recommended reading

Confused by Defense cyber threat alerts? A translation is on the way

Laborant/Shutterstock.com

An expanded information-sharing program will potentially allow more than 2,600 defense suppliers access to top-secret Pentagon communications with select companies about indications of cyber threats, partly by adding context understandable to a wider audience, officials with the contractor responsible for the ramp-up say.

The defense industrial base collaboration initiative started as a pilot program during summer 2011. In May, the Pentagon allowed the whole industry to join. Participants receive disclosures when the military detects signs of unfolding malicious campaigns so that their in-house technical teams can take protective measures. The Defense Department also distributes reports about breaches participating companies have suffered, after deleting identifying information to avoid exposing the weaknesses of competitors.

Around the time the initiative began ramping up, the General Services Administration signed a deal with Lockheed Martin Corp. worth up to $454 million for help running the Defense Cyber Crime Center, or DC3, which operates the program. 

“One of our primary focuses is – ‘How do we help the government scale?’ ” said Rohan Amin, Lockheed’s program director for DC3. “Going from a small number of companies to a large number of companies is a very big problem.”

To facilitate growth, the firm is modifying communication procedures by, for example, explaining threat intelligence in a way that any military contractor, regardless of practice area, can grasp.   

The program will contextualize the data using a technique Lockheed honed to protect its own business systems and its customers’ systems. The process dissects an intruder’s attack plan into a series of actions, taken over a period of time, that are intended to achieve an ultimate goal -- for instance, obtaining drone designs from a defense contractor’s network. Analysts then devise a corresponding response for each action that, if applied along any point in the chain, can foil the crook’s plan.

“DC3 has adopted that framework to enhance its information sharing,” Amin said, referring to the breakdown of the attack path, or “cyber kill chain.”

Critics of the industrial base program are skeptical that the intelligence gained is any better than what companies already know from their commercial cybersecurity providers.

Amin responded that, from Lockheed’s perspective, the information-sharing endeavors “are of value, but like any cybersecurity tool, nothing is ever going to be a silver bullet for solving all problems.”

One unique benefit for the contractor is the ability to compare incidents happening elsewhere in industry and government with its own experiences. “If you see that you have periods where things are quiet,” but others in the same sector are experiencing network irregularities, “that may cause you to think through if there are things you are missing,” Amin said. He added that the most sophisticated adversaries move without being detected by commercial cybersecurity services.

Defense on Sept. 24 announced a one-year renewal of a separate agreement with Booz Allen Hamilton worth up to $10 million for hardware and software that transmits the threat alerts.

There is discussion of establishing similar classified exchanges with other sectors critical to daily life, such as water utilities and financial institutions. The Homeland Security Department could offer these critical sectors entry into a facility called the National Cybersecurity and Communications Integration Center that already circulates top secret warnings about threats, Seán McGurk, a former DHS official who launched the center, said on Sept. 29.

“We started the capability -- and now we need to advance that capability and we need to extend it” beyond the currently six or seven active industries, he added.

Amin said “those other critical sectors are being looked at by DHS,” but DC3 is not directly involved in the conversations.

(Image via Laborant/Shutterstock.com)

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.