DOD continues offensive for cyberwarfare authority

Officials recognize that they must deal with a constant and growing threat to their networks.

Defense Department officials are making their second annual push for more authority and funding for cyberwarfare. This time, they seem to be expressing their needs more forcefully.Last week, two DOD officials told the House Armed Services Committee that adversaries recognize the U.S. government’s reliance on cyberspace and constantly seek a competitive advantage.Meanwhile, Deputy Secretary of Defense Gordon England told the audience at the Veterans of Foreign Wars’ 2008 Washington Conference this week that cyberwarfare is one of DOD’s and the government’s major challenges. He said President Bush tried to address the threat by establishing a task force to coordinate federal efforts to safeguard the government’s networks. England likely was referring to the classified directive the administration issued in January. It focuses on 12 cyber areas and includes some offensive measures, according to a source familiar with the directive.The source said the directive didn’t give DOD or anyone in government the authority to take offensive tactics but did ask for budget estimates and ideas for computer network and exploitation capabilities.DOD also issued a new report on China’s military power that addressed that country’s reliance on cyberspace.“In the past year, numerous computer networks around the world, including those owned by the U.S. government, were subject to intrusions that appear to have originated within the People’s Republic of China,” the report states. “These intrusions require many of the skills and capabilities that would also be required for computer network attack. Although it is unclear if these intrusions were conducted by, or with the endorsement of, the [People’s Liberation Army] or other elements of the PRC government, developing capabilities for cyberwarfare is consistent with authoritative PLA writings on this subject.”The report also states that China’s military strategy includes noncontact warfare. That concept includes cyberattacks against “civilian and military networks — especially against communications and logistics nodes.”Chinese Foreign Ministry spokesman Qin Gang told reporters that accusations that cyberattacks originated in China were groundless and Chinese officials expressed strong dissatisfaction with them. He added that China was also a victim of hackers and that the Chinese government and military do not hire civilian hackers to carry out attacks.“The only thing I’m seeing that is big and new is an openness that DOD has been badly hit by cyberattacks,” said Alan Paller, director of research at the SANS Institute. “This is a strategic change in DOD policy. There are two ways to deal with it: Keep it secret, or go public and say they are mad and not going to take it anymore. They are taking the right approach.”Paller added that if DOD — or any agency, for that matter — keeps silent on the attacks, then vendors and others cannot help solve the problem because they don’t know it exists.DOD’s concerns about foreign influence on software development are also growing. Industry sources say military officials are creating a new rule for DOD’s version of the Federal Acquisition Regulation that might require vendors to certify compliance with a new cybersecurity standard, participate in a new integrated detection-and-response process and possibly require only American-made hardware and software for certain medium- and high-risk systems.“DOD wants companies to keep engineering control over their products,” said an industry source who requested anonymity. “Vendors will have to demonstrate and verify [that] products match a security specification.”The industry source said some observers are concerned that DOD wants to return to government off-the-shelf products, which would cost a lot more and potentially cut off some vendors from working with the military.All of the recent actions are the result of increasing concerns about attacks on DOD networks.Air Force Gen. Kevin Chilton, commander of U.S. Strategic Command, told lawmakers last week that his office is working with the Joint Task Force for Global Network Operations, the Joint Functional Component Command for Network Warfare and the Joint Staff to develop the National Military Strategy for Cyberspace Operations.“In this role, we coordinate and execute operations to defend the Global Information Grid and project power in support of national interests,” Chilton said. “The Defense Department must also plan and train to operate the GIG while under attack. Stratcom is actively planning and executing operations to detect and counter attacks on the GIG while coordinating responses with other DOD and interagency elements.”He added that cyberspace is the least “mature” domain and his command must define, shape, develop and deliver a quality cyber force. That includes training employees to conduct network warfare, Chilton said.Michael Vickers, assistant secretary of Defense for special operations, low-intensity conflict and interdependent capabilities, said at the same hearing that although the military is developing deterrence strategies, officials are also working governmentwide to define the cyber domain so they can better understand the scope of the missions they will be asked to conduct.“We recognize that this will be a long-term effort, and while much remains to be done in this area, we are making progress,” he said.Paller added that this hearing and others are strong signs that lawmakers understand the cyberwarfare risk and want to address it.“No one in positions of power is not talking about supporting massive investments,” Paller said. “There need to be discussions about privacy and some feasibility issues, but no one is saying don’t do it.”