Cyberwar Strategy: Will Dual-Hatted NSA Plug Holes in Leaky Pentagon?

The DoD cyberspace strategy calls for five strategic initiatives to sustain "good cyber hygiene," but also maintains a destructive cyberattack could be considered an "act of war." While it also further empowers the NSA, will even the super spy agency be able to plug all the holes in DoD?

Just as land, sea, air and space are domains defended by the military, so too has the Pentagon decided cyberspace is the fifth "operational domain" which needs special forces to defend it. A destructive cyberattack could be considered an "act of war." According to the new DoD cyberspace strategy, "The United States reserves the right, under the laws of armed conflict, to respond to serious cyberattacks with a proportional and justified military response at the time and place of our choosing."

Unless you fell off the grid, or don't live and breathe security news, you probably know that a nation state infiltrated a defense contractor in March and stole 24,000 military files in one swoop. Attackers are still busy trying to get more classified info from the U.S. military; F-Secure's Mikko Hypponen discovered a decoy PDF file that exploits a JavaScript vulnerability when opened in Adobe Reader and creates a backdoor for the attacker. "The decoy is a call for papers for 2012 AIAA Strategic and Tactical Missile Systems Conference, which is a US conference classified as SECRET."

In case you wonder how it's known the attackers were foreign-sponsored, Director Scott Borg of the U.S. Cyber Consequences Unit said in an interview with NBC News that U.S. intelligence can increasingly "distinguish between computer attacks by bored teenage hackers and those launched by sophisticated foreign spy agencies." U.S. Defense networks undergo millions of probes every day by external threat actors. While Chinese honkers (hackers) may leap immediately to mind when pondering who stole the 24,000 files, there are always other attackers like Russian patriot hackers to consider. In fact, U.S. officials believe "one of the leading suspects in the March attack is the Russian foreign intelligence service." In regards to the March attack, Deputy Secretary of Defense William J. Lynn told NextGov, "It was 24,000 files, which is a lot, but I don't think it's the largest we've seen."

According to the DoD announcement about its new cyberspace strategy, "More than 60,000 new malicious software programs or variations are identified every day threatening our security, our economy and our citizens." Lynn said, "With 15,000 networks and more than seven million computing devices, DoD continues to be a target in cyberspace for malicious activity. . . . The defense of the military will matter little unless our civilian critical infrastructure is also able to withstand attacks."

The Pentagon's Department of Defense Strategy for Operating in Cyberspace [PDF] states, "Every year, an amount of intellectual property larger than that contained in the Library of Congress is stolen from networks maintained by U.S. businesses, universities, and government departments and agencies. . . . Cyber threats to U.S. national security go well beyond military targets and affect all aspects of society. Hackers and foreign governments are increasingly able to launch sophisticated intrusions into the networks and systems that control critical civilian infrastructure."

This plan covers many aspects from addressing the backdoor taint to imported technologies in our supply chain to setting up USCYBERCOM, a command established by DoD with a NSA "co-location." The NSA Director will being "dual-hatted" as "Commander of USCYBERCOM. Co-location and dual-hatting of these separate and distinct organizations allow DoD, and the U.S. government, to maximize talent and capabilities, leverage respective authorities, and operate more effectively to achieve DoD's mission."

The DoD cybersecurity plan for "enhancing cyber hygiene" in cyberspace includes five strategic initiatives:

  • Strategic Initiative 1: Treat cyberspace as an operational domain to organize, train, and equip so that DoD can take full advantage of cyberspace's potential.
  • Strategic Initiative 2: Employ new defense operating concepts to protect DoD networks and systems.
  • Strategic Initiative 3: Partner with other U.S. government departments and agencies and the private sector to enable a whole-of-government cybersecurity strategy.
  • Strategic Initiative 4: Build robust relationships with U.S. allies and international partners to strengthen collective cybersecurity.
  • Strategic Initiative 5: Leverage the nation's ingenuity through an exceptional cyber workforce and rapid technological innovation.

While some privacy advocates are concerned with the potential for the military to peek at civilians' online traffic, the Pentagon's strategy claims the "People are the Department's first line of defense in sustaining good cyber hygiene. . . . The defense of U.S. national security interests in cyberspace depends on the talent and ingenuity of the American people. DoD will catalyze U.S. scientific, academic, and economic resources to build a pool of talented civilian and military personnel to operate in cyberspace and achieve DoD objectives."

For now, the Pentagon will allow a "few defense contractors" the use of classified intelligence on threats. NextGov reported that at end of summer, the "test program" will wrap up and "department officials will contemplate whether to open up the secret information to more Pentagon suppliers and, perhaps, operators of vital civilian systems."

Let's hope these defense contractors are much more diligent about protecting classified intelligence than defense contractor Booz Allen Hamilton which was recently pwned by Anonymous AntiSec hackers. If the super secret NSA cracks down on the DoD, maybe the leaks in the Pentagon will finally get plugged?

Like this? Here's more posts:

  • What happens if you catch a hacker and must deal with the FBI?
  • Microsoft patent may ruin Skype, may make VoIP spy and pry easy for gov't
  • FBI Dumpster Diving Brigade Coming Soon to Snoop in a Trashcan Near You
  • Microsoft: We're not vulnerable to DDoS attacks
  • DHS: Imported Tech Tainted with Backdoor Attack Tools
  • They ARE Listening: Law Enforcement Wiretapping Jumps 34%
  • FaceNiff Android App Allows the Clueless to Hack Facebook in Seconds Over Wi-Fi
  • Project PM Leaks Dirt on Romas/COIN Classified Intelligence Mass Surveillance
  • Former FBI Agent Turned ACLU Attorney: Feds Routinely Spy on Citizens
  • Did Harvard Researchers Breach Students' Privacy?
  • In this digital age, what the heck happened to the Constitution?

Follow me on Twitter @PrivacyFanatic

Copyright © 2011 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)