Cyber Defense Requires Teamwork, Agility, Alexander Says

WASHINGTON, Oct. 27, 2011 — The com­man­der of U.S. Cyber Com­mand called for increased col­lab­o­ra­tion among the gov­ern­ment, indus­try and America’s allies in devel­op­ing more defen­si­ble net­works to con­front esca­lat­ing glob­al cyber threats.

Cur­rent net­work secu­ri­ty pro­tec­tions aren’t nim­ble enough to defend against the explod­ing num­ber of threats, Army Gen. Kei­th B. Alexan­der told gov­ern­ment, aca­d­e­m­ic and pri­vate-sec­tor pro­fes­sion­als yes­ter­day at the Secu­ri­ty Inno­va­tion Network’s Show­case 2011 con­fer­ence here.

Fire­walls, routers, antivirus soft­ware and intru­sion detec­tion sys­tems are designed to iden­ti­fy and block spe­cif­ic cyber-intrud­er sig­na­tures, Alexan­der said. The prob­lem, he not­ed, is that adver­saries have the abil­i­ty to scan the net­works, exploit vul­ner­a­bil­i­ties and use them to gain access.

“It’s like the Mag­inot Line,” Alexan­der explained, refer­ring to the for­ti­fi­ca­tions France built along its bor­der with Ger­many after World War I with hopes of pre­vent­ing anoth­er cross-bor­der attack. Ger­many respond­ed dur­ing World War II by doing the unex­pect­ed: attack­ing instead through the Ardennes For­est.

“That’s the same thing that hap­pens in your net­work,” Alexan­der said, not­ing in cyber­space adver­saries have “all the advan­tages.” They can scan net­works, he said, and iden­ti­fy what soft­ware is being run, and pounce when they iden­ti­fy a vul­ner­a­bil­i­ty.

“That’s the dynam­ic we have to change,” Alexan­der said. “We are the guys who helped cre­ate the Inter­net. We are the ones that built that. We ought to be the first ones to secure it.”

The White House’s Inter­na­tion­al Strat­e­gy for Cyber­space and Defense Depart­ment strat­e­gy rep­re­sent a start in that direc­tion, Alexan­der said. But he empha­sized that devel­op­ing more defen­si­ble sys­tems isn’t some­thing the Defense Depart­ment or any oth­er enti­ty can do alone.

It requires gov­ern­ment agen­cies work­ing as a team, he said, while also work­ing with indus­try and U.S. allies and part­ners.

“When we talk cyber, we talk a team sport,” Alexan­der said. “It’s all of us oper­at­ing as a team to defend the coun­try in cyber­space, with the right legal author­i­ties.”

Alexan­der cit­ed the explo­sion of net­work com­mu­ni­ca­tions around the world. As of March 31, 30 per­cent of the world pop­u­la­tion had access to the Inter­net. Dur­ing 2010, 107 tril­lion emails were sent — that’s 294 bil­lion per day. By 2015, he said, it’s pre­dict­ed that there will be twice as many Inter­net devices as peo­ple on the plan­et.

Such growth, the gen­er­al said, has cre­at­ed vul­ner­a­bil­i­ties which leave no sec­tor immune — from hack­ings at well-respect­ed com­pa­nies such as Nas­daq, RSA Secu­ri­ty and Booz Allen Hamil­ton to denial-of-ser­vice attacks in Esto­nia, Geor­gia and else­where.

For every com­pa­ny that rec­og­nizes it has been hacked, Alexan­der said, hun­dreds more don’t.

Among the costs is a huge loss of intel­lec­tu­al prop­er­ty through what Alexan­der called “the great­est trans­fer of wealth in his­to­ry.” But the big­ger fear, he said, is that dis­rup­tive attacks will turn destruc­tive.

Alexan­der not­ed ini­tia­tives under way that show promise in coun­ter­ing these grow­ing threats. For exam­ple, he said, “cloud” com­put­ing deliv­ers shared resources and soft­ware through vir­tu­al routers, machines and net­works [and] enables faster serv­er updates and more agile respons­es than lega­cy data­bas­es.

Mean­while, a pilot pro­gram in which the Defense Depart­ment shares clas­si­fied threat intel­li­gence with indus­try is help­ing to increase mil­i­tary cyber defens­es and pre­vent­ing ene­my intru­sions into oth­er sen­si­tive gov­ern­ment net­works.

Alexan­der called the Defense Indus­tri­al Base Cyber Pilot, launched in part­ner­ship with the Home­land Secu­ri­ty Depart­ment, “a huge step” that’s blocked intru­sions and iden­ti­fied sig­na­tures that had­n’t been pre­vi­ous­ly seen.

“The intent is to push sig­na­tures to the Inter­net ser­vice providers and pro­tect vul­ner­a­bil­i­ties,” he said. “We are hav­ing suc­cess with that.”

Laud­ing progress in net­work pro­tec­tions, Alexan­der empha­sized that they can’t come at the cost of civ­il lib­er­ties and pri­va­cy rights.

“We should demand that we get both,” he said. “In my opin­ion, we can do that. We can pro­tect civ­il lib­er­ties and pri­va­cy and come up with a defen­sive pro­gram that we can defend this coun­try and our com­pa­nies in cyber­space.”

U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs)