https://crsreports.congress.gov
Updated December 1, 2021
Defense Primer: Cyberspace Operations
Overview
The Department of Defense (DOD) defines cyberspace as a
global domain within the information environment
consisting of the interdependent network of information
technology infrastructures and resident data, including the
internet, telecommunications networks, computer systems,
and embedded processors and controllers. The DOD
Information Network (DODIN) is a global infrastructure
carrying DOD, national security, and related intelligence
community information and intelligence.
Cyberspace operations are composed of the military,
intelligence, and ordinary business operations of the DOD
in and through cyberspace. Military cyberspace operations
use cyberspace capabilities to create effects that support
operations across the physical domains and cyberspace.
Cyberspace operations differ from information operations
(IO), which are specifically concerned with the use of
information-related capabilities during military operations
to affect the decision making of adversaries while
protecting our own. IO may use cyberspace as a medium,
but it may also employ capabilities from the physical
domains.
Cyberspace operations are categorized into the following:
Offensive Cyberspace Operations, intended to project
power by the application of force in and through
cyberspace. These operations are authorized like
operations in the physical domains.
Defensive Cyberspace Operations, to defend DOD or
other friendly cyberspace. These are both passive and
active defense operations and are conducted inside and
outside of DODIN.
DODIN Operations, to design, build, configure, secure,
operate, maintain, and sustain DOD communications
systems and networks across the entire DODIN.
Cyber Strategy
In September 2018, the White House released a national
cyber strategy consisting of four pillars: (1) protecting the
American people, homeland, and way of life by
safeguarding networks systems, functions and data; (2)
promoting prosperity by nurturing a secure, thriving digital
economy and fostering strong domestic innovation; (3)
preserving peace and security by strengthening the ability
of the United States, its partners, and allies to deter and
punish those who use cyber maliciously; and (4) advancing
influence to extend the key tenets of an open, interoperable,
reliable, and secure internet.
Following these pillars, DOD released its own cyber
strategy outlining five lines of effort: (1) build a more lethal
force; (2) compete and deter in cyberspace; (3) strengthen
alliances and attract new partnerships; (4) reform the
department; and (5) cultivate talent.
Three operational concepts identified in the DOD Cyber
Strategy are to conduct cyberspace operations to collect
intelligence and prepare military cyber capabilities to be
used in the event of crisis or conflict, and to defend forward
to disrupt or halt malicious cyber activity at its source,
including activity that falls below the level of armed
conflict. Defending forward may involve a more aggressive
active defense, meaning activities designed to disrupt an
adversary’s network when hostile activity is suspected.
Cyber Mission Force
DOD began to build a Cyber Mission Force (CMF) in 2012
to carry out DOD’s cyber missions. The CMF consists of
133 teams that are organized to meet DOD’s three cyber
missions. Specifically, Cyber Mission Force teams support
these mission sets though their respective assignments:
Cyber National Mission Teams defend the nation by
seeing adversary activity, blocking attacks, and
maneuvering in cyberspace to defeat them.
Cyber Combat Mission Teams conduct military cyber
operations in support of combatant commands.
Cyber Protection Teams defend the DOD information
networks, protect priority missions, and prepare cyber
forces for combat.
Cyber Support Teams provide analytic and planning
support to National Mission and Combat Mission teams.
CMF teams reached full operational capacity at over 6,200
individuals in May 2018. Organizationally, the Cyber
Mission Force is an entity of the United States Cyber
Command.
United States Cyber Command
In response to the growing cyber threat, in 2009 the
Secretary of Defense directed the establishment of a new
military command devoted to cyber activities.
USCYBERCOM’s stated mission is to “to direct,
synchronize, and coordinate cyberspace planning and
operations to defend and advance national interests in
collaboration with domestic and international partners.”
Elevated to a unified combatant command in May 2018,
USCYBERCOM is commanded by a four-star general, who
is also the director of the National Security Agency and
chief of the Central Security Service. The commander
manages day-to-day global cyberspace operations and leads
defense and protection of DODIN. Each of the military
services provides support to USCYBERCOM.