Dave Naffziger's Blog

Although this action has been expected for some time, this is the first time that cyberspace has been raised to command-level visibility in the military (and in the US government for that matter). Richard Bejtlich has good coverage of the evolution of the new command, and a good take on why it makes sense to centralize this skillset within one of the services.

Our nation’s warfighting capabilities are incredibly dependent on networks, and despite all sorts of training with alternatives, there is not doubt that those capabilities would be degraded significantly without them. The creation of this command is an indication that the government is finally beginning to acknowledge that we are woefully unprepared for asymmetric warfare on the net.

One of the more interesting debates within national security circles revolves around the legal definition of many cyberspace activities. Is hacking considered an offensive activity? How about viruses and worms? How about DOS of an attacking machine? When are offensive activities interpreted as acts of war? Under what legal authority can the US take ‘offensive’ actions? Important doctrine involving things like “Rules of Engagement” are just beginning to be developed. This will be a fun arena to watch.