The Trump administration begins under the shadow of a series of consequential Chinese cyber hacks targeting U.S. critical infrastructure. While incoming officials grapple with long-standing failures to deter China and other adversaries from launching cyberattacks on the U.S. homeland, the Department of Defense (DOD) faces a startling capability gap: The civilian and military professionals responsible for protecting the same type of assets that China compromised receive inadequate training in recognizing, defending against, and recovering from malicious state-sponsored cyber activity. There is no institutional home for this vital training.
The U.S. military maintains an extensive global footprint, with 800 installations spanning more than 70 countries and territories. Public and private utilities own and operate the power lines, water pipes, and fiber optic cables that supply these bases. Yet once those systems cross the fence line onto military facilities, the U.S. military is responsible for ensuring their safe and reliable operation and restoration during an attack.
The problem is many of the professionals tasked with maintaining these critical systems might not recognize a cyberattack for what it is because they’ve received no specified training. They often see an operational disruption, assume it is just a system malfunction, and move quickly to restore systems, potentially wiping out the forensics data that cyber professionals need to discern how an attacker got in and disrupted the system.
Without a dedicated forensic investigation, engineers who respond to the symptoms of an attack may simply revert the system back to the same vulnerable state that the attacker exploited in the first place. Crucial intelligence clues about the attack’s provenance and intent will be lost.
At Fort Leonard Wood (FTLW), Missouri, the Army and the U.S. Army Corps of Engineers (USACE) provide world-class training for the professionals who maintain both our civilian and military critical infrastructure. However, in the vast majority of these programs, there is no basic cybersecurity curriculum.
This critical omission leaves America vulnerable and the professionals who respond ill-equipped to confront malicious state-backed actors who seek to compromise the operational integrity of control systems. This is not merely a cybersecurity problem but a national security problem. Today’s battlefield extends to the contested virtual domain. The advantages of two large oceans that have provided standoff and a defensible homeland do not prevent the battlefield from extending to our military bases. Our adversaries aim to deny or destroy the technological supremacy that underpins our military’s ability to project power. Our military engineers must be trained to respond to the advances of modern warfare.
Other federal agencies acknowledge the importance of cybersecurity training for their engineers. The Department of Energy released a national strategy on cyber-informed engineering three years ago, placing cybersecurity at the foundation of engineering for energy systems. Similarly, the Cybersecurity and Infrastructure Security Agency (CISA) has spent the last two years working with technology and device manufacturers and evangelizing the importance of building security into systems from the outset. Even the Department of Commerce’s National Institute of Standards and Technology has issued “cyber resilient engineering” guidelines for industrial control systems.
Despite these efforts, silos still exist between DOD cyber incident response and remediation teams and the engineers responsible for maintaining critical systems. The DOD has not trained military engineers to collaborate with network defenders to secure the industrial control systems against cyber threats.
As recent headlines have affirmed, military bases are high-value targets for nation-state hackers. Their power grids, HVAC and airfield lighting, access security, fuel systems, and water utilities were initially designed for reliability, not security. But these systems cannot be reliable if they are not secure, and America’s adversaries know that undermining system reliability degrades miliary readiness and our ability to project power.
The knowledge gap of our engineers — and the resulting dangerous national security risk — need not persist. FTLW houses the multi-service Maneuver Support Center of Excellence for engineering, military police, biological, chemical, radiological, and nuclear training. This training heritage positions its Prime Power School to expand its multi-service curriculum to include cybersecurity-driven engineering for all Army Combat Engineers and Navy Seabees. The Air Force’s Red Horse Units and public works personnel should also learn to identify and respond to cyber threats.
Prioritizing a comprehensive cybersecurity curriculum will prepare these engineers to maintain military readiness, respond to emerging threats, and win against all hazards, including cyber malfeasance. Once trained and deployed, these engineers will actively ensure the military’s critical assets necessary for executing military operations at home and abroad.
Establishing a joint-service schoolhouse, co-located with the USACE’s Prime Power School at FTLW, will create a hub of expertise and a pipeline for an organic DOD workforce. This initiative will amplify the resilience of home-based and forward-deployed forces, especially in the Indo-Pacific, where China is actively working to undermine our military’s ability to achieve national security objectives, which start here in the homeland.
From the Battle of Iwo Jima to today, engineers have played a critical role in protecting our forces and defeating enemy counterefforts. The U.S. military’s engineers don’t just build infrastructure; their expertise shapes the battlefield itself, ensuring victory through innovation. Now, as wars extend into the cyber domain, the same expertise must evolve. Establishing an all-service training curriculum at FTLW focused on detecting, responding to, attributing, analyzing, remediating, and sharing information about malicious cyber behavior would ensure their legacy of paving the way to victory continues in the digital age.
Alison King is vice president of government affairs at Forescout and a senior fellow at Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security. Annie Fixler is the director of the Center on Cyber and Technology Innovation (CCTI) at the Foundation for Defense of Democracies and facilitates the Department of Energy’s Operational Technology Defender Fellowship. Rear Adm. (Ret.) Mark Montgomery is CCTI’s senior director and served as executive director of the congressionally mandated Cyberspace Solarium Commission.
Read in DefenseScoop
Issues:
China Cyber Indo-Pacific Military and Political Power U.S. Defense Policy and Strategy