DOD continues offensive for cyberwarfare authority

[InfoSec News <alerts () infosecnews org>]

http://www.fcw.com/online/news/151837-1.html

By Jason Miller
FCW.com
March 4, 2008

Defense Department officials are making their second annual push for 
more authority and funding for cyberwarfare. This time, they seem to be 
expressing their needs more forcefully.

Last week, two DOD officials told the House Armed Services Committee 
that adversaries recognize the U.S. governments reliance on cyberspace 
and constantly seek a competitive advantage.

Meanwhile, Deputy Secretary of Defense Gordon England told the audience 
at the Veterans of Foreign Wars 2008 Washington Conference this week 
that cyberwarfare is one of DODs and the governments major challenges. 
He said President Bush tried to address the threat by establishing a 
task force to coordinate federal efforts to safeguard the governments 
networks. England likely was referring to the classified directive the 
administration issued in January. It focuses on 12 cyber areas and 
includes some offensive measures, according to a source familiar with 
the directive.

The source said the directive didnt give DOD or anyone in government the 
authority to take offensive tactics but did ask for budget estimates and 
ideas for computer network and exploitation capabilities.

DOD also issued a new report on Chinas military power that addressed 
that countrys reliance on cyberspace.

In the past year, numerous computer networks around the world, including 
those owned by the U.S. government, were subject to intrusions that 
appear to have originated within the Peoples Republic of China, the 
report states. These intrusions require many of the skills and 
capabilities that would also be required for computer network attack. 
Although it is unclear if these intrusions were conducted by, or with 
the endorsement of, the [Peoples Liberation Army] or other elements of 
the PRC government, developing capabilities for cyberwarfare is 
consistent with authoritative PLA writings on this subject.

The report also states that Chinas military strategy includes noncontact 
warfare. That concept includes cyberattacks against civilian and 
military networks especially against communications and logistics nodes.

Chinese Foreign Ministry spokesman Qin Gang told reporters that 
accusations that cyberattacks originated in China were groundless and 
Chinese officials expressed strong dissatisfaction with them. He added 
that China was also a victim of hackers and that the Chinese government 
and military do not hire civilian hackers to carry out attacks.

The only thing Im seeing that is big and new is an openness that DOD has 
been badly hit by cyberattacks, said Alan Paller, director of research 
at the SANS Institute. This is a strategic change in DOD policy. There 
are two ways to deal with it: Keep it secret, or go public and say they 
are mad and not going to take it anymore. They are taking the right 
approach.

Paller added that if DOD or any agency, for that matter keeps silent on 
the attacks, then vendors and others cannot help solve the problem 
because they dont know it exists.

DODs concerns about foreign influence on software development are also 
growing. Industry sources say military officials are creating a new rule 
for DODs version of the Federal Acquisition Regulation that might 
require vendors to certify compliance with a new cybersecurity standard, 
participate in a new integrated detection-and-response process and 
possibly require only American-made hardware and software for certain 
medium- and high-risk systems.

DOD wants companies to keep engineering control over their products, 
said an industry source who requested anonymity. Vendors will have to 
demonstrate and verify [that] products match a security specification.

The industry source said some observers are concerned that DOD wants to 
return to government off-the-shelf products, which would cost a lot more 
and potentially cut off some vendors from working with the military.

All of the recent actions are the result of increasing concerns about 
attacks on DOD networks.

Air Force Gen. Kevin Chilton, commander of U.S. Strategic Command, told 
lawmakers last week that his office is working with the Joint Task Force 
for Global Network Operations, the Joint Functional Component Command 
for Network Warfare and the Joint Staff to develop the National Military 
Strategy for Cyberspace Operations.

In this role, we coordinate and execute operations to defend the Global 
Information Grid and project power in support of national interests, 
Chilton said. The Defense Department must also plan and train to operate 
the GIG while under attack. Stratcom is actively planning and executing 
operations to detect and counter attacks on the GIG while coordinating 
responses with other DOD and interagency elements.

He added that cyberspace is the least mature domain and his command must 
define, shape, develop and deliver a quality cyber force. That includes 
training employees to conduct network warfare, Chilton said.

Michael Vickers, assistant secretary of Defense for special operations, 
low-intensity conflict and interdependent capabilities, said at the same 
hearing that although the military is developing deterrence strategies, 
officials are also working governmentwide to define the cyber domain so 
they can better understand the scope of the missions they will be asked 
to conduct.

We recognize that this will be a long-term effort, and while much 
remains to be done in this area, we are making progress, he said.

Paller added that this hearing and others are strong signs that 
lawmakers understand the cyberwarfare risk and want to address it.

No one in positions of power is not talking about supporting massive 
investments, Paller said. There need to be discussions about privacy and 
some feasibility issues, but no one is saying dont do it.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn