The Department of Defense (DoD) is planning to grow its Cyber Command nearly fivefold over the next few years, according to a report Monday in The Washington Post.
The rise in ranks, from around 900 to 4,000 military and civilian personnel, comes in the face of a growing digital threat, said the story, which quoted Pentagon officials. The Cyber Command, led by National Security Agency Director Gen. Keith Alexander, was created three years ago to integrate cyber space operations for the protection of DoD networks.
But the talent boost also will be put toward safeguarding infrastructure deemed critical to the country's security, such as the power grid, as well as executing offensive missions. According to the Washington Post report, "the military would act only in cases in which there was a threat of an attack that could 'really hurt,'" according to an unnamed U.S. official.
Though technically independent of it, the Cyber Command is closely tied with the NSA, according to the article.
And the NSA, along with the CIA and Israel, is believed responsible for creating the Stuxnet worm, which attacked nuclear facilities in Iran. That prompted Glenn Greenwald, a national security columnist for the Guardian, on Monday to suggest that the Pentagon announcement is more about the United States flexing its muscles in cyber space – a move that not only guarantees lucrative contracts for defense contractors, but also could erode privacy and internet freedoms for Americans – than building up defenses.
"This significant expansion under the Orwellian rubric of "cyber-security" is thus a perfect microcosm of U.S. military spending generally," Greenwald wrote. "It's all justified under by the claim that the U.S. must defend itself from threats from 'bad, aggressive actors,' when the reality is the exact opposite: The new program is devoted to ensuring that the U.S. remains the primary offensive threat to the rest of the world."
But Jeffrey Carr, a cyber security analyst and founder of consultancy Taia Global, said the expansion simply signals that that United States, like other countries, recognizes the importance of bolstering its presence in this area. He said that for many years in Iraq and Afghanistan, the DoD has integrated cyber offenses into its kinetic battle plans. If anything, he said, 5,000 people is probably too small a number to deal with the threat.
"Cyber is a critical component of every nation-state," he told SCMagazine.com. "That's the reality of the world."
Scott Borg, director of the U.S. Cyber Consequences Unit, a nonprofit that researches the impact of America's actions in cyber space, agreed that the augmentation in staff shouldn't sound any alarms.
"This expansion of the U.S. military's cyber force is tiny, compared to just about everything else the U.S. does in defense," he told SCMagazine.com Monday in an email. "It is not large enough to be a financial bonanza for any defense contractor. It will not give the U.S. a cyber force that is disproportionately large, compared to the cyber forces that are already in the process of being assembled by other countries."
He added, however, that the U.S. military does need to develop a more thoughtful, long-term strategy its policy in the cyber arena.
Carr said the boost in numbers will help DoD gain better clarity on this role.
"I'm not privy to day-to-day goings-on in DoD, but from what I've read, some of the Armed Forces are still struggling to understand the role cyber warfare plays in their organization," Carr said. "I'm hopeful that by increasing the number of bodies in Cyber Command, there will be a corollary effect about better organization and understanding of the roles each organization plays."