The next battlefield: Cyberspace and military readiness

By John Joyner
July 19, 2011, 5:30 AM PDT

techrepublic.com

Takeaway: Last week, the Pentagon announced a plan for “operating in cyberspace,” clearly marking out a new terrain in the world of national defense. John Joyner breaks down the document and what it means for future cybersecurity measures.

In a frank and timely confirmation of the gravity of some recent successful cyber-attacks with strategic consequences to the United States, the Pentagon released on July 14, 2011 an 11-page report on Cybersecurity. A readable and relevant wake-up call to the nation from its military, the report communicates an urgency that has implications to every Internet user. While disturbing news, it is refreshing to see the U.S. government share information with the American people in this transparent way. The findings and recommendations of the document are logical and smack of common sense.

Cyber threats listed in the context section of the document establish the urgency by referring to recent revelations such as the electronic theft in March 2011 of thousands of classified documents from a U.S. defense contractor by a foreign power, and the report this month of malicious components discovered embedded in foreign-manufactured electronics. The document is the first of its kind by the Pentagon, and there was speculation that a new offensive-oriented policy might state that cyber-damage inflicted by hostile agent-states could be answered by physical force.

As released, the document makes no provocative policy statement linking possible physical retaliation to cyber-attacks. The document more basically sounds a clear alarm about significant hostile activities discovered recently, and lets people know what the nation’s military planners are doing about it in the short term. The Pentagon organizes the document in five strategic initiatives; I’ve simplified and paraphrased them below.

#1 The military will give the effort sufficient resources
An interesting concept the military uses is calling cyberspace a ‘domain’, defined by quoting the 2010 Quadrennial Defense Review: “Although it is a man-made domain, cyberspace is now as relevant a domain for Department of Defense (DoD) activities as the naturally occurring domains of land, sea, air, and space.”

Here are some examples the document provides of the level of attention the cyberspace domain is to receive in the military:

Resources are provided on a scale as if cyberspace were another terrestrial continent; for example, the U.S. Navy’s “10th Fleet” was reactivated in 2010, charged now with looking after cyberspace (rather than anti-submarine operations in the Atlantic, as was its mission from 1943-1945). Of note is that a numbered U.S. fleet historically represents a vast geographic region. Establishing a numbered fleet command automatically carries the weight of a three-star admiral and quite a large staff.
Cyber red teams will be included in all war games and exercises, anticipating degraded cyberspace operations and disruption in the midst of a mission. Disrupting war games is expensive and even risky; but this seems like a great way to improve our troop readiness across the board.

#2 The military will try and manage IT security better

This initiative includes sub-categories of (1) following cyber hygiene best practices, (2) focusing on insider threat mitigation, (3) deploying a better Intrusion Prevention System (IPS), and (4) a promise to constantly develop new defense operating concepts. These are modern security housekeeping concepts for any large IT organization; including them in the document shows the military has not forgotten about the basics.

#3 The military will partner with other government agencies and the private sector
The military wants to enable a “whole of government” approach to increase national cybersecurity, and the DoD has partnered with the Department of Homeland Security (DHS) to lead the inter-agency efforts. Realistically, the military admits that it depends on the entire private sector IT hardware and software industry, and the same telecommunications carriers and Internet Service Providers (ISPs) that everyone else uses.

The document mentions that incentives to promote private sector participation in national cybersecurity are possible. To date, there has been very little federal government financial support for public-private sector cybersecurity partnerships. An example is the Federal Bureau of Investigation (FBI) InfraGard program; while enjoying broad industry support, the program runs on a shoestring. It would be great news if this DoD document paved the way for the Pentagon to somehow compensate the FBI (which reports to the Department of Justice) for increased resources to support InfraGard.

#4 The military will leverage U.S. allies and international partners to act globally against the bad guys
This is a cyber-defense option that makes great sense. It is right for government to fill the role of leading a collective self-defense effort, and this strategy is a logical underpinning for all kinds of possible new strategic alliances. I hope our government will exploit this opportunity, which might include such physical world concepts as international blockades and embargoes applied against strategic cyber offenders.

#5 The military will recruit patriot geeks to replicate the dynamism of the private sector
This is the most exciting part of the document, where the Pentagon describes how American ingenuity is a cyber-strength we can draw on. For example, I am glad to know there is a National Cyber Range where large scale experiments and network simulations are conducted, and knowing that we have such a facility to attract and retain cyber talent is good news.

Reaching out to academic and business resources with an entrepreneurial approach, and developing Reserve and National Guard cyber capabilities are new missions the military will consider — these sound like great ideas. So does the promise to achieve a cybersecurity technology development lifecycle of 12 to 36 months, compared to seven or eight years as is typical for Pentagon computer projects.

Who’s in charge?

Responsibility for coordinating cyber-readiness in the military is given to the Director of the National Security Agency (NSA), General Keith B. Alexander, who is “dual-hatted” as commander of USCYBERCOM. In fact a “key organizational concept is [USCYBERCOM's] co-location with the National Security Agency.”

We know the NSA is good at cryptography, exploiting the electromagnetic spectrum, and maintaining secrecy. The ability of NSA to respond in a nimble fashion to changing conditions in “Internet time” is unknown, and the NSA is probably not the best agency when it comes to a track record of public relations. Let’s hope the Pentagon does as good a job keeping us informed of their progress in the fight as they have done in announcing the battle in this document.

Views: 44

Comment

You need to be a member of 12160 Social Network to add comments!

Join 12160 Social Network

Comment by youhavetoforgiveme on July 19, 2011 at 3:44pm
"Big Brother" has come to invade us.

"Destroying the New World Order"

TOP CONTENT THIS WEEK

THANK YOU FOR SUPPORTING THE SITE!

mobile page

12160.info/m

12160 Administrators

 

Latest Activity

tjdavis posted videos
4 hours ago
Doc Vega posted a blog post

The Federal Government Shell Game

 We Americans have the biggest opportunity in, perhaps the last 100 years, to crack the code on the…See More
8 hours ago
tjdavis posted a blog post
13 hours ago
cheeki kea commented on cheeki kea's photo
16 hours ago
cheeki kea posted a photo
19 hours ago
cheeki kea commented on cheeki kea's photo
Thumbnail

First World Order

"Ah ha Truth hidden in plane sight. Notice the map depicted on this 'world order' book…"
20 hours ago
cheeki kea commented on cheeki kea's video
22 hours ago
cheeki kea posted a video

Iyah May Karmageddon Lyric Music Video

While ‘Karmageddon’ has sparked significantconversation and controversy, Iyah has stood her ground. She refused to compromise her vision when asked to change...
22 hours ago
tjdavis posted a video

Steven Wilson - PERSONAL SHOPPER (Official Video)

"The song PERSONAL SHOPPER sits somewhere between being a love-letter to shopping (which I love to do!) and the uneasiness I feel about the more insidious si...
yesterday
Doc Vega posted blog posts
Monday
rlionhearted_3 posted photos
Monday
Burbia posted a photo
Monday
tjdavis posted a video

propaganda: DIVIDE & CONQUER (1942) - Warner Bros. vs Hitler

Not to be confused with the much drier Frank Capra film from 1943.A "Broadway Brevity", released August 1, 1942. Vitaphone #1022-1023A.Transferred from 16mm.
Sunday
Doc Vega posted blog posts
Dec 20
cheeki kea commented on cheeki kea's photo
Thumbnail

Thumbs down - ship gone.

" So this sort of stupidity has occurred before. Norway or NZ - Who did it better? Cast your…"
Dec 20
cheeki kea favorited Doc Vega's blog post The Last Meal
Dec 20
tjdavis favorited Sandy's photo
Dec 17
tjdavis favorited cheeki kea's photo
Dec 17
tjdavis favorited tjdavis's video
Dec 17
tjdavis posted photos
Dec 17

© 2024   Created by truth.   Powered by

Badges  |  Report an Issue  |  Terms of Service

content and site copyright 12160.info 2007-2019 - all rights reserved. unless otherwise noted