backtop


Print 20 comment(s) - last by roykahn.. on Jan 29 at 9:15 PM

Force will rise from 900 troops to around 4,900 over the next several years

The U.S. is finally getting more serious about cybersecurity in the wake of stinging attacks from economic rivals such as China and military adversaries like Iran.  Currently the U.S. Department of Defense's (DOD) Cyber Command (USCYBERCOM) unit is stressed to the brink, with a small crew of around 900 soldiers.  That count is reportedly dwarfed by the large cyberwarfare teams in Iran, China, and other cyberpowers.

I. Better Defense, More Offense

The DOD announced this week ambitious plans to catch up, growing the unit five-fold to around 4,900 troops.  The plan was first formulated by senior Pentagon officials late last year and is in the final stages of confirmation.

Under the plan, Cyber Command will be split into three distinct subunits, each with a distinct purpose.  "National mission forces" will protect critical infrastructure like power and water grids from infiltration or attacks;  "combat mission forces" will communicate with overseas officers and coordinate cyberattacks (like Stuxnet); and "cyber protection forces" will be tasked with entrenching the Pentagon's networks against both foreign and domestic threats.  

Sources indicate that the "national mission" teams will only take action on U.S. networks if a sister agency, such as the Federal Bureau of Investigation (FBI), requests it.  While that may not lay to rest citizen fears of domestic spying or policing, it does suggest -- at least officially -- a limited domestic role for the expanding unit.

An unnamed official told The Washington Post, "There’s no intent to have the military crawl inside industry or private networks and provide that type of security.  [Action would only be taken in cases where the adversary could] really hurt.  We’re not talking about doing something to make sure that Mrs. Smith’s bank account didn’t get hijacked by somebody."

Iran wide
The U.S. wants better cyberoffensive capabilities to use against hostile regimes like Iran.
[Image Source: ISNA]

The plan to dramatically expand the three-year old unit -- at a time when the military as a whole is undergoing sweeping budget cuts -- is a sign of cyberwarfare's growing role in modern warfare.

William J. Lynn III, a former deputy defense secretary, tells The Washington Post that the plan is long overdue, commenting, "Given the malicious actors that are out there and the development of the technology, in my mind, there’s little doubt that some adversary is going to attempt a significant cyberattack on the United States at some point.  The only question is whether we’re going to take the necessary steps like this one to deflect the impact of the attack in advance or . . . read about the steps we should have taken in some post-attack commission report."

II. Big Challenges Ahead

Currently, the DOD relies heavily on the National Security Agency (NSA) for its cyberwarfare needs.  Indeed, Cyber Command's main physical presence is located directly beside the main NSA building in Fort Meade, Maryland.  But the NSA's official role is limited to foreign intelligence gather; outside of electronic intelligence it's ill suited to provide necessary cyberoffensive or defensive capabilities.

The question, going ahead, though is how to merge the NSA's existing support role with the expanding role of the Cyber Command unit.

Some argue that when Cyber Command is expanded "you sever that" relationship with the NSA.  But others say the NSA will continue to complement the bigger, more independent unit without issue.  Comments one source, "That’s been the plan all along.  Take the talent resident in NSA, turn it into [cyber] attack talent."

Another key unanswered question is where the Pentagon will be able to get enough qualified hackers to join its ranks.  Funding will obviously play a key role, but one problem is simply availability; skilled security experts are a relatively rarity and many have misgivings about working for "the man" (aka the U.S. Military).

Comments one Navy source, "You get the resource guys sucking a lot of air through their teeth because they know their service chiefs have backed it.  So they have to find the resources to pay for the people."

DOD Hacker
Many hackers frown on working for the Pentagon, but given sufficient money they might change their tune. [Image Source: Reuters]

Figuring out those challenges will be a big part of Keith B. Alexander's job.  Director Alexander, who jointly serves as director of the NSA and chief of the Cyber Command.

Director Alexander is expected to retire or move to another agency in summer 2014, but until then he will be pushing strong to gain the ability for Cyber Command to have its own independent budget, something other major military branches have.  Such authority would have to be granted by Congress.

In the meantime his agencies will continue to ponder how to recruit talent, how to differentiate their respective roles, and how to counterattack foreign cyberagressors with their small, but growing staff of government hackers.

Source: The Washington Post



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: one thing they can do
By inperfectdarkness on 1/29/2013 1:55:07 AM , Rating: 2
I'd be ok with that, except for one small problem:

Personal email is sometimes an invaluable tool for maintaining a continuity link between changing email addresses due to being moved around a lot. Even the new email migration has not solved that for email in forward locations.

Being able to access personal email has allowed me to keep/retain soft-copies of many important documents that can then be forwarded to my new work email. And it gets worse when you have three work emails, none of which communicate directly. I won't even bring up the pains of budget cuts eliminating document scanners from the office.


RE: one thing they can do
By bah12 on 1/29/2013 3:07:23 PM , Rating: 2
There in lies the problem. What you are doing is probably not causing your previous employer any harm, but believe it or not you may be breaking the law. Most companies own any and all work you do under their employ, therefore you forwarding a document (no matter how trivial) outside of the organization is usually considered a breach. It doesn't matter if it was your original code, or thought, if it was on their dime then it is their property not yours to use at your next job.

Back to the topic at hand your example poses a HUGE security risk if DOD employees are forwarding any work related documents to a non DOD account. Essentially your example only proves the OP's point, absolutely nothing not job related should be done on government owned machines.


"It's okay. The scenarios aren't that clear. But it's good looking. [Steve Jobs] does good design, and [the iPad] is absolutely a good example of that." -- Bill Gates on the Apple iPad














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki