Russia and other actors who try to meddle in the election will be met with a much broader, aggressive and more unified cyber campaign than in years past, according to Lt. Gen. Stephen Fogarty.
Adversaries looking to interfere in the 2020 election will be going up against much more coordinated, extensive and aggressive cyber operations than they did four years earlier, according to the head of Army Cyber Command.
The 2016 election forced the Pentagon to rethink its approach to digital warfare, and in the years since, the department has significantly ramped up its cyber capabilities, according to Lt. Gen. Stephen Fogarty. Among those improvements are a wider network of partners, stronger digital defenses and a deeper arsenal of offensive capabilities, which could even include influence campaigns against cyber adversaries.
By replacing the largely defensive cyber strategy the department relied on in the past with a “full spectrum” approach, Fogarty said the Pentagon intends to take the fight to every corner of cyberspace and put Russia and other nefarious actors under constant pressure.
“The big idea of persistent engagement is [to] not give them sanctuary,” Fogarty said Thursday at the AFCEA Intelligence and National Security Summit. “I don’t know of a single thing we could do that would prevent [adversaries] from competing, but I want to impose as much cost on them as possible.”
Like much of the national security community, Army Cyber Command was caught off guard by the scale of Russia interference operations in 2016. In its efforts to defend against cyberattacks, the group overlooked other threats, like social media influence campaigns, according to Fogarty. The new strategy seeks to close those gaps with a broader understanding of potential threats, a deeper arsenal of tools and more thorough coordination with law enforcement, intelligence agencies and international allies.
“If you’re focused on the cyber domain, which is just one part of the information environment, you’re going to miss a lot of things,’ Fogarty said. “I think the lesson learned there is you better open your aperture.”
The Pentagon first put this broader strategy to the test during the 2018 midterms. On election night, U.S. Cyber Command took down the networks of the Internet Research Agency, the notorious Russian troll farm that led misinformation campaigns in 2016. The attack, which knocked the group offline for multiple days, marked the first use of offensive cyber capabilities against a Russian entity.
Adversaries will undoubtedly learn from that experience and refine their methods, Fogarty said, but so too with the U.S.
“I think it’s going to be very sporty,” he said.
Looking beyond the 2020 election, Army Cyber Command is pushing to bring the same unified approach to all of its digital operations. While different capabilities—offensive cyber, electronic warfare and information operations—are each effective in their own right, bringing those efforts together into a single “information warfare” strategy improve the results, Fogarty said.
The strategy would also let Army Cyber Command offer other units a broader set of digital tools, which could support a wider range of efforts, he said. When asked whether the U.S. should openly admit to using influence operations, Fogarty agreed wholeheartedly, arguing that federal leaders should be more upfront about their willingness to engage in cyberspace.
“I think that creates an idea that we’re not going to just get pummeled without imposing costs on [adversaries],” who could range from nation-state actors to cybercriminals, he said.
Still, the nation’s response to cyber operations shouldn’t be limited to cyberspace, Fogarty said. Supplementing information warfare with real-world punishments, like sanctions and travel bans, would make it more painful for adversaries to confront the U.S. That multifaceted effort requires significant coordination with federal partners, which Fogarty said his command hadn’t done as extensively in the past.
“You’ve got to look at the entire range of options that a nation-state has at its disposal,” he said. “I don’t see this as just a cyber problem or a cyber response to the problem. I think we have to be much more sophisticated than that.”
Government cyber leaders have long stressed the importance of coordination among agencies, allies and industry when fending off digital threats.
On Wednesday, Anne Neuberger, who was recently tapped to head the National Security Agency’s new Cybersecurity Directorate, said improving the agency’s information-sharing channels would help the government and private sector more proactively defend against cyberattacks. During a separate panel on Thursday, NSA Director Gen. Paul Nakasone attributed the government’s successful defense of last year's midterms to the close work among the NSA, Homeland Security Department, FBI and other agencies.
“We were able in 2018, through this whole-of-government effort, to deliver a safe and secure election, one that I would say is reflective of the power of all of our agencies,” he said.