USCYBERCOM

By Mark Rutherford
Military Tech
CNet News
October 15, 2009

A new RAND Corporation report suggests the U.S. may be better off playing defense and pursuing diplomatic, economic, and prosecutorial efforts against cyberattackers, instead of making strategic cyberwarfare an investment priority.

The study comes as the U.S. military fires up its new unified Cyber Command (USCYBERCOM) program this month. The new outfit will be responsible for network-related operations, defense, and attacks and will operate under the U.S. Strategic Command.

Cyberwarfare is better at bothering an adversary than defeating it--given that permanent effects are illusive, author Martin C. Libicki wrote in the report, titled "Cyberdeterrence and Cyberwar."

On offense, cyberwar might be better relegated to support roles, and then only "sparingly and precisely," according to the report. A one-shot strike to silence a surface-to-air missile system, allowing aircraft to penetrate defenses to destroy a nuclear facility, is the example given.

"Attempting a cyberattack in the hopes that success will facilitate a combat operation may be prudent; betting the operation's success on a particular set of results may not be," Libicki wrote. One question planners should ask is whether strategic cyberwar would induce political compliance comparable to what could be produced by, say, strategic air power.

[...]