Defense Department Reveals that a Cyber Attack Captured 24,000 DoD Files; Announces Department’s Strategy for Operating in Cyberspace
The Department of Defense today released its Strategy for Operating in Cyberspace (DSOC), the Defense Department’s first unified strategy for cyberspace which “officially encapsulates” a new way forward for the DoD’s military, intelligence and business operations.
Listed first under the Five Strategic Initiatives in the 18-page document: “DoD will treat cyberspace as an operational domain to organize, train, and equip so that DoD can take full advantage of cyberspace’s potential.” Just like air, land, and sea, cyberspace is a new warfare domain.
“There is no doubt that cyber space is a battleground, and it’s therefore perfectly logical that it be treated as a domain of warfare,” said Eric Knapp, Director of Critical Infrastructure Markets at NitroSecurity. “Establishing controls to keep cyber activities at bay, denying them the privilege of escalation, is a sound and responsible strategy,” Knapp added. “We shouldn’t be surprised that cyber defenses are a national concern, or be shocked that there is significant interest in cyber defense from a military perspective. More surprising is that there is still some reluctance to accept this concept from the public, despite recent examples of cyber attacks, such as Stuxnet, that have propagated through the mainstream media. I believe that reluctance likely stems from a common public misperception that ‘information’ is the only collateral at risk in a cyber war; it’s not common knowledge outside of the industry that the systems we rely on – energy, water, transportation, emergency response, and other public services – can be disrupted or even destroyed from a computer terminal. When you think of it in those terms, the Pentagon’s strategy is absolutely sound.”
“Strong partnerships with other U.S. government departments and agencies, the private sector and foreign nations are crucial,” said Deputy Secretary of Defense William J. Lynn III. “Our success in cyberspace depends on a robust public/private partnership. The defense of the military will matter little unless our civilian critical infrastructure is also able to withstand attacks.
The Department of Defense and other governmental agencies have taken steps to anticipate, mitigate and protect against the continuous rise in cyber threats. Last year, the DoD establishedU.S. Cyber Command, an agency responsible for directing activities to operate and defend DoD networks.
In his remarks, Lynn acknowledge that In March, a cyber attack on a defense company’s network captured 24,000 files containing Defense Department information.”It is a significant concern that over the past decade, terabytes of data have been extracted by foreign intruders from corporate networks of defense companies. In a single intrusion this March, 24,000 files were taken,” Lynn said, without sharing any further detail as to the types of files that were taken.
“The DoD’s announcement that 24,000 files swiped in March from contractor systems isn’t surprising to those of us that understand the large-scale cyber looting that has been going on for some time now,” said Anup Ghosh, CEO of browser security startup Invincea. “It’s clear that the defenses employed against enterprise networks, most of which were developed in the 20th century, are no longer up to snuff for the current threat. The large-scale theft of our nation’s intellectual property has been going on for well over a decade while the Department has classified much of the incursions. Now with hacktivists like Anti-Sec, LulzSec, Anonymous publicly hacking private companies, public companies, government systems, and contractors that hold our nation’s intellectual property, this genie is out of the bottle,” Ghosh says.
“The U.S. government has drawn a line in the sand and is saying enough is enough. All U.S. organizations need to take notice because the Pentagon’s announcement doesn’t just reflect attacks on our government – it shows that cybercrime is serious and reaches deep into our economy and infrastructure,” said Jason Clark, CSO at web security firm Websense. “The cyber threat is real and if you have intellectual property that any economic competitor would value, you’re a target. It’s also absolutely critical that the public and private sector collaborate on security strategies and share cyber threat intelligence,” Clark added.
The DoD is establishing a pilot public-private sector partnership intended to demonstrate the feasibility and benefits of voluntarily opting into increased sharing of information about malicious or unauthorized cyber activity and protective cybersecurity emeasures, but Invincea’s Ghosh doesn’t think this is enough.
“The initiative to share data between the Government and private sector is important, but they would be far better off not classifying that data in the first place so the attack methods are known and the commercial sector can build defenses commensurate with the attacks,” Ghosh says. “Sharing information is an important first step, but it doesn’t go far enough. The US must deploy defenses that stop the threat from establishing breaches in our networks in the first place. It’s time to stop talking about the problem and start deploying technologies already available that defend against attacks targeted at users. Waiting another day simply means losing another terabyte of data to our adversaries and standing by while watching the largest theft of our nation as it leaves our networks.”
The Five initiatives outlined in the Department of Defense Strategy (PDF) for Operating in Cyberspace are:
1. Treat cyberspace as an operational domain to organize, train, and equip so that DoD can take full advantage of cyberspace’s potential
2. Employ new defense operating concepts to protect DoD networks and systems
3. Partner with other U.S. government departments and agencies and the private sector to enable a whole-of-government cybersecurity strategy
4. Build robust relationships with U.S. allies and international partners to strengthen collective cybersecurity
5. Leverage the nation’s ingenuity through an exceptional cyber workforce and rapid technological innovation
“The cyber threats we face are urgent, sometimes uncertain and potentially devastating as adversaries constantly search for vulnerabilities,” Lynn Said. “Our infrastructure, logistics network and business systems are heavily computerized. With 15,000 networks and more than seven million computing devices, DoD continues to be a target in cyberspace for malicious activity.”