Transcom, Partners Secure Networks Against Cyberattacks
By Donna Miles
American Forces Press Service
WASHINGTON, March 7, 2013 As the target of more cyberattacks than any other combatant command, U.S. Transportation Command is taking concrete steps to reduce vulnerabilities and ensure the security of networks vital to its global transportation and distribution mission, the Transcom commander told Congress today.
Transcom was hit by almost 45,000 cyberattacks during 2011, and quadruple that number last year, Air Force Gen. William M. Fraser III told the Senate Armed Services Committee.
“We see a myriad of attacks,” he said, from hackers trying to enter the network to “advanced, persistent attacks out there that we continue to defend against.”
Unlike most combatant commands that interface primarily with other secure military and government networks, Transcom relies heavily on its industry and commercial partners that deliver 70 percent of its supplies and passengers around the world, Fraser noted in his written statement to the committee. Ninety percent of the command’s distribution and deployment transactions are over unclassified and commercial systems that lack the safeguards provided on “dot-mil” and “dot-gov” networks, he said.
“It is an area that we have significant concern [about], but we have taken a lot of action, and not just in one area,” Fraser told the Senate panel. “We are taking a holistic approach as we work this specific issue.”
That approach involves not only shoring up its own network defenses, but also working closely with its commercial and interagency partners to help them strengthen theirs, he said.
Transcom established a secure enclave that reduced the number of “touchpoints” its partners use to connect with the command’s networks, Fraser reported. This improves the command’s defensive posture, he explained, ensuring that “if people were trying to get into our network, we would be able to see it [and] be able to defend it.”
“We have been successful in that, as we have collapsed this to fewer touchpoints, and have not had any significant intrusions into our network,” Fraser reported.
Meanwhile, Transcom is reaching out to its commercial partners to help them protect their networks against cyber threats. Fraser identified one case in which a company that Transcom works with had an intrusion, principally involving a download of data. But he emphasized that the activity “was not a back-door attack” into Transcom’s networks.
To help prevent these intrusions, Transcom sponsored three forums last year, attracting several hundred participants to discuss ways to address the problem. The Transcom presenters, including representatives of other government and law-enforcement agencies, shared information that many of the company CEOs and chief information officers and representatives did not have, enabling them to apply it to their own networks and their interface with the command, Fraser said.
In addition, to underscore partners’ role in the security of Transcom’s networks and the mission they support, the command has started inserting specific language into its contracts to promote cyber awareness and cybersecurity, Fraser said.
The new language encourages contractors to provide details about their information assurance plans and steps they are taking to protect their networks, the general said. It also calls on them to notify Transcom when they detect intrusion or intrusion attempts into their networks.
This reporting system, Fraser said, enables Transcom to provide assistance and, if deemed necessary, stand up a team to determine any impact on the command’s operations.
Fraser said he’s encouraged by the collaboration that he said is successful “because everybody understands the importance of it.”
“This neighborhood watch capability that we have, where everyone is working together in a collaborative nature is actually enhancing us all -- from our commercial partners as well as us just in Transcom and our ability to maintain the connectivity that we need to accomplish our job,” Fraser said. “So I'm encouraged by what we're doing. We continue to move forward in a partnership with them and sharing this information.”
Asked during today’s hearing about the consequences of sequestration and budget uncertainties on Transcom’s operations, Fraser emphasized the challenges they impose on missions that support operations across the military.
Over the past year, Transcom has maintained a high operations tempo, supporting combat operations and sustainment efforts and meeting troop-reduction deadlines in Afghanistan while also providing humanitarian relief and crisis action responses, he noted.
With fewer resources and an expected decrease in mission requirements, Transcom is working closely with its customers and lift providers to reduce the cost of operations while also protecting the commercial transportation base on which it depends, he said.
“While the impacts of these reductions will not occur immediately, long-term results will likely affect the business base of our commercial partners and, therefore, our ability to support other combatant commands in the same manner as we do today,” the general told the committee.
In the meantime, Fraser said, Transcom will work closely with the military services and its commercial partners in the coming months to mitigate the second- and third-order effect of these reductions on its sealift, airlift and surface capabilities.
“Preserving our readiness remains critical to maintaining our capability to project power and to provide support to our joint forces around the world,” he said.