DOD Releases First Strategy for Operating in Cyberspace
By Cheryl Pellerin
American Forces Press Service
WASHINGTON, July 14, 2011 The Defense Department’s first strategy for operating in cyberspace is a milestone in the fight to protect the nation from potentially devastating network attacks, Deputy Defense Secretary William J. Lynn III said today.
Deputy Defense Secretary William J. Lynn III announces the Defense Department's Strategy for Operating in Cyberspace at National Defense University at Fort Lesley J. McNair in Washington, D.C., July 14, 2011. It is the department's first unified strategy for operating in cyberspace. DOD photo by U.S. Air Force Tech. Sgt. Jacob N. Bailey
(Click photo for screen-resolution image);high-resolution image available.
Lynn addressed an audience of military and civilian officials, educators and reporters at the National Defense University.
“We do not know the exact way in which cyber will figure in the execution of [DOD’s] mission, or the precise scenarios that will arise,” Lynn said.
“But the centrality of information technology to our military operations and our society virtually guarantees that future adversaries will target our dependence on it,” he added.
“Our assessment is that cyber attacks will be a significant component of any future conflict, whether it involves major nations, rogue states or terrorist groups,” the deputy secretary said.
The existence of tools that disrupt or destroy critical networks, cause physical damage, or alter the performance of key systems marks a strategic shift in the evolving cyber threat, Lynn said.
“As a result of this threat,” he added, “keystrokes originating in one country can impact the other side of the globe in the blink of an eye. In the 21st century, bits and bytes can be as threatening as bullets and bombs.”
An important element of the strategy is to deny or minimize an attack, Lynn said. “If we can minimize the impact of attacks on our operations and attribute them quickly and definitively, we may be able to change the decision calculus of an attacker.”
Other elements, or pillars, of the strategy include:
- Treating cyberspace as an operational domain like land, air, sea and space, operating and defending department networks and training and equipping forces for cyber missions.
- Introducing new operating concepts on department networks, including active cyber defenses, using sensors, software and signatures to stop malicious code before it affects operations.
- Working with the Department of Homeland Security and the private sector to protect critical national infrastructure like the power grid, transportation system and financial sector.
- Building collective cyber defenses with allies and international partners to expand awareness of malicious activity and help defend against attacks.
- Fundamentally shifting the technological landscape of cyber security by significantly enhancing network security.
“Over the past year,” Lynn said, “we have made progress in each of these five pillars.”
In May 2010, U.S. Cyber Command became operational to centralize network operations and defense.
“We have established supporting activities in each of the military services,” Lynn said, “and we are now training our forces to thwart attacks that compromise our operations.”
The United States partnered with Australia, Canada, the United Kingdom and NATO, and under President Barack Obama’s Comprehensive National Cybersecurity Initiative, launched in May, the Defense Department will increase cooperation with other nations in the coming months, he added.
“We have also committed half a billion dollars in [research and development] funds to accelerate research on advanced defensive technologies,” the deputy secretary said.
“Our research agenda includes novel approaches to improving network security and defense,” he said.
“We imagine a time when computers innately and automatically adapt to new threats,” he said. “We hope for a world when we can not only transmit information in encrypted form, but also keep data encrypted as we perform regular computer operations. Having data encrypted 100% of the time would be a revolution in computer security, greatly enhancing our ability to operate in untrusted environments.”
The Defense Department has made “substantial progress,” Lynn said, in working with private industry and the rest of government to make critical infrastructure more secure.
Last October, the Departments of Defense and Homeland Security, which is responsible for protecting critical infrastructure, signed an agreement to coordinate cyber security efforts.
The agencies established a joint planning capability and exchanged cyber personnel in their operations centers, he said.
DOD is helping Homeland Security deploy advanced defensive technologies on government networks, Lynn said.
The critical infrastructure the military depends on extends to private companies that build DOD’s equipment and technology, he added.
“It is a significant concern that over the past decade, terabytes of data have been extracted by foreign intruders from corporate networks of defense companies,” Lynn said. “In a single intrusion this March, 24,000 files were taken.”
The stolen data ranges from specifications for small parts of tanks, airplanes and submarines to aircraft avionics, surveillance technologies, satellite communications systems and network security protocols.
“Current countermeasures have not stopped this outflow of sensitive information,” the deputy secretary said. “We need to do more to guard our digital storehouses of design innovation.”
In response, he said, the Departments of Defense and Homeland Security established a pilot program with a handful of defense companies that gives the companies robust protection for their networks.
“In this Defense Industrial Base -- or DIB -- Cyber Pilot,” Lynn said, “classified threat intelligence is shared with defense contractors or their commercial Internet service providers, along with the know-how to employ it in network defense.”
Such intelligence helps the companies and their Internet service providers identify and stop malicious activity in their networks, he said.
“Although we are only beginning to evaluate the effectiveness of the pilot,” Lynn said, “it has already stopped intrusions for some participating industry partners.”
Through information sharing promoted by the program, he added, “we not only halted intrusions, we also learned more about the diversity of techniques used to perpetrate them.”
The United States stands at an important juncture in the development of the cyber threat, Lynn said.
“More destructive tools are being developed, but have not yet been widely used,” he added.
The Defense Department needs to develop stronger defenses, the deputy secretary said, before those who mean harm to the United States gain the ability to launch more damaging cyber attacks.
“We have a window of opportunity,” he added, “ … in which to protect our networks against more perilous threats.”