History, Sailing, Security

Will “Defend Forward” Survive a Shift in NSA Leadership?

Leave a comment

To be candid, I’ve always found the NSA’s “defend forward” pitch intriguing from a historical perspective.

The Navy subsequently developed a “transoceanic” strategic concept, orienting the Service away from contesting the oceans and toward projecting power across them to distant land masses.

The American military strategy to bomb distant land masses with napalm for nine months and burn 50% of Tokyo to the ground had very infamous non-surrendering results. And that played out the same again when even more firepower was dumped onto North Korea just a few years later.

In other words a relentless “air pressure” campaign from bombs dropped 1950-1953, as just one simple example, illustrate huge limitations of “transoceanic” power projection methods.

Truman, a master statesman, perhaps explained the problem most succinctly as I’ve written here before:

…MacArthur had been outwitted and outflanked by a guerrilla army with no air force, crude logistics, and primitive communications, an army with no tanks and precious little artillery. As David Halberstam put it, MacArthur had “lost face not just before the entire world, but before his own troops, and perhaps most important of all, before himself.” All of this happened because MacArthur was almost criminally out of touch with reality. […] “I didn’t fire [General MacArthur] because he was a dumb son of a bitch, although he was,” Truman later said. “I fired him because he wouldn’t respect authority…”

Talk about losing a contested space. And then there’s the embarrassing loss of the USS Pueblo spy ship to North Korea in 1968.

The CIA might be making a subtle yet very poignant argument that all the best high-tech in the world doesn’t amount to a hill of beans when basic skills and wisdom for placement and use are missing.

The biggest “power projection” advocates often overlook some important lessons of quiet professional intelligence oriented towards asymmetry. Consider how false power projections often have helped smaller, more agile forces overcome vastly more powerful enemies.

Here’s a story that can’t be told often enough. In 1940 Ethiopia 20,000 irregular troops from Sudan made quick and easy work of nearly 300,000 Italian fascist soldiers. Done and dusted, presenting us a very fine model for active defense in cyber being highly efficient and strategic, creative more than athletic.

Fast forward to today and the Nord Stream underwater explosion presents a useful study along those lines (pun not intended).

The impotence of the American juggernaut in Vietnam has put this problem under the spotlight of history. The one thing the guerrillas have in abundance is imagination, and this seems to outweigh the imbalance in materiel. It is the author’s contention that creativity is what wins battles–the same faculty that inspires great art.

Analogies comparing more traditional big power projection (Russia’s “dumb meat grinder” approach) onto cyber operations, projecting massive capabilities as the wedge into an adversary’s digital infrastructure, are frequently used but may not accurately reflect the complexities of cyber warfare. It’s a bit like hearing “we estimate Goliath’s imposing size is what will prevent the next David”. Meanwhile David might just be afraid of tiny spiders. It’s conflict on the Web, after all.

The NSA’s publicly described concepts of “Cyber 101 – Defend Forward” showed much promise for being on the right side of “power projection” history, yet it remains unclear just how agile, adaptive and effective it has been and at what scale. Can it be a deterrent if its potential remains a secret?

The book that inspired Dr. Strangelove

At the very least I can appreciate that an official .mil site said “Cyber 101” as if a veiled shout-out to those who know about the WWII Special Operations “Mission 101” victory. Big hint? Maybe 50 years from now we’ll know how deeply the NSA landed and implanted quiet professionals behind enemy infrastructure boundaries.

…just as a navy goes underway from a port or an airplane takes off from a runway, and thus are legitimate targets during times of conflict – persistent engagement involves targeting adversary cyber capabilities and their underlying infrastructure. This approach prevents adversary nations and non-state actors from launching disruptive and destructive cyberattacks in the first place.

With the departure of General Paul M. Nakasone, the primary advocate for “defend forward” from a top NSA position, it remains to be seen under General Haugh how this strategy will evolve.

General Timothy D. Haugh, U.S. Air Force, assumed command of U.S. Cyber Command (USCYBERCOM) and the National Security Agency (NSA)/Central Security Service (CSS) on February 2, 2024, during a change of command, directorship, and responsibility ceremony at USCYBERCOM/NSA/CSS Headquarters.

In my estimation and experience, Navy leadership typically brings a superior strategic mindset to effectively navigate the intricate infrastructure and multi-domain landscape of cybersecurity. Air Force brass, however, may prioritize very abstract approaches lacking grounded understanding of light-touch and responsive asymmetry needed for real measured success in massive scale operational challenges (e.g. risk MacArthur’s “catatonic” follies).

Just thinking out loud here.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.