The Army Is Shopping for Cyber Weapons

A Navy commander works with teammates at the U.S. Army's Cyber Center of Excellence at Fort Gordon, Georgia.

Georgia Army National Guard photo by Staff Sgt. Tracy J. Smith

AA Font size + Print

A Navy commander works with teammates at the U.S. Army's Cyber Center of Excellence at Fort Gordon, Georgia.

As part of the Pentagon's plan to beef up its capabilities, the service is reaching out to providers to see what kinds of tools are available.

The Army is seeking the assistance of cyberattack tool sellers, joining a growing number of Pentagon entities aiming to amass advanced cyber capabilities. 

A new market survey aimed at identifying suppliers is the third Defense Department document issued over the past month that points out a need to be able to execute “cyber effects.”

A cyber effect typically refers to a hack, disruption or other impact to an adversary’s network, according to security experts.

The Army’s request for information, which was released Thursday afternoon, expresses interest in “existing technical capabilities to deliver cyber effects with robust and mature capabilities” that can target “telecommunications, networking, components, and protocols.” 

Defense and intelligence community contractors have until June 15 to submit white papers containing suggestions. 

The four-page solicitation for “potential sources for the procurement of cyber capabilities” does not provide any other details about the capabilities sought. Most of the space is consumed by questions about the prospective contractor’s demographic information.

Army officials did not immediately clarify what the branch is looking for.  

A basic example of a “cyber effect” would be “malicious software gets on your computer and the effect is the screen goes black,” said James Lewis, a cybersecurity analyst at the Center for Strategic and International Studies.

Last week, the Navy also announced preparations to incorporate hacking tools into its munitions store.  

“The Navy as a whole must understand and embrace cyber and space effects as an integral component of our arsenal,” states a five-year Navy Fleet Cyber Command strategic plan issued May 6. One of five focus areas for the Navy will be to help “commanders put cyber effects on the table while they craft operational plans.” 

The Pentagon, writ large, wants to speed up the provision of cyberattack technologies to geographic combatant commands. In April, Defense Secretary Ash Carter unveiled a departmentwide cyber strategy that, among many other things, discusses accelerating plans for “cyberspace effects in support of operational plans and contingency operations,” as well as defining “specific cyberspace effects against targets.”

Previewing the Navy’s agenda April 7, a senior official said the service is building the capacity to unleash cyberattacks from points across the globe.

“Those kinds of capabilities are leveraged from all parts of the world, predominantly ashore installations, in some cases afloat,” said Kevin Cooley, executive director and command information officer of the Fleet Cyber Command.

In popular culture, cyber capabilities that produce effects on enemies are called “cyberweapons.”

But what effects do cyberweapons actually create? That’s a question bugging the military’s legal advisers.

The term “cyberweapon” has been interpreted to mean anything from spyware, to malicious code for destroying nuclear power plants. Former Pentagon attorneys say militaries worldwide need clarity on the word so they don’t break international laws.

Because both procurement and use of a ‘weapon’ are dependent on its first being subject to legal review, it is crucial that the proper definition for cyberweaponry be chosen,” retired Col. Gary Brown, former legal adviser at U.S. Cyber Command, and Lt. Col. Andrew O. Metcalf, former legal adviser to U.S. Marine Corps Forces Cyberspace Command, write in a 2014 Journal of National Security Law and Policy article

They note “the wrong definition could lead to a failure to comply with international legal standards, if it is too narrow,” while an “overly broad definition could encompass espionage tools.”

Often, the only difference between operations to collect intelligence and operations to deliver “cyber effects is the intent – intelligence activities are done with the intent of collecting intelligence, while other military activities are done in support of operational planning or execution,” Brown and Metcalf say.

It’s not even clear if Stuxnet, one of the most destructive known viruses, is a cyberweapon. Legal weapons don’t self-replicate, Brown and Metcalf say. Allegedly a U.S.-Israeli invention, Stuxnet sabotaged Iranian nuclear centrifuges but also accidentally spread to systems in the United States, according to Symantec. That’s an effect the Pentagon, one would hope, is not looking for.

Close [ x ] More from DefenseOne

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • Military Readiness: Ensuring Readiness with Analytic Insight

    To determine military readiness, decision makers in defense organizations must develop an understanding of complex inter-relationships among readiness variables. For example, how will an anticipated change in a readiness input really impact readiness at the unit level and, equally important, how will it impact readiness outside of the unit? Learn how to form a more sophisticated and accurate understanding of readiness and make decisions in a timely and cost-effective manner.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.


When you download a report, your information may be shared with the underwriters of that document.