- The Washington Times - Friday, May 14, 2010

The military needs to better define the boundaries of cyberwarfare to allow cyber forces to go beyond defending computers and networks against numerous attacks, the vice chairman of the Joint Chiefs of Staff said on Thursday.

Marine Corps Gen. James Cartwright said in a speech that “we have an entire architecture globally that is based on defense only, point defense only.”

“Our defense is our virus protection software and our firewall. So if you are in uniform, what you’ve basically said is, ‘I want to have this fight at my boundaries, inside my country, and I am willing to wait for that and when it gets catastrophic, we’ll address it.’ ”

The general did not advocate conducting offensive cyberwarfare retaliation against foreign or domestic attacks. However, the newly-created U.S. Cyber Command combines both offensive and defensive cyber operations under one military unit.

Currently, military doctrine is unclear on what constitutes a computer or cyber-attack and what the consequences would be for countries or people who launched one on U.S. critical infrastructure. Branches of the armed forces, and in particular the Air Force, have conducted defensive and offensive actions in the realm of electronic or cyberwarfare. Individual branches of the armed services have developed their own cyberwarfare doctrine.

Gen. Cartwright said he supports the idea of cutting wasteful defense programs.

He also said he expects the current war against al Qaeda and Islamic extremism will last another five to 10 years.

The remarks on cyberwar sounded an alarm on the need for better doctrine.

The general compared the current lack of a doctrine on cyberwarfare to the Maginot Line, the concrete fortifications and stationary guns the French erected in World War II that failed to repel the Nazi tank blitz in the German invasion of France.

“Do you believe this network environment we are living in is going to persist for years to come?,” he asked “If you believe those things, then we have to start thinking about the validity of a Maginot Line approach to cyber.”

The comments on cyberwarfare doctrine were made as the Senate approved by voice vote the promotion of Gen. Keith Alexander, currently director of the National Security Agency, as the first new four-star chief of U.S. Cyber Command, located near NSA headquarters at Fort Meade, Md.

In a speech this week to Ogilvy Public Relations group, James N. Miller, deputy undersecretary of defense for policy, said the Defense Department is currently drafting a new cyberwarfare doctrine. He suggested that the military could respond to a cyber-attack by using conventional armed forces.

Mr. Miller also said that the military has lost enough data to fill the Library of Congress many times over every year due to cyber-attacks.

“Our systems are probed thousands of times a day and scanned millions of times a day,” Mr. Miller said, according to the Reuters News Agency.

A U.S. defense contractor, who asked not to be named, said, “We are sitting on our hands waiting for someone to pick a fight with us. And guess what, they do it every day.”

Story Continues →