Cyberwarfare in the United States explained
Cyberwarfare is the use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes. As a major developed economy, the United States is highly dependent on the Internet and therefore greatly exposed to cyber attacks. At the same time, the United States has substantial capabilities in both defense and power projection thanks to comparatively advanced technology and a large military budget. Cyber warfare presents a growing threat to physical systems and infrastructures that are linked to the internet. Malicious hacking from domestic or foreign enemies remains a constant threat to the United States. In response to these growing threats, the United States has developed significant cyber capabilities.
The United States Department of Defense recognizes the use of computers and the Internet to conduct warfare in cyberspace as a threat to national security, but also as a platform for attack.[1] [2]
The United States Cyber Command centralizes command of cyberspace operations, organizes existing cyber resources and synchronizes defense of U.S. military networks. It is an armed forces Unified Combatant Command. A 2021 report by the International Institute for Strategic Studies placed the United States as the world's foremost cyber superpower, taking into account its cyber offense, defense, and intelligence capabilities.[3]
The Department of Defense Cyber Strategy
In September 2023, Department of Defense (DoD) published its latest Cyber Strategy, building upon the previous DoD Strategy for Operating in Cyberspace published in April 2015 and July 2011.[4] The DoD Cyber strategy focuses on building capabilities to protect, secure, and defend its own DoD networks, systems and information; defend the nation against cyber attacks; and support contingency plans. This includes being prepared to operate and continue to carry out missions in environments impacted by cyber attacks.
The DoD outlines three cyber missions:
- Defend DoD networks, systems, and information.
- Defend the United States and its interests against cyber attacks of significant consequence.
- Provide integrated cyber capabilities to support military operations and contingency plans.
In addition, the Cyber Strategy emphasizes the need to build bridges to the private sector, so that the best talent and technology the United States has to offer is at disposal to the DoD.[5]
The Five Pillars
The five pillars is the base of the Department of Defense's strategy for cyber warfare. The first pillar is to recognize that the new domain for warfare is cyberspace and that it is similar to the other elements in the battlespace. The key objectives of this pillar are to build up technical capabilities and accelerate research and development to provide the United States with a technological advantage. The second pillar is proactive defenses as opposed to passive defense. Two examples of passive defense are computer hygiene and firewalls. The balance of the attacks requires active defense using sensors to provide a rapid response to detect and stop a cyber attack on a computer network. This would provide military tactics to backtrace, hunt down and attack an enemy intruder. The third pillar is critical infrastructure protection (CIP) to ensure the protection of critical infrastructure by developing warning systems to anticipate threats. The fourth pillar is the use of collective defense which would provide the ability of early detection, and incorporate it into the cyber warfare defense structure. The goal of this pillar is to explore all options in the face of a conflict, and to minimize loss of life and destruction of property. The fifth pillar is building and maintaining international alliances and partnerships to deter shared threats, and to remain adaptive and flexible to build new alliances as required. This is focused on "priority regions, to include the Middle East, Asia-Pacific, and Europe".
Trump Administration's National Cyber Strategy
Shortly after his election, U.S. President Donald Trump pledged to deliver an extensive plan to improve U.S. cybersecurity within 90 days of his inauguration.[6] Three weeks after the designated 90-day mark, he signed an executive order that claimed to strengthen government networks.[7] [8] By the new executive order, federal-agency leaders are to be held responsible for breaches on their networks and federal agencies are to follow the National Institute of Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity in consolidating risk management practices. In addition, the federal departments were to examine cyber defense abilities of agencies within 90 days, focusing on "risk mitigation and acceptance choices" and evaluating needs for funding and sharing technology across departments. Experts in cybersecurity later claimed that the order was "not likely" to have a major impact.[9]
In September, President Trump signed the National Cyber Strategy- "the first fully articulated cyber strategy for the United States since 2003."[10] John Bolton, the National Security Advisor, claimed in September 2018 that the Trump administration's new "National Cyber Strategy" has replaced restrictions on the use of offensive cyber operations with a legal regime that enables the Defense Department and other relevant agencies to operate with a greater authority to penetrate foreign networks to deter hacks on U.S. systems. Describing the new strategy as an endeavor to "create powerful deterrence structures that persuade the adversary not to strike in the first place," Bolton added that decision-making for launching attacks will be moved down the chain of command from requiring the president's approval.[11]
The Defense Department, in its strategy document released in September 2018, further announced that it would "defend forward" U.S. networks by disrupting "malicious cyber activity at its source" and endeavor to "ensure there are consequences for irresponsible cyber behavior" by "preserving peace through strength."[12]
The National Cyber Strategy has also garnered criticisms that evaluating acts of cyberwarfare against the United States still remains ambiguous, as the current U.S. law does not specifically define what constitutes an illegal cyber act that transcends a justifiable computer activity. The legal status of most information security research in the United States is governed by 1986 Computer Fraud and Abuse Act, which was derided to be "poorly drafted and arbitrarily enforced" by enabling prosecution of useful information security research methods such as Nmap or Shodan. As even the needed services fall into prohibition, top-level information security experts find it challenging to improve the infrastructure of cyberdefense.[13]
Cyberattack as an act of war
In 2011, The White House published an "International Strategy for Cyberspace" that reserved the right to use military force in response to a cyberattack:[14] [15]
In 2013, the Defense Science Board, an independent advisory committee to the U.S. Secretary of Defense, went further, stating that "The cyber threat is serious, with potential consequences similar in some ways to the nuclear threat of the Cold War,"[16] and recommending, in response to the "most extreme case" (described as a "catastrophic full spectrum cyber attack"), that "Nuclear weapons would remain the ultimate response and anchor the deterrence ladder."[17]
Attacks on other nations
Iran
See also: Operation Olympic Games and Stuxnet. In June 2010, Iran was the victim of a cyber attack when its nuclear facility in Natanz was infiltrated by the cyber-worm 'Stuxnet', said to be the most advanced piece of malware ever discovered and significantly increased the profile of cyberwarfare.[18] [19] It destroyed perhaps over 1,000 nuclear centrifuges and, according to a Business Insider article, "[set] Tehran's atomic program back by at least two years."[20]
Despite a lack of official confirmation, Gary Samore, White House Coordinator for Arms Control and Weapons of Mass Destruction, made a public statement, in which he said, "we're glad they [the Iranians] are having trouble with their centrifuge machine and that we—the US and its allies—are doing everything we can to make sure that we complicate matters for them", offering "winking acknowledgement" of US involvement in Stuxnet.[21]
China
See also: PRISM (surveillance program).
In 2013, Edward Snowden, a former systems administrator for the Central Intelligence Agency (CIA) and a counterintelligence trainer at the Defense Intelligence Agency (DIA), revealed that the United States government had hacked into Chinese mobile phone companies to collect text messages and had spied on Tsinghua University, one of China's biggest research institutions, as well as home to one of China's six major backbone networks, the China Education and Research Network (CERNET), from where internet data from millions of Chinese citizens could be mined. He said U.S. spy agencies have been watching China and Hong Kong for years.[22]
According to classified documents provided by Edward Snowden, the National Security Agency (NSA) has also infiltrated the servers in the headquarters of Huawei, China's largest telecommunications company and the largest telecommunications equipment maker in the world. The plan is to exploit Huawei's technology so that when the company sold equipment to other countries—including both allies and nations that avoid buying American products—the NSA could roam through their computer and telephone networks to conduct surveillance and, if ordered by the president, offensive cyberoperations.[23]
Russia
In June 2019, Russia said that its electrical grid could be under cyber-attack by the United States.[24] The New York Times reported that American hackers from the United States Cyber Command planted malware potentially capable of disrupting the Russian electrical grid.[25]
Others
- According to Thomas C. Reed's account in his 2004 autobiographical book, in 1982, a computer control system stolen from a Canadian company by Soviet spies caused a Soviet gas pipeline to explode. He alleged that code for the control system had been modified by the CIA to include a logic bomb which changed the pump speeds to cause the explosion,[26] [27] [28] but this is disputed.[29] [30]
- A 1 April 1991 article in InfoWorld Magazine "Meta-Virus Set to Unleash Plague on Windows 3.0 Users" by John Gantz[31] was purported to be an extremely early example of cyber warfare between 2 countries. In fact the "AF/91 virus" was an April Fools Joke that was misunderstood and widely re-reported as fact by credulous media.[32]
Cyber threat information sharing
The Pentagon has had an information sharing arrangement, the Defense Industrial Base Cybersecurity and Information Assurance (DIBCIA) program, in place with some private defense contractors since 2007[33] to which access was widened in 2012.[34] A number of other information sharing initiatives such as the Cyber Intelligence Sharing and Protection Act (CISPA) and Cybersecurity Information Sharing Act (CISA) have been proposed, but failed for various reasons including fears that they could be used to spy on the general public.
United States Cyber Command
See main article: List of cyber warfare forces.
The United States Cyber Command (USCYBERCOM) is a United States Armed Forces Unified Combatant Command. USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: defend Department of Defense information networks and; prepare to conduct "full spectrum military cyberspace operations" to ensure US/Allied freedom of action in cyberspace and deny the same to adversaries.[35]
Army
The Army Cyber Command (ARCYBER) is an Army component command for the U.S. Cyber Command.[36] ARCYBER has the following components:
New cyber authorities have been granted under National Security Presidential Memorandum (NSPM) 13;[40] persistent cyber engagements at Cyber command are the new norm for cyber operations.[41]
Marine Corps
United States Marine Corps Forces Cyberspace Command is a functional formation of the United States Marine Corps to protect infrastructure from cyberwarfare.[42]
Air Force
The Sixteenth Air Force (16 AF) is the United States Air Force component of United States Cyber Command (USCYBERCOM).[43] It has the following components:
The F-15 and C-130 systems are being hardened from cyber attack as of 2019.[44]
Navy
The Navy Cyber Forces (CYBERFOR) is the type of some commanders for the U.S. Navy's global cyber workforce. The headquarters is located at Joint Expeditionary Base Little Creek-Fort Story. CYBERFOR provides forces and equipment in cryptology/signals intelligence, cyber, electronic warfare, information operations, intelligence, networks, and space. In September 2013, the United States Naval Academy will offer undergraduate students the opportunity, to major in Cyber Operations for the United States.[45]
Fleet Cyber Command is an operating force of the United States Navy responsible for the Navy's cyber warfare programs.[46] Tenth Fleet is a force provider for Fleet Cyber Command.[47] The fleet components are:
Timeline
- Systems in the US military and private research institutions were penetrated from March 1998 for almost two years in an incident called Moonlight Maze. The United States Department of Defense traced the trail back to a mainframe computer in the former Soviet Union but the sponsor of the attacks is unknown and Russia denies any involvement.
- Titan Rain was the U.S. government's designation given to a series of coordinated attacks on American computer systems since 2003. The attacks were labeled as Chinese in origin, although their precise nature (i.e., state-sponsored espionage, corporate espionage, or random hacker attacks) and their real identities (i.e., masked by proxy, zombie computer, spyware/virus infected) remain unknown.
- In 2007, the United States government suffered "an espionage Pearl Harbor" in which an unknown foreign power ... broke into all of the high tech agencies, all of the military agencies, and downloaded terabytes of information.[48]
- In 2008, a hacking incident occurred on a U.S. Military facility in the Middle East. United States Deputy Secretary of Defense William J. Lynn III had the Pentagon release a document, which reflected a "malicious code" on a USB flash drive spread undetected on both classified and unclassified Pentagon systems, establishing a digital beachhead, from which data could be transferred to servers under foreign control. "It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary. This ... was the most significant breach of U.S. military computers ever and it served as an important wake-up call", Lynn wrote in an article for Foreign Affairs.[49]
- Operation Buckshot Yankee, conducted by the United States in response to the 2008 breach which was allegedly conducted by Russia. This operation lasted three years, starting in October 2008 when the breach was first detected. The operation included attempts to recognize and mitigate the malicious code (Agent.btz), which had spread to military computers around the world. The team conducting the operation requested permission to use more offensive means of combating the code, but it was denied by senior officials. Operation Buckshot Yankee was a catalyst for the formation of Cyber Command.[50]
- On 9 February 2009, the White House announced that it will conduct a review of the nation's cyber security to ensure that the Federal government of the United States cyber security initiatives are appropriately integrated, resourced and coordinated with the United States Congress and the private sector.[51]
- On 1 April 2009, U.S. lawmakers pushed for the appointment of a White House cyber security "czar" to dramatically escalate U.S. defenses against cyber attacks, crafting proposals that would empower the government to set and enforce security standards for private industry for the first time.[52] [53]
- On 7 April 2009, The Pentagon announced they spent more than $100 million in the last six months responding to and repairing damage from cyber attacks and other computer network problems.[54]
- From December 2009 to January 2010, a cyber attack, dubbed Operation Aurora, was launched from China against Google and over 20 other companies.[55] Google said the attacks originated from China and that it would "review the feasibility" of its business operations in China following the incident. According to Google, at least 20 other companies in various sectors had been targeted by the attacks. McAfee spokespersons claimed that "this is the highest profile attack of its kind that we have seen in recent memory."[56]
- In February 2010, the United States Joint Forces Command released a study which included a summary of the threats posed by the internet: "The open and free flow of information favored by the West will allow adversaries an unprecedented ability to gather intelligence."[57]
- On 19 June 2010, United States Senator Joe Lieberman (I-CT) introduced a bill called "Protecting Cyberspace as a National Asset Act of 2010",[58] which he co-wrote with Senator Susan Collins (R-ME) and Senator Thomas Carper (D-DE). If signed into law, this controversial bill, which the American media dubbed the "Kill switch bill", would grant the President emergency powers over parts of the Internet. However, all three co-authors of the bill issued a statement that instead, the bill "[narrowed] existing broad Presidential authority to take over telecommunications networks".[59]
- In August 2010, the U.S. for the first time publicly warned about the Chinese military's use of civilian computer experts in clandestine cyber attacks aimed at American companies and government agencies. The Pentagon also pointed to an alleged China-based computer spying network dubbed GhostNet that was revealed in a research report last year.[60] The Pentagon stated that the People's Liberation Army was using "information warfare units" to develop viruses to attack enemy computer systems and networks, and those units include civilian computer professionals. Commander Bob Mehal would monitor the PLA's buildup of its cyberwarfare capabilities and "will continue to develop capabilities to counter any potential threat."[61]
- In 2010, American General Keith B. Alexander endorsed talks with Russia over a proposal to limit military attacks in cyberspace, representing a significant shift in U.S. policy.[62]
- In 2011 as part of The Anonymous attack on HBGary Federal information about private companies such as Endgame systems who design offensive software for the Department of Defense were revealed. It was shown that Endgame systems job applicants had previously "managed team of 15 persons, responsible for coordinating offensive computer network operations for the United States Department of Defense and other federal agencies."[63]
- In October 2012, the Pentagon was to host contractors who "want to propose revolutionary technologies for understanding, planning and managing cyberwarfare. It is part of an ambitious program that the Defense Advanced Research Projects Agency, or DARPA, calls Plan X, and the public description talks about 'understanding the cyber battlespace', quantifying 'battle damage' and working in DARPA's 'cyberwar laboratory.'"[64]
- Starting in September 2012, denial of service attacks, were carried out against the New York Stock Exchange and a number of banks including J.P. Morgan Chase.[65] Credit for these attacks was claimed by a hacktivist group called the Qassam Cyber Fighters[66] who have labeled the attacks Operation Ababil. The attacks had been executed in several phases and were restarted in March 2013.[67]
- In 2013, the first Tallinn Manual on the International Law Applicable to Cyber Warfare[68] was published. This publication was the result of an independent study to examine and review laws governing cyber warfare sponsored by the NATO Cooperative Cyber Defence Centre of Excellence in 2009.
- In February 2013, the White House Presidential Executive Order (E.o.) 13636 "Improving Critical Infrastructure Cybersecurity[69] " was published. This executive order highlighted the policies needed to improve and coordinate cybersecurity, identification of critical infrastructure, reduction of cyber risk, information sharing with the private sector, and ensure civil and privacy liberties protections are incorporated.
- In January 2014, the White House Presidential Policy Directive 28 (PPD-28) on "Signals Intelligence Activities[70] " was published. This presidential policy directive highlighted the principles, limitations of use, process of collection, safeguarding of personal information, and transparency related to the collection and review of cyber intelligence signal activities.
- In August 2014, "gigabytes" of sensitive data were reported stolen from JPMorgan Chase (see 2014 JPMorgan Chase data breach), and the company's internal investigation was reported to have found that the data was sent to a "major Russian city." The FBI was said to be investigating whether the breach was in retaliation for sanctions the United States had imposed on Russia in relation to the 2014 Russian military intervention in Ukraine.[71] [72]
- On 29 May 2014, iSIGHT Partners, a global provider of cyber threat intelligence, uncovered a "long-term" and "unprecedented" cyber espionage that was "the most elaborate cyber espionage campaign using social engineering that has been uncovered to date from any nation". Labelled "Operation Newscaster", it targeted senior U.S. military and diplomatic personnel, congresspeople, journalists, lobbyists, think tankers and defense contractors, including a four-star admiral.[73]
- In December 2014, Cylance Inc. published an investigation on so-called "Operation Cleaver" which targeted over 50 world's unnamed leading enterprises, including in United States. Federal Bureau of Investigation tacitly acknowledged the operation and "warned businesses to stay vigilant and to report any suspicious activity spotted on the companies' computer systems".[74] [75]
- In December 2014, in response to a hack on the US based company Sony (see Sony Pictures hack) believed to be perpetrated by North Korea, the US government created new economic sanctions on North Korea and listed the country as a state sponsor of terrorism. After the hack, there was an internet blackout over most of North Korea allegedly caused by the US, but there was no definitive evidence to support that claim.[76] [77]
- In January 2015, terrorist group ISIS hacked United States Central Command and took over their Twitter and YouTube accounts. They distributed sensitive information obtained during the attack on various social media platforms.[78]
- In April 2015, The Department of Defense Cyber Strategy was updated and published. Original DoD Strategy for Operating in Cyberspace was published in July 2011.
- In 2015 the United States Office of Personnel Management (OPM) was victim to what has been described by federal officials as among the largest breaches of government data in the history of the United States,[79] in which an estimated 21.5 million records were stolen. Information targeted in the breach included personally identifiable information such as Social Security numbers,[80] as well as names, dates and places of birth, and addresses,[81] and likely involved theft of detailed background security-clearance-related background information.
- In June 2015, the US Department of Defense (DoD) included a chapter dedicated to cyber warfare in the DoD Law of War Manual.[82] See Cyber Warfare section on p. 994.[82]
- In 2016 Cyber Command mounted computer-network attacks on ISIS under Operation Glowing Symphony with the intent to disrupt internal communication, manipulate data, and undermine confidence in the group's security.[83] A particular emphasis was placed on locking key figures out of their accounts, deleting files of propaganda, and making it all look like general IT trouble instead of an intentional attack.[84] This operation prompted an internal debate in the American government about whether or not to alert their allies that they would be attacking servers located within other countries.[85]
- In March 2018, the Office of Foreign Assets Control sanctioned two Russian intelligence agencies, the Federal Security Service (FSB) and the Main Intelligence Directorate (GRU) for committing "destructive cyber-attacks." The attacks include the NotPetya attack, an assault that was allegedly conducted by the Russian military in February according to statements of the White House and British government, and which the United States Treasury described as "the most destructive and costly cyber-attack in history."[86]
- In March 2018, the United States Justice Department charged nine Iranians with stealing scientific secrets on behalf of Iran's Revolutionary Guard Corps. The defendants "stole more than 31 terabytes of academic data and intellectual property from universities, and email accounts of employees at private sector companies, government agencies, and non-governmental organizations."[87]
- In September 2018, the United States Justice Department published a criminal complaint against Park Jin Hyok, a professional hacker alleged to be working for North Korea's military intelligence bureau, for his commitment of three cyber-attacks: attack against Sony Pictures in 2014, the theft of $81m from the central bank of Bangladesh in 2016, and WannaCry 2.0 ransomware attack against hundreds of thousands of computers.[88]
- September 2018, The White House has "authorized offensive cyber operations" against foreign threats as a result of loosened restrictions on the use of digital weapons in line with the president's directive; the National Security Presidential Memorandum 13 (NSPM 13). This allows the military to carry out such attacks with a shortened approval process.[89]
- In October 2018, the United States Cyber Command launched the still-classified Operation Synthetic Theology. A team of experts were deployed to Macedonia, Ukraine, and Montenegro to identify Russian agents interfering in the election. The team was also gathering intelligence on Russia's cyber capabilities and attacking the Internet Research Agency, a "Kremin-backed troll farm in St. Petersburg".[90] [91]
- Beginning at least by March 2019, persistent cyber operations were applied by the United States against Russia's power grid, seemingly per National Security Presidential Memorandum 13 (September 2018).[92] [93]
- June 2019, White House National Security Adviser John Bolton announced that U.S. offensive cyber operations would be expanded to include "economic cyber intrusions".[94] These comments appear to reference China's alleged theft of information and data from U.S. corporations.[95]
- In June 2019, President Trump ordered a cyber attack against Iranian weapons systems in retaliation to the shooting down of a US drone being in the Strait of Hormuz and two mine attacks on oil tankers. The attacks disabled Iranian computer systems controlling its rocket and missile launchers. Iran's Islamic Revolutionary Guard Corps (IRGC) was specifically targeted.[96]
See also
Further reading
Notes and References
- News: Trump Reverses Obama-Era Rules on Cyberattacks. Grenoble. Ryan. 2018-08-16. HuffPost. 2018-10-01. en-US.
- News: How the US military is beating hackers at their own game. Business Insider. 2018-10-01.
- News: Pomerleau . Mark . June 28, 2021 . Who can match the US as a cyber superpower? No one . c4isrnet.com . June 30, 2021.
- Book: Department of Defense Strategy for Operating in Cyberspace. US DoD. 2011.
- Book: US Department of Defense Cyber Strategy. US Department of Defense. 2015. 2–8.
- News: Trump's cybersecurity mystery: 90 days in, where's the plan?. https://web.archive.org/web/20170419160153/http://www.networkworld.com/article/3190735/government/trumps-cybersecurity-mystery-90-days-in-wheres-the-plan.html. dead. 19 April 2017. Williams. Martyn. Network World. 2018-10-02. en.
- News: Nonexistent Trump cybersecurity policy worries experts - The Parallax. 2018-03-23. The Parallax. 2018-10-02. en-US.
- News: Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure The White House. 2018-10-02. National Archives. whitehouse.gov. en-US.
- News: Trump's cybersecurity order not likely to have a major impact, experts say - The Parallax. 2017-05-12. The Parallax. 2018-10-02. en-US.
- News: President Trump Unveils America's First Cybersecurity Strategy in 15 Years The White House. 2018-09-20. 2018-10-02. National Archives. whitehouse.gov. en-US.
- Web site: Trump Has a New Weapon to Cause 'the Cyber' Mayhem. Groll. Elias. Foreign Policy. en. 2018-10-01.
- News: President Donald J. Trump Is Strengthening America's Cybersecurity. 2018-10-01. National Archives. whitehouse.gov. en-US.
- Web site: In Cyberwar, There are No Rules. Wheeler. Tarah. Foreign Policy. en. 2018-10-01.
- Web site: International Strategy for Cyberspace. 4 September 2014. National Archives. whitehouse.gov. 2011.
- Web site: Alexander. David. U.S. reserves right to meet cyber attack with force. Reuters. 4 September 2014. 15 November 2011.
- Web site: Miller . Steven E. . Cyber Threats, Nuclear Analogies? Divergent Trajectories in Adapting to New Dual-Use Technologies - Understanding Cyber Conflict: 14 Analogies . Carnegie Endowment for International Peace . 13 December 2019 . en.
- Book: Singer . Peter W. . Friedman . Allan . Cybersecurity: What Everyone Needs to Know . 2014 . Oxford University Press . 978-0-19-991809-6 . 13 December 2019 . en.
- https://web.archive.org/web/20101004015507/http://www.google.com/hostednews/afp/article/ALeqM5hWP5Ga_K2k4oOosfMz39JFifrDaQ?docId=CNG.0c3a53ff7267f11501a5b3dbd9567dbf.2d1 AFP: Stuxnet worm brings cyber warfare out of virtual world
- http://www.ted.com/talks/ralph_langner_cracking_stuxnet_a_21st_century_cyberweapon.html Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon | Video on
- News: US General: Iran's Cyber War Machine 'A Force To Be Reckoned With' . Business Insider. 15 September 2016.
- https://www.pbs.org/wnet/need-to-know/security/video-cracking-the-code-defending-against-the-superweapons-of-the-21st-century-cyberwar/9456/ Gary Samore
- Web site: Rapoza . Kenneth . U.S. Hacked China Universities, Mobile Phones, Snowden Tells China Press . Forbes . 2013-06-22.
- Web site: DAVID . SANGER . NICOLE . PERLROTH . N.S.A. Breached Chinese Servers Seen as Security Threat. . 22 March 2014.
- News: US and Russia clash over power grid 'hack attacks . BBC News . 18 June 2019.
- How Not To Prevent a Cyberwar With Russia . . 18 June 2019.
- Book: Reed, Thomas C. . Thomas C. Reed . 2004 . . 978-0-8914-1821-4 .
- News: Markoff. John. Cyberwar: Old Trick Threatens the Newest Weapons. The New York Times. 26 October 2009. 30 July 2015.
- News: The Economist. Cyberwar: War in the fifth domain . 1 July 2010 . 4 July 2010 .
- News: Anatoly . Medetsky . KGB Veteran Denies CIA Caused '82 Blast. The Moscow Times. 18 March 2004 . 30 July 2015 . https://web.archive.org/web/20160131204755/http://www.themoscowtimes.com/news/article/kgb-veteran-denies-cia-caused-82-blast/232261.html . 31 January 2016 . dead.
- News: Hesseldahl . Arik . Arik Hesseldahl . Kharif . Olga . 10 October 2014 . Cyber Crime and Information Warfare: A 30-Year History . Bloomberg Business . 2 . 30 July 2015.
- Web site: Tech Street. John. Gantz. InfoWorld. 1 April 1991. 39.
- Web site: Iraqi Cyberwar: an Ageless Joke. George. Smith. SecurityFocus. 10 March 2003. 13 November 2015.
- http://fcw.com/articles/2014/04/22/dod-infosharing-pilot.aspx "Increased trust boosts Pentagon-industry info sharing"
- Reed, John. "Pentagon expanding public-private cyber information sharing program." Foreign Policy Magazine, 27 September 2012.
- U.S. Department of Defense, Cyber Command Fact Sheet, 21 May 2010 Web site: U.S. Strategic Command - Fact Sheets . 2010-09-16 . dead . https://web.archive.org/web/20100905140740/http://www.stratcom.mil/factsheets/cc . 5 September 2010.
- Web site: DoD Release No. 420-10 Establishment of Army Forces Cyber Command . US Department of Defense . 24 May 2010 . defense.gov . 24 May 2010 . dead . https://web.archive.org/web/20110529013300/http://www.defense.gov//news/newsarticle.aspx?id=63635 . 29 May 2011.
- Web site: 20091203 IO Newsletter v10 no 03 .
- News: Patrick Jackson . Meet USCybercom: Why the US is fielding a cyber army . BBC News . 15 March 2010 . 10 July 2010.
- Web site: News Release: Army Forces Cyber Command Headquarters Standup Plan Announced . Defense.gov . 10 July 2010 . dead . https://web.archive.org/web/20110529013300/http://www.defense.gov//news/newsarticle.aspx?id=63635 . 29 May 2011.
- https://breakingdefense.com/2018/09/trump-eases-cyber-ops-but-safeguards-remain-joint-staff/ Sydney J. Freedberg Jr. (17 September 2018) Trump Eases Cyber Ops, But Safeguards Remain: Joint Staff
- https://www.fifthdomain.com/dod/cybercom/2019/05/08/new-authorities-mean-lots-of-new-missions-at-cyber-command/ Mark Pomerleau (8 May 2019) New authorities mean lots of new missions at Cyber Command
- Web site: Fort Mead News: USMC Cyber Command . Ftmeade.army.mil . 28 January 2010 . 10 July 2010 . dead . https://web.archive.org/web/20100413135334/http://www.ftmeade.army.mil/pages/news/stories/2010/jan/cyber.html . 13 April 2010.
- Web site: Sixteenth Air Force (Air Forces Cyber). 4 August 2020. https://web.archive.org/web/20200719163934/https://www.16af.af.mil/About-Us/Fact-Sheets/Display/Article/1957318/sixteenth-air-force-air-forces-cyber/. 19 July 2020.
- https://breakingdefense.com/2019/06/raytheon-wins-air-force-f-15-c-130-cyber-contracts/ Colin Clark (20 June 2019) Raytheon Wins Air Force F-15, C-130 Cyber Contracts
- Web site: Mike Hoffman . Naval Academy Launches Cyber Operations Major . DefenseTech.org . 8 June 2013.
- DOD News Release 827-09
- Navy Stands Up Fleet Cyber Command, Reestablishes U.S. 10th Fleet, NNS100129-24
- News: Cyber War: Sabotaging the System . CBS News . 6 November 2009.
- https://www.washingtonpost.com/wp-dyn/content/article/2010/08/25/AR2010082504588.html The Washington Post: Pentagon computers attacked with flash drive
- News: Cyber-intruder sparks response, debate. Nakashima. Ellen. 8 December 2011. The Washington Post.
- News: White House Eyes Cyber Security Plan . CBS News . 9 February 2009.
- News: Senate Legislation Would Federalize Cybersecurity . Washingtonpost.com . 1 April 2009. Joby . Warrick . Walter . Pincus.
- News: How the NSA Plans to Infect 'Millions' of Computers with Malware . The Intercept . 2014-03-12. Glenn . Greenwald . Ryan . Gallagher .
- News: Pentagon Bill To Fix Cyber Attacks: $100M . CBS News . 7 April 2009.
- Web site: A new approach to China. 12 January 2010. . 17 January 2010.
- http://siblog.mcafee.com/cto/google-attack-is-tip-of-iceberg/ "Google Attack Is Tip Of Iceberg"
- https://web.archive.org/web/20130810043238/http://www.jfcom.mil/newslink/storyarchive/2010/JOE_2010_o.pdf "The Joint Operating Environment"
- Web site: Home - Homeland Security & Governmental Affairs Committee. hsgac.senate.gov.
- http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=225701368&subSection=News Senators Say Cybersecurity Bill Has No 'Kill Switch'
- Web site: ANNUAL REPORT TO CONGRESS Military and Security Developments Involving the People's Republic of China 2010 .
- Web site: Pentagon takes aim at China cyber threat. Lolita C.. Baldor. 19 August 2010. The Boston Globe.
- News: WSJ: U.S. Backs Talks on Cyber Warfare . Online.wsj.com . 4 June 2010.
- Web site: Lessons from Anonymous on cyberwar . Haroon Meer. 11 March 2011 . Al Jazeera English.
- News: U.S. Officials Opening Up on Cyberwarfare . The New York Times . Scott . Shane . 26 September 2012.
- Web site: Chase, NYSE Websites Targeted in Cyber Attacks. . . 15 March 2013 . https://web.archive.org/web/20121019181832/http://www.foxbusiness.com/industries/2012/09/19/chase-website-experiences-intermittent-troubles/ . 19 October 2012 . dead .
- Web site: Phase 2 Operation Ababil. . 15 March 2013. 7 December 2012 .
- Web site: Bank Attackers Restart Operation Ababil DDoS Disruptions. . 6 March 2013 . 15 March 2013.
- Book: NATO Cooperative Cyber Defence Centre of Excellence. Tallinn Manual. Cambridge University Press. 2013. 978-1-107-02443-4.
- Web site: Executive Order -- Improving Critical Infrastructure Cybersecurity. 2015-10-25. National Archives. whitehouse.gov. 12 February 2013.
- Web site: Presidential Policy Directive -- Signals Intelligence Activities. 2015-10-25. National Archives. whitehouse.gov. 17 January 2014.
- Web site: Michael Riley. Jordan Robertson. FBI Examining Whether Russia Is Tied to JPMorgan Hacking. Bloomberg. 5 September 2014. 27 August 2014.
- Web site: Jordan Robertson. Michael Riley. Computers for Hire Send JPMorgan Data to Russia. Bloomberg. 5 September 2014. 3 September 2014.
- Web site: Iranian hackers use fake Facebook accounts to spy on U.S., others. Tiffany Wu. Jim . Finkle. 29 May 2014. 30 March 2015. Reuters.
- Web site: Iran-Backed Hackers Target Airports, Carriers: Report . Michael A . Riley . Jordan . Robertson . 2 December 2014 . 30 March 2015. Bloomberg News.
- Web site: Iran hackers targeted airlines, energy firms: report. Richard Valdmanis, Christian Plumb and W Simon. Jim . Finkle. 2 December 2014 . 30 March 2015. Reuters.
- U.S. Sanctions North Korea Over Sony Hack. Time. 2017-04-09.
- News: Why did North Korea's internet go down?. Evans. Stephen. 2014-12-23. BBC News. 2017-04-09. en-GB.
- Book: Atwan, Abdel Bari . Islamic State: The Digital Caliphate . University of California Press.
- Web site: U.S. Suspects Hackers in China Breached About four (4) Million People's Records, Officials Say . The Wall Street Journal. 5 June 2015 . 5 June 2015 . Barrett, Devlin.
- Web site: China Suspected in Theft of Federal Employee Records . U.S. News & World Report . 5 June 2015 . 5 June 2015 . Risen, Tom.
- Web site: Massive Data Breach Puts 4 Million Federal Employees' Records at Risk . NPR . 4 June 2015 . 5 June 2015 . Sanders, Sam.
- Book: Department of Defense Law of War. US Department of Defense. 2015. 994. 25 October 2015. 15 October 2015. https://web.archive.org/web/20151015173913/http://www.dod.mil/dodgc/images/law_war_manual15.pdf. dead.
- Web site: ISIS Targeted by Cyberattacks in a New U.S. Line of Combat . NYT . 24 April 2016.
- Web site: How The U.S. Hacked ISIS. NPR.org. en. 2019-11-05.
- News: U.S. military cyber operation to attack ISIS last year sparked heated debate over alerting allies. Nakashima. Ellen. 2017-05-09. The Washington Post. 2019-11-05. en-US. 0190-8286.
- News: America sanctions Russians for election-meddling and cyber-attacks. The Economist. 2018-10-01. en.
- News: Nine Iranians Charged With Conducting Massive Cyber Theft Campaign on Behalf of the Islamic Revolutionary Guard Corps. 2018-03-23. 2018-10-01. en.
- News: America's government is putting foreign cyber-spies in the dock. The Economist. 2018-10-01. en.
- News: White House authorizes 'offensive cyber operations' to deter foreign adversaries. Nakashima. Ellen. 20 September 2018. The Washington Post. English. 2019-11-05.
- News: House demands to see Trump's cyberwarfare directive. Ratnam. Gopal. 2019-07-16. 2019-11-05. Donnelly. John M.. en. Ratnam. Gopal. Donnelly. John M..
- News: U.S. Cyber Command Bolsters Allied Defenses to Impose Cost on Moscow. Barnes. Julian E.. 2019-05-07. The New York Times. 2019-11-05. en-US. 0362-4331.
- News: U.S. Escalates Online Attacks on Russia's Power Grid. Sanger. David E.. 2019-06-15. The New York Times. 2019-11-05. Perlroth. Nicole. en-US. 0362-4331.
- Web site: US buries digital land mines to menace Russia's power grid Energy Central. www.energycentral.com. 2019-11-05.
- News: Bolton Says U.S. Is Expanding Offensive Cyber Operations. Strobel. Warren P.. The Wall Street Journal. 11 June 2019. en-US. 2019-11-05.
- Web site: U.S. Offensive Cyber Operations against Economic Cyber Intrusions: An International Law Analysis - Part I. 2019-07-11. Just Security. en-US. 2019-11-05.
- Web site: US 'launched cyberattacks on Iran weapons' after drone downing. www.aljazeera.com. 2019-11-08.