The Pentagon’s newest unified command is marshaling troops for a future war that some say already is being fought in the global communication and information networks that make up cyberspace.
U.S. Cyber Command is housed within the headquarters of the National Security Agency on the Army’s sprawling base at Fort Meade, Md.
The command’s headquarters has 800 or so personnel, about equal parts civilian and military, plus a number of contractors.
But it has troops scattered across the globe, members of each of the four armed services. For instance, the Marine Forces Cyber Command - the smallest of the four - also is headquartered at Fort Meade and is about 800 troops strong, said Capt. Kevin Schultz, a Marine spokesman.
Then-Defense Secretary Robert M. Gates ordered the creation of Cyber Command in June 2009 after Pentagon brass had wrestled for several years over who should be in charge of military operations in cyberspace.
Because many of the military’s information networks rely on systems that are owned and operated by private corporations, the Pentagon’s cybersecurity measures must involve the private sector, to some extent.
The Air Force in 2007 announced plans for a cybercommand with a broad mandate, a move widely interpreted as a Pentagon turf grab. The Air Force dropped its plans after a 2008 leadership shake-up under Mr. Gates led to the departure of the service’s top military and civilian leaders.
Mr. Gates’ decision the following year to establish a multiforce Cyber Command under the director of the National Security Agency put the head of the nation’s super-secret electronic espionage effort in charge of the military’s activities in cyberspace.
The command became active in May 2010 and was fully operating by the end of October that year, its head, Army Gen. Keith B. Alexander, told Congress last year.
Despite federal budget constraints, cybersecurity is one of the areas where government spending continued to grow this year, and the military is no exception.
The Pentagon budget request for fiscal 2013 seeks $3.4 billion for cybersecurity-related activities, compared with $3.2 billion this year.
Army Col. Rivers L. Johnson, the command’s spokesman, said Cyber Command has received $154 million for the current fiscal year, and the Pentagon’s 2013 request would include $182 million for the command.
The rest of the $3.4 billion is to be spent on systemwide security measures by other Pentagon agencies, such as the Defense Information Systems Agency, which provides the military’s vast global computer network.
The military’s spending on cybersecurity dwarfs the $674 million requested for civilian government cybersecurity through the Department of Homeland Security (DHS).
Some observers think that the military’s technical and staff capabilities dwarf those of Homeland Security, which is responsible for defending key U.S. industries from cyberattacks.
“DHS is growing in capability, but it will never be the equal of” the National Security Agency and Cyber Command, said former senior DHS policy official Stewart Baker.
Mr. Baker said a “fear factor” over the role of the military and the NSA and concern about civil liberties led Congress to give Homeland Security the cybersecurity role, but civilian officials could call on the military.
“We are still discussing across the administration how to best defend against a ‘Cyber 9/11’ that affects our critical infrastructure,” Gen. Alexander said last year.
Mr. Baker said he was concerned that the administration was “over-lawyering” the issue. “They are putting the cart before the horse,” he said.
Mr. Baker said the military should answer the question: How do we defend our networks? Then lawyers could “approve or tweak a plan that can win a war.”
“Answer the strategic questions first, rather than the legal ones,” he said.