NSA chief endorses the cloud for classified military cyber program

Jeff Chiu/AP

Featured eBooks
The IT Modernization Mission
Read Now

Ransomware Threat

Read Now

What's Next For Government Cloud

Read Now

Federal Agencies Exploring Computing at the Edge

Read Now
Aliya Sternstein By Aliya Sternstein,
Senior Correspondent

By Aliya Sternstein

|

A centrally secured information hub would provide controlled access to intelligence.

The cloud will be a logical place for sharing classified intelligence on cyber threats with critical industries as the Defense Department presses ahead on an attack-prevention program it recently opened to all defense contractors, former military officials say, and Wednesday, a spokeswoman for Gen. Keith Alexander, the military’s top intelligence official, said he endorsed the idea.

When the Pentagon started the defense industrial base cybersecurity pilot program last summer with select suppliers, many defense and some nondefense companies vital to Americans, such as banks, wanted to join. The military in May expanded the program to all defense contractors and their Internet service providers partly because the department was able to develop “a dedicated threat-sharing and collaboration system, and validated online application procedures in order to support participation by a large number of companies,” preliminary regulations noted.

Alexander, who runs the Pentagon’s National Security Agency, which produces the intelligence disseminated through the program, has repeatedly told lawmakers that the military’s 15,000 networks eventually will move to the cloud. And the Pentagon is attempting to save $680 million annually by consolidating information services through clouds run by the Defense Information Systems Agency.

“As Gen. Alexander said at last year’s [Geospatial Intelligence Foundation] conference, secure cloud computing offers both DoD and the [intelligence community] many advantages and efficiencies that could enhance information sharing and collaboration,” NSA spokeswoman Marci Green Miller said in a statement. The GEOINT symposium is an annual conference that the nonprofit group organizes for intelligence, defense and homeland security professionals.

Under the cyber program, NSA culls the “signatures” or unique characteristics of identified malicious coding for vendors so they can feed those danger signs into antivirus software. The quid pro quo is that what goes into the information sharing system, including Secret intelligence and companies’ confessions of breaches, stays in the system. The cloud -- a remote computer hub that transfers data through the Internet or a classified network -- could facilitate that reciprocity, experts say.

Former DISA director Gen. Harry D. Raduege explained that the cloud’s flexibility should accommodate the program’s expected high demand. A cloud environment can be compartmentalized based on a user’s authorization level so that, for example, only a defense contractor could read the classified intelligence, while perhaps unclassified threat information would be accessible to nondefense sectors, such as state governments.

“It’s become very, very popular,” Raduege, now chairman of the Deloitte Center for Cyber Innovation, said of the defense contractor program. “It’s become one of those free services, where . . . if they have the proper security clearance, they can get into a secure cloud so that they can get insights to protect their own enterprise.”

Alexander has strongly endorsed the use of the cloud for military operations for more than a year.

“The idea is to reduce vulnerabilities inherent in the current architecture and to exploit the advantages of cloud computing and thin-client networks, moving the programs and the data that users need away from the thousands of desktops we now use -- each of which has to be individually secured for just one of our three major architectures -- up to a centralized configuration that will give us wider availability of applications and data combined with tighter control over accesses and vulnerabilities and more timely mitigation of the latter,” he testified before a House subcommittee in March 2011.

On March 27, he told the Senate Armed Services committee: “Our DoD cyber enterprise, with the department’s chief information officers, DISA and Cyber Command helping to lead the way, will build a common cloud infrastructure across the department and the services that will not only be more secure but more efficient -- and ultimately less costly in this time of diminishing resources -- than what we have today.”

Other computer specialists say they also have faith in the cloud to securely transmit information.

“Everybody who is in security these days is into the cloud, partially because you want to start from scratch” in launching new information services, said Dave Aitel, president of cybersecurity firm Immunity Inc. and a former NSA computer scientist. Eventually, the program might encapsulate multiple clouds, he said, because participants may want to interface with the feds through their own clouds. “Getting two clouds to talk to each other will be a very big deal,” Aitel added.

Due to budget cuts and the drawdown of U.S. troops, the Pentagon’s spending priorities have changed. According to the new defense strategy released in January, two areas will receive additional resources: the Asia-Pacific region and cyber operations. To conserve funding and expand the defense contractor cyber program, “DoD is going to need to learn to use the technology called cloud in a more expansive space,” said Dale Meyerrose, the intelligence community’s former chief information officer.

But some cybersecurity specialists and government agencies remain wary of the technology, partly because of its major attribute -- the shared space.

“If you’re moving information into the cloud, it just seems to me that all kinds of nasty activity could go on in there,” said. Gen. John P. Casciano, a former director of intelligence, surveillance and reconnaissance for the Air Force. “I would take a Missouri approach and say, ‘prove it to me, show it to me,’ how it’s more secure.”

Alexander has acknowledged there are reliability and trust issues with the cloud. “This architecture would seem at first glance to be vulnerable to insider threats. Indeed, no system that human beings use can be made immune to abuse. But we are convinced the controls and tools that will be built into the cloud will ensure that people cannot see any data beyond what they need for their jobs and will be swiftly identified if they make unauthorized attempts to access data,” he told the lawmakers in 2011.

NEXT STORY: Lieberman: Cybersecurity bill could wilt over summer

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.