PrintPrint CiteCite
Style: MLAAPAChicago Close


Military Fellows Roundtable: Air Force Cyberspace Command: Protecting Against an Electronic Pearl Harbor [Rush Transcript; Federal News Service]

Speaker: General William Lord, Commander, Air Force Cyberspace Command
Presider: Colonel Jeffrey B. Kendall, USAF, Military Fellow, U.S. Air Force, Council on Foreign Relations
March 31, 2008
Council on Foreign Relations


COLONEL JEFFREY B. KENDALL: If we could go ahead and get started. Good morning. I'm glad to see everybody here. I apologize if my voice gets a little unusual here; I'm fighting a cold right now, so I'll try to stay sequestered in this own little corner right here and try not to spread anything here.

I'm Colonel Jeff Kendall, the Air Force military fellow with the Council on Foreign Relations this year, and I want to welcome you to the Air Force Cyber Command Roundtable.

As you see the title, the new Air Force Cyber Command, protecting against an electronic Pearl Harbor. And as we get into the discussions, I think that you will find it to be illuminating as well as a topical -- or a timely topic for us to discuss.

Many of you have probably seen a lot of the activity on TV, especially if you've been following the Final Four. There have actually been commercials on Air Force Cyber Command, the one that starts out, you know, the Pentagon will be attacked 3 million times today. And who's there to protect it? Well, it's Staff Sergeant Lee Jones sitting there with that computer.

Now some may think that that's a little unusual, facetious, but in reality, it just kind of gives you an indicator as to what we're looking at today for some of the threats that we're facing for the future.

This morning, we have joining us Major General Bill Lord. He is the commander of the Air Force Cyberspace Command on the provisional aspect, located at Barksdale Air Force Base in Louisiana. He is the one responsible for establishing cyberspace as a domain in and through which the Air Force flies and fights, and in his current duty is creating the Air Force Major command for organization, training and equipping of combat forces to operate in cyberspace.

He took command in October of 2007, and the rest of his biography is located in your handout, and you could review that when you'd like.

Just as a few quick reminders, this session will be on the record. We do have teleconference capabilities; they are operating on mute today. Also a reminder to please turn off all of your electronics of your own, pagers, cell phones, anything that is going to make noise out there. Again, a little preemptive cyberspace attack is not warranted this early in the morning.

MAJOR GENERAL WILLIAM T. LORD: We can turn them off for you. (Laughter.)

COL. KENDALL: Yeah, the Air Force will turn them off for you if you choose not to.

And then the national participants or teleconference opportunities are remaining on mute.

Let's go ahead and get started. With that I'd like to hand it off to General Lord for a few opening comments.

LORD: Well, thank you, Jeff. As I got in a taxi to come up here, my -- was reviewing notes. And of course reviewing the notes that Jeff gave me, and the advice that my wife gave me. She gave me -- remember the two B's, be brief and be seated. I'm already seated.

But today being in the Big Apple, you've got to remember the third B, right? Baseball. The Yanks are playing today, beginning the last season in the place that was begun by Babe Ruth. So good luck to the Yanks today.

Let me cage the discussion a little bit by -- by talking about what your Air Force is of course doing today. The Air Force that I joined almost 30 years ago had 800,000 people on active duty. The force we have today is about 320 plus thousand on active duty; about four times the deployment, four times fewer forces.

As we speak today, 37,000 are deployed around the world doing the nation's bidding. And of those, there are about 3,000 that are doing the jobs of -- to assist the Army and Marine Corps ground forces such as driving convoys and things that are not typically associated with what an Air Force would do, but are part of the joint fight.

Almost 200-plus sorties will be flown today, not only supporting Iraq and Afghanistan, but delivering cargo, doing humanitarian relief across the world. But I know you didn't want to talk about that. You want to talk about Air Force Cyber Command.

So what is all this business about? As I came in from Newark, came through the Holland Tunnel yesterday, somebody pointed out to me, said, you know there was really a little bit of a traffic backup, and this is Sunday afternoon -- can you imagine what this is like on Monday morning?

The analogy is that cyber capability will give all of our armed forces a synergistic kinetic and non-kinetic effect to be able to do the -- to conduct warfare, the analogy would be, instead of destroying a bridge with a 2,000 pound bomb, or putting potholes in a road, what if in a cyber way you could shut off the easy pass at the beginning of the Holland Tunnel? You can imagine, the traffic would back up. The combat effect is that you are not getting any traffic through.

So if you think of cyber as an effect that integrated with non-kinetic effect -- integrated with a kinetic effect, perhaps we get the ability to conduct warfare in a different manner.

Does it really matter? Well, why are we doing this in the Air Force? In the Air Force a very heavy technologically dependent force. Today we're flying predators where the controls are in Nevada, and 12,000 miles away over Afghanistan, we're having a combat effect. So we are very dependent on the electromagnetic spectrum. And that's the way we define cyberspace. We define it as a domain that consists of the entire electromagnetic spectrum. Perhaps we could talk about that later; there are some who agree and some that don't agree with that definition.

So my role in Air Force space commend -- excuse me, in Air Force Cyberspace Command, is to organize, train and equip those forces that will present to combatant commanders, both regional combatant commanders and functional combatant commanders, for both the defensive and offensive piece of this war.

Now we're required to build a budget, which is what we're doing right now. We're required to identify the units that will be part of Air Force Cyberspace Command, and we've done that.

We are required to find a location for the command's headquarters. You may have seen an enormous amount of press, I think at today's count 144 members of Congress and 18 governors have an idea where our headquarters ought to go.

But in an attempt to use some best practices of industry that most of you all are very, very familiar with, we'll initially establish this command as a virtual headquarters. Sometimes I call it cyber-cyber command. We don't need a significant portion of brick and mortar to be able to conduct business in this arena.

So the initial 500 or so headquarters folks will be spread out amongst about 13, 14 bases throughout the United States, and just as companies like Accenture do with 175,000 employees, we arm them with -- with some information technology, drive down the facility costs initially and operate as a virtual headquarters like most industries.

Now for those in uniform who are familiar with more Napoleonic line and staff -- you know the question that the secretary of the Air Force reminded me about, said, gee, how do you -- how do you get any respect if you can't march 1,000 people in front of your flag pole. And as he reminds me, this is a different world, and we ought to -- we ought to think about how to do a different kind of command structure.

So the presentation of forces is, remember, an Air Force major air command, not combat force; it's a resource force. We take forces that we have organized, trained and equipped, and give them to combatant commanders for employment, and that's exactly what we're doing. We are taking a page out of the history of the U.S. Army and the U.S. Navy who have already stood up equivalent kinds of forces, the Navy Netwarcom, and Landwar that the Army has are equivalent organizations, for them to do similar kinds of things.

A lot of folks often want to talk about the offensive piece of this. I think principally certainly initially this is about defense; this is about our ability within the Air Force to protect our own command and control links, so that those of us who are most dependent on it can continue to fight the fight when those links perhaps are attacked.

So think about what would happen to a -- to a force if the radios didn't work, if the computers didn't work; if the command and control information you were using to make combat decisions had been manipulated; and all of that, protection of that is mostly defensive force, and that's -- that's our principal focus.

So our initial capability is due the first of October this year. And we defined that as having about 50 percent of our force assigned. As I said that's about half of the major air command headquarters; it's approximately 250 people. But the entire command eventually will be about 8,000 folks plus; five combat wings in various locations around the United States -- we don't have any that will be stationed overseas yet, but providing forces to the regional combatant commanders as they request them.

For example, if the commander of AFRICOM or United States Central Command, or USUCOM or PACOM ask for forces, we'll take forces and give them to them for effective employment.

So when the lights go out, when the traffic lights don't work, when the data in the stock exchange has been manipulated, when the cell phones don't work, when the escalators in FAO Schwartz don't work, imagine what happens within the United States, imagine that now laid over a command and control ability of any force.

So you have kind of the impact of what would happen if we attempted to execute or defend and provide sovereign options to the national command authority, what would happen. So our role inside the Air Force is to protect that piece, that we are so heavily dependent on in the Air Force, and then by extension those things you mention.

So with that, please let me answer any of your questions about what it is you'd like to know about what we're doing in this arena.

COL. KENDALL: Well, let me -- before we do that, sir, if I -- if I may, here, let me address a couple of questions to you myself --

LORD: Okay.

COL. KENDALL: -- and then we'll open it up to the floor here for the members.

First of all, you talk a little bit about the attacks, the defensive nature. And indeed we've had a number of attacks that have been in the open press. In 2001, there was Chinese hackers that took down a White House website for a few hours there, for the denial of service. There were a number of attacks in 2003 on the Pentagon system. Estonia has a little bit of history with a web attack, or a cyber assault, that shut a lot of services down for days in that area.

In June of 2007, the office of the secretary of Defense's unclassified email system was reported to have an attack that, according to the Financial Times, was attributed to the PLA in China. And then also in August of 2007 there were 28 defense contractor sites in the United States that were targeted by -- mostly by China, primarily email attacks with false attachments that had malicious code associated with it. It was -- it actually trailed back to an Internet protocol address that corresponded to CNC Group Beijing province network.

So my first question really has to do with, this is a national kind of a threat, looking at our systems in a national security perspective. Is that the primary rationale that the Air Force is determined to establish a major command solely dedicated to cyberspace? Or why are the other services not doing it, or are the other services? And why is the Air Force out front on this?

LORD: Yeah, good question. I think that the first part -- let me answer the second part first. The other services in fact have already established commands. And I would say that we are now in the business of trying to match those, learn from their growing pains to develop a similar capability.

But as you pointed out in your examples, the trouble with this domain is that the price of admission to be a bad guy in this domain is very, very inexpensive. You would argue -- or I guess I could argue that the price of force on force, there is nobody -- very few peer competitors for force on force against the United States. Who is going to take on the United States Army, Marine Corps, U.S. Air Force, U.S. Navy as probably the most powerful force on the face of the planet?

So in my opinion, the way we will see the next kind of warfare will be asymmetric warfare, where now, as -- as we look at -- just look at a couple of years ago, the Melissa virus, the "I love me" -- the "I love you" virus, a 12-year-old in the Philippines with a laptop computer can shut down the economies of the world just on a lark.

So the reason the Air Force is doing this, quite frankly, is to provide a better Air Force, a more effective Air Force, and once again use perhaps the synergy of the kinetic piece and the non-kinetic piece to produce a global effect.

You pointed out several -- or certainly one nation state. Just as problematic we see the cyber terrorists, the cyber criminals, from a couple of nations that you haven't mentioned, that are quite brutal.

In the case of Estonia, Estonia -- I had an opportunity to speak with the minister of defense from Estonia. He was attacked by 1 million computers generated from 75 different nations. Most of that electronic attack came from servers within -- inside the United States. So the problem with this kind of warfare, then, is determining who is the enemy, what is their intent, and where are they, and then what can you do about it?

And so in this domain the ability to go from -- from Title 50, those things that are conducted in foreign intelligence, to Title 10, which are those things -- operations conducted by the U.S. armed forces, versus Title 18, those are law enforcement activities, becomes very blurred.

So we have established great relationships with the Department of Justice, the Department of Homeland Security, who are responsible for those kinds of activities, protecting the United States. But we need, and we have -- have always had good relationships between those organizations and inside the services, but we need the ability to very quickly go between the two. And so it's those processes that we're working on right now that say, gee, is this -- something that's -- an attack that's solely focused on the U.S. Air Force, or as you say is it on private industry, or is it on the U.S. national banking system, financial institutions? Or is it just a cyber criminal whose attempting to penetrate a bank?

But the characterization of these things -- for example, what's an attack and what's just another box coming up on the network automatically trying to find itself and communicate with other boxes on the network? Well, if you are establishing a router, a switch, a hub, and you put a new box on the network, that's all you're doing. But if you're on the other side of that and you see unknown traffic attempting to penetrate your network, gee, is that an attack? Is that nefarious? Is that malicious? Or is it just somebody else on the network?

So the characterization of those things are things that are problematic and that -- that we're working on.

COL. KENDALL: You mentioned, taking off from where you talk about the difficulty in determining the point of origin, and who is actually involved in dealing with attribution, attributable aspects of cyber threats, are there any current international protocols or legal constraints that keep you from defending our current system that we have within the United States, and within the military in particular? Or are you looking at how to best remove or change the congressional support, some of that, to allow you to more effectively defend the system?

LORD: Yes, we -- in a traditional sense -- traditional defense -- what we do is attempt to block activity that we view as nefarious or unknown. And that's all; just block inbound traffic on some of these activities. As we looked at the authorities that the Department of Defense has in Title 10, it was the opinion of our Air Force lawyers that we didn't require any changes for that, because we had added cyber as part of the domain when the Air Force talks about airspace and cyberspace.

So we are -- we're not sure it requires any change there. As we look at the international agreements, there are folks from -- from NATO that have contacted us. They're interested in how do we expand to potentially help them in the -- in the defensive business. But so far we don't think there is any change required in U.S. law to allow the Department of Defense and the Air Force to do what it is we think we need to do to defend ourselves.

COL. KENDALL: With that, I'd like to open this up to Council members. Couple of reminders on the rules. If you want to be identified for a question, you may place your name tent on the side for recognition. State your name, affiliation; use the microphone please. And then if we could minimize the amount of comments, and limit yourselves to just one question, we ought to get through the questions as best we can.

So with that we'll start -- initially I see one -- up here we'll go with Jeffrey Schaeffer (sp) and then Mr. Zurren (sp).

QUESTIONER: Thank you.

General Lord, let me ask two quick questions. One, it's suggested from the introduction that defense here is a matter of defending civilian system that is very closely related to military vulnerabilities. What are you developing to develop greater effort in the part of banks like mine -- I'm with Citi, Citi Bank -- and other technologically dependent civilian operations?

And second, how do you get the bright young people you need in this world where there are so many other opportunities for them?

COL. KENDALL: Good questions. The answer to your first question is of course we in the U.S. Air Force aren't doing anything to help -- to help you directly. Obviously, we think that a strong Air Force is part of a strong nation.

There are some activities that we are familiar with that come under the Department of Homeland Security, and the critical infrastructure protection program, where there are I think -- I'll get the number wrong, but I believe there are 12 or 13 different committees that are looking -- different industries -- I know the banking industry is certainly one of those -- looking at shoring up our own internal defenses inside.

So the specific question -- I think answer to your question is that the Air Force isn't doing anything about those civilian activities because under Title 10 we're precluded from doing those things.

Now what we are doing is trying to get a better relationship with industry so that for example when you see an attack on your bank is that a law enforcement activity? Is that a Department of Defense activity? Is that a Department of Homeland activity? I think maybe the answer is, eventually they may be all. But how do we quickly exchange information so that we in this world of cyber warfare where potentially warfare is at the speed of light, right, not the speed of a ship, not the speed of a tank, not the speed of an aircraft, not the speed of sound, but the speed of light, where all of a sudden things happen very, very quickly, how do we exchange -- how do we fix the processes so that we're complying with U.S. law, but doing it more quickly than we have in the past.

The second question is an interesting one. I said that perhaps we need a different kind of warrior in this domain. Today, all of our armed forces have a physical fitness test that requires us to do -- depending on what your service is -- required to meet some physical fitness standards. Perhaps that's not the right construct for these kinds of kids in the future -- and I don't use kids pejoratively; they're all just younger than I am. So these great young American men and women, how do we attract them? How do you attract the brains of some of this crowd that you might not want to wire up to a polygraph, but yet use their -- use their wonderful innovative ability. But they're not the same kind of folks that perhaps you want to march to breakfast in the morning.

Now we have both kinds, I think, and we've got to figure out how to do that. And so there are efforts to look at civilians, to look at contractors; there's an enormous amount of civilian continuity required in especially in this kind of arena. At the same time you have to bring in this innovation. The recruits in all of our services today, and I can only speak specifically about the Air Force, but I can assume it's the same for the other services, technologically very, very dependent. You can stand at the bottom of your stairs and shout for your kids to come down for dinner and they won't come; you've got to text message them, right?

So we have young men and women who want to come to the armed forces, and they want to come to a technologically advanced armed force, and so part of it is creating the atmosphere for them to want to come.

I think that there is something to be said for wanting to come and do something meaningful for the nation, and we attract young men and women for that reason too.

So it's the combination of those. And we've got to change the demographic -- somebody told me they wanted me to do a magazine -- a particular magazine interview. I said, okay, I'll do a magazine interview, but who do you think you're going to get? You know, you look at the demographics of who reads paper magazines and it's not the crowd we're trying to reach out to right now. So we've got to shed some of our own traditional recruiting mechanisms to go after a different crowd.


QUESTIONER: Yes, General, first, I'm Jim Zirren (sp), and thank you for introducing this very thought provoking subject, as well as for your service.

I also have two questions. The first is, what is the level of technological capability that is necessary to launch a serious attack against the United States? Are we talking about a kid in the Philippines? Or do you need a nation-state with sophisticated technological means at its disposal?

The second is, I guess the legal question that if you became aware of a conventional bank robbery that was being planned at Citibank, I assume you'd call the FBI. You wouldn't send Air Force officers into Citibank. But suppose you became aware of a cyber attack on Citibank, and somebody wanted to transfer a billion dollars out of the bank to some bank in China, do you intervene immediately and directly because of the time factor? And isn't that a new legal role for the military?

LORD: Your first question is, the technological capability didn't used to be very complicated. Quite frankly you could download most of the tools off the Internet to do pretty bad things.

The good news is, via some of the programs, some of which I mentioned previously, critical infrastructure protection, many of the industries in the United States are fixing that or in fact have fixed that. So that drives you to a technologically more complicated or complex -- have the ability to do something that is more difficult.

At the same time there are -- there are a lot of folks who are keeping up with that technological edge, too. The ability to thwart these things -- first of to find and detect them, and then thwart them, is getting more difficult. But there's a lot of U.S. industry that's put a lot of brainpower on this.

So while it's getting more complicated to have the ability to launch one of these kinds of things, it is also -- we're also building defenses that are getting better.

One to one, probably right now, probably right now. We can't -- in the Air Force, we can't take our eye off that ball though. And so what it requires for us is, is an acquisition cycle, a requirement cycle that's much, much more flexible than we have had in the past. If it takes 15 or 20 years to develop an F-22 or an F-15 -- I'll use the Air Force as an example -- you get a very technologically advanced platform, in this business it only requires months, maybe days. How do you acquire the counter to that ability in the same amount of time as people are producing the potential weapons? And so there's a lot of focus there.

The second question is, you have it absolutely right. Citibank, if it's in New York City, will call the local law enforcement, I'm sure; or if it's a federal bank, call the FBI. But as I said before, when does it change from the characterization -- when does the attack characterization change from just an individual to something larger?

And I don't -- initially I don't think it will ever become the responsibility of the U.S. Air Force to do that. But if it's viewed as an attack on the United States, the United States Northern Command is responsible for the military defense of the homeland, we would provide forces to Northern Command to do whatever General Renuart, as the commander of Northern Command, deemed necessary.

And so what we need, though, is we need those processes that are already established that allow us to hand those things off very quickly from Title X law enforcement to Title -- excuse me -- Title XVIII law enforcement to potentially Title X.

And so those partnerships have become so important. In fact, we've begun to do prisoner exchanges where we live in their command centers; they live in our command centers. And we have very good relationships so far. You'd think, as you watch television, that there's not good relationships. And the good news is most of that's fiction.

KENDALL: We'll go to this side over here. Mr. Nichols?

QUESTIONER: You've mentioned a lot of different kinds of threats. When push comes to shove, you've got to rank order the threats. How do you do that? What is your rank order? Examples mentioned earlier were mostly China. You mentioned kids in the Philippines. There are so many -- (background noise) -- that you've got to put your eggs in some basket.

LORD: I would suggest that it's not -- that we don't rank order them based on -- I won't talk about much of them. We don't rank order them based on the attacker, we rank order them based on the type of attack. So if that's a bot-net attack where computers are taking over our computers to do nefarious activity, a la Estonia, that might be more problematic than merely a spam attack where there's a bunch of junk e-mail stopping or slowing down our systems.

But the bottom line is the ability to -- we need the ability to be able to continue to fight in a system that is under attack or in the middle of attack. I liken it to my previous experience a long, long time ago in Europe when we would do practices against chemical attack. You'd don your chemical gear and put on your helmet and hide under the desk and you'd wait until the gas cleared. And then, a couple of years later, you'd do the same thing, but now we're required to do our job while doing that.

Well, think about it. What happens when the network goes down sometimes? It depends where you are. You're angry for about five minutes and then you get used to it. "Well, gee, I'd better pick up the phone. I'd better use" -- so you go back to writing letters and fax machines. But we need to be able to continue to defend, and attack if necessary, while we are attacked. So it depends on the kind of attack as opposed to the attacker. That's the way we prioritize.

KENDALL: Mr. Tisch.


General, you've talked about cyberspace and the defense. I presume somewhere along the line, someone is thinking in terms of cyberspace and the offense.

LORD: Absolutely right.

QUESTIONER: Is there somebody who's coordinating that? Is there an equal effort put on cyberspace as an offensive weapon?

LORD: Well, of course, offensive combat operations come as direction from civilian control through our combatant commanders. And so the combatant commanders principally plan offensive activities. What we do as services is -- services with a big "S," Army, Navy, Air Force, Marines -- we provide those forces to combatant commanders for them to use in offensive operations.

So the answer is certainly they are planning offensive kinds of activities, but that's the responsibility of the combatant commander, not me as an organize, train and equip resource guy.

KENDALL: Malcolm.

QUESTIONER: Thank you.

Malcolm Wiener. I chaired the first Council task force 12 years ago, independent task force on non-lethal technologies, military implications and options. And we dealt with cyber warfare. In fact, Dan Sharp, president emeritus of the American Assembly, told me the first time he ever heard the term is when I used it at the talk I gave there.

And if I can just tell one other brief story. Right in this room we had, about 10 years ago, the annual dinner with the service chiefs. And I deliberately sat down next to General Fogleman, who was chief of staff of the Air Force, and raised the question. He said, "Oh, no, that's Denny Reimer's stuff." Denny Reimer was the commander in chief of the Army. "This is the Air Force."

And I said, "Yes, I know. But, you know, two weeks ago, during the Bosnian campaign, the Air Force was ordered to bomb an airfield in Bosnia to send a signal, but to do it so as not to hit any of the planes, because that might make them too angry," which meant a low-level dangerous mission. "If you could have put them out with something like cyber warfare, wouldn't that have been a better way to do it?"

And I still remember General Fogleman sitting up very straight and giving me a very piercing look, and three weeks later the Air Force let its first contract at $60,000 to study the Air Force role in non-lethal technologies. Sorry about that long history.

One of the things we struggled with was organization, because we became immediately aware that each of the four services were beginning to look at this, and there was a large civilian component. We met with John Deutch, who was then secretary of Defense, and with Major Seaton on the National Security Council staff, and we concluded this really had to be on the National Security Council.

One reason was that -- and this is not a speech; I want to get your reaction to this -- but one reason was that, for example, if you were conducting the kind of struggle with nation-building, struggle with one of these things, you might, for example, want to take out a particular radio station. There was one in Cambodia that was urging people to kill everybody. When that was taken out, things improved. There was one in Rwanda which was saying, "Don't forget to kill all the children too," you know. So that's an aspect of it. There are so many various ways in which information warfare and cyber warfare come together.

I was a little concerned when I heard you say, "Well, we provide offensive capabilities as combatant commands want it," because it seems to me that there has to be, first of all, war gaming, serious war gaming in thinking about this, and somebody really in charge in Washington to try to develop an overall strategy about how you're going to approach situations -- what communications you want to take down, which ones do you want to leave up, what can we do offensively, and how to coordinate defense across, as we've been saying, the civilian and military sectors, because it's hard to say where one stops and the other stops.

That's a big long question for you.

LORD: Yeah. Of course, as it directly affects the Air Force, we are attempting to coordinate those things inside. But you're exactly right. It requires a larger holistic view. And we didn't talk about information operations, which, in the Air Force, we view it as a subset of this greater cyber warfare.

And, quite frankly, how is that we -- what are the messages that we shape, and how do we shape those messages? And when you're dealing directly with just combatants, that may be a different message than when you're dealing with other populations. And clearly then you require other elements of government to help shape that.

But because I'm a force provider only to combatant commands, that's what we do. But the combatant commanders do have relationships with those other activities -- State, CIA, you know, the full gamut; in the case of Northern Command, DHS, DOJ.

So there are -- I think those venues exist. I don't know where they're tied together, quite frankly, at the top, but they certainly are with the combatant commanders and the other departments.

QUESTIONER: Could I follow up just very briefly, just exactly on this point, because I think it's critical. You gave the critical example, it seems to me. For example, early on in Bosnia, there were 100,000 people marching in the streets protesting what Milosevic was doing. They didn't want to do it.

The worst thing you could've done was drop bombs, because that unites the population around somebody. If you'd been able to do this sort of cyber warfare and say, "We're very sorry that we're shutting you down temporarily; we remember -- we're not anti-Serbian; we remember our glorious joint fight against fascism. And as soon as what you're doing in Serbia stops, we'll help rebuild your country. We're not bombing you or anything else. This is only temporary."

It's very important to have the cyber warfare steps you take and the message you send interconnected. And, you know, we had three reiterations of the Council task force, and we still ended up feeling that we had gotten nowhere. You know, we brought top-flight military scientists to the table, like Dick Garwin, who was described the other day as "the only real genius I ever met" by Teller, because he had invented the way to make the hydrogen bomb work. We had top-level talent, but we just felt we didn't get there in terms of government organization. We're still here if anybody wants to talk to us.

LORD: The other piece of that is the non-kinetic directed energy piece, because if you can cut down some of these systems and not destroy them, then you can turn them back on. U.S. -- (background noise) -- aren't rebuilding nations that we've used 2,000-pound bombs on. And at the same time, you both can perhaps save lives of attackers and defenders.

And, potentially, it's not about the destruction of buildings, it's about the changing of behavior of an enemy. And if you can convince them to change their behavior, quite frankly, with something between -- (background noise) -- and a 2,000-pound bomb -- maybe this is part of that capability -- you can conduct warfare that doesn't require as many of your children or grandchildren to fix bayonets and go into battle.

QUESTIONER: You might be amused to know that on my committee, the vote was 16-2 that we ought to pursue this. One of the two dissenters was Jerry Bremer, who passed a note saying, "Anything worth doing is worth doing lethally. This cyber warfare business is nonsense."

Well, thanks.

KENDALL: Carter.

QUESTIONER: General, Carter Goode (sp).

You jokingly said you could turn off our telephones and cell phones. But in the satellite world, communications go out, do we have the full understanding and capacity of all the satellites that are out there, including other countries', and how we also could manipulate them or destabilize them? We've shown that we can take them out physically. But in the cyberspace, is that a big part of what you're looking at also?

LORD: Well, as I would defer those questions to Air Force Space Command or United States Strategic Command, but I'm sure they've got a good handle on that. We know what all the objects are up there. And, of course, after the recent ASAT shot from one of the nation-states, there's a lot more junk up there in space to just track. So we track all of that and we pay attention to all of those things.

QUESTIONER: Can you control them?

LORD: Don't know.

KENDALL: Mr. Kass.

QUESTIONER: Two questions, both brief, I hope.

First, in the view of the blurry line between criminal activity, defense activity, intelligence activity, some people in this room will be concerned about civil liberties aspects of this, privacy and the like, particularly if it becomes a wide data-sharing operation in the hands of the military, even the Air Force.

Secondly, in view of the fact that an awful lot of smart people at those computers these days, including those working for industry, are located in India or Israel or somewhere else, I wonder how feasible it is for you to keep this as a completely internal U.S. operation if you want to stay ahead of the game.

LORD: I'm not sure that we can. This is like toothpaste that's out of the tube. How do you get it back in?

One of the things that we do look at is in U.S. Air Force systems, for companies that are providing us capabilities where they have purchased software offshore, we pay attention to what that software looks like and try to break that back down and make sure that what we got is exactly what we paid for and not anything extra.

I would maybe take your comment a bit farther and say, you know, we have wonderful universities within the United States that are training an enormous number of foreign students, and not U.S. students. We have the capability but haven't put those back to, Mr. Schaeffer (sp), your question about how do we attract young American men and women to come into this stuff, this business, and then work for us in the U.S., either in U.S. industry, quite frankly, or within U.S. government.

And, quite frankly, we could probably depend on U.S. industry to make those jobs attractive, because then you have to figure out, well, why are they offshore? Probably competitive pricing is my guess; I don't know.

QUESTIONER: (Off mike.)

LORD: I think a valid concern. And when I was talking about exchanging processes, I was not talking about exchanging data, although there's probably an aspect of that that we'll have to do to exchange data. And, of course, that's where we need Department of Justice, Homeland Security, folks who set those kinds of rules, determine what it is they will give up.

KENDALL: Mr. Timblesman (sp).

QUESTIONER: Thank you, General.

Looking at this through the lens of deterrence, why do you think the Chinese are doing this at this time? Do you welcome it in order to be able to understand capabilities? And what happens if you have a series of these things occurring sequentially, knowing where they come from? Does one make a political demarche? Do we remain silent? Again, looking at it from the point of view of trying to move your adversary in a particular direction.

LORD: Yeah. I happen to be one that believes that we ought to talk about this a little bit more exactly for the deterrent effect. And I think that -- my personal belief is that as we talk about it, much like we used to talk about weapons of mass destruction, these potentially are weapons of mass disruption, and therefore, among nation-states, can probably come to reasonable agreements that we won't use ours if you don't use yours.

Clearly that doesn't work with criminals or terrorist activities. And so there is a body of work that's being done, again, by United States Strategic Command and the National Defense University on this subject, and within the Office of Secretary of Defense Policy, on this whole deterrent effect.

Part of it has to be a willingness to talk about it in a little broader circles than we have been willing to talk about it in the past. And there's dynamic tension there because of operational capabilities that we may or may not have, and then a willingness to talk about this. So it almost goes back to the -- in the Air Force, we think that organizationally in this business we're at about the 1947 stage, when the Air Force was first formed.

I know I jokingly talk about sometimes I feel like Columbus, who has convinced Queen Isabella to let us go on this expedition, unfortunately, knowing the outcome, that Columbus ended up in the wrong place initially. But I think that will be part of the maturation that we go through as we form this command and bring this new capability to the forefront.

We'll screw it up, not intentionally, but, you know, we won't get it 100 percent -- I'm 100 percent sure we will not get it 100 percent right. And as you can imagine, this is really about cultural change as much as it is about organizational change for kinetic and non-kinetic war-fighting capability.

We're a culture that's used to putting a pack on our back and fixing a bayonet. This is a different kind of warrior and a different kind of warfare.

KENDALL: Rafi (sp), did you have a --

QUESTIONER: Rafi Santo (sp).

I'm wondering where the dovetail is between the kinetic and non-kinetic that you're talking about. I mean, take, for example, the idea of a very serious bot-net attack on -- (background noise) -- systems, not by a state but by an individual or a group of individuals. At what point does Air Force Cyber Command then talk to Air Force? Or, taking into account issues of sovereignty and diplomacy, what happens then? It's not a physical attack but has physical ramifications.

LORD: Right. One of the discussions that we have going on now is as we detect those and there are attacks on U.S. Air Force systems, how do we hand that off to foreign law enforcement? And what does foreign law enforcement do with this information? You know, if it takes three weeks for them to investigate a problem and we can't stand that, you know, our typical reaction is, well, we attempt to block the traffic; band-aid the wound, if you will. But clearly Air Force doesn't take any other kinds of actions.

But that's where it goes to -- maybe there's an opportunity here within the international relations business that we have mechanisms that now pay attention to this like they do, quite frankly, great mechanisms that look at child pornography between nations. Maybe this is the next new burgeoning -- the nascent area that we've got to explore.

KENDALL: Mr. Paul.

QUESTIONER: Doug Paul from Credit Suisse.

You mentioned briefly NATO. Do we have a number of our allies that have cyberspace commands? And also do we have nations that are less friendly to us that we're aware of that have cyberspace commands?

LORD: Yes to both. Yes. There --

QUESTIONER: Were we late in the game?

LORD: Pardon?

QUESTIONER: Were we late in the game? Were we one of the first to have a cyberspace command?

LORD: Yes, we are. But we have great relations with the traditional nations that we have exchanged intelligence data with in this area. There are -- the Chinese, for example, we think, are looking at several thousand people in this arena; don't know that. And so they potentially can form -- can be a formidable adversary. They have a lot more folks doing it.

KENDALL: Mr. Train.

QUESTIONER: General, if the Japanese were planning a Pearl Harbor attack, they would probably not begin by preliminary attacks on Guam or a frogman ashore in Pearl Harbor. They would have had a sudden surprise, as they did, a sudden surprise attack of great brilliance and verve.

If the Chinese, who are presumably the principal problem here, are contemplating a Pearl Harbor, is it logical that they keep stimulating us to reactions like what you've been describing by lesser but still very powerful effects?

LORD: Maybe; to detect whether we can detect their intrusions. Just like we send out reconnaissance teams, perhaps those are reconnaissance activities that are going on. At the same time, because this is, again, a nascent business, we don't know what we don't know, in theory.

I agree with you; I don't believe that an attack in this business will be against the traditional force-on-force -- as I stated earlier, force-on-force kind of attack. It will be an asymmetrical attack at something else to scramble our ability to do our own command and control of forces or make decisions based on bad information.

QUESTIONER: What do you think is the most likely reason for the Chinese attacks?

LORD: I don't know. I don't know. And I wouldn't characterize them as -- we have talked a lot, or you all have talked a lot this morning about China, and they have recently gotten a lot of press. But the cyber criminals' activity in, I mean, just organized crime from Russia is just as problematic. Cyber terrorism, to get money to do other nefarious activity, is just as big a problem; quite frankly, I think, a bigger problem than the nation-state problem today is.

KENDALL: We have about four minutes left. And Malcolm, you have the final question.

QUESTIONER: No, I think I've done more than my fair share.

KENDALL: Okay. All right, good.

Any closing comments?

LORD: Thank you for the invitation. We in the Air Force think that as we have had conflicts since about mid-1950s -- since really the Korean War, land forces have operated with impunity by having air superiority. Think about it. Our U.S. land forces have not been bombed from the air since the Korean War. Sometimes we take that for granted.

I think in the future, we will have to have some version of cyber superiority to continue to support what it is the national will is -- has asked us to do. And this one piece of what we're doing in the Air Force is an attempt to get after that and shore that up, as the other services have done.

Thank you for your questions. Thanks for your support for your U.S. Air Force and for all of our armed forces. (Applause.)

KENDALL: With that -- (inaudible) -- thank you.










More on This Topic