The biggest single pot of money under the “One Big Beautiful Bill” would be for Cyber Command, a $250 million allocation for “artificial intelligence lines of effort.” Another $20 million would go to cybersecurity programs at the Defense Advanced Research Projects Agency.

The U.S. Indo-Pacific Command — which counts among its geographical areas of responsibility territorial waters for cyber adversaries in Russia, China and North Korea — would get $1 million for cyber offensive operations. Cyber offense was something the second Trump administration emphasized when coming into office.

A $90 million pool of funds for several purposes at the Defense Department would include “cybersecurity support for non-traditional contractors.”

A broader set of funds at the Coast Guard would allow some funds to be spent on cyber there. A $2.2 billion allocation for maintenance includes upkeep of “cyber assets.” A $170 million allocation for “maritime domain awareness” includes “the cyber domain.”

The lone non-military mention of money that can be spent on cyber comes via the $10 billion-per-year Rural Health Transformation Program, a state grants program meant to counter the legislation’s Medicaid funding cuts that the National Rural Health Association says falls short of doing so.

Grants can be devoted to, among other things, “cybersecurity capability development.”

Earlier in the process, when House committees were assembling their sections of the bill, Democrats took issue with a lack of funds for the Cybersecurity and Infrastructure Security Agency.

“On the matter of cybersecurity, once again, Republicans say one thing [and] do another. Despite the Chairman’s pronouncement that the 119th Congress would be devoted to improving the Nation’s cybersecurity, there is not one penny in the Homeland Security Committee’s reconciliation title devoted to the issue,” the Democratic critique reads.

“This tone-deaf reconciliation package ignores serious threats facing the Nation — including cyber threats from Russia, China and its typhoon campaign, Iran, and cyber criminals — while turning a blind eye to the administration’s reckless dismantling of America’s cybersecurity agency,” the critique continues. “From election security, to threat hunting, to security by design, the Trump administration is gutting the core services CISA offers governments and the private sector alike, and Committee Republicans do not care.”

The post GOP domestic policy bill includes hundreds of millions for military cyber appeared first on DefenseScoop.

It’s been said before. And it’s easier said than done.

Experts that spoke with reporters for this story note several multifaceted questions regarding enhanced offensive operations, including what form they would take and if it’s an appropriate response to the recent rash of intrusions. Offensive operations are technically complex — unlike in Hollywood, where they’re as easy as pushing an “enter” button — and potentially introduce new risks for the attackers.

Furthermore, those calling for more cyber offense might not be aware of the scope of current secret U.S. operations, itself a conundrum: If the country doesn’t take credit publicly, how would adversaries know it struck back and therefore deter present or future attackers? 

In the end, it might not dissuade other nations if the United States gets more aggressive in cyberspace, said Herb Lin, a senior research scholar for cyber policy and security at Stanford’s Center for International Security and Cooperation.

“What I’m trying to understand in all this is people who say we should go on the offensive more. It sounds good in practice, [but] what are you going to do?” he said. “I haven’t seen a plausible scenario that actually gets them the outcome they want.”

Waltz hasn’t detailed exactly in interviews what he means when he says the United States needs to “start going on offense and start imposing … higher costs and consequences” in response to data theft, espionage and most worrisomely, Chinese hackers, known as Volt Typhoon, that the U.S. government has said are prepositioning themselves to attack U.S. critical infrastructure in the event of conflict over Taiwan. But in an interview with the Daily Wire, he said the United States didn’t respond to Soviet nuclear stockpiling by building better missile defenses — instead, it stockpiled its own nukes.

And in an interview with Breitbart, he got a little more specific. “I believe personally you can do that by demonstrating if you’re putting cyber time bombs in our ports and grid that we can do it to you too so let’s both not — mutually assured destruction — and take the temperature down on this a bit.”

At a hearing last month about another Chinese Salt Typhoon hacker group’s massive espionage-oriented hack of telecommunications carriers, several lawmakers on both sides of the aisle pressed witnesses on the topic of offense. “Why aren’t we going on offense, and doesn’t that help?” asked Sen. Dan Sullivan, R-Alaska, saying it’s a repeated line of questioning from lawmakers at classified briefings, too, and other key lawmakers have echoed those calls.

Current national security adviser Jake Sullivan said on Friday that the United States has “taken steps in response to Salt Typhoon” to “make it harder for China to actually be able to execute this” but didn’t elaborate further.

Advocates for increased offensive measures need to clarify what precisely they want to do, experts said. Past, publicly revealed U.S. cyber operations include Stuxnet, which targeted  Iranian centrifuges in a joint effort with Israel, and others aimed at would-be election meddlers from Russia and Iran. Lin said other options include getting into adversary nations’ systems — like Volt Typhoon is said to have done in the United States — to prepare for future attacks, or leaking embarrassing information about enemies, although that’s less about new offensives and more about capitalizing on existing intelligence.

Lin and Erica Lonergan, an assistant professor at Columbia University’s School of International and Public Affairs, said there’s been some blurring in the public discussion about the nature of espionage, like the kind that Salt Typhoon has conducted with its telecom breaches, and whether going on offense is the right response. The United States, after all, uses cyber for espionage, too.

“We risk conflating different types of threats, and also like not being clear about what we mean by offense,” Lonergan said. “Applying a deterrence model to espionage questions is a bit of a mismatch.”

The first Trump administration did loosen the rules on the Defense Department conducting offensive cyber operations. Congress in recent years also has helped pave the way to lift certain hurdles that existed in the past to help demystify legal barriers and speed up operations. 

Charles Moore, the former deputy commander and director of operations at Cyber Command, said a move toward “cyber campaigning” would be “the most important step” that DOD and Cybercom could do to increase the scale and strengthen the impact of their operations.

“Instead of conducting specific, one-off operations, campaigning represents a persistent series of operations geared towards accomplishing clear strategic objectives,” Moore said. “This approach is more impactful than ad hoc operations but requires support from the other departments and agencies in order for Cyber Command to operate at the speed, and have the freedom of maneuver necessary for it to be accomplished effectively.”

Still, the reality is that offensive cyber operations are “slow and grinding, and take a lot of time,” according to Emerson Brooking, director of strategy and resident senior fellow at the Digital Forensic Research Lab of the Atlantic Council Technology Programs, and one of the authors of the 2023 DOD cyber strategy. 

They require gaining access to adversaries’ networks — not always an easy task — as well as mapping those networks to understand where the intended targets or desired information exists, and then figuring out how to degrade or destroy those portions of the network without causing more widespread harm. Experts note that offensive operations also risk the discovery of cyber tools used for other purposes — such as U.S. espionage — that could render them useless.

Much U.S. policymaking on cyber deterrence over the years has emphasized responding to cyberattacks in a variety of ways, from economic sanctions to legal action. Experts believe that’s the right emphasis. Offensive operations can be a part of that, they say.

That’s because researchers say there’s little evidence that any cyberattacks have effectively caused anyone to change their behavior. But some of the outer limits haven’t been tested, and it’s not clear when cyber offense might prompt retaliation against the United States.

“The question for this administration is going to be, how do we send the right messages and create the right deterrent without causing an escalation?” said Kurt Sanger, Cyber Command’s former deputy general counsel. “There’s some line out there that you cross it, and it will lead China and Russia to escalate, but it probably has not been properly explored yet.”

That doesn’t mean the United States isn’t conducting offensive operations right now. But experts say it’s a tool that’s currently less effective than other means of sending signals to adversaries about what kind of behavior they want. The historically clandestine nature of offensive cyber operations runs counter to, for example, the airstrikes the Trump administration ordered against Syria in 2017 in response to their use of chemical weapons. 

The missiles were meant to send a clear, public message. As Cybercom has grown to stand on its own from an offshoot of the intelligence-rooted nature of cyber, it has sought “louder” tools — akin to physical attacks — where the target knew it was from the U.S. military. 

“Maybe the new administration will decide it’s time to do something a little louder, or even if the tool is the same, to accompany it with a statement that [says], ‘hey, we did that,’ for example,” said Gary Brown, Cybercom’s first senior legal counsel and now a professor at Texas A&M’s Bush School of Government & Public Service. 

However, some experts doubt that any steps taken by a new administration would be effective, partly due to the fundamental nature of international conflict. 

“It’s hard to shape the behavior of adversaries in competition just in general, and especially in cyberspace,” Lonergan said.

Or, as Lin put it, when discussing a range of more aggressive U.S. cyber operation options: “Let’s imagine we could do all of that. What good would it do?”

The post Trump and others want to ramp up cyber offense, but there’s plenty of doubt about the idea appeared first on DefenseScoop.