Military cyberwarriors are building up efforts to pinpoint the sources of foreign computer break-ins on U.S. networks and will need to demonstrate a major computer attack capability in the future to deter increasingly sophisticated threats, according to the outgoing commander of the U.S. Strategic Command.
Air Force Gen. Kevin P. Chilton, who retires this week as the commander in charge of cyberwarfare, nuclear forces, and missile and space defenses, also said in an interview that the infrastructure for building and handling U.S. strategic nuclear weapons is “decrepit.”
Funding approved last year for upgrading the nuclear arsenal is urgent and welcome, but modernizing existing weapons and resolving weapons maintenance problems could take 10 years, he said.
Gen. Chilton also said the U.S. military is moving ahead with building a ballistic missile submarine as a follow-on to Ohio-class ballistic missile submarines. The Pentagon also plans to field a new long-range bomber and intercontinental ballistic missile to replace the current force of Minuteman IIIs, he said during a wide-ranging interview at his Stratcom liaison office at the Pentagon days before he retires from the Offut Air Force Base (Neb.) headquarters of Stratcom.
On tracking the source of computer attacks, a process the military calls “attribution,” Gen. Chilton said the military is improving its capability to locate the sources of electronic attacks, a key first step in defending systems and conducting offensive cyber-attacks.
“Attribution is more difficult in this domain but it’s not impossible,” he told The Washington Times. “And you have to work that problem, but we are getting better.”
Knowing the source of a cyber-attack is critical for defenses “so you know where the attack is either mounting or coming from,” he said.
“But also, if we’re ever going to extend the notion of deterrence — deterring an attack in cyberspace — one of the fundamental elements in being able to deter somebody is to be able to convince them that you can attribute them as the source of the attack.”
Gen. Chilton said deterring cyber-attacks before they are carried out, either by nations or criminals, requires demonstrating a “credible threat” from the U.S. military that would force all attackers to think before acting.
“If we elect to use cybercapability to deter — and you don’t necessarily have to, you can use something else to deter bad cyberbehavior — [but] if we’re going to use cybercapabilities to deter, that’s going to beg for some demonstration of that capability,” he said.
Gen. Chilton did not answer when asked whether U.S. cyberforces, under the Stratcom subcommand called U.S. Cyber Command, could have attacked WikiLeaks to prevent the anti-secrecy website from disclosing thousands of stolen classified U.S. documents.
“There’s no plans for anything that would demonstrate a [cyber-attack] capability at this time,” he said. “But I think, if we’re going to think about deterrence, which we do at Stratcom, these are the kinds of challenges for the future for us.”
The four-star general said other countries were sent a clear signal that the U.S. military could shoot down enemy satellites in a conflict, based on the February 2008 Strategic Command-led operation known as Burnt Frost, which used a modified Navy SM-3 missile fired from an Aegis warship to shoot down a falling National Reconnaissance Office satellite.
Although the operation was never advertised or intended as an anti-satellite missile test, “I’m sure people looked at that and said, ‘These guys can do that,’” he said.
The U.S. satellite shootdown followed China’s January 2007 first successful test of an anti-satellite missile, an event that triggered alarm in U.S. military circles because of the vulnerabilities of U.S. satellites to China’s anti-satellite (ASAT) missile.