C4ISR is reporting LTG Paul Nakasone, current Commander of the United States Army Cyber Command, has been nominated for the dual-hat position of Commander of US Cyber Command and the Director of the National Security Agency:

According to the congressional record, Nakasone was nominated for his fourth star Feb. 8.

Cyber Command is currently in the throes of elevating to a full unified combatant command. The elevation is expected to become official following Nakasone’s confirmation by the Senate.

Nakasone’s nomination for both jobs shows that the Trump administration is not using the retirement of current commander and director Adm. Michael Rogers’s to split the dual hat arrangement as some in the national security community had expected.

Nakasone appears to be a solid selection. Since he has been with ARCYBER for quite some time, he should have a deep understanding of signals intelligence and cyber defense, while at the same time capable of leading a cyber-oriented organization.

What I find most interesting in the small article is how Congress is not yet ready to split Cyber Command away from the NSA, even though, for all intents and purposes, the decision has been made. It will be interesting to see how the elevation of USCYBERCOMMAND from sub-unified to full Combatant Command, and the divorce from NSA, will affect its capabilities. I am a bit hesitant to get excited about the move, but remain optimistic.

Politico reports about an upcoming leadership change to National Security Agency thanks to ADM Mike Rogers impending retirement:

Picking Nakasone — who took the reins at Army Cyber Command in late 2016 — would place someone deeply versed in cyberspace operations atop the country’s premier intelligence-gathering service. As NSA head, Nakasone would also lead U.S. Cyber Command, the Pentagon’s digital warfare organization.

It’s unclear when the administration might formally announce the choice, but it’s believed the announcement could come in the next week or two, which means the Senate Armed Services Committee would hold a confirmation hearing in early March. The Senate Intelligence Committee may also hold a hearing, given the job’s heavy surveillance focus.

Nakasone sounds like a reasonable choice to lead the NSA considering his background and recent assignments. If selected, it will be interesting to see in what way the agency changes to adapt with the growing cyber threat, and more importantly, to the fallout from the still-unsolved Shadow Brokers breach.

The US Army is sending West Point cadets to gain cyber security experience in Silicon Valley internships:

Vidder has partnered with the Army and the Defense Department to accept cadets from West Point as summer interns, learning the ins and outs of cybersecurity from industry professionals. Although cadets receive training in military aspect of cyber, the opportunity at Vidder offers a way to gain hands-on experience to supplement skills learned in the classroom and the opportunity to explore specific disciplines in greater depth.

“We really want to complement formal class work,: Vidder founder and CTO Junaid Islam told GCN. Commanders want to make sure the officers in training have a complete view of the supply chain of cybersecurity and understand how software, systems and networks are built, he added. Cadets already have an understanding of how cyber is used on the battlefield, but the internship gives them the opportunity to learn how software is developed. That experience will help them in the field, if they have to make a change to software or work with industry partners.

According to former US Army Cyber Commander Rhett Hernandez, the US has a lot of work left to do to properly secure critical infrastructure in the country (emphasis added):

The United States is facing so many foreign cyberthreats that the military has no choice but to prioritize critical infrastructure that’s most important to Americans — protecting things like the electrical grid, power plants and national security networks. The U.S. government and private companies also need to consider a range of problems that can heighten their vulnerability to hackers and data breaches, from a lack of education to the inability to retain top security experts. In fact, the only thing Americans can know for sure is that the recent, devastating hacks on Anthem health insurance and the U.S. Office of Personnel Management represent a sign of things to come.

That’s the message from Lt. Gen. (Ret.) Rhett Hernandez. The former commander of U.S. Army Cyber Command, who was responsible for ensuring the Army and Department of Defense “maintained their freedom to operate while taking that away from others,” told IBTimes in an exclusive interview that, while the U.S. is less vulnerable than it was when he assumed command in 2010, there’s still a long way to go.

Hernandez retired from the military in 2013. He now works at the Army Cyber Institute and was recently named to the board of advisers at ProtectWise, a cybersecurity startup that monitors client networks by recording all the activity that takes place there.

We started our conversation with a look at signature-based detection, a common but outdated method of matching a strain of malicious software to known, previous attacks. Hackers easily avoid this by simply adjusting the programming code in their malware.

RT reports the US Army official public web site has been breached by a Syrian government-backed hacking group:

A hacker group backing the Syrian government claimed responsibility for hacking the official website of the US Army, just hours after President Obama called for new cybersecurity laws at the G-7 summit in Germany.

Army.mil was still down Monday afternoon. Loading a cached version of the site resulted in pop-ups proclaiming the site was “Hacked by the Syrian Electronic Army,” and messages such as “Stop training the terrorists!” and “Your government is corrupt don’t listen to it!” reported the National Journal.

Hackers calling themselves the Syrian Electronic Army swiftly took responsibility for the attack, posting images on their Twitter account.

There is no reason why the US Army’s official public web site should be vulnerable to hackers. Although there is limited sensitive data available on the web site, there should be very sophisticated cyber defense measures protecting the military public web sites. The fact hackers were able to successfully breach the site makes me wonder what type of protection architecture has been deployed.

Defense Systems on the US Army finally offering retention bonuses for cyber warriors:

The Army, which is making a concerted push to recruit and retain cyber warriors, is for the first time offering selective retention bonus specifically to cyber personnel.

The bonuses, or SBRs, are the product of a personnel measure that took effect May 20 and are available to soldiers currently within the Army’s Cyber Mission Force who are eligible to re-enlist, the Army said in an announcement.

Specifically, soldiers with the military occupational specialty 35Q, cryptologic network warfare specialists, with an additional skill identifier E6 (interactive on-net operator) are eligible for bonuses ranging from $12,300 to $50,400, depending on grade and service commitment, the Army said. Those with an 35Q EA (exploitation analyst) specification are eligible for bonuses ranging from $7,900 to $32,200.

The bonuses are part of the Army’s effort to expand its cyber forces—ultimately to a combined 3,806 military and civilian personnel—and retain them to ensure effective operations. Part of that effort is the creation of a career management field for cyber, CMF 17, that has been approved and is under development. The Army said it will release details about CMF 17 in upcoming military personnel (MILPER) announcements.

This has been a long time coming. Considering how competitive the private industry cyber security job landscape is, the only way to retain cyber warriors is to offer these types of bonuses. Otherwise, the talent will seek alternative, more rewarding, and higher paying jobs outside of military service.

NextGov on the United States Army talking with “cyber effects” vendors as part of an effort to put strengthen operational cyber capabilities:

A new market survey aimed at identifying suppliers is the third Defense Department document issued over the past month that points out a need to be able to execute “cyber effects.”

A cyber effect typically refers to a hack, disruption or other impact to an adversary’s network, according to security experts.

The Army’s request for information, which was released Thursday afternoon, expresses interest in “existing technical capabilities to deliver cyber effects with robust and mature capabilities” that can target “telecommunications, networking, components, and protocols.”

Unsurprisingly, the RFI does not go into detail about the required capabilities but is at least soliciting more information from potential vendors for the Army to research.

Kristen Kushiyama, CERDEC Public Affairs, writing about the Army finally starting to focus on cyber strategy in tactical environments, an area traditionally overlooked:

The Army identified that it needs to make advances in several Army-unique problem sets. One such area is the Army’s tactical operations center, where military specific operations occur. While its enterprise level network is similar to commercial businesses, the tactical network faces military-unique defensive and offensive challenges.

Tactical networks have limited bandwidth with high-bit error rates, high latency, intermittent connectivity, and roaming infrastructure and users.

“On top of that, you have other related data like mission command data that are passing over these very limited bandwidth channels to begin with. Any security you pass over these channels degrades what other traffic they can send,” said Steven Lucas, chief engineer, CERDEC Space and Terrestrial Communications Directorate, Cyber Security and Information Assurance Division.

The Army is unique in that it operates for extended periods within adversarial environments.

“We’re highly reliant on distributed communications systems, which are more prone to interception because you are in close proximity to the enemy within radio line of sight range,” Bertoli said.

Historically, tactical environments are the weakest area for cyber security because of the reasons Bertoli mentions. It is good to see the Army taking a close look at area and strengthening cyber defenses in a much needed area.