Four years is a long time in the cyber world – but not necessarily in the halls of government where 48 months can pass in the blink of an eye. That could explain why the Department of Defense has issued a new cyber strategy: its first since 2011.
The Department of Defense said on its website it has three primary missions:
- Defend DoD networks, systems, and information;
- Defend the U.S. homeland and U.S. national interests against cyberattacks of significant consequence; and,
- Provide cyber support to military operational and contingency plans.
The new strategy is going to rely heavily on human interaction. The Department of Defense is building and training Cyber Mission Forces. “These are talented individuals who hunt down intruders, red-team our networks and perform the forensics that help keep our systems secure,” Secretary of Defense Ash Carter, pictured at left, said in remarks in California, noting that their skill and knowledge makes them more valuable than the technology they use.
Carter presented the new security plan in Silicon Valley. According to the Department of Defense news service, Carter discussed the new strategy — an update to the original strategy released in 2011 — before an audience at Stanford University on the first day of a two-day trip to California. “While we in DoD are an attractive target, the cyber threat is one we all face as institutions and as individuals,” Carter said at Stanford University.
“We like to deter malicious action before it happens and we like to be able to defend against incoming attacks as well as pinpoint where an attack came from,” the secretary said. Stronger partnerships throughout the government and stronger private-sector security researchers such as FireEye, Crowdstrike, HP and others have improved the department’s ability to respond, he added.
The report continued, “Deterrence is a key part of the new cyber strategy, which describes the department’s contributions to a broader national set of capabilities to deter adversaries from conducting cyberattacks, according to a fact sheet about the strategy. The department assumes that the totality of U.S. actions — including declaratory policy, substantial indications and warning capabilities, defensive posture, response procedures and resilient U.S. networks and systems –- will deter cyberattacks on U.S. interests, the fact sheet added.”
The fact sheet is available for download as a pdf.
Carter discussed with the audience a cyber attack that came from Russia. He said it was only recently declassified and this was the first time it was being discussed publicly. His remarks were delivered at Stanford as part of the annual Drell Lecture he delivered.
The defense secretary said earlier this year the sensors that guard the defense department’s unclassified networks detected Russian hackers accessing one of the networks. The hackers had discovered an unpatched vulnerability in a legacy network.
“While it’s worrisome they achieved some unauthorized access to our unclassified network, we quickly identified the compromise and had a team of incident responders hunting down the intruders within 24 hours,” Carter explained in the article. After discerning valuable information about the hackers’ tactics, experts analyzed the network activity, associated it with Russia, then kicked them off the network in a way that minimized their chances of returning, he added.
According to FierceGovernmentIT.com, the defense department’s updated strategy says the department will build off of Defense Science Board recommendations and assess the department’s ability to deter specific state and non-state actors from conducting cyberattacks that would result in loss of life, significant destruction of property or significant impact on foreign and economic policy interests.
The FierceGovernmentIT.com article also quoted Carter as saying the Department of Defense has gotten better at attributing cyber attacks because of strong partnerships across the government and with private sector security researchers. But the department’s ability to ensure security and innovation in the cyber domain hinges largely on its people, said Carter in the speech, which emphasized the rich opportunities possible through Silicon Valley-government collaboration. “We’ve had tensions before and we will likely have them again,” said Carter.
The article also said the Department of Defense will open an office in Silicon Valley staffed by military personnel, civilians and reservists; expand its fellows program; invest in emerging technology like nano-electronics through venture capital firm In-Q-Tel; and launch a pilot program for start up technologies in Silicon Valley – outside of the traditional defense industrial base.