Obama Administration nemesis Senate Armed Services Committee Chairman Senator John McCain and Secretary of Defense Ashton Carter are in agreement that Russia, China, and Iran are all taking actions to assert their influence and demonstrate their ability to confront the United States. At the Reagan Defense Forum on 7 November the Sec Def observed that “Some actors appear intent on eroding these principles and undercutting the international order that helps enforce them.” Secretary Carter went on to warn that while the US does not seek confrontation it remains resolved to “…defend our interests, our allies, the principled international order, and the positive future it affords us all.” (http://www.militarytimes.com/story/military/pentagon/2015/11/08/defense-secretary-ash-carter-says-russia-china-potentially-threaten-global-order/75412284/). This current environment of confrontation creates a tinder box from Syria, to the South China Sea, to any venue for physical terror, to cyberspace where potential shows of strength by Washington, Moscow, Beijing, Tehran, Damascus or Raqqa will increase the probabilities for a miscalculation that could lead to devastating unforeseen and unintended consequences.
Though not yet confirmed, “intelligence chatter” is indicating that ISIS is probably responsible for the 31 October bombing of Metrojet flight 9268 over the Sinai as it was returning 224 Russian vacationers to Saint Petersburg from the Egyptian sea-side resort of Sharm-el-Sheihk. Apparently this “intel chatter” was not specific enough to be actionable. The intelligence imperative here is the difficult task of penetrating ISIS with human sources who can provide more granular insights about potential actions both on the battlefield and those directed against the international community. The quickest way to rectify this lack of HUMINT would be to gain access through Assad’ security forces to members of ISIS that Syria has captured, but that would mean a deal with the devil brokered by Vladimir Putin.
Last month when I was opining about how things could get worse in terms of Syria and ISIS, I didn’t contemplate an act of airline terrorism aimed at Russia when I obviously should have. If ISIS is responsible for bringing down Metrojet Flight 9268 (as they claim they are) then there is good chance this could lead to Russia and the US tacitly joining together in an “ISIS First Campaign” enabling Bashar al-Assad’s regime to remain in control of Syria until the Islamic State (IS) is neutralized. With or without US support it seems a reasonable conclusion based on current behavior that Putin will double down on military pressure against ISIS. Of course, the demise of ISIS works to the benefit of Iran in creating a Shite satellite in southern Iraq that would be a menace to Saudi Arabia. The alternative is Saudi Arabia funneling money to ISIS to buy them off from bringing their brand Islamic Revolution to the “Kingdom” while keeping Iran and its Shite proxies on the defensive.
Concurrently on the other side of the world USS Lassen conducted on 27 October a Freedom of Navigation Operation (FONOp) in the South China Sea sailing within 12 nautical miles of China’s claimed and militarily fortified Subi Reef. This was quickly followed on 05 November by US Secretary of Defense Ash Carter and his Malaysian counter-part flying out to the nuclear aircraft carrier USS Theodore Roosevelt (aka “The Big Stick) as this carrier strike group transited the South China Sea enroute its new home port of San Diego after a deployment to the Persian Gulf where its air wing conducted strikes against ISIS in Iraq and Syria. China’s reaction was public but muted with a stern warning given to the US Ambassador in Beijing’s by China’s Deputy Minister of Foreign Affairs for LASSEN’s violation of Chinese territorial waters. The Chinese also deployed additional military aircraft and missiles to the Spratly Islands. The US response was to announce its intentions to continue to conduct regular FONOps in the South China Sea and for Secretary Carter to visit the “TR.” While there has been no overt Chinese military reaction to USS Theodore Roosevelt’s transit of the South China Sea, a Chinese Diesel Electric Submarine was reportedly tracking USS Ronald Reagan in late October as it conducted a naval exercise in the Sea of Japan with the Japanese Maritime Self Defense Force. And in return to a common Cold War practice, two Russian TU-142 Bear aircraft conducted close in surveillance of Reagan under escort by the carrier’s F/A-18’s during this same period.
The daily cyber intrusions against the U.S. private sector by Chinese and Russian state sponsored organizations are well documented and now Check Point Software Technologies on 09 November published a 38-page report identifying specific details and broad analysis on cyber-espionage activity conducted by the group Rocket Kitten, with possible ties to the Iranian Revolutionary Guard Corps (http://blog.checkpoint.com/2015/11/09/rocket-kitten-a-campaign-with-9-lives/). As result of these menacing cyber assaults, the American private sector is becoming increasingly frustrated with the government’s inability to protect US industries from state sponsored cyber intrusions.
This is generating debate between the private sector and NSA/CYBERCOM about whether and when those in the private sector can engage in “active cyber defense” against those doing harm to them. Proponents of active cyber defense contend that cyber space is not exclusively a government domain and if the government can’t or won’t protect the private sector from cyber harm then U.S. private entities should not be denied the right of self-defense. Those opposed to active cyber defense by the private sector contend that the Constitution reserves to the federal government the responsibility for the conduct of foreign affairs.
In its wisdom, Article 1 Section 8 of The United States Constitution states that “The Congress shall have Power to … grant Letters of marque and reprisal.” This power was used to some effect in the early days of our republic to allow for commercial shipping to make up for our lack of naval power. At both SAP N2S Solution Summit and the Reagan Defense forum, NSA Director/CyberCom Commander Admiral Mike Rogers said he thought issuing letters of Marque and Reprisal is a reasonable means for the government to authorize selected private companies and individuals to take active cyber defensive measures against those perpetrating harmful cyber actions upon them. Adm Rogers, however, went on to express his deep concern about the unintended and unforeseen results of private entities taking cyber self-defense/retribution action against foreign state sponsored cyber actions.
I am not sure what is the best way to deal with this cyber constitutional conundrum, but I am reasonably certain that if the US does not develop a coherent policy, organization, and rules of engagement for private sector cyber active defense (and a well-regulated private sector cyber militia – – – with or without Letters of Marque and Reprisal — sounds like the right approach to me) then U.S. commerce will remain vulnerable to foreign cyber intrusions, while all the unintended/unforeseen events Admiral Rogers is rightly concerned about will be at greater likelihood of happening anyway.
No good options with regard to Syria and ISIS, a return to Cold War like military tensions with Russia and China, and the US private sector looking to take cyber defense into their own hands create continuing opportunities for miscalculations. The only thing worse than miscalculation is a blunder!
That’s what I think; what do you think?