Here’s why this judgment is so important: The U.S. military, backed by Mueller’s findings and those of the intelligence community, has responded by developing a tough new doctrine to counter cyberattacks by Russia and other rivals. The premise is that our adversaries are engaged in constant cyberassaults against us and that the United States should adopt a strategy of “persistent engagement.”
What this means, basically, is that the United States is now in a low-level state of cyberwar, constantly.
This military response to cybermeddling is entirely independent of the usual headline-grabbing issues that surround Mueller’s report, or President Trump’s angry tweets about it, or whether the House of Representatives will launch an impeachment investigation into whether the president obstructed justice. Those political debates will continue, but meanwhile, the military is taking the offensive in dealing with the threat that surfaced so dramatically in the 2016 presidential election.
Driving this new strategy is U.S. Cyber Command, the nexus of the military’s efforts to combat and deter adversaries — from terrorist groups to Russia and China. It keeps a low profile, but it’s worth examining some of its basic policy statements to get a clearer picture of a conflict that most Americans don’t understand, even after more than two years of media fixation on issues surrounding Russian interference.
Cyber Command initially stated its new strategy in a 2018 directive that had the classically opaque title “Achieve and Maintain Cyberspace Superiority.” The central theme was that the military cyberwarriors would take the fight into enemy networks (and the gray zones in between): “We have learned we must stop attacks before they penetrate our cyber defenses or impair our military forces.”
Gen. Paul Nakasone, the head of Cyber Command, added more detail during an interview with Joint Force Quarterly earlier this year. He explained the challenge of “defending forward” in the new state of persistent engagement: “How do we warn, how do we influence our adversaries, how do we position ourselves in case we have to achieve outcomes in the future? Acting is the concept of operating outside our borders, being outside our networks, to ensure that we understand what our adversaries are doing.”
The new doctrine was debated at a May 10 Cyberspace Strategy Symposium convened by Cyber Command at the National Defense University in Washington. The ground rules of the debate prohibit quoting any of the speakers by name, but various experts discussed the rules of the new, ongoing war in cyberspace and whether this continuous, invisible struggle will produce stability and deterrence, or not.
A senior U.S. military officer told the group that cyberwar means deploying U.S. teams abroad, sharing tradecraft and helping allies build resilience. He described persistent engagement as watching and stalking: “Never let your adversary have a moment to hide, breathe, stop.” As with any military operation, the goal would be “imposing cost,” he said. “Adversaries, until checked, will keep advancing.”
These are big, untested ideas, and a much-needed public discussion is just beginning about how these norms of persistent conflict will work. Michael P. Fischerkeller and Richard J. Harknett argued April 15 on Lawfare that what has emerged in cyberspace isn’t deterrence but “agreed competition,” with “a tacit agreement among states that they will actively pursue national interests through cyber operations . . . while carefully avoiding the equivalence of armed attack.”
James N. Miller and Neal A. Pollard countered on Lawfare that deterrence might work in this new domain, as a kind of “adaptive learning.” They cited published reports that Cyber Command disrupted Russian cyberwarriors before the 2018 midterm elections. They concluded: Risks to the United States “appear to have been reduced, with no apparent blowback or other immediate downsides.”
The bottom line, Miller and Pollard argued, is that “effective signaling through military actions . . . should ultimately reduce the risk for dangerous escalation.”
Reviewing this strategic debate, I worry that Russian actions in cyberspace look more like intelligence operations than strategic military activities. They exist in a semi-deniable, hard-to-attribute gray area. They’re closer to James Angleton’s “wilderness of mirrors” than Herman Kahn’s “escalation ladder.” If so, a military approach may not fit.
Of all Trump’s responses to the Mueller investigation, the most damaging may be the way he played down Russian covert intrusion in our elections and accepted Russian President Vladimir Putin’s claims of innocence. Fortunately, Cyber Command isn’t making the same mistake.