Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/15/2011
12:10 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Attacks Focus DOD On Cybersecurity Partnerships

Defense Department's cyber strategy stresses government-industry collaborations, recognizing that the military operates in an interconnected world where cyber attacks continue to rise in frequency and severity.

>Slideshow: Next Generation Defense Technologies
Slideshow: Next Generation Defense Technologies
(click for larger image and for full slideshow)
Partnerships with industry, allies, and other government agencies play a large role in the new cyber strategy that the U.S. military announced Thursday, and with good reason: attacks are on the rise in severity and number on numerous fronts, and the Department of Defense (DOD) is increasingly connected to the outside world.

"Because cyberspace is composed of many interwoven networks that perform many different functions, ensuring its peaceful use will require efforts on many fronts," deputy secretary of defense Bill Lynn said at Thursday's announcement of the strategy. "The men and women of the military, other government agencies, our allies, the private sector, and indeed, the citizens of cyberspace must all play a role."

On Thursday, Lynn detailed two previously unpublicized attacks. In one attack on a defense contractor in March, which the DOD has pegged a foreign intelligence service as the likely perpetrator, 24,000 files on a sensitive weapons system were stolen from a defense contractor's network. As a result of that attack, Lynn said, the DOD is investigating whether the system needs to be redesigned because its specs have been compromised. In another recent attack, the Web servers of the National Defense University were hijacked by "an unknown intruder."

While serious, these are only two items on a long list of recent attacks on the military, military partners, and critical infrastructure that supports military operations. Data stolen from security company RSA earlier this year was used to penetrate Lockheed Martin's networks, for example. The Pentagon's official credit union database was possibly exposed after being accessed by a PC weighed down by malware. Cyber intruders have also successfully attacked energy firms and large financial institutions in recent months, Lynn noted.

In response, the military has been working more closely with the private sector. Lynn highlighted the Defense Industrial Base Cyber Pilot, in which the DOD is working with a handful of defense contractors and Internet service providers to identify and stop attacks on their networks. The effort builds on a program started in 2007.

While the new pilot has only been up and running for a few months, Lynn said that it has already begun preventing intrusions for some of those companies involved. The DOD plans to end the pilot later this summer and then determine whether and how to expand the program to other defense contractors and possibly other critical infrastructure sectors.

Beyond defense contractors, numerous other non-military networks support important military functions, such as those that run and manage the power grid, transportation systems, and the financial sector. Ninety-nine percent of U.S. military electricity comes from civilian sources, for example, and 90% of U.S. military voice and Internet traffic travel over private networks. "To protect our military capability, we must work with the Department of Homeland Security and the private sector to protect the nation's critical infrastructure," Lynn said, adding that attacks on multiple critical infrastructure sectors could have a "devastating" impact on the U.S. military.

The military cyber strategy indicates that the DOD's efforts in collaboration with the private sector will continue to expand, reaching out eventually even to small and midsized businesses. "Success will require additional pilot programs, business models, and policy frameworks to foster public-private synergy," the strategy document says.

International partners also play a role, as the United States has been increasing cooperation with key allies including Australia, Canada, the United Kingdom, Japan, and allies in NATO. "Collective cyber defenses will help expand our awareness of malicious activity and speed our ability to defend against ongoing attacks," Lynn said. He added that, going forward, the United States would pursue "international norms" in cyberspace through vehicles like treaties.

What industry can teach government about IT innovation and efficiency. Also in the new, all-digital issue of InformationWeek Government: Federal agencies have to shift from annual IT security assessments to continuous monitoring of their risks. Download it now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
AI Is Everywhere, but Don't Ignore the Basics
Howie Xu, Vice President of AI and Machine Learning at Zscaler,  9/10/2019
Fed Kaspersky Ban Made Permanent by New Rules
Dark Reading Staff 9/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-4147
PUBLISHED: 2019-09-16
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 158413.
CVE-2019-5481
PUBLISHED: 2019-09-16
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
CVE-2019-5482
PUBLISHED: 2019-09-16
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
CVE-2019-15741
PUBLISHED: 2019-09-16
An issue was discovered in GitLab Omnibus 7.4 through 12.2.1. An unsafe interaction with logrotate could result in a privilege escalation
CVE-2019-16370
PUBLISHED: 2019-09-16
The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900.