DOD plans network attack task force

The Defense Department is planning to form a joint task force focused solely on computer network attack (CNA) as part of the ongoing reorganization of U.S. Strategic Command.

Stratcom recently acquired oversight of DOD's information operations and global command, control, communications, computer, intelligence, surveillance and reconnaissance (C4ISR) capabilities.

Currently, Stratcom's Joint Task Force-Computer Network Operations is charged with defending all DOD networks from attack, as well as initiating cyberattacks when instructed by the president or Defense secretary.

However, Stratcom's reorganization also will result in splitting the JTF-CNO into two separate task forces — one focused on computer network defense, and the other on CNA, according to DOD officials.

The JTF-CNO was formally established in April 2001, born from the Joint Task Force for Computer Network Defense when it assumed responsibility for the evolving area of CNA.

Stratcom, which has its headquarters at Offutt Air Force Base, Neb., and is commanded by Navy Adm. James Ellis Jr., is undergoing an overall reorganization. Air Force Gen. Richard Myers, chairman of the Joint Chiefs of Staff, said that President Bush signed "Change 2" to the Unified Command Plan on Jan. 10, which assigned four emerging missions to Stratcom:

* Missile defense.

* Global strike.

* DOD information operations.

* Global C4ISR.

The command also merged with U.S. Space Command last October, but retains its space operations responsibilities and its nuclear triad of submarine, bomber and missile forces, Myers said in his Feb. 5 testimony before the House Armed Services Committee. He added that the changes reflect "the U.S. military's increased emphasis on a global view."

"With its global strike responsibilities, the command will provide a core cadre to plan and execute nuclear, conventional and information operations anywhere in the world," Myers said in his prepared testimony. "Stratcom serves as the DOD advocate for integrating the desired military effects of information operations."

A spokesman for Stratcom said the merger and reorganization of its headquarters and components, including JTF-CNO, are ongoing and that any references to the reorganization of the joint task force are "pre-decisional."

Army Maj. Gen. J. David Bryan, commander of Stratcom's JTF-CNO, said one of his top priorities is to help facilitate Stratcom's growth and increased responsibilities by sharing his office's experience with cyber operations. He would not say whether the United States has ever launched a cyberattack against an enemy, only that internal CNA exercises have been conducted.

Not everyone is convinced of that. Loren Thompson, a defense analyst at the Lexington Institute, an Arlington, Va., think tank, said considering the thousands of cyberattacks DOD defends itself from daily, and larger operations like the attack on the Internet's root servers late last year, it would be "unbelievable if the U.S. is not mounting similar operations in response."

"No one can seriously believe we're not using the same sorts of operations against our adversaries," Thompson said.

Retired Air Force Col. Alan Campen, an author of four books on cyberwarfare, said he did not think the United States had ever launch a cyberattack, but only because of the policy issues involved, not technological obstacles.

"It's a matter on the political side of, 'Do you want to do it?'" Campen said. "It's not like dropping a bomb...and the legal side of DOD has been very restrictive so far. There's no question that the technical capability is there, and it's useful for DOD to let enemies know it's there."

No full-scale cyberattack on the United States from a known enemy has been documented, and that also complicates the issue because DOD would not want to attack a nation-state's computer operations based on the actions of a few skilled hackers, Campen said. He added that it is not clear whether a cyberattack would be anything more than a nuisance to U.S. enemies unless it was done in conjunction with more traditional acts of war.

A DOD spokesman said that CNA is "bound by largely the same rules that apply to any war strategy or tactic — very clear rules of engagement (ROE) will prove necessary," but once those have been established, "our ROE will not be up for discussion."

"All pieces of the enemy's system of systems that are valid military targets have been — and will be — on the table as we go about war planning," the spokesman said. "It is unimportant whether we take out a computer center with a bomb... or a denial-of-service program. If it's critical to the enemy and we go to war, it will be in our sights."

Last summer, President Bush signed National Security Presidential Directive 16, which ordered the government to prepare a national-level guidance on U.S. policies for launching cyberattacks against enemies, according to a Feb. 7 Washington Post report that also said the tactics may be used for the first time in a possible conflict with Iraq.