Space Security
August 7, 2008
Air Force Cyber Command Factsheet

Air Force Cyber Command:  Defending Cyberspace, or Controlling It?

 

by Chelsea Dilley, CDI Research Assistant

 

With the creation of an Air Force Cyber Command (AFCYBER), the Air Force has formalized its assertion that cyberspace is a warfighting domain.  While AFCYBER was established under the claim that defending the cyber infrastructure is crucial to our nation’s security, the Air Force also intends to place a heavy emphasis on fighting through cyberspace.  The ambiguity surrounding the new AFCYBER raises questions about whether many of the major issues have been addressed or if they have even been considered.  It is unclear what AFCYBER’s exact mission is, what capabilities are being developed, what circumstances warrant a cyber attack, what actions will be taken in response to an attack, who can authorize an attack, what steps will be taken to prevent crisis escalation, what the budgets are and exactly where the money is coming from.  AFCYBER’s relation to the Department of Homeland Security and to the Air Force Space Command is also hazy, which could prove problematic, as all have claimed some responsibility for maintaining control of cyberspace. 

 

Alarmingly, there are many similarities in the ways used to promote AFCYBER and those used in the Air Force’s increasingly belligerent counterspace mission.  The diction used in the 2004 Air Force Counterspace Operations Doctrine and the 2008 Air Force Cyber Command Strategic Vision is in many places exactly the same, and it is uncertain if the task that was given to the Air Force Space Command to maintain cyberspace has actually been transferred to or just appropriated by the new Cyber Command. 

 

Differing Definitions of Cyberspace

 

The National Strategy to Secure Cyberspace, released by the White House in 2003, defines “cyberspace” as “the nervous system of [our critical] infrastructures—the control system of our country…the healthy functioning of cyberspace is essential to our economy and our national security.”[1]  Hardware is the focus of this definition of “cyberspace,” making this domain appear to be a physical one. 

 

In September 2006, the Joint Chiefs of Staff endorsed a definition of “cyberspace” as “a domain characterized by the use of electronics and the electromagnetic spectrum to store, modify and exchange data via networked systems and associated physical infrastructures.”  This definition classifies “cyberspace” as something that is not limited to the physical aspects such as computers, routers and cables, but rather something that encompasses the entire electromagnetic spectrum (EMS) as well.[2]  This idea of “cyberspace,” being more extensive, would require a very different defense plan.

 

The most recent definition of “cyberspace” was written on May 12, 2008, by Deputy Defense Secretary Gordon England, and states that cyberspace is “a global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.”  England’s definition is one that focuses on a holistic interpretation of the cyberspace as typically associated with computers, without mention of the EMS or any cyberspace functions therein.[3]

 

Because the term “cyberspace” has so many different definitions, it creates a problem in determining what “defending cyberspace” means.  Although the National Strategy to Secure Cyberspace seems concerned with the equipment, the Defense Department is working its way toward a definition that includes intangible information.  A number of Air Force documents use the definition given by the Joint Chiefs of Staff, but there is nothing that states the Air Force’s official definition of cyberspace.  This ambiguity raises questions on how the Air Force plans to protect our nation’s “critical infrastructure.”

 

Air Force Cyber Command

 

Mission Statement

The Air Force’s mission statement was updated in 2005 to include cyberspace: “The Mission of the Air Force is to deliver sovereign options for the defense of the United States of America and its global interests—to fly and fight in Air, Space and Cyberspace.”[4]  Meanwhile, the mission statement for the Air Force’s Cyber Command is as follows: “Air Force Cyber Command’s mission is to provide combat-ready forces trained and equipped to conduct sustained combat operations in and though the electromagnetic spectrum, fully integrated with air and space operations.”

 

Objective

The Air Force has taken it upon itself to create a major command to control cyberspace and it is unclear how the other branches of the service are reacting to AFCYBER.  It also remains uncertain whether or not the Air Force Space Command has relinquished its task of monitoring and controlling cyberspace, or rather, “information operations.”  The 2004 Counterspace Operations Doctrine states that counterspace operations entail all aspects related to space superiority including “air, land, sea, space, special operations, or information operations.”[5]  This would imply that Air Force Space Command is in charge of maintaining superiority and control of the cyber domain. 

 

Whether or not AFCYBER has now officially been designated defender of cyberspace, the new command intends to develop, maintain and enhance cyberspace capabilities to “conduct sustained and integrated combat operations in and through the electromagnetic spectrum.”[6]  Cyber Command has declared it will have the ability to “deter, deny, disrupt, deceive, dissuade, and defeat adversaries through a variety of destructive and non-destructive, and lethal and non-lethal means.”[6] This is remarkably similar to the Counterspace Operations Doctrine, which states that Space Command will “deceive, deny, disrupt, degrade, or destroy” when targeting an adversary’s space capability.[5]   The similarities in text between the Strategic Vision and the Counterspace Operations Doctrine continue.  Cyber Command is to “ensure freedom of action in cyberspace while denying that same freedom to our adversaries,”[6] while Space Command is to “ensure freedom of action in space and, if directed, deny such freedom of action to adversaries.”[5]   Both commands plan to have “offensive and defensive” capabilities to “control” their domains.  Ultimately, the objective of Cyber Command is to create a “new type of cyber warrior” to fight in the cyber domain.[7]  Cyber Command’s use of almost identical descriptions of tasks and goals as the Air Force’s Counterspace Doctrine makes one wonder if AFCYBER will also eventually take on an offensive mission, much like the Air Force’s Counterspace Doctrine has.

 

Timeline

The U.S. Air Force first included the integration of cyberspace capabilities into its mission on Dec. 7, 2005.  The Air Force held a Cyberspace Summit in November 2006, and then in January 2007, the U.S. Air Force Warfare Center (USAFWC) held Cyber Vision 2007.  This was the first integrated cyber exercise that focused on potential conflict and dominating cyberspace.[8]  Air Force provisional Cyber Command [AFCYBER (P)] was officially activated Sept. 17, 2007.[7]   AFCYBER (P) is a virtual command with no forces.  This will change when AFCYBER goes live with phase one on Oct. 1, 2008.  Once fully activated, they will stand up four wings: electronic warfare; information operations; network warfare; and communications electronics.[9] The network warfare wing will be incorporated form one that currently exists, while and the other three wings are being created. 

 

Strategic Plan

Offensive tactics use by AFCYBER would depend on the desired results but would still use the fundamental methods of interception, modification and denial of information.  An Air Force official explained that electronic warfare extends, but is not limited to, cyber attacks to disable connections, EMS jamming, disruption of information within a server, network system strikes, and attack of the systems by destruction of power grids.[10] The Air Force claims that its defensive tactics will focus around damage prevention and assessment.  Minimizing cyber risks involve defense tactics such as jam-resistant communications, electro-magnetic pulse resistant electronics and adaptive firewalls, database wrappers and database encryption.  According to the Air Force Cyber Command’s Strategic Vision, the ability to “preserve, protect, recover and reconstitute friendly cyberspace capabilities before, during and after a hostile attack” is the focus of cyberspace defense.[6] 

 

AFCYBER will attempt to “influence, disrupt, corrupt or usurp adversarial human and automated decision making.”[11] In the tangled web of cyberspace, it is unclear how clear lines of demarcation between the enemy and our forces will be determined. 

 

Operating Forces and Personnel

Lt. Gen. Robert J. Elder Jr. was designated the Air Force Cyber Commander in November 2006.  In a conference on cyberspace defense in September 2007, Elder explained defending cyberspace would involve focusing on the following areas: mission and security balance, cyber force training and career development of airmen, systems and software design, data integration for situational awareness and command/control, and partnerships with industry and academia.[12]

 

The 8th Air Expeditionary Task Force (AETF) was initially established as a mechanism to integrate Air Force cyber capabilities with the established air and space capabilities.  Since then, the command responsibilities have transferred to Maj. Gen. William T. Lord and the AFCYBER (P) is currently under his direction with support from the 8th AETF, which is directed by Elder.  Lord will continue to command AFCYBER (P) and report to the AF chief of staff until the general officer who will command AFCYBER is named.  No permanent positions will be assigned to AFCYBER (P).  Temporary personnel will be given to the provisional Major Command (MAJCOM) until the permanent MAJCOM is activated.  The initial headquarters staff for AFCYBER (P) will be made up of 18 personnel provided by various elements of the Eighth Air Force, 86 personnel provided by the Air Force Communications Agency, and 55 personnel provided by the Air Force Command and Control, Intelligence, Surveillance, and Reconnaissance Center (AFC2ISR).  The permanent command will require an estimated 541 members of staff.[7]  

 

Location

The Air Force is currently compiling a list of potential locations to place AFCYBER.  Eighteen states were asked to provide data, outlined below, that will be compared to the determined criteria for the base.  This summer, Air Force officials will be visiting all of the potential base sites to verify and discuss the data.  The list will be narrowed to a preferred location, along with several alternate locations, that will be announced in November 2008.  The intense competition for the headquarters (HQ) site has potential contenders quickly maneuvering to secure an advantage.  Following these evaluations, the AFCYBER (P) will announce its preferred location for the command.  The Air Force chief of staff and the secretary of the Air Force will review the proposal, and finally the secretary of the Air Force will announce the location of the AFCYBER HQ possibly as soon as September 2009. 

 

The two wings of AFCYBER (P), the 450th Electronic Warfare wing and the 689th Cyber Wing, will undergo the same basing process as AFCYBER HQ.  These two wings are currently located at, respectively, Lackland AFB in San Antonio, Texas, and Scott AFB in Belleville, Ill.  The other two wings, the 688th Information Operations Wing and the 67th Network Warfare Wing, will both remain in their current location at Lackland AFB in San Antonio, Texas.

 

The following data was requested by AFCYBER (P) from the governors of Alabama, Arkansas, California, Colorado, Iowa, Louisiana, Massachusetts, Michigan, Mississippi, Missouri, Nebraska, New Jersey, New Mexico, Ohio, Pennsylvania, Texas, Utah and Virginia, to review for the potential AFCYBER HQ:

 

·      If similar cyber activities such as intelligence and space/satellite operations already operate at the installation;

·      The detail of the high-speed network capabilities and capacity for growth (i.e. fiber or cable, secure communications, joint or other Department of Defense networks available, support/maintenance level);

·      Proximity to existing high-technology processes or centers;

·      If local universities or businesses support an existing Cyber-related workforce;

·      The level of security available for the mission (i.e. local threat assessment favorable or low? Is encroachment an issue? Would it adversely affect beddown of a headquarters operation?);

·      Is there adequate, existing facilities with both secure and un-secure contiguous office space to accommodate both the AFCYBER headquarters and Numbered Air Force staff;

·      Is there practical and economical accessibility to multiple routes of travel, including air transport (i.e. close to an airport, train, does it have its own runway, major interstates);

·      Is the area subject to recurring natural disasters such as tornadoes, hurricanes, extensive flooding, fires, blizzards, ice storms, or earthquakes (as indicated by governmentally declared emergencies in the past 10 years) and does the local area have a reasonable disaster preparedness plan in place.[13]

 

Cost

The overall cost of combining all these efforts under one virtual roof is unknown.  Lord said in April that operation of the command will cost approximately $5 billion a year for five years.  He also argued that existing programs brought together under the cyber command would be able to fund it.[9]   One month later, Lord gave a significantly different cost estimate of $1 billion a year.  He still posited that current cyber-security programs would be sufficient to fund the new command.[14]  Because most information about the cyber initiative is classified, including the total cost, the estimate for the price tag of AFCYBER continues to vary. 

 

Conclusion 

 

The Air Force’s independent decision to create a new major command to “secure cyberspace” has drawn attention to the more frequently occurring hackings and cyber-security issues.[11]   Although the Air Force claims that it will have “full spectrum dominance” in cyberspace, there are still many questions about the actual capabilities of the Air Force in cyberspace and the courses of action in the event of a cyberwar. Cyber Command is a program that is intended to eventually become a part of the Joint Task Force, but without the support of the other branches of the service, it will likely not succeed.  Another hindrance in the success of AFCYBER is the many other departments who currently play a role in defending the cyber domain.  If they are unwilling to surrender their programs, it could create a problem regarding leadership and who is officially in charge of defending cyberspace.  If more than one department has the ability to attack, in a war situation, it could potentially be unclear whose job it is to issue an attack or counterattack.  The ambiguity of AFCYBER and its role in the military and public domain makes it difficult to support. 

 

 


[1] White House Report, “The National Strategy to Secure Cyberspace,” February 2003, http://www.whitehouse.gov/pcipb/cyberspace_strategy.pdf

[2] Joint Chiefs of Staff, “Joint Net-Centric Operations Campaign Plan, Command, Control, Communications, and Computer Systems Directorate [J-6],” October 2006, http://www.jcs.mil/j6/c4campaignplan/JNO_Campaign_Plan.pdf

[3] Deputy Defense Secretary Gordon England, “memorandum for Secretaries of the Military Departments, Subject:  The Definition of ‘Cyberspace,’” May 12, 2008, http://www.afei.org/documents/NewCyberspaceDefinition.pdf

[4] Department of the Air Force, “Air Force Posture Statement 2008,” Feb. 27, 2008, http://www.posturestatement.af.mil/shared/media/document/AFD-080310-037.pdf

[5] “Counterspace Operations, Air Force Doctrine Document 2-2.1,” Joint Doctrine for Space Operations, Aug. 2, 2004, http://www.fas.org/irp/doddir/usaf/afdd2_2-1.pdf

[6] Air Force Cyber Command, “Air Force Cyber Command Strategic Vision,” March 2008, http://www.afcyber.af.mil/shared/media/document/AFD-080303-054.pdf

[7] Air Force Cyber Command, “Frequently Asked Questions,” Accessed  July 9, 2008, http://www.afcyber.af.mil/library/factsheets/factsheet.asp?id=10688

[8] 2007 Air Force Posture Statement, “Maintaining America’s Edge, Cyberspace,” www.posturestatement.hq.af.mil/1_2_intro.htm

[9] “U.S. Air Force Fact Sheet, Q & A’s W AFCYBER/CC—CFR,” Department of the Air Force, April 2008, http://www.afcyber.af.mil/library/factsheets/factsheet_print.asp?fsID=12098&page=1

[10] Pamela L. Woolley, “Defining Cyberspace as a United States Air Force Mission,” Air Force Institute of Technology, June 2006, http://stinet.dtic.mil/cgi-bin/GetTRDoc?AD=ADA453972&Location=U2&doc=GetTRDoc.pdf

[11] Air Force Cyber Command, “Proposed Purpose and Need for Air Force Cyber Command (AFCYBER),” http://www.afcyber.af.mil/shared/media/document/AFD-080519-030.doc

[12] Mary Davis, “AF Leader Addresses Cyberspace Defense at Conference, Air Force Press News, Sept. 26, 2007, http://www.af.mil/news/story.asp?id=123069663

[13] Air Force Cyber Command, “AF explains AFCYBER basing criteria for governors,” May 19, 2008, http://www.afcyber.af.mil/news/story.asp?id=123099255

[14] Jason Miller, “Air Force Cyber Command Enters Next Phase,” Federal News Radio, May 23, 2008, http://www.federalnewsradio.com/index.php?nid=169&sid=1409302

 
Author(s): Chelsea Dilley