- ‘Optionally piloted’ Black Hawk helicopter clears tests; future missions to go ‘fully unmanned’
- Vice News reporter kidnapped in Ukraine is freed after being beaten, blindfolded
- FCC’s new ‘net neutrality’ proposal sparks outrage among consumer advocates
- Families of ferry’s lost confront South Korean officials
- 2-week truce for Sriracha hot sauce maker, California city
- NYC’s de Blasio seeks to ban wood-burning fireplaces
- Residents angry Obama mispronounced town’s name during mudslide visit
- Israel halts peace talks with Palestinians
- Netanyahu’s driver accused of raping girls under age 12
- Putin calls Internet ‘CIA project’ that must be controlled
U.S. takes aim at cyberwarfare
The Pentagon’s decision last week to establish a unified cybercommand to defend the military’s computer networks and attack those of U.S. enemies raises at least as many questions as it answers, analysts and experts in the field say.
“How does it fit into the strategic goals of defending our economy and our way of life?” asked Marcus Sachs, who helped set up the U.S. military’s first cyberwarfare unit in 1998.
“How will it relate to other government agencies?” asked Mr. Sachs, who is now director of the Internet Storm Center, a volunteer warning and analysis service that works with Internet service providers to counter such threats as computer viruses.
In a memo to military leaders last week, Defense Secretary Robert M. Gates ordered U.S. Strategic Command — the military entity in charge of U.S. nuclear and space weapons — to set up the new cybercommand by October this year and to have it fully functioning by October 2010.
However, he also ordered Pentagon policy chief Michele A. Flournoy to lead a “review of policy and strategy to develop a comprehensive approach to [Department of Defense] cyberspace operations.”
According to a National Research Council study of cyberwarfare published this year, “an unclassified and authoritative statement of joint [military] doctrine for the use of computer network attack is unavailable and it is fair to say that current doctrine on this matter is still evolving.”
Officials say that such questions are acute because of the difficulty in identifying cyberattackers who can strike anonymously using networks of home computers infected by specially designed viruses and in distinguishing between acts of vandalism, crime and war in cyberspace.
“How can we deter and prevent attacks” in cyberspace? asked Deputy Defense Secretary William J. Lynn III at a talk last week. “Deterrence is predicated on the assumption that you know the identity of your adversary, but that is rarely the case in cyberspace, where it is so easy for an attacker to hide.”
Mr. Sachs told The Washington Times that the questions of how to respond to cyberattacks were thrown into sharp relief by events in Estonia in 2007 and Georgia last year. Both countries were subjected to cyberattacks on their infrastructure originating in Russia, but Moscow denied any role, and it is not clear to what extent the attacks — largely carried out by nationalistic hacker gangs — might have been inspired or coordinated by the Russian government.
“What would happen and who would be responsible [for responding] if that kind of attack was carried out against the United States?” Mr. Sachs asked. “All these questions are unanswered.”
When it comes to offensive operations in cyberspace, the questions become even harder to answer, he said.
“We really haven’t tested the rules [that] apply to warfare in the physical world” in cyberspace, Mr. Sachs said. He gave as an example the requirement under the Geneva Conventions that all combatants be readily identifiable.
“What does that mean in cyberspace? Should we put a special header on packets” — the tiny digital messages that make up Internet traffic — “saying, ‘This is a U.S. Air Force attack packet’? … We need to start thinking about these questions,” he said.
“We need to have a public debate, not a classified conversation,” he added, noting that U.S. policy on the use of other unconventional armaments like nuclear weapons had been publicly debated even while the exact capabilities and technical details of the bombs themselves remained secret.
In last week’s memo, Mr. Gates called for an “implementation plan” for setting up the new command that would “delineate [its] mission, roles and responsibilities” and its “command and control, reporting and support relationships with combatant commands, [military] services and U.S. government department and agencies.”
This last point is key because of the complicated jigsaw of authorities and responsibilities than different U.S. agencies have in relation to military, government and private-sector computer networks.
“There are so many stakeholder organizations and individuals in the cyberdomain it is difficult to know exactly where to start the collaboration, information sharing, and integration” needed, said Larry McKee, a computer-security specialist and longtime adviser to U.S. Strategic Command and the U.S. Air Force.
“What’s the long-term vision here?” asked Mr. Sachs. “Is it a small elite organization just focused on the military networks, or will it have a broader, almost National Guard-like mission to protect the nation’s critical infrastructure?”
Defense officials have been keen to stress that the new command will be focused on defending military networks’ “.mil” domain and that its establishment does not represent any attempt by the Pentagon to carve out a larger role for itself in defending the nation’s civilian-owned and -operated computer systems.
“Responsibility for protecting federal civilian networks would remain with the Department of Homeland Security,” Mr. Lynn said last week. “Likewise, responsibility for protecting private-sector networks would remain with the private sector.”
However, some privacy and civil liberties advocates have nonetheless expressed concerns about the role of the military and in particular the secretive National Security Agency in the cyberarena.
The new cybercommand will be headed by the director of the NSA, and Mr. Gates said he would recommend that the current incumbent of that job, Lt. Gen. Keith B. Alexander, be nominated to the new role.
Gen. Alexander is already in charge of the Joint Functional Component Command Network Warfare, the part of Strategic Command responsible for offensive cyberoperations.
“Many of the resources to be managed by cybercommand are already under Gen. Alexander’s control,” said Alan Paller, director of research at the SANS Institute, an industry nonprofit that does research and education on computer security.
“The new piece is that military resources currently outside of Strategic Command can now be mobilized,” Mr. Paller said. “The action-oriented resource base [of the new command] is much larger.”
However, Mr. Paller said leveraging those resources also required better partnership between the military and the private sector. A key problem for civilians engaged in trying to defend U.S. networks against cyber attacks, he said, was that they do not have access to the military’s latest, best information about attackers and the methods they are using.
Mr. Paller pointed out that the vast majority of the thousands of cyber attacks against U.S. military computers are carried out across civilian networks like the Internet, mostly managed by seven or eight large private-sector companies.
Currently, he said, because the network managers of those firms don’t have security clearances, “the military can’t share intelligence about the latest threat signatures” with them, making it much harder for them to spot attacks in progress.
Gen. Alexander told a symposium of the Armed Forces Communications and Electronics Association last week that the military will have to give network operations people the security clearances they need, so they can understand the nature of the threats.
Granting such clearances to “a very small set of people” would “radically improve our capabilities to defend” against cyberattacks, Mr. Paller said.
Still, many - and not just privacy and civil liberties mavens - remain unconvinced about the likely performance of the NSA, and by extension the new cybercommand, in this crucial area of partnership.
“While NSA has improved in both areas since Sept. 11, neither collaboration nor information sharing [is] exactly NSA core competencies,” Mr. McKee said.
TWT Video Picks
By Andrew P. Napolitano
Obama's veil of secrecy is pierced
- In its hunt for Senate, Republican candidates campaign against Harry Reid
- Obamacare class-action suit opens a new legal front
- List Hillary Clinton's successes? State Dept. spokeswoman flubs answer
- 'Top Gun' for drones: Squadrons of carrier-based killers have Navy's approval
- Nevada rancher Cliven Bundy hailed as patriot, ripped as lawless deadbeat
- 'Conservatives' should feel exposed by Bundy's racist comments: Scarborough
- Obama avoids 'red line' for China, prepared to impose tougher sanctions on Russia
- America is an oligarchy, not a democracy or republic, university study finds
- Texas is next! AG warns BLM wants 90,000 acres after Bundy ranch standoff
- Sold out: Ukraine's leadership swapped best military weapons for cash
Top 10 handguns in the U.S.
Celebrity deaths in 2014