Inside Cyber Warfare

Jeffrey Carr

Part 29

Report Chapter

[189] "Poland to support NATO multinational cyber defence initiative," NATO C3 Agency, March 28, 2011, accessed August 31, 2011,

Republic of Korea

The Korean Information Security Agency (KISA) was formed in 1996 to establish reliable information distribution and to develop appropriate responses to electronic infringement. As cyber attacks from North Korea increased, in 2004 South Korea was one of the first countries to establish a Computer Emergency Response Team (KrCERT).[190] The ROK is faced with enormous cyber pressure and attacks from the DPRK, and while no formal policy has been publicly released, the ROK has been increasing their cyber education capacity, a first and basic step to growing any cyber defense infrastructure.

The ROK army, in cooperation with Korea University, has formed a new cyber defense school, slated to open in 2012, which will admit 30 students a year in a four-year course.[191] Courses will include breaking malicious Internet codes, the psychological ramifications of cyber warfare, and cyber warfare tactics. The army hopes that the school will ensure a steady supply of cyber experts to offset the DPRK's cyber offensive. Similar to US ROTC programs, if the students join the army after university, the army will pay their tuition.[192]

[190] KrCERT/CC home page, Korea Internet Security Center, accessed August 31, 2011,

[191] "South Korea opens cyber-war school," The Times Live, June 29, 2011, accessed August 31, 2011,

[192] Rick Martin, "South Korean University Students Can Now Major in Cyber Warfare," Penn Olson, The Asian Tech Catalog, July 1, 2011, accessed August 31, 2011,

Russian Federation

See Chapter 15.


In October 2009 Singapore established the Singapore Infocomm Technology Security Authority (SITSA), which was designed to be the national specialist authority in safeguarding the country against cyber threats. SITSA is structured under the Ministry of Home Affairs Internal Security Department. The agency will improve upon the current cyber defense capabilities by coordinating with private sector businesses. In addition, the authority will conduct simulations and exercises to strengthen the country's cyber security by training with real-world evolving threats.[193]

[193] Dawn Tay, "Govt sets up cyber-security agency," AsiaOne News, October 1, 2009, accessed August 31, 2011,

South Africa

In February 2010 the South African Department of Communication (DOC) released a draft policy on cyber security. The draft not only outlined the DOC's intentions to enhance cyber security in all facets of the country, but also to increase collaboration with state-run security centers. To accomplish this, the DOC proposed the creation of a National Cyber Security Advisory Council. The major downfall of the draft is the lack of incentives to private sector companies to implement new cyber security regulations.[194]

In June 2011 South Africa agreed to work with China to combat crime. Most of the dialogue, however, focused on cyber crime. China and South Africa plan to share intelligence to expose criminal networks and activities. Through the agreement, they will share criminal intelligence, but it also inadvertently gives the Chinese access to Internet-based information gathering. This is likely the main reason Chinese intelligence officials are working with South Africa.[195]

[194] "Draft cyber policy welcomed but criticised in South Africa," Balancing Act Africa, February 26, 2010, accessed August 31, 2011,

[195] Jackie Cameron, "China, South Africa dodgy crime partnership," MoneyWeb, China Perspectives, June 9, 2011, accessed August 31, 2011,


Sweden partic.i.p.ated in the May 2010 Baltic Cyber Shield international cyber defense exercise. The exercise was organized by NATO's Cooperative Cyber Defense Center of Excellence based out of Estonia, as well as several Swedish governmental inst.i.tutions, including the Swedish National Defense College.[196] Sweden has also been designated as a vital part of the US National Infrastructure Plan (NIP) because of the Swedish telecommunication firm Telia Sonera, which operates the most critical part of the European cyber infrastructure. Sweden's critical role in the US NIP has earned it an inner-circle membership in the defense exercise Cyber Storm, which simulates attacks by terrorists and hostile states on the cyber infrastructure.[197]

[196] "Baltic Cyber Shield to train technical skills for countering cyber attacks," NATO Cooperative Cyber Defence Centre of Excellence, May 3, 2010, accessed August 31, 2011,

[197] "Sweden has central role in cyber warfare," Om Dagens Nyheter, January 2, 2011, accessed August 31, 2011,

Taiwan (Republic of China)

The Taiwanese military began planning for a battalion-sized cyber warfare unit in 2000, according to Defense Minister Wu Shih-Wen. The unit would focus on building information warfare and electronic warfare capabilities, and it would receive funding in an amount equal to almost 25% of Taiwan's defense budget.

Taiwan's General Lin Chin-Ching has said that Taiwan has an advantage over the People's Republic of China in information warfare: Taiwan's information warfare advantage, which cannot be matched by the mainland, is that all of our citizens have a very high level of universal education, with a solid communications infrastructure, and our related research on electronic anti-virus software and Internet defense products all being up to world-cla.s.s level.[198]

In fact, Taiwan has a history of producing high-quality malware dating back to 1990, before the PRC had its own Revolution in Military Affairs (RMA).

[198] Emily O Goldman and Thomas G. Mahnken, The Information Revolution in Military Affairs in Asia (Palgrave Macmillan), p. 156.

*** You are reading on ***


[204] Ibid.

[205] "UK beefs up cyber warfare plans," BBC News, May 31, 2011,

[206] Nick Hopkins, "UK developing cyber-weapons programme to counter cyber war threat," The Guardian, May 30, 2011,

Chapter 17. US Department of Defense Cyber Command and Organizational Structure

Some of the information regarding the US Department of Defense organizational chart has been changed since this chapter was written. A few changes are represented in the footnotes; however, the DoD's process of reshaping itself is ongoing and their review process was too lengthy to meet the publishing requirements for this second edition. Thus, readers are encouraged to check the facts contained in this chapter with the latest guidance from the US DoD.


The US Department of Defense (DOD) has taken a decentralized approach to the organization of its cyber security structure. There are various organizations, divisions, and agencies that address the DoD's cyber security needs at both the policymaking and operational levels. The Joint Chiefs of Staff, the US Joint Forces Command (JFCOM), and several offices within the Office of the Secretary of Defense have roles in developing policy and guiding cyber security strategy.[207] At the operational level, the central organization to DOD's cyber security efforts is US Cyber Command (USCYBERCOM), which was created in June 2009 under US Strategic Command (USSTRATCOM).[208] The Joint Information Operations Warfare Center (JIOWC) was also created to plan, integrate, and synchronize information operations (IO) in direct support of Joint Force Commanders and to serve as the USSTRATCOM lead for enhancing IO across the Department of Defense. Additionally, the director of the NSA doubles as the director of USCYBERCOM, making them dual-hatted organizations.[209]

Each branch of the military has designated a support component for cyber security that operates under USCYBERCOM. These are the US Army Cyber Command, the US Fleet Cyber Command/US 10th Fleet, the 24th Air Force/AFCYBER, and the Marine Corps Cyber Command (able to conduct cyber operations but is not expected to achieve full operational capability until 2013).[210] There are several other DOD organizations that play an important role in cyber security. Network Operations Security Centers (NOSCs) provide network-operations reporting and situational awareness for each of the military service branches, as well as for the various theater commands. The National Guard and the DOD Criminal Investigative Services also have cyber security functions.[211]

[207] GAO, "Defense Department Cyber Efforts: DOD Faces Challenges In Its Cyber Activities," US Government Accountability Office, July 2011,

[208] Ibid.

[209] GAO, "Defense Department Cyber Efforts: More Detailed Guidance Needed to Ensure Military Services Develop Appropriate Cybers.p.a.ce Capabilities," US Government Accountability Office, May 2011,

[210] Ibid.

*** You are reading on ***

Popular Novel