 Cyber Conflict, Module 10, The Evolution of Cyber Capabilities. Once you have completed the readings, lecture, activity, and assessment, you will be able to articulate two reasons why new military capabilities, such as cyber weapons, are generally slow to be accepted or employed. Describe the Department of Defense's Operation Buckshot Yankee. Welcome to Cyber Conflict, Module 10. If you have never served in a government position, you may be astonished by the many bureaucratic battles that occur in accepting and using new weapons. The readings for this module highlight some of those battles between individuals or entire agencies regarding cyber weapons. Speaking back to an earlier lecture, remember how the exercise eligible receiver was required to change the mindset of the military and set in motion a new focus on computer operational security. This module focuses on the evolution of cyber capabilities within military operations and bureaucratic challenges that have occurred in that evolution. Cyber capabilities are increasing in their power and quickly integrating into all aspects of the military's planning and operations. However, senior military leaders often require a tremendous paradigm shift to understand, accept, and incorporate such weapons into their arsenal. As an example, when General Norman Schwartzkopf, commander of U.S. forces during the First Gulf War, learned that Saddam Hussein was using a fiber optic cable to communicate orders to his forces in Kuwait, he chose to bomb the fiber optic switching station rather than allow the NSA to tap the line. Unfamiliar with the NSA's new capability, which would have allowed for both data collection and communication disruption, Schwartzkopf ordered a kinetic strike. Whether this was the correct decision is debatable, since the United States may have lost the ability to collect important intelligence. But because the war was quickly won, the debate never gained much momentum. A few instances of cyber weapons for military uses have changed the paradigm for military leaders. One of the first examples involved the Aurora Generator Test in 2007. One of the first things that military planners do when invading a country is determined to what extent energy production and dissemination should be disrupted. Traditionally, this disruption has involved the bombing of generators or step down transformers, but this is risky and can cause more damage to the systems than desired. In 2003 and 2004, for instance, the U.S. military quickly repaired damage Iraqi generators it had destroyed as mass demonstrations against U.S. forces protested the lack of electricity during the hot summer months. The Aurora Generator Test conducted by the Department of Energy at the Idaho National Laboratory demonstrated the ability of a cyber weapon to destroy an industrial generator used in large-scale production of electricity. The specialty-designed cyber weapon affected circuit breakers controlling a giant 2.2 megawatt system causing the generator to operate out of sync and eventually break apart. Cyber capabilities like those used in the Aurora Generator Test could give military commanders kinetic options rather than aerial bombing. Another example of cyber capabilities in military operations was the 2007 Israeli attack on Syria or Operation Orchard. The Israelis received information that Syria was constructing a nuclear research facility with help from North Korea. Anxious about such a nuclear-armed Syrian state next door, Israel began planning an air force bombing raid to destroy the facility. However, Syria operated an integrated air defense system, or IADS, through the advanced surface-to-air missile systems and sophisticated early warning and tracking radars. Israel was greatly concerned that Syrian missiles would be able to shoot down its attack planes. To make the raid successful, Israel purportedly infiltrated and disrupted the Syrian IADS with a specially engineered cyber weapon. In 2008, the U.S. military suffered one of its worst cyber intrusions ever through a few tiny thumb drives. A foreign intelligence service engineered a sophisticated malware and placed it on some thumb drives. The thumb drives were then seated around multiple U.S. bases throughout the Middle East. U.S. personnel found a few of the thumb drives and unwittedly inserted them into classified and unclassified military computers. The malware was discovered only after it reportedly tried to ping a command and control computer outside the military's computer networks. This type of operation combined a human intelligence-enabled operation with a cyber operation. Once the U.S. military realized that the thumb drives has served as the initial vector for the malicious code, it quickly outlawed the use of thumb drives in Department of Defense computer systems. This defense effort was called Operation Buckshot Yankee. As military commanders were grasping the possibilities of cyber weaponry, U.S. policymakers in the intelligence community were realizing the fact that 80% of the world's internet traffic passed through U.S. infrastructure. Although privacy advocates voiced enormous opposition, Congress included a provision in the USA Patriot Act allowing intelligence agencies to store all data traveling through U.S. networks, including data sent to and from U.S. citizens. Both President Obama and President Trump have reviewed and renewed this provision. The ability to exploit this stored information requires highly sensitive security classifications within the U.S. government, as well as the oversight from both the House and Senate select committees on intelligence. The awareness of and willingness to use cyber weapons by both military commanders and intelligence officials eventually converged into arguably the most significant incident in the history of cyber conflict, the employment of Stuxnet. We will pick up that story in the next module. Quiz question one, true or false? Operation Buckshot Yankee was an initiative by the U.S. Department of Defense to ban the use of thumb drives in department computers. The answer is true. Quiz question two, which of the following are not reasons why new military capabilities, such as cyber weapons, are slow to be accepted or employed by military leaders? Note, two of the following answers are correct. A, military leadership may not be aware of the existence of new weapon capabilities. B, civilian leaders generally do not approve the use of new untested weapons. C, military leaders generally get promoted based on their use of established capabilities. D, military leaders are reluctant to use new weapons because they may not be familiar with their effects. Answers B and C are correct. Civilian leaders generally do not approve the use of new untested weapons. Military leaders generally get promoted based on their use of established capabilities. The activity for this module asks that you consider the U.S. Civil War, World War I and World War II. Research the types of weapons used for the first time in each conflict. Then answer these questions. Were the generals overseeing these various wars reluctant to incorporate these new weapons? What effect did these weapons have on the length of the respective wars? Did they shorten or lengthen the war? Are there any lessons that can be learned from these wars that could inform how the United States incorporates cyber weapons into its arsenal?