Pentagon unveils its new cyberstrategy. Well, some of it, anyway.
The Pentagon – belatedly, perhaps – outlines its 'Strategy for Operating in Cyberspace.' A slim unclassified document emphasizes a defensive posture, leaving many questions unanswered.
(Page 2 of 3)
• Active Defenses. The US is deploying for the first time new “active defenses” that employ “sensors, software, and signatures” aimed at detecting and stopping malicious code before it affects military networks and operations – thereby denying the benefit of an attack.Skip to next paragraph
Subscribe Today to the Monitor
• Critical Infrastructure Defense. Here, the Pentagon describes its role helping defend critical infrastructure and nonmilitary networks that undergird key military functions, including the power grid, financial sector, and transportation system.
Because the US military is restricted from certain domestic operations, it is working in partnership with the Department of Homeland Security and private sector partners to lend its expertise to protect US critical infrastructure – providing to both the signatures and systems that help identify malicious software. Punctuating that point, Mr. Lynn noted in his speech a serious, previously unknown intrusion in March into a defense contractor’s network that netted 24,000 files.
• International Defense Building. This fourth pillar lays out expectations that the US will build “collective cyberdefenses” with international partners and allies, including NATO, expanding awareness of malicious software attacks.
• Training and Technology. The fifth pillar aims to ramp up training of defense personnel. The idea is to weaken the advantage cyberattackers enjoy due to anonymity on the Internet and generally porous defenses in society.
With DoD operating more than 15,000 networks and seven million computing devises in installations around the world, the target is huge. So the Pentagon is seeking some technological fixes to shift the field away from attackers, the strategy document indicates.
Though not in the document, the Defense Advanced Research Projects Agency (DARPA) recently announced work on new computer systems that adapt on the fly to attacks to increase resilience. Add to that new encryption technology that prevents data from becoming visible or vulnerable to an attacker.
Alan Paller, research director for the Sans Institute, a Washington-based cybersecurity education organization, says he especially likes pillars two and five – protecting critical infrastructure and ramping up procurement.
“This is the first time the nation has fully and publicly committed to continuous monitoring and active defense that will allow the federal government to raise the bar in securing existing systems,” he says in an email interview.
But for others the document was missing too many major elements, offensive cyberweapons strategy, for one.
Shrouded in secrecy, the development of weaponized cyber is being conducted in the US – as in many other nations – outside public view and with little debate about their impact on international treaties and on conventional theories of war – such as deterrence – that have governed nations for decades, cyber warfare experts say.