Declassified Report Describes Confusion Around Military Cyber Responsibilities in 2014

Military combatant commands were inadequately resourcing their cyber missions and not effectively communicating about cyber requirements as recently as 2014, according to an investigative report.

In some cases, that included assigning cyber tasks to people who were already filling other jobs, according to the partially declassified 2014 inspector general’s report, which Nextgov obtained through the Freedom of Information Act.

The classified report, which was published during a major surge to stand up U.S. Cyber Command and expand U.S. military dominance in cyberspace, describes poor or slow cyber information sharing that “decreased the combatant commanders’ ability to effectively plan and prioritize cyberspace operations.”

The report notes that combatant commanders had failed to identify all the cyberspace requirements affecting their commands and recommends conducting “detailed, command-wide, mission-impact analysis” to identify commands’ cyber mission requirements, resources and capability gaps.

The report also urges the Pentagon Joint Staff to develop a “communications strategy for disseminating incremental decisions and timely guidance affecting cyberspace command and control” and suggests conducting “regular global synchronization conferences” to improve communication.

Nextgov initially sought the report in December 2014, when an alert about the classified version of the report was first published online. The inspector general’s office did not deliver the redacted report until August of this year.

Long delays are common for FOIA responses, despite an official requirement that agencies must respond to requests within 20 business days. A delay of nearly four years, however, is exceptional.

Hearst Communications’ National Investigative Unit, which evidently also requested the inspector general’s report in 2014, wrote about it in August.

While the report is outdated now, it provides a window into a tumultuous period while U.S. Cyber Command was in the middle stages of reaching full operating capability and the military was unsure how its cyber responsibilities would be divvied up.

The report cites particular difficulties integrating cyberspace operations at U.S. Central Command, which oversees operations in Afghanistan and Iraq, and U.S. Pacific Command, which includes China and North Korea in its area of responsibility. Heavy redactions, however, make it impossible to determine what many of those difficulties were.

CENTCOM and PACOM failed to respond to investigators questions before the report was completed, the report states. CENTCOM also did not complete a requested updated analysis of its ability to fulfill certain cyber tasks requested by the Joint Chiefs of Staff, the report states.

CENTCOM and PACOM officials told investigators they needed “further guidance and information from the Joint Staff” to assist them in planning and integrating cyberspace into operations based on the rapidly changing cyberspace domain.

In particular, PACOM officials said they sometimes didn’t understand the genesis of cyberspace decisions affecting combatant commands.

In many cases, heavy redactions make it impossible to decode what cyber readiness problems the inspector general’s office is describing.  

A section focused on CYBERCOM’s “cyber support element” requirements, for example, is nearly entirely blacked out.

The report notes in a section on progress implementing cyberspace operations that “Joint Staff officials acknowledged that combatant commands were not effectively communicating with each other,” but the remainder of the sentence is redacted.

An appendix to the report displays a memo from then-Vice Director of the Joint Staff Maj. Gen. Frederick Rudesheim recommending that CYBERCOM and U.S. Strategic Command, which then oversaw CYBERCOM, increase cyber support to all combatant commands as much as possible.

Rudesheim’s memo also suggests developing “alternative solutions for sustaining forward-deployed cyber support elements to directly support combatant commands in planning and integrating cyberspace capabilities into operations.”

The report, published and classified in December 2014, cites several sources of its classified information.

One of those sources, Joint Publication 3-12 titled “Cyberspace Operations,” had been declassified several weeks earlier in October.

The list also cites the Pentagon’s May 2011 Strategy for Operating in Cyberspace, which, if it was ever classified, wasn’t classified for long. The document was posted online by July 2011, according to a time-constrained Google search.