United States has set the example with the inauguration of US Cyber Command (USCYBERCOM) as an armed forces sub-unified command, subordinate to the Department of Defense, with the latter issuing in 2011 a Strategy for operating in Cyberspace. The ex-ARPA, now renamed to Defense Advanced Research Projects Agency (DARPA) developed in 2012 the so-called Plan X, which is
“a foundational cyberwarfare program to develop platforms for the Department of Defense to plan for, conduct, and assess cyberwarfare in a manner similar to kinetic warfare”.
US President Barack Obama issued on the 12th of February 2013 an Executive Order entitled Improving Critical Infrastructure Cybersecurity, redefining the term critical infrastructure, so as to include any
“systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety”.
The United Kingdom followed with the launch in 2010 of the UK Office of Cyber Security & Information Assurance (OCSIA), which announced in November 2011 the UK Cyber Security Strategy (CSS).
In Australia, the Cyber Security Operations Centre (CSOC) was established in 2010, in the Defence Signals Directorate (DSD) of the Australian Defence Force (ADF) Department of Defence, Intelligence and Security.
European Network and Information Security Agency (ENISA), is the Heraklion, Crete-based, Europen Union’s answer to cyber threats, operational since 2005. In 2012, ENISA organised Cyber Europe 2012, the second pan-European Cyber Exercise. On the 7th of February, 2013 the European Commission and the High Representative of the European Union for Foreign Affairs and Security Policy announced the EU’s Cybersecurity Strategy, and a complementary proposal for a Directive on measures to ensure a high common level of cyber security across the EU.
NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), is one of NATO Centres of Excellence, situated in Tallinn, Estonia, inaugurated after the events of 2007, which published in March 2013 an academic, non-binding study of an International Group of Experts, led by Professor Michael N Schmitt, the so-called Tallinn Manual on the International Law Applicable to Cyber Warfare.
‘Cyber Warriors Needed’
Overall, it has to be mentioned here that in the last months, a sharp rise has been contested in the recruitments in all the above-mentioned units. “Cyber Warriors Needed” is the title in US army’s CYBERCOM website and unacknowledged sources talk about 4,000 new “Cyber Soldiers”.
The recent phenomenon of every country to establish an official ‘cyber branch’ in its military section is not yet so spread in not-so-developed-thus-not-so-based-on-online-infrastructure-networks countries. However, many internet websites have recently been created, representing a “Cyber Army” of various, mostly asian countries, with no official linkage to each government; see, i.e., Pakistan Cyber Army or Indian Cyber Army. What is more, rumours talk of ‘Iranian Cyber Army’ and also of ‘Chinese Cyber Army’.
US Secretary of Defense Leon E. Panetta stated on October 2012 that
It’s no secret that Russia and China have advanced cyber capabilities. Iran has also undertaken a concerted effort to use cyberspace to its advantage. (…) Potential aggressors should be aware that the United States has the capacity to locate them and to hold them accountable for their actions that may try to harm America. (…) This is a pre-9/11 moment.
Last but not least, unofficial sources speak of a continuation of the so-called Bush Doctrine for the US administration, allowing for cyberattacks to take place on a preemptive basis. According to a “secret legal review”, journalist David E. Sanger claims that “President Obama has the broad power to order a pre-emptive strike if the United States detects credible evidence of a major digital attack looming from abroad”. Does this give further fuel to the (still unconfirmed) rumours about the Bush Administration to have initiated in 2006 the operation ‘Olympic Games’, under which the triplet Stuxnet-Flame-Gauss was designed to target inter alia Iran’s Natanz nuclear centrifuge plant, operation allegedly continued under the Obama Administration?