Pentagon Advisers Want Cyber ‘Tiger Teams,’ More Authorities for Cyber Command

National Security Agency and Cyber Command chief Adm. Michael Rogers testifies on Capitol Hill in Washington, Thursday, Jan. 5, 2017, before the Senate Armed Services Committee hearing:


AA Font size + Print

National Security Agency and Cyber Command chief Adm. Michael Rogers testifies on Capitol Hill in Washington, Thursday, Jan. 5, 2017, before the Senate Armed Services Committee hearing:

Pentagon advisers: We need more infrastructure cybersecurity. Congress: We want more election-hacking security.

U.S. critical infrastructure and military responsiveness is at such high risk to Chinese and Russian hacking that Pentagon advisors are recommending a special task force, or “an offensive cyber capability tiger team,” to help the military acquire new weapons of cyberwar. But the real worry for senators on the Armed Services Committee, who heard from Defense Science Board members Thursday, was not how to respond to Russia shutting off the lights but how to respond to an attack like the DNC hack and John Podesta hack — attacks on sovereignty that are not necessarily an act of war.

While the group came to warn Congress about attacks to things like the U.S. electric grid and other “vital U.S. interests,” Senators John McCain, R-Ariz., and Elizabeth Warren, D-Mass., quickly brought the discussion to the intelligence community’s assessment that Russia was using spearphishing campaigns to destabilize elections, both in the U.S. and abroad. “If an enemy or an adversary is capable of changing the outcome of an election, that’s a blow at the fundamentals of that country’s ability to govern,” said McCain. “The election is a system of democracy… if you destroy it then you have basically dealt an incredible blow to the country, which is far more severe than shutting down an electrical grid.”

“Describe the range of options the U.S. has for deterrence,” against that sort of thing, demanded Warren.

Jim Miller, a member of the Defense Science Board and a former under secretary of defense for policy, squirmed a bit at the question. “One thing we want to do is deny the benefits” of that sort of operation, he said. “Getting that information out earlier would have been very helpful.”

The board is a group of civilian experts who advise the Department of Defense on technical matters. On Thursday they presented a new report on cyber deterrence.

The military conversation about cyber capabilities and threats (at least the conversation that the public hears) is typically big on buzzwords and small on substance. The most recent report breaks somewhat from that tradition. “Major powers’ (Russia and China) have significant and increasing ability to hold U.S. critical infrastructure at risk or otherwise use the information domain to harm vital U.S. interests, and their more limited but growing capability to thwart our military response through cyber attack,” it concludes.

The proposed tiger team would “develop options and recommendations for improved and accelerated acquisition of scalable offensive cyber capabilities, including additional authorities to USCYBERCOM, and the establishment of a small elite rapid/special acquisition organization.”

The idea echoes what U.S. Cyber Command head Adm. Michael Rogers has said he wants to do with CYBERCOM in the years ahead. Rogers would structure Cyber Command teams much more like special operations forces and give commanders more license to use offensive cyber weapons, the same way you would use regular weapons largely determined by the guy with the gun or his immediate superior.

“At the moment, we tend to differentiate between the offense and defense,” Rogers said last month at the WEST 2017 conference, in San Diego.  “Offensive cyber in some ways is treated almost like nuclear weapons in the sense that their application outside of the defined area of hostility is controlled at the chief executive level and not delegated down. What I hope to see in the next five to seven years is can we engender enough confidence in our decision makers and policy makers … you should feel comfortable pushing this down to the tactical level.”

Rogers means he wants fast reaction cyber-squads answering to combatant commanders and outfitted with better tools. On the defensive side, he stressed a need for “machine learning at scale,” using robust artificial intelligence methods applied to detecting and understanding what the enemy is doing and what new tools the enemy is working with. On the offensive side, Rogers said he wants to go to industry for more.

“In the application of [conventional] weapons, we go to the private sector and say, build us a JDAM [a Joint Direct Attack Munition]. On the offensive side [in cyber] to date, we do all of our development internally… is that a sustainable model?” he asked.

The newly released task force report sounds a similar note to Rogers. “Rapidly establishing and sustaining an array of scalable offensive cyber options, including strategic cyber options, will require a different approach to acquisition … Because target systems and software can change, sometimes unexpectedly and at a moment chosen by the adversary, a quick reaction capability with flexible acquisition authorities will be essential.”

Needless to say, throwing lots of money at private outfits to develop break-in tools for adversarial networks, databases, devices, etc. will likely prove controversial since civilians may use similar networks and devices. If you find the perfect hack against, say, a Cisco networking product, can Cisco sue you for damages? Can Cisco customers sue you if an outside party then uses the access tool you developed to steal their data? It’s one reason why following the rules of armed conflict becomes much harder when the battle terrain is, in part, other people’s phones and equipment and not physical space.

Close [ x ] More from DefenseOne

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Ongoing Efforts in Veterans Health Care Modernization

    This report discusses the current state of veterans health care

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Top 5 Findings: Security of Internet of Things To Be Mission-Critical

    As federal agencies increasingly leverage these capabilities, government security stakeholders now must manage and secure a growing number of devices, including those being used remotely at the “edge” of networks in a variety of locations. With such security concerns in mind, Government Business Council undertook an indepth research study of federal government leaders in January 2017. Here are five of the key takeaways below which, taken together, paint a portrait of a government that is increasingly cognizant and concerned for the future security of IoT.

  • Coordinating Incident Response on Posts, Camps and Stations

    Effective incident response on posts, camps, and stations is an increasingly complex challenge. An effective response calls for seamless conversations between multiple stakeholders on the base and beyond its borders with civilian law enforcement and emergency services personnel. This whitepaper discusses what a modern dispatch solution looks like -- one that brings together diverse channels and media, simplifies the dispatch environment and addresses technical integration challenges to ensure next generation safety and response on Department of Defense posts, camps and stations.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation


When you download a report, your information may be shared with the underwriters of that document.