Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/15/2011
12:10 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Attacks Focus DOD On Cybersecurity Partnerships

Defense Department's cyber strategy stresses government-industry collaborations, recognizing that the military operates in an interconnected world where cyber attacks continue to rise in frequency and severity.

>Slideshow: Next Generation Defense Technologies
Slideshow: Next Generation Defense Technologies
(click for larger image and for full slideshow)
Partnerships with industry, allies, and other government agencies play a large role in the new cyber strategy that the U.S. military announced Thursday, and with good reason: attacks are on the rise in severity and number on numerous fronts, and the Department of Defense (DOD) is increasingly connected to the outside world.

"Because cyberspace is composed of many interwoven networks that perform many different functions, ensuring its peaceful use will require efforts on many fronts," deputy secretary of defense Bill Lynn said at Thursday's announcement of the strategy. "The men and women of the military, other government agencies, our allies, the private sector, and indeed, the citizens of cyberspace must all play a role."

On Thursday, Lynn detailed two previously unpublicized attacks. In one attack on a defense contractor in March, which the DOD has pegged a foreign intelligence service as the likely perpetrator, 24,000 files on a sensitive weapons system were stolen from a defense contractor's network. As a result of that attack, Lynn said, the DOD is investigating whether the system needs to be redesigned because its specs have been compromised. In another recent attack, the Web servers of the National Defense University were hijacked by "an unknown intruder."

While serious, these are only two items on a long list of recent attacks on the military, military partners, and critical infrastructure that supports military operations. Data stolen from security company RSA earlier this year was used to penetrate Lockheed Martin's networks, for example. The Pentagon's official credit union database was possibly exposed after being accessed by a PC weighed down by malware. Cyber intruders have also successfully attacked energy firms and large financial institutions in recent months, Lynn noted.

In response, the military has been working more closely with the private sector. Lynn highlighted the Defense Industrial Base Cyber Pilot, in which the DOD is working with a handful of defense contractors and Internet service providers to identify and stop attacks on their networks. The effort builds on a program started in 2007.

While the new pilot has only been up and running for a few months, Lynn said that it has already begun preventing intrusions for some of those companies involved. The DOD plans to end the pilot later this summer and then determine whether and how to expand the program to other defense contractors and possibly other critical infrastructure sectors.

Beyond defense contractors, numerous other non-military networks support important military functions, such as those that run and manage the power grid, transportation systems, and the financial sector. Ninety-nine percent of U.S. military electricity comes from civilian sources, for example, and 90% of U.S. military voice and Internet traffic travel over private networks. "To protect our military capability, we must work with the Department of Homeland Security and the private sector to protect the nation's critical infrastructure," Lynn said, adding that attacks on multiple critical infrastructure sectors could have a "devastating" impact on the U.S. military.

The military cyber strategy indicates that the DOD's efforts in collaboration with the private sector will continue to expand, reaching out eventually even to small and midsized businesses. "Success will require additional pilot programs, business models, and policy frameworks to foster public-private synergy," the strategy document says.

International partners also play a role, as the United States has been increasing cooperation with key allies including Australia, Canada, the United Kingdom, Japan, and allies in NATO. "Collective cyber defenses will help expand our awareness of malicious activity and speed our ability to defend against ongoing attacks," Lynn said. He added that, going forward, the United States would pursue "international norms" in cyberspace through vehicles like treaties.

What industry can teach government about IT innovation and efficiency. Also in the new, all-digital issue of InformationWeek Government: Federal agencies have to shift from annual IT security assessments to continuous monitoring of their risks. Download it now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Microsoft Patches Wormable RCE Vulns in Remote Desktop Services
Kelly Sheridan, Staff Editor, Dark Reading,  8/13/2019
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
Ray Overby, Co-Founder & President at Key Resources, Inc.,  8/15/2019
GitHub Named in Capital One Breach Lawsuit
Dark Reading Staff 8/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15132
PUBLISHED: 2019-08-17
Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system access" messages, or just blocki...
CVE-2019-15133
PUBLISHED: 2019-08-17
In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.
CVE-2019-15134
PUBLISHED: 2019-08-17
RIOT through 2019.07 contains a memory leak in the TCP implementation (gnrc_tcp), allowing an attacker to consume all memory available for network packets and thus effectively stopping all network threads from working. This is related to _receive in sys/net/gnrc/transport_layer/tcp/gnrc_tcp_eventloo...
CVE-2019-14937
PUBLISHED: 2019-08-17
REDCap before 9.3.0 allows time-based SQL injection in the edit calendar event via the cal_id parameter, such as cal_id=55 and sleep(3) to Calendar/calendar_popup_ajax.php. The attacker can obtain a user's login sessionid from the database, and then re-login into REDCap to compromise all data.
CVE-2019-13069
PUBLISHED: 2019-08-17
extenua SilverSHielD 6.x fails to secure its ProgramData folder, leading to a Local Privilege Escalation to SYSTEM. The attacker must replace SilverShield.config.sqlite with a version containing an additional user account, and then use SSH and port forwarding to reach a 127.0.0.1 service.