaughlin said. Then, “the military services are training them to be world-class, advanced cyber operators.”
He gushed over the programming skills of these men and women. One young man on a defensive mission, “he saw the Matrix, like in the movie. He lived in the 1s and 0s. His team was maneuvering in cyberspace against a maneuvering adversary, and he understood every bit of the technology that the adversary was using, what we were using” and what other assets would be necessary to deal with the threat.
In the near future, CYBERCOM members must protect systems that don’t even look like computers, so even today’s training might soon be outdated.
There now is a demand for power engineers and aerospace engineers that understand the cyber vulnerabilities in the structures they are building, Tighe said.
“We’ve got to evolve our educational side to begin to really get after securing the Internet of Things, not just the IT systems that we have,” she said.
And that means tapping middle school graduates.
“We need to start with ninth-graders,” she said. “Really. To hook them into this…. if they don’t start at that point, it’s hard to catch up in terms of having the math skills to go into engineering type programs.”
To date, trial and error has guided capacity planning, Tighe acknowledged.
The genesis of CYBERCOM was, essentially, “we have a sense of urgency that we need more capacity and capability to deal with cyberspace operations than what we have today,” she said. “Is it enough capacity? I don’t know if we know the answer to that yet.”
There is certainly optimism in the voices of McLaughlin and Tighe that there will be enough bodies and brains at the control panels.
”I think that being two, two-and-a-half years into the build, we’re in a pretty darn mature place … we still have a long way to go.”