Lynn: Cyber Strategy’s Thrust is Defensive

WASHINGTON, July 14, 2011 — In March, a cyber attack on a defense company’s net­work cap­tured 24,000 files con­tain­ing Defense Depart­ment infor­ma­tion.

Nations typ­i­cal­ly launch such attacks, Deputy Defense Sec­re­tary William J. Lynn III said today, but a grow­ing risk of ter­ror­ist groups and rogue states devel­op­ing sim­i­lar capa­bil­i­ties dri­ves the need to strength­en the nation’s cyber defenses. 

“All of the advanced capa­bil­i­ties we have, whether it’s tar­get­ing or nav­i­ga­tion or com­mu­ni­ca­tion, … have a back­bone that’s run through infor­ma­tion tech­nol­o­gy,” he said. “So if you’re a smart adver­sary and you’re seek­ing an asym­met­ric way to come at the Unit­ed States, cyber will appear to you very, very quickly.” 

Lynn spoke to Pen­ta­gon reporters about how the Defense Department’s new Strat­e­gy for Oper­at­ing in Cyber­space coun­ters such threats. Offi­cials released an unclas­si­fied ver­sion of the strat­e­gy today. 

Attacks in cyber­space are hard to trace to the source, which makes retal­i­a­tion an inef­fec­tive strat­e­gy, Lynn said, not­ing that DOD’s approach is to hard­en defens­es and reduce incen­tives for attacks. 

The strat­e­gy rests on five pil­lars, he said: treat cyber as a domain; employ more active defens­es; sup­port the Depart­ment of Home­land Secu­ri­ty in pro­tect­ing crit­i­cal infra­struc­ture net­works; prac­tice col­lec­tive defense with allies and inter­na­tion­al part­ners; and reduce the advan­tages attack­ers have on the Internet. 

The depart­ment estab­lished U.S. Cyber Com­mand in May 2010 to address the Inter­net as a domain, just as it does land, sea, air and space. Cyber Com­mand devel­ops doc­trine, train­ing and equip­ment for cyber defense, Lynn said. 

“We have, with­in Cyber Com­mand, a full spec­trum of capa­bil­i­ties, but the thrust of the strat­e­gy is defen­sive,” Lynn said. “We think we need to be able to defend our net­works just to main­tain our offen­sive advan­tages in all of the oth­er areas.” 

Lynn said the active defense facet of the strat­e­gy seeks to avoid a “Mag­inot Line” approach, focused only on the perimeter. 

“You want to be able to hunt on your own net­works, to find things that get past the perime­ter,” he said. “It’s a more dynam­ic approach to defense.” 

Lynn said DOD is respon­si­ble for defend­ing mil­i­tary net­works, but the Depart­ment of Home­land Secu­ri­ty is respon­si­ble for gov­ern­ment net­works and work­ing with the pri­vate sec­tor on defend­ing crit­i­cal infra­struc­ture. But the Pen­ta­gon has an impor­tant role to play sup­port­ing Home­land Security’s efforts, Lynn said, because it relies on the pow­er grid and the trans­porta­tion and finan­cial networks. 

“If we were in some sort of world where we were able to pro­tect the mil­i­tary net­works and the pow­er grid went down, that would not be good mil­i­tar­i­ly,” he said. 

“We think that over time, research and devel­op­ment mon­ey might rebal­ance that some­what and impose costs on the attack­er,” Lynn said, offer­ing as an exam­ple of promis­ing tech­nol­o­gy the abil­i­ty to encrypt data at rest with­out increas­ing pro­cess­ing time, which the Defense Advanced Research Projects Agency and pri­vate-sec­tor com­pa­nies are work­ing to develop. 

“That’s the kind of thing that would … give more advan­tages to the defend­er. So if you broke in [to a net­work] you would then have to decrypt the data,” he said. “It’s a much, much hard­er prob­lem for an attacker.” 

In the 1980s and 1990s, DOD invest­ed in high-per­for­mance com­put­ing for crypt­analy­sis and oth­er mil­i­tary appli­ca­tions, Lynn noted. 

“That helped seed a whole indus­try,” he said. “It helped, I think, accel­er­ate the devel­op­ment of technologies.” 

Sim­i­lar advances can result from the department’s efforts now, he said, not­ing DOD’s cyber invest­ment includes a half bil­lion dol­lars in research fund­ing for DARPA in the last budget. 

“We’ve got a very strong part­ner­ship with our defense indus­tri­al base now,” he said. “We have, I think, worked through process­es where we’re shar­ing data, shar­ing an under­stand­ing of the threat … and that just strength­ens everybody.” 

Close coop­er­a­tion among DOD, oth­er agen­cies and pri­vate indus­try lim­its risk, Lynn said, because defens­es can be put in place quick­ly to lim­it the spread of harm­ful attacks. 

DOD also coor­di­nates with defense com­pa­nies and the infor­ma­tion tech­nol­o­gy indus­try through the endur­ing secu­ri­ty frame­work, he said, which allows the depart­ment to solic­it tech­ni­cal solu­tions to threats. 

“It’s a very soft touch,” he said. “This is a col­lab­o­ra­tive forum. … There’s no gov­ern­ment direc­tion in that, but we’ve seen sev­er­al spe­cif­ic instances where they have indeed made upgrades based on the descrip­tion of the threats.” 

On the inter­na­tion­al front, the Unit­ed States has reached agree­ments with NATO, as well as with indi­vid­ual nations, includ­ing the Unit­ed King­dom and Aus­tralia, Lynn said. 

“The White House just put out an inter­na­tion­al strat­e­gy with the idea of broad­en­ing that group of inter­na­tion­al part­ners,” he added. 

“There cer­tain­ly are sov­er­eign­ty issues,” Lynn said. “I think that’s where col­lec­tive defense is a crit­i­cal ele­ment. If you exchange infor­ma­tion about the kinds of threats, the kinds of sig­na­tures you’re see­ing, … you’re able to get ear­ly warning.” 

U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs) 

Face­book and/or on Twit­ter

Team GlobDef

Seit 2001 ist im Internet unterwegs, um mit eigenen Analysen, interessanten Kooperationen und umfassenden Informationen für einen spannenden Überblick der Weltlage zu sorgen. war dabei die erste deutschsprachige Internetseite, die mit dem Schwerpunkt Sicherheitspolitik außerhalb von Hochschulen oder Instituten aufgetreten ist.

Alle Beiträge ansehen von Team GlobDef →