While the US Army Sharpens Its Cyber Defenses, the Navy Faces the ‘Real’ Deal Right Now

The guided-missile destroyer USS William P. Lawrence (DDG 110), front, leads the aircraft carrier USS John C. Stennis (CVN 74) off the coast of San Clemente Island near Southern California, Aug. 4, 2015.

U.S. Navy photo by Mass Communication Specialist 3rd Class Susan C. Damman

AA Font size + Print

The guided-missile destroyer USS William P. Lawrence (DDG 110), front, leads the aircraft carrier USS John C. Stennis (CVN 74) off the coast of San Clemente Island near Southern California, Aug. 4, 2015.

U.S. Fleet Cyber Command conducts 'real world operations because they're there, and we don't have a choice' while the Army's Cyber Command is cautiously getting on its feet.

Army leaders deployed in foreign territory have a lot of data at their fingertips to help avoid surprise attacks, such as digital maps of minefield locations.

But the man in charge of shielding those information flows has questions about the tools and training that will be needed as cyber threats mutate.

Right now, trial and error is providing the answers.

We’ve already run two small experiments at the combat training centers, and it’s been quite an eye-opening experience,” said Lt. Gen. Edward Cardon, commander of U.S. Army Cyber Command. He spoke on a panel at the  Billington Cybersecurity Summit, held in Washington. 

You rapidly see the convergence of electronic warfare and information operations also in this space,” he said.

Today, there are “tremendous tactical SIGINT capabilities” available to commanders, Cardon said. The challenge is organizing the capabilities. ”How is all this integrated together? How do you put the teams together?…How do you leverage the intelligence?”

For the Navy, often, there is no time for hacker simulations. 

In a lot of cases, we’re doing real world operations because they’re there, and we don’t have a choice,” Vice Adm. Jan Tighe, commander of U.S. Fleet Cyber Command, told Nextgov in a brief interview after she spoke at the conference .

That said, the Navy is developing various exercises too. 

For example, cyber mission forces teams and other maritime commanders plan how they might fight off an attack directed at a specific numbered fleet commander, she said. 

The branch encountered a teachable moment a few years ago, when, as the Wall Street Journal reported in 2013, Iran allegedly pierced the Navy Marine Corps Intranet.

Back then, Adm. Mike Rogers, now the head of the entire U.S. Cyber Command, had Tighe’s job. 

For the next five years, Navy cyber operations will be guided by a strategic plan to expand the branch’s cyberspace capabilities and shrink its information security vulnerabilities. According to the strategy, which was released in May, the service will build offensive “cyber effects” through, among other things, “warfighting exercises.”

Cyber training across the Navy is particularly important for an organization split across lands and oceans worldwide. Tighe’s jurisdiction is global, whereas the other fleet military operations centers are predominantly regionally-focused, she said.  “We’ve got to train our own [cyber] forces on how to fight,” she said. “We’ve got to train the rest of the Navy how to work with us.”

The Army’s cyber corps also is tussling with a distributed theater. Local commanders conducting physical military operations need offensive capabilities to help attack the adversaries, Cardon said. Simultaneously, the network required to bring “the incredible capabilities of the U.S. military to the soldier on the ground” must be guarded against adversaries, he said.  The Army expects to hold four more experiments in the coming year. 

Insider threats have plagued military networks in recent years. There was, among other incidents, a Navy techie who went on a hacking spree at sea and a former Chinese military member, who downloaded Army files while working as a Pentagon contractor.

According to the Justice Department, Nicholas Paul Knight was serving as a systems administrator in the nuclear reactor department aboard the U.S.S. Harry S. Truman when, in 2012 and 2013, he co-led a gang of hackers that breached the Navy’s Smart Web Move database. The registry held Social Security numbers, names, and dates of birth, for approximately 222,000 service members.

In 2013, Wei Chen, a one-time Chinese anti-aircraft unit member, allegedly plugged an unsanctioned personal thumb drive into Army computers connected to classified and unclassified networks. After downloading unauthorized material onto the flash drive, he tried to conceal his actions by deleting network logs on the server, according to U.S. authorities. At the time, Chen was serving as a system administrator for Camp Buehring, a U.S. Army base in Kuwait.

Close [ x ] More from DefenseOne

Thank you for subscribing to newsletters from DefenseOne.com.
We think these reports might interest you:

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • Military Readiness: Ensuring Readiness with Analytic Insight

    To determine military readiness, decision makers in defense organizations must develop an understanding of complex inter-relationships among readiness variables. For example, how will an anticipated change in a readiness input really impact readiness at the unit level and, equally important, how will it impact readiness outside of the unit? Learn how to form a more sophisticated and accurate understanding of readiness and make decisions in a timely and cost-effective manner.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.


When you download a report, your information may be shared with the underwriters of that document.