The Army and Navy recently announced that their Cyber Mission Teams were fully operational, and the U.S. Cyber Command now has all of their planned complement of 133 teams in business. With its people (totaling more than 6,000 service members and civilians) in place, U.S. cyber forces can now look to machines to help carry out effective operations in the cyber domain.
They may need to employ artificial intelligence, because the Cyber Command, like cybersecurity teams everywhere, has something of a big data problem.
Cybersecurity efforts spilled out a while ago from of the confines of network data centers, encompassing a range of online activity from social media to communications to the Internet of Things. In fact, the Department of Defense sees the best cyber defense as a whole-of-government approach, with the DoD as just one part of the picture, Kenneth Rapuano, DoD’s assistant secretary of defense for homeland defense and global security, said during a recent hearing of the Senate Armed Services Committee.
Rapuano said, “the threats and level of malicious activity we face in cyberspace are real and growing. This diverse and persistent set of threats comes from state and non-state actors who probe and scan U.S. networks for vulnerabilities.” He singled out “China, Iran and North Korea and especially Russia,” as state threats, but said that DoD’s role includes helping to respond to any significant attack within the United States or against the country’s allies.
For the Cyber Mission Forces, this can mean contending with mountains of information from myriad sources, which is where artificial intelligence, and more specifically machine learning, come in. The command is “very much interested in artificial intelligence, machine learning, how we can do cyber at scale, at speed,” Adm. Michael Rogers, commander of the Cyber Command and National Security Agency director, has told the Senate Armed Services Committee. “Because if we’re just going to take this largely human capital approach to doing business, that is a losing strategy.”
Machine learning, in which machines learn from examples without being specifically programmed for it, is seen as essential to the security of cyber defense, with the potential to “significantly change the cybersecurity landscape,” according to a paper published earlier this year by IEEE Explore. Noting that malware makers can deliver as many as three million new samples per hour, authors James B. Fraley and James Cannady describe machine learning’s ability to boost detection of malware and breaches, recognize advanced targeting and identify an array of vulnerabilities.
DoD’s Third Offset Strategy focuses specifically on incorporating new technologies, including machine learning/deep learning systems, human-machine teaming involving AI systems, and cyber-hardening of weapons systems.
The Cyber Command, initiated in 2009, had released plans in 2015 for 133 Cyber Mission Teams overall as part of its Cyber Strategy. The teams, which are now fully deployed, cover three principal missions – defending Department of Defense networks (68 teams), supporting joint military objectives (27 teams) and protecting critical infrastructure when necessary (13 teams). An additional 25 teams were put in place to support national and combat missions.