USA — Alexander Details U.S. Cyber Command Gains

WASHINGTON — Estab­lish­ing U.S. Cyber Com­mand closed the gap that pre­vent­ed the Defense Depart­ment from defend­ing its cru­cial infor­ma­tion net­works, the organization’s com­man­der told the House Armed Ser­vices Com­mit­tee yes­ter­day.

Cyber­com, based at Fort Meade, Md., merges the offen­sive and defen­sive sides of DOD’s cyber world into one orga­ni­za­tion for the ben­e­fit of both sides, said Army Gen. Kei­th B. Alexan­der, who also is direc­tor of the Nation­al Secu­ri­ty Agency. 

The com­mand stood up in May. Before that, Joint Task Force Glob­al Net­work Oper­a­tions was respon­si­ble for defense. 

“That task force got one lev­el of intel­li­gence and could see one part of the net­work,” Alexan­der told the com­mit­tee. “Oper­at­ing on the oth­er side was the Joint Func­tion­al Com­po­nent Com­mand Net War­fare trained at a dif­fer­ent lev­el with dif­fer­ent intel insights at a dif­fer­ent clas­si­fi­ca­tion level.” 

Two orga­ni­za­tions had respon­si­bil­i­ty for the same net­work, the gen­er­al explained. “And if you were oper­at­ing at the Nation­al Train­ing Cen­ter, you would­n’t have the defen­sive team out there defend­ing, and then take them off the field and run out with an offen­sive team,” he said. “It’s the same team.” 

The offense and defense can­not be dif­fer­ent, because these oper­a­tions will occur in real time, the gen­er­al said. 

“It’s also an expe­ri­ence that we’ve seen in some of our red team and blue teams of what’s hap­pen­ing in our net­works,” he said. “And I think that’s a huge and a pos­i­tive step and goes sig­nif­i­cant­ly toward pro­vid­ing bet­ter sup­port to the [com­bat­ant commands].” 

A sub­uni­fied com­mand under U.S. Strate­gic Com­mand, Cyber­com has about 1,000 ser­vice­mem­bers and civil­ian employ­ees. The com­mand has a bud­get of about $120 mil­lion this year, and is pro­grammed for about $150 mil­lion in fis­cal 2011. 

“We need the con­tin­ued sup­port of Con­gress and the resources that the depart­ment is putting for­ward for the com­po­nent com­mands that we have here,” Alexan­der said. “It is going to have to grow. Each of them are look­ing at this and address­ing that, and we will need your con­tin­ued sup­port to make that happen.” 

But the com­mand also needs author­i­ties and guid­ance from Con­gress and the White House to ensure a good defense. Alexan­der said the think­ing is that any cyber defense will require a team effort incor­po­rat­ing the Home­land Secu­ri­ty Depart­ment, the FBI, the Defense Depart­ment and oth­er con­cerned pub­lic and pri­vate agencies. 

“Right now, the White House is lead­ing a dis­cus­sion on what are the author­i­ties need­ed and how do we do this and … how will that team oper­ate to defend our coun­try?” he said. 

What they will look at across that is what are the author­i­ties, what do we have legal­ly, and then giv­en that, what do we have to come back to Con­gress and reshape or mold for author­i­ties to oper­ate in cyberspace?” 

Alexan­der went on to describe dif­fer­ent forms of the cyber threat. 

“Since the incep­tion of the Inter­net, as it were, prob­a­bly the key thing that we’ve seen is hack­er activ­i­ty and exploita­tion,” he said. “That’s where some­one comes in and takes infor­ma­tion from your com­put­er, steals your cred­it card num­ber, takes mon­ey out of your account.” 

That threat endures, and it pos­si­bly is the most sig­nif­i­cant form of the threat, the gen­er­al said. It is not just steal­ing Amer­i­can intel­lec­tu­al prop­er­ty, he not­ed, but also involves theft of U.S. secrets and com­pro­mis­ing oth­er parts of U.S. networks. 

Fast-for­ward to 2007, when Esto­nia became the first nation attacked in cyberspace. 

“We see a shift from exploita­tion to actu­al­ly using the Inter­net as a weapons plat­form to get anoth­er coun­try to bend to the will of anoth­er coun­try,” Alexan­der said. “While it’s hard to attribute that to a nation state, you can see it did hap­pen when two nations were quar­rel­ing over polit­i­cal issues.” 

Dis­rup­tive cyber attacks on Geor­gia fol­lowed in 2008. “A dis­rup­tive attack pre­vents you from doing your busi­ness for the time being,” the gen­er­al explained, but it’s nor­mal­ly some­thing that you can recov­er from and then go on and do your business. 

“What con­cerns me the most,” he con­tin­ued, “is destruc­tive attacks that are com­ing, and we’re con­cerned that those are the next things that we will see.” 

Destruc­tive attacks destroy equip­ment, Alexan­der said, and the vic­tim can­not take the same equip­ment and just dri­ve forward. 

“It’s not some­thing that you recov­er from by just stop­ping the traf­fic,” he said. “It is some­thing that breaks a com­put­er or anoth­er auto­mat­ed device and, once bro­ken, has to be replaced. That could cause tremen­dous damage.” 

DOD is con­cerned if that hap­pens in a war zone to defense net­works, Alexan­der said. 

“If that were to hap­pen in a war zone, that means our com­mand and con­trol sys­tem and oth­er things suf­fer,” he said. “We’ve got to be pre­pared for that both from a defen­sive per­spec­tive, and then to ensure that the ene­my can’t do that to us. Again – a full oper­a­tional capability.” 

DOD clas­si­fied net­works have been breached. A for­eign intel­li­gence agency used a flash dri­ve to put a virus into U.S. Cen­tral Com­mand net­works in 2008. The depart­ment launched Oper­a­tion Buck­shot Yan­kee to com­bat the worm, and Cyber­com has drawn lessons from the experience. 

“We actu­al­ly had three parts that came out of that Oper­a­tion Buck­shot Yan­kee – cul­ture, con­duct and capa­bil­i­ty,” Alexan­der told the rep­re­sen­ta­tives. “On the cul­ture side, it was get­ting com­man­ders to under­stand this is commander’s busi­ness. This isn’t some­thing that you say, ‘I’m going to have one of my staff run it.’ This is commander’s business. 

Com­man­ders are respon­si­ble for the oper­a­tion of their com­mand. And this oper­a­tional net­work, it’s impor­tant to them.” 

U.S. Depart­ment of Defense
Office of the Assis­tant Sec­re­tary of Defense (Pub­lic Affairs) 

Face­book and/or on Twit­ter

Team GlobDef

Seit 2001 ist im Internet unterwegs, um mit eigenen Analysen, interessanten Kooperationen und umfassenden Informationen für einen spannenden Überblick der Weltlage zu sorgen. war dabei die erste deutschsprachige Internetseite, die mit dem Schwerpunkt Sicherheitspolitik außerhalb von Hochschulen oder Instituten aufgetreten ist.

Alle Beiträge ansehen von Team GlobDef →