It's oxymoronic to say it, but the extreme adaptations needed by those chosen by an otherwise peaceful society to do what killing is necessary are not easy to reverse or reorient to the point of considering an sustained DDOSing as being just as valid an attack as an artillery barrage.
It may be time to consider having someone other than the military take over primary responsibility for attack and defense of the United States in cyberspace, despite the often sincere effort of many in the military to duct-tape good cyberwar capabilities onto an organization exquisitely well designed to deliver death and destruction at a great distance for a long, long time in the face of fierce opposition rather than sit in a chair with its forehead stuck to a screen.
You don't need a giant naval gun to fight off the Ravening Hordes from Some Other Mom's Basement. They might be fun, but they're not really helpful.
You need to stay up late at night, eat pizza, drink caffeine and keep poking at someone else's servers until they roll over and give up the root.
The DoD wants its server pokers to get up early in the morning, go for a run and speak in military gibberish rather than speaking good, old-fashioned Geekish.
I'm not sure it's a language the Pentagon even knows how to translate without misinterpreting because it doesn't understand the context. The cultural differences are vast.
The GAO makes clear that the Pentagon is way out of its depth in the effort to build a credible cyberwar capability. It's not clear to me whether it will ever be able to swim its way out, or learn how to do more than just tread water while the bad guys zoom around in Somali pirate boats.
I wonder if it's time to let someone else have a crack at defending the U.S. against cyberattack.
So far the DoD hasn't built much of a defense, or become feared enough to be much of a deterrent. In some ways, it literally doesn't know what it is doing about cyberwar
The sad part is that, even after long and painful examination, neither does the GAO. The danger is that, of all the entities who might have a clear understanding of U.S. weaknesses in cyberwar, the most clear and most complete may very well be a military organization, one that has spent nearly as much time in U.S. military systems as the DoD itself. Unfortunately, that sharp, aggressive, well-trained, well-funded band of cyberwarriors don't work in the Pentagon. They just visit there virtually, and, when they log off, go back home to China.