DOD’s Role in Responding to Malicious Cyber Activity
Q: When is self-defense defensive? A: Never
Whether in the physical/kinetic or virtual/cyber world self-defense is never truly defensive. There is always some level of kinetic response even if it is a blocking action that applies a force to reduce the momentum of an attacker. Martial arts is an example . Even if I “high block” a frontal attack, I have to exert some level of force to divert and move the fist away from the intended target–being my head.
In the case of the virtual world, we can always disconnect equipment and connections to stop the ongoing attack. The infamous ‘Internet Kill Switch’ is a good example of a national self-defense. The US government said it may be necessary, for example, “…to deter the triggering of radio-activated improvised explosive devices.” (Unruh, 2013); it is still an active and offensive response to a threat.
DOD’s role would be the disconnections of the .mil space either in whole or segments. It should based upon the architectural options afforded the responsible Commander as recommended by the Commander Northern Command (NORTHCOM), and authorized by the President.
Harold Koh stated that within Traditional Military Activities in Cyberspace that the “…United States was in either a war of self-defense [emphasis added] or armed conflict with Al Qaeda,” (Walker, 2010, p. 341). This is both an oxymoron (‘a war of self-defense’), and shows an absolute lack of understanding of the principles of war. Mr Koh sets the fallacious footing of this discussion by attempting to portray self-defense as a reactive and non-kinetic activity of any sort. Any study and understanding of Clausewitz, and its overarching impact on the US military, is about the importance of the offense and the temporary nature of the defense.
“Theory leaves it to the military leader …to act according to his own courage, according to his spirit of enterprise, and his self-confidence. … but never forget that no military leader has ever become great without audacity, “ (von Clausewitz, 1942).
Reference:
Unruh, B. (2013, November 13). Judge: Release ‘Internet kill switch’ plans. Retrieved from World Net Daily: http://www.wnd.com/2013/11/judge-release-internet-kill-switch-plans/
von Clausewitz, C. (1942, September). PRINCIPLES OF WAR. Retrieved from The Clausewitz Homepage: http://www.clausewitz.com/readings/Principles/Clausewitz-PrinciplesOfWar-ClausewitzCom.pdf
Walker, P. (2010). TRADITIONAL MILITARY ACTIVITIES IN CYBERSPACE:. Florida International Journal of Law , 333-360.
Dr. Russo is currently the Senior Data Scientist with Cybersenetinel AI in Washington, DC. He is a former Senior Information Security Engineer within the Department of Defense’s (DOD) F-35 Joint Strike Fighter program. He has an extensive background in cybersecurity and is an expert in the Risk Management Framework (RMF) and DOD Instruction 8510, which implement RMF throughout the DOD and the federal government. He holds a Certified Information Systems Security Professional (CISSP) certification and a CISSP in information security architecture (ISSAP). He has a 2017 Chief Information Security Officer (CISO) certification from the National Defense University, Washington, DC. Dr. Russo retired from the US Army Reserves in 2012 as a Senior Intelligence Officer.