The U.S. Army is recruiting, and according to NWF Daily News, it’s not just frontline soldiers or battlefield commanders that are needed. Rather, the Army is seeking a new generation of cybersecurity experts who can help defend the nation against emerging technology threats. The Army’s Cyber Mission Force (CMF) is looking to get ahead of the curve with new cyber careers, hoping to capture the interest of budding IT professionals looking for long-term employment on the cutting edge of cyberdefense. What is really driving this exponential growth?

Changing Landscape for Cyber Careers

According to James Clapper, the U.S. director of national intelligence, cyberthreats against America are on the rise. In a recent BBC News article, Clapper said he believes cyberthreats from other countries are increasing. On a more positive note, he said he believes a kind of “cyber Armageddon” where cybercriminals compromise large-scale infrastructure is now less likely than “an ongoing series of low- to moderate-level cyberattacks from a variety of sources over time, which will impose cumulative costs on U.S. economic competitiveness and national security.” He also noted a rise in cybercriminals working not in the service of nations, but for profit or ideological reasons.

Meanwhile, Mike J. Rogers, former chairman of the House Intelligence Committee, warns that U.S. businesses are at an increasing risk of cyberattacks from nation-states. In a recent Business Insurance article, Rogers said attacks on corporations such as Sony mean “the game has completely changed” and that other countries could “get into this pretty cheap.” The bottom line, Rogers said, is that cyberattacks are far less expensive than physical warfare and will therefore grow in popularity.

Sign Up!

It’s no wonder, then, that Lt. Gen. Edward Cardon says the CMF has grown exponentially over the past few years. According to C4ISR & Networks, 25 of a planned 41 CMF teams have reached their operational capability, and Army Cyber Command (ARCYBER) has 21 Army Reserve cyber teams in development.

“We are on track to have all 41 CMF teams established and operating by the end of fiscal year 2016,” Cardon said.

In an effort to bolster its ranks, the Army is now recruiting both private citizens and encouraging West Point and ROTC cadets to select cyber careers when they graduate. For Cardon, the sheer number of embedded electronic devices is concerning because they “are often integrated into systems which are difficult and costly to update or upgrade as new threats or vulnerabilities are identified with increasing speed and widely ranging tempo.”

Ideally, training enough in-house cyber experts will give ARCYBER the ability to respond proactively to these emerging threats rather than deal with the consequences.

Retention Tension?

While the Army is pushing for new cyber experts to join its ranks, keeping them may be another matter. According to a March 16 Military Times article, while recruiting is on pace — the Army has already reached 75 percent of its annual goal — retention may be more problematic. One source of discord is money. In the private sector, cyber careers routinely pay six-figure salaries and come with a host of perks to capture the best and brightest. The Marine Corps has set aside 16 percent of its total retention bonus budget to help keep its cyber force intact, while the Air Force allows recruits to enter the service at a higher rank if they come in with civilian cybersecurity training. However, though budgets and perks may not be enough, the military has a different end game, said Adm. Michael S. Rogers, chief of U.S. Cyber Command and director of the National Security Agency.

“We are not going to compete on the basis of money,” he said. “Where we’re going to compete is the idea of ethos, culture that you’re doing something that matters.”

Threats to national security are shifting, with the costs and risks associated with physical warfare having prompted a rise in more subtle and subversive cyberattacks. For the U.S. military, this means building a new force that is capable of standing toe-to-toe with cybercriminals and keeping its nation safe. There is a new market for cyber careers, but the Armed Forces has hard work ahead to become an employer of choice.

More from Intelligence & Analytics

Hive0051’s large scale malicious operations enabled by synchronized multi-channel DNS fluxing

12 min read - For the last year and a half, IBM X-Force has actively monitored the evolution of Hive0051’s malware capabilities. This Russian threat actor has accelerated its development efforts to support expanding operations since the onset of the Ukraine conflict. Recent analysis identified three key changes to capabilities: an improved multi-channel approach to DNS fluxing, obfuscated multi-stage scripts, and the use of fileless PowerShell variants of the Gamma malware. As of October 2023, IBM X-Force has also observed a significant increase in…

Email campaigns leverage updated DBatLoader to deliver RATs, stealers

11 min read - IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. X-Force has observed nearly two dozen email campaigns since late June leveraging the updated DBatLoader loader to deliver payloads such as Remcos, Warzone, Formbook, and AgentTesla. DBatLoader malware has been used since 2020 by cybercriminals to install commodity malware remote access Trojans (RATs) and infostealers, primarily via malicious spam (malspam). DBatLoader…

New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware

8 min read - IBM X-Force uncovered a new phishing campaign likely conducted by Hive0117 delivering the fileless malware DarkWatchman, directed at individuals associated with major energy, finance, transport, and software security industries based in Russia, Kazakhstan, Latvia, and Estonia. DarkWatchman malware is capable of keylogging, collecting system information, and deploying secondary payloads. Imitating official correspondence from the Russian government in phishing emails aligns with previous Hive0117 campaigns delivering DarkWatchman malware, and shows a possible significant effort to induce a sense of urgency as…

X-Force releases detection & response framework for managed file transfer software

5 min read - How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response guidance being released by the various security vendors had many similarities (e.g., Log4shell vs. Log4j2 vs. MOVEit vs. Spring4Shell vs. Microsoft Exchange vs. ProxyShell vs.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today