Cyber Defense Requires Teamwork, Agility, Alexander Says

WASHINGTON, Oct. 27, 2011 — The com­man­der of U.S. Cyber Com­mand called for increased col­lab­o­ra­tion among the gov­ern­ment, indus­try and America’s allies in devel­op­ing more defen­si­ble net­works to con­front esca­lat­ing glob­al cyber threats.

Cur­rent net­work secu­ri­ty pro­tec­tions aren’t nim­ble enough to defend against the explod­ing num­ber of threats, Army Gen. Kei­th B. Alexan­der told gov­ern­ment, aca­d­e­m­ic and pri­vate-sec­tor pro­fes­sion­als yes­ter­day at the Secu­ri­ty Inno­va­tion Network’s Show­case 2011 con­fer­ence here.

Fire­walls, routers, antivirus soft­ware and intru­sion detec­tion sys­tems are designed to iden­ti­fy and block spe­cif­ic cyber-intrud­er sig­na­tures, Alexan­der said. The prob­lem, he not­ed, is that adver­saries have the abil­i­ty to scan the net­works, exploit vul­ner­a­bil­i­ties and use them to gain access.

“It’s like the Mag­inot Line,” Alexan­der explained, refer­ring to the for­ti­fi­ca­tions France built along its bor­der with Ger­many after World War I with hopes of pre­vent­ing anoth­er cross-bor­der attack. Ger­many respond­ed dur­ing World War II by doing the unex­pect­ed: attack­ing instead through the Ardennes For­est.

“That’s the same thing that hap­pens in your net­work,” Alexan­der said, not­ing in cyber­space adver­saries have “all the advan­tages.” They can scan net­works, he said, and iden­ti­fy what soft­ware is being run, and pounce when they iden­ti­fy a vul­ner­a­bil­i­ty.

“That’s the dynam­ic we have to change,” Alexan­der said. “We are the guys who helped cre­ate the Inter­net. We are the ones that built that. We ought to be the first ones to secure it.”

The White House’s Inter­na­tion­al Strat­e­gy for Cyber­space and Defense Depart­ment strat­e­gy rep­re­sent a start in that direc­tion, Alexan­der said. But he empha­sized that devel­op­ing more defen­si­ble sys­tems isn’t some­thing the Defense Depart­ment or any oth­er enti­ty can do alone.

It requires gov­ern­ment agen­cies work­ing as a team, he said, while also work­ing with indus­try and U.S. allies and part­ners.

“When we talk cyber, we talk a team sport,” Alexan­der said. “It’s all of us oper­at­ing as a team to defend the coun­try in cyber­space, with the right legal author­i­ties.”

Alexan­der cit­ed the explo­sion of net­work com­mu­ni­ca­tions around the world. As of March 31, 30 per­cent of the world pop­u­la­tion had access to the Inter­net. Dur­ing 2010, 107 tril­lion emails were sent — that’s 294 bil­lion per day. By 2015, he said, it’s pre­dict­ed that there will be twice as many Inter­net devices as peo­ple on the plan­et.

Such growth, the gen­er­al said, has cre­at­ed vul­ner­a­bil­i­ties which leave no sec­tor immune — from hack­ings at well-respect­ed com­pa­nies such as Nas­daq, RSA Secu­ri­ty and Booz Allen Hamil­ton to denial-of-ser­vice attacks in Esto­nia, Geor­gia and else­where.

For every com­pa­ny that rec­og­nizes it has been hacked, Alexan­der said, hun­dreds more don’t.

Among the costs is a huge loss of intel­lec­tu­al prop­er­ty through what Alexan­der called “the great­est trans­fer of wealth in his­to­ry.” But the big­ger fear, he said, is that dis­rup­tive attacks will turn destruc­tive.

Alexan­der not­ed ini­tia­tives under way that show promise in coun­ter­ing these grow­ing threats. For exam­ple, he said, “cloud” com­put­ing deliv­ers shared resources and soft­ware through vir­tu­al routers, machines and net­works [and] enables faster serv­er updates and more agile respons­es than lega­cy data­bas­es.

Mean­while, a pilot pro­gram in which the Defense Depart­ment shares clas­si­fied threat intel­li­gence with indus­try is help­ing to increase mil­i­tary cyber defens­es and pre­vent­ing ene­my intru­sions into oth­er sen­si­tive gov­ern­ment net­works.

Alexan­der called the Defense Indus­tri­al Base Cyber Pilot, launched in part­ner­ship with the Home­land Secu­ri­ty Depart­ment, “a huge step” that’s blocked intru­sions and iden­ti­fied sig­na­tures that had­n’t been pre­vi­ous­ly seen.

“The intent is to push sig­na­tures to the Inter­net ser­vice providers and pro­tect vul­ner­a­bil­i­ties,” he said. “We are hav­ing suc­cess with that.”

Laud­ing progress in net­work pro­tec­tions, Alexan­der empha­sized that they can’t come at the cost of civ­il lib­er­ties and pri­va­cy rights.

“We should demand that we get both,” he said. “In my opin­ion, we can do that. We can pro­tect civ­il lib­er­ties and pri­va­cy and come up with a defen­sive pro­gram that we can defend this coun­try and our com­pa­nies in cyber­space.”

Source:
U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs)

Team GlobDef

Team GlobDef

Seit 2001 ist GlobalDefence.net im Internet unterwegs, um mit eigenen Analysen, interessanten Kooperationen und umfassenden Informationen für einen spannenden Überblick der Weltlage zu sorgen. GlobalDefenc.net war dabei die erste deutschsprachige Internetseite, die mit dem Schwerpunkt Sicherheitspolitik außerhalb von Hochschulen oder Instituten aufgetreten ist.

Alle Beiträge ansehen von Team GlobDef →