Cyber Threat Grows More Destructive, Lynn Says

WASHINGTON, July 15, 2011 — The cyber threat the Unit­ed States faces is increas­ing in sever­i­ty and is acces­si­ble to a wide range of ene­mies, Deputy Defense Sec­re­tary William J. Lynn III said in a tele­vi­sion inter­view broad­cast last night.

“Most of what we see today is exploita­tion — that’s theft, steal­ing secrets, either com­mer­cial or mil­i­tary,” Lynn told Ray Suarez on “PBS New­shour.” “[But] we know the tools exist to destroy things, to destroy phys­i­cal prop­er­ty, to destroy net­works, to destroy data, maybe even take human lives.” 

Lynn said nation-states cur­rent­ly are the sole pos­ses­sors of sophis­ti­cat­ed cyber tools, but the capa­bil­i­ty will spread over time. 

“It’s going to migrate to rogue states, and it’s going to migrate to, even­tu­al­ly, ter­ror­ist groups,” he said. “At some point, you’re going to see a mar­riage of capa­bil­i­ty and intent, and that is what we should tru­ly wor­ry about.” 

DOD is work­ing both to defend its own net­works and sup­port the Depart­ment of Home­land Security’s mis­sion to pro­tect sys­tems impor­tant to nation­al secu­ri­ty, Lynn said. 

Pen­ta­gon offi­cials yes­ter­day released the Defense Department’s first strat­e­gy aimed at coun­ter­ing the cyber threat. The strat­e­gy doc­u­ment charts the increase of Inter­net usage since 2000, when there were 360 glob­al users, to 2010’s 2 bil­lion. DOD alone has 15,000 net­works and more than 7 mil­lion com­put­ing devices. 

“In the first instance, we’re pro­tect­ing those mil­i­tary capa­bil­i­ties,” Lynn said. “But we need to go fur­ther. Work­ing through the Depart­ment of Home­land Secu­ri­ty, we need to think about how we might use bet­ter defen­sive capa­bil­i­ties to pro­tect … the pow­er grid, the trans­porta­tion net­work, the finan­cial sector.” 

DOD is not com­mit­ting to pro­tect­ing the entire Inter­net, Lynn said. 

“We’re talk­ing with our allies about how we have a col­lec­tive defense,” he said. “We’re work­ing with them to share tech­nolo­gies, to share under­stand­ings of the threat, so that we have a col­lec­tive defense approach to this impor­tant prob­lem.” Most cyber attacks hap­pen­ing now are mali­cious activ­i­ty, some are crim­i­nal, and some reach the lev­el of espi­onage, Lynn said. 

“We have seen a few cas­es … where it goes above that and degrades net­works them­selves,” he said, not­ing the 2007 attack on Esto­nia and the 2008 cyber assault on the repub­lic of Georgia. 

Defend­ing the cyber domain requires a new way of think­ing, Lynn said. 

“It’s dif­fer­ent than land, sea, air and space,” he not­ed. “It’s large­ly pri­vate­ly owned. It cross­es bor­ders. It does­n’t respect sov­er­eign­ty. And the speed at which it moves, key­strokes on one side of the globe can have an impact on the oth­er in the blink of an eye.” 

U.S. Cyber Com­mand is respon­si­ble for orga­niz­ing DOD’s efforts in the cyber domain, the deputy sec­re­tary said. 

“They’re out hir­ing peo­ple, both in uni­form and as civil­ians, with … [the] cyber skills that we need,” he added. “They’re dif­fer­ent kinds of skills than we might need with con­ven­tion­al sol­diers, but they’re equal­ly important.” 

DOD does­n’t mon­i­tor or scan com­mer­cial net­works in the Unit­ed States, Lynn said. 

“We’re try­ing to work with the appro­pri­ate agen­cies, the FBI, with law enforce­ment, the Depart­ment of Home­land Secu­ri­ty, for pro­tec­tion of crit­i­cal infra­struc­ture to pro­vide capa­bil­i­ties … that the Defense Depart­ment has that might be used for those crit­i­cal mis­sions,” he said. “But we don’t have the pri­ma­ry role.” 

Source:
U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs) 

Face­book and/or on Twit­ter