Speech written by Colonel Martin for keynote speaker Major General Macdonald, J-3, US Forces - Korea

As reflected in this report, cyberspace had joined air, land, sea, and space as a warfighting domain.

2010 LandWarNet Conference "USFK's Role in Supporting Cyber Operations in the Far East"
by Colonel Wes Martin
18 May 2010

There is no city more perfect than Seoul and no country more suited to address LandWarNet than the Republic of Korea. The Republic is one of the most wired nations and home of some of the most advanced communication corporations in the world.

A very commonly expressed phrase concerning our military alliance is Katchi Kapshida - We go together. The naval, air, and ground forces of the United States and the Republic of Korea have stood and fought firmly at each other's side for sixty years.

Even today, we benefit the security of both of our nations. The Republic of Korea is the only place in the world where we are in direct opposition to a nation state adversary. Here we still maneuver and prepare for full spectrum military operations. The joint effort of two nations, bringing together in harmony the capability of their Army, Navy, Air Force, and Marine units is impressive.

Often warriors ask themselves if the cause they fought for was worth the effort and the expense. One look at the Republic, both in terms of democracy and quality of life, and the answer is immediately positive.

The success of the Republic of Korea is unquestionable evidence that a progressive and open democracy can flourish on the Asia mainland. In the immediate face of military and political threat, our Korean friends have built the 13th largest economy in the world.

An examination of this country will never be complete without an analysis of this strategic region. Here reside 4 of the world's 6 largest militaries and 5 of the world's largest economies. In this region is 20 percent of the world's economic output and 19 percent of the world's trade (to include 25 percent of all United States trade).

The success of the Republic's democratic government and free enterprise business system has not gone unnoticed, especially by the leadership in the northern half of the Korean peninsula. While boasting the fourth largest military in the world, Kim Jung Il also is the leader of one of the most failed nations in history...certainly in modern times.

Although north Korea has a failed economy, its "military first" policy continues to put weapons in the hands of the military before putting food on the table of its population. Its people are not allowed to be part of an opposition party to the one in power. The north Koreanpeople live in poverty and oppression. While in the Republic, state-of-the-art communications is a standard, in the north continuous electricity is a luxury only for the privileged few.

Of even greater concern is the fact that Kim Jung Il is not content with the destruction his family and party have brought to the northern half of this peninsula. That's where the combined military forces of the Republic of Korea and the United States come in. Every day, our very presence sends Kim Jung Il a clear message: "To take over the Republic you have to come through us and you are not up to the challenge."

Because Kim Jung Il knows this, and knows the mistake of his father, he is looking for other ways to undermine the security of this nation and the very alliance that holds our two nations together. Every year we witness the great lengths he is going to build a nuclear inventory and a long range missile capability. I know it comes as no surprise to anyone in this room that Kim also desires to build an offensive cyber capability.

Last year we experienced a simultaneous Distributed Denial of Service attack on United States Forces Korea, on the Republic's Ministry of National Defense, and on its financial community. It is not hard to realize who was behind those attacks.

More recently, as reported in open media, a penetration and data exfiltration was conducted on the Republic's military computing system and elements of the defense plan were extracted. None of us here today believe those incidents were isolated. Each one of us has no doubt that every minute attempts are being made to penetrate our network defenses.

As CJ-3 of United States Forces Korea and Combined Forces Command, it is my responsibility to ensure all our operations systems are fully functional and well defended. I must ensure that General Sharp is fully capable of fighting tonight and has full maneuver capability for both immediate and long term engagements.

Ultimately, the fight comes down to what we can provide to the warriors who are engaging the enemy. Not only do we need to put the right equipment at their immediate disposal, we need to give them the right intelligence, and we need to provide them with the right fire support, whether it comes from indirect fire or overhead bombers.

We need to ensure they know what they are engaging and what is preparing to engage them. Furthermore, we need to use alternative means of engagement to destroy the threat. We don't want our warriors to become engaged in a fair fight. If they are in a fair fight, then we didn't do everything possible to give them the advantage.

Secretary of the Army Pete Geren said it very well in his remarks at the 2007 National LandWarNet Conference, "With LandWarNet, we will give Soldiers and commanders continuous, on-the-move information about the size, strength, and disposition of the enemy and our own forces. Before the fight and during the fight."

I would like to take a moment to put this in terms of ground combat operations. We build our perimeter to be strong and defend against a hostile attack. Our Soldiers pulling duty are required to be alert and not to make mistakes that can be used against them.

Behind them, we have security alert teams, back-up alert forces, and in reserve entire commands that can deploy to either stop or contain a penetration. In support we have the intelligence community watching and analyzing potential threats as they are developing.

This analysis can go on even further, but I know everyone here is already seeing my point. I also know as I was describing these defenses, people here were making conscious and even sub-conscious comparisons with network operations.

Our way of thinking is almost identical, all that differs is the battlespace we are addressing. Just as the power of the allied air forces is critical for keeping adversaries from attacking from above, your work is critical in keeping us from being attacked and neutralized through cyberspace.

Without the cover all combat troops receive from the cyber community, we can't communicate effectively, we become restricted in our ability to effectively process and identify targets, our resupply is impeded, and we lose critical time that could be well spent engaging and destroying our enemies and their will to resist. You know this to be true, I know it, and Kim Jung Il knows it. That is why he is determined to build a cyber force.

Kim Jung Il is already operating in the war-fighting domains of Land, Air, and Sea. With his missile program he is working hard to add Space to that list. Within the information environment, he is already adding the domain of Cyber Space.

Cyber Warfare offers opportunities for Kim Jung Il that his missile and nuclear programs do not. First, it's a lot less expensive. Second, it does not attract the same attention. Third, even in armistice conditions, he can exercise attacks and exploits without being held directly accountable.

Whether kinetic or non-kinetic, an attack itself is held to two different standards - ours and our opponents. We consider an attack as a failure if we successfully defended against it. Our adversary would consider this same attack as successful as he would be able to analyze the strength of our defenses and determine what needs to be done in the future to overcome or go around those defenses.

I am sure most everyone is aware of the battle depicted in, "We Were Soldiers." The Americans considered the battle as successful because the North Vietnamese were denied the victory of overrunning the battalion. The North Vietnamese considered it a victory because they were able to study American tactics, which they based their strategy on in the future.

In the early days of our involvement in Iraq and Afghanistan if we re-enforced our perimeter defenses, we got a ninety day time delay before our enemies figured out how to circumvent the enhancement. Within two years, enhancements only bought an extra fourteen days. We have forever been in a continual race to get better faster than our enemies. This compares to a phase out of Lewis Carroll's Alice in Wonderland, "We have to run as fast as we can to stay in place."

The same is true in cyber warfare. Every time we get attacked, whether it is through a Distributed Denial of Service, an actual hacking incident, or other form of attack, our adversaries are using that information to get better. We have to move as fast as we can to stay ahead of our adversaries.

Just as hostile activities directed toward our networks give us cause for concern, they also give us opportunities to understand the tactics and procedures of our adversaries. Here we have the opportunity to defend in depth so thoroughly that they will not understand the strength of what they are encountering. Meanwhile, it will give us the opportunity to understand their capabilities and their development as it progresses.

In short, let's get inside their decision making cycle and make them react to us, not the other way around. Let's have them show their shortfalls while trying to overcome our strengths. As we work this information, we will stay in contact with our own cyber communities.

Information is valuable when properly shared with people and agencies having a need to know. Here is where I look to you, members of the cyber community, as one of my best allies. For starters, you provide and defend a critical resource. Computer Network Operations is not only an information tool, it is a battle-space. Just as the United States and the Republic are firm allies, you are firm members of the air, land, sea, space, and cyber combat force.

I will be the first to admit that I don't have your knowledge of cyber operations. I will also be the first to state that I know you share my concerns and are totally in this fight to defend our nations and liberties that we have enjoyed throughout our lifetimes. To this fight, you bring a unique and critical skill set.

This battle-space is new, especially when compared with the beginning of time in the antiquity of war. It's continually changing, what is a breakthrough today, will be outdated within a couple of months.

However, if we were to claim its frontline as our firewalls, then we have already surrendered. We learned with the Maginot Line in the First World War that a firm front line brings a false sense of security. Perhaps not since the Manhattan project have our scientists and civilian technology industry been in such as critical race for time to protect the free world from a potential threat that a few decades earlier was beyond comprehension.

So far we have been primarily talking about defense operations, which is very critical. However, let's break into two other critical areas - exploitation and attack. I learned a long time ago that victories are not won by staying in your bases and simply defending your perimeter.

In our history books are two wars where the strong dominate force was able to control real estate wherever they went and win almost all major battles they engaged. The first one that is on everyone's mind at this moment is American involvement in Vietnam. The other concerns British tactics during the American Revolution.

We must apply the lessons of our kinetic history, to this new and non-kinetic front. We must refine a way to legally engage our adversaries outside of our perimeter and use this battlespace to our advantage. Here we have more than a communications system.

We do it right and we also have fires and effects. In conflict let's make the enemy afraid to turn on his system, knowing we are either going to shut him down or use it against him.

I welcome the creation and development of the newly approved Cyber Command. I am also very pleased that the ultimate right person has been selected to head this command, General Keith Alexander. He has a tough fight ahead of him. General Alexander deserves all the support I know each of us are going to provide him. Here in United States Forces Korea we are already working with his command and developing a way ahead that would link Cyber Command with Combatant Commands.

United States Forces Korea has been very progressive in developing a way ahead for cyber operations. All overseas commands have unique challenges. We have several. In an area about the same size as Indiana, we have multiple networks of multiple components and other support organizations that are all eventually connected together.

Meanwhile, as a command we had little direct authority over most of these organizations. This is not unique to the Republic, as we had a similar situation in Afghanistan.

A challenge should never be treated as an insurmountable obstacle, just an opportunity for an innovative solution.

What we developed was an oversight process that has now caught the attention throughout all branches of the American armed forces. We have developed and refined a Flag Level Oversight Committee (commonly called the FLOC) supported by a Council of Colonels and three panels.

It was intentionally not called a General Officer Steering Committee because that term comes with the understanding of authority and budget control over all the membership organizations. Originally we built the charter to address only Information Assurance and Computer Network Defense. Our concern was to ensure we could keep our networks secure. Quickly, it was realized the strength of this process was not in the regularly scheduled meetings, but in the daily interface between the Colonels and the action officers. In combat, you cover down on your left and right. That is the true foundation of the FLOC process.

As we progressed, we realized that Information Assurance/Computer Network Defense wasn't enough. We needed to start addressing and building full spectrum computer network operations. We had to start examining our options in exploitation and attack. As a result, we have revised this FLOC process and last month Lieutenant General Fil approved the charter for full spectrum Computer Network Operations.

This effort has not only led the way in the Far East, but also for United States forces world-wide. Lieutenant General Via, J-6 of United States Joint Chiefs of Staff, is now presenting our process through the communications community.

In the Information Assurance/Computer Network Defense focus, emphasis of this effort was placed on the J6 community, for its responsibilities of "provide" and "defend." With full spectrum Computer Network Operations now being the focus, emphasis has shifted to the J3 (Operations) with J6 (Communications) and J2 (Intelligence) in close support. As everyone here is aware, we have legal limitations on what we can do in these areas.

As previously mentioned, a challenge should never be treated as an insurmountable obstacle, just an opportunity for an innovative solution. That solution is in the development of a strong and active reach-back capability. Just as we have built a strong relationship within United States Forces Korea, we need to do the same with our national cyber community.

Building a strong cyber community has not stopped within United States Forces Korea. As we speak, we are moving forward with our Korean allies. Last year US Department of Defense and ROK Ministry of National Defense signed a memorandum of understanding concerning cooperation on Information Assurance and Computer Network Defense. It is broad brush in nature, but does move us closer together.

We are following that up with constructing a U.S. Forces Korea, R.O.K. Ministry of National Defense, and R.O.K. Joint Chiefs of Staff Flag Level Oversight Committee. Through this process, as we identify mutual concerns and situations develop, we will have a structure in place to readily exchange information. Mirroring the American FLOC process, we will have a team of professionals forged together through continual professional relationships.

Today I give the following challenges to our industry partners. Build us the systems we need. Build them at a cost we can afford and are able operate in the toughest of cyber terrain and circumstances. Realize sometimes we don't know exactly what we want, we are not technologists, but rather warriors. Hear our concerns and help us where we may not know exactly what the solution will be.

Now comes the challenge to our military members here today. Share your concerns, explain our needs. Look to our allies in the world of science to provide us better technology and equipment. Don't limit your thoughts by just your experiences. Look at emerging needs and future threats. Don't be afraid to speak up.

None of us here have all the answers. Even collectively today we will not achieve all the answers. What we are already achieving is continuing to build upon an outstanding network of information exchange.

Our success here in Korea is in our ability to work together despite nationality, branch of military service, and status as military or civilian to become one force working closely together.

In closing, I leave you with one thought and one challenge. The pursuit of science is the pursuit of truth. The challenge I give you is to pursue the science of cyber operations and bring us the results so we can better employ it in our mission to defend our nations.

Always remember, whether we represent the Republic of Korea, the United States of America, the military or the civilian sector, we are in this fight together.

Classification: UNCLASSIFIED
Caveats: NONE

©2021 Wes Martin