Discover Yahoo! With Your Friends

Explore news, videos, and much more based on what your friends are reading and watching. Publish your own activity and retain full control.

To get started, first

YOUR FRIENDS' ACTIVITY

    Pentagon unveils its new cyberstrategy. Well, some of it, anyway.

    The Pentagon – belatedly, perhaps – outlines its 'Strategy for Operating in Cyberspace.' A slim unclassified document emphasizes a defensive posture, leaving many questions unanswered.

    By By Mark Clayton | Christian Science Monitor – Thu, Jul 14, 2011

    Land. Air. Sea. Space. And now, officially, Cyber, too.

    The Pentagon on Thursday unveiled its first ever “Strategy for Operating in Cyberspace,” officially – some say belatedly – staking out its turf in the digital realm of networks and computers, an arena that analysts say has been militarized for years.

    The document outlining the strategy emphasized its defensive – albeit proactive – posture, indicating only by omission the presumed offensive capabilities of a nation seen by many cyberwar experts as the world’s preeminent cyber superpower.

    RELATED: Data theft - Top 5 most expensive data breaches

    Some analysts were quick to criticize the unclassified document as shedding little light on the full and true nature of the Pentagon’s new cyberstrategy.

    Recent leaks of some elements of the policy document led to its early characterization as focusing on circumstances under which the United States would retaliate with bombs, if it came under serious cyber attack.

    But this slender 13-page document stresses measures to enhance US cyberdefenses, with nary a mention of offensive cyber weapon deployment, development, or cyberwar strategy other than the broad mandate to make “cyber” a full-fledged “operational domain.”

    “Far from ‘militarizing’ cyberspace, our strategy of securing networks to deny the benefit of an attack will help dissuade military actors from using cyberspace for hostile purposes,” Deputy Defense Secretary William Lynn said Thursday at the National Defense University in a speech characterizing the new strategy. “Indeed, establishing robust cyberdefenses no more militarizes cyberspace than having a navy militarizes the ocean.”

    “Peace through preventive defense is at the heart of our DoD cyberstrategy and the administration’s overall approach to cyberspace,” he said, referring apparently to sensors and other network systems by which the Pentagon hopes to thwart infiltrating hackers – or at least give them less than they had hoped to gain.

    Amid headlines touting the latest “cyberbattle” and breathless coverage of hackers defacing websites or criminals scooping up credit card and personal information, Mr. Lynn asserted that little of what is characterized in the media as cyberwar or cyberbattles comes close to meriting military attention, much less military action.

    “While identifying criminal activity in cyberspace is of concern, this is not the Defense Department’s primary concern,” he said. “Rather, our concern is specific to activities that threaten our mission to protect the security of the nation.”

    Lynn’s speech – and the new document – outline “five pillars” that characterize the Defense Department's cyberstrategy, including:

    • Operational Domain: The Defense Department will treat cyberspace as an “operational domain,” just as it does land, air, sea, and space. What that means is that the military will operate within and defend its networks as well as organize, train and equip US forces for cyber missions.

    • Active Defenses. The US is deploying for the first time new “active defenses” that employ “sensors, software, and signatures” aimed at detecting and stopping malicious code before it affects military networks and operations – thereby denying the benefit of an attack.

    • Critical Infrastructure Defense. Here, the Pentagon describes its role helping defend critical infrastructure and nonmilitary networks that undergird key military functions, including the power grid, financial sector, and transportation system.

    IN-DEPTH: The new cyber arms race

    Because the US military is restricted from certain domestic operations, it is working in partnership with the Department of Homeland Security and private sector partners to lend its expertise to protect US critical infrastructure – providing to both the signatures and systems that help identify malicious software. Punctuating that point, Mr. Lynn noted in his speech a serious, previously unknown intrusion in March into a defense contractor’s network that netted 24,000 files.

    • International Defense Building. This fourth pillar lays out expectations that the US will build “collective cyberdefenses” with international partners and allies, including NATO, expanding awareness of malicious software attacks.

    • Training and Technology. The fifth pillar aims to ramp up training of defense personnel. The idea is to weaken the advantage cyberattackers enjoy due to anonymity on the Internet and generally porous defenses in society.

    With DoD operating more than 15,000 networks and seven million computing devises in installations around the world, the target is huge. So the Pentagon is seeking some technological fixes to shift the field away from attackers, the strategy document indicates.

    Though not in the document, the Defense Advanced Research Projects Agency (DARPA) recently announced work on new computer systems that adapt on the fly to attacks to increase resilience. Add to that new encryption technology that prevents data from becoming visible or vulnerable to an attacker.

    Alan Paller, research director for the Sans Institute, a Washington-based cybersecurity education organization, says he especially likes pillars two and five – protecting critical infrastructure and ramping up procurement.

    “This is the first time the nation has fully and publicly committed to continuous monitoring and active defense that will allow the federal government to raise the bar in securing existing systems,” he says in an email interview.

    But for others the document was missing too many major elements, offensive cyberweapons strategy, for one.

    Shrouded in secrecy, the development of weaponized cyber is being conducted in the US – as in many other nations – outside public view and with little debate about their impact on international treaties and on conventional theories of war – such as deterrence – that have governed nations for decades, cyber warfare experts say.

    RECOMMENDED: Five signs the Epsilon security breach was only the tip of the iceberg

    Weapons like Stuxnet, the world's first-publicly confirmed piece of weaponized software that some have called a “digital guided missile” was discovered last year to have hammered Iran’s nuclear facilities. Nobody knows who developed Stuxnet, even though the US and Israel are high on the list of suspects, many say.

    The new document doesn’t reference US offensive cyber weapons capability or development, or when such weapons might be used against an adversary. Yet, doctrine and policy regarding such use is a major issue within the cyberpolicy community, some arguing the president should be involved in many, if not most, decisions to deploy such weapons. Still, it’s possible such questions are more directly addressed in a classified version of the cyber document that observers presume exists.

    “I didn't see a single new thing here,” says a member of the 2009 National Research Council study of the legality and ethics of using offensive cyberweapons, who asked not to be named. “This so-called strategy is so broadly written that not only is there nothing new in it, parts of this could have been written in the mid-90s – stuff about active defenses, better training, better procurement – it's the same old stuff. It's hard to see how this constitutes a strategy.”

    Others agreed there were obvious omissions with no reference to “information operations” – the deployment of digital disinformation – or a new generation of cyberweapons that could take out computer-controlled power grids, refineries, chemical factories and other computer controlled infrastructure, says Dan Kuehl, a professor of information operations at National Defense University, who attended Lynn's speech.

    “The reality is this is really a document focused on cybersecurity efforts, which are not unimportant, but it's only one or two slices of the pizza,” Dr. Kuehl says. “Where's the DoD's strategy for the use of cyberspace to influence operations?” he asks, referring to the use of disinformation.

    Still, he thought Lynn's speech and the document are unambiguous about the major issue: the military's key role in cyberspace.

    “There's been some unhappiness emerging about the idea of militarizing cyberspace,” he says. “But I thought Lynn's speech and the strategy document are right on the mark in trying to just normalize it – driving a gentle stake through the heart of all this concern.

    “I mean, give me a break, it has been militarized for two decades just like space. We're just catching up with it.”

    RELATED: Data theft - Top 5 most expensive data breaches

    youtube

     

    There are no comments yet

    [ [ [['Connery is an experienced stuntman', 2]], 'http://yhoo.it/KeQd0p', '[Slideshow: See photos taken on the way down]', ' ', '630', ' ', ' ', ], [ [['Connery is an experienced stuntman', 7]], ' http://yhoo.it/KpUoHO', '[Slideshow: Death-defying daredevils]', ' ', '630', ' ', ' ', ], [ [['know that we have confidence in', 3]], 'http://yhoo.it/LqYjAX ', '[Related: The Secret Service guide to Cartagena]', ' ', '630', ' ', ' ', ], [ [['We picked up this other dog and', 5]], 'http://yhoo.it/JUSxvi', '[Related: 8 common dog fears, how to calm them]', ' ', '630', ' ', ' ', ], [ [['accused of running a fake hepatitis B', 5]], 'http://bit.ly/JnoJYN', '[Related: Did WH share raid details with filmmakers?]', ' ', '630', ' ', ' ', ], [ [['accused of running a fake hepatitis B', 3]], 'http://bit.ly/KoKiqJ', '[Factbox: AQAP, al-Qaeda in Yemen]', ' ', '630', ' ', ' ', ], [ [['have my contacts on or glasses', 3]], 'http://abcn.ws/KTE5AZ', '[Related: Should the murder charge be dropped?]', ' ', '630', ' ', ' ', ], [ [['have made this nation great as Sarah Palin', 5]], 'http://yhoo.it/JD7nlD', '[Related: Bristol Palin reality show debuts June 19]', ' ', '630', ' ', ' ', ], [ [['have made this nation great as Sarah Palin', 1]], 'http://bit.ly/JRPFRO', '[Related: McCain adviser who vetted Palin weighs in on VP race]', ' ', '630', ' ', ' ', ], [ [['A JetBlue flight from New York to Las Vegas', 3]], 'http://yhoo.it/GV9zpj', '[Related: View photos of the JetBlue plane in Amarillo]', ' ', '630', ' ', ' ', ], [ [['the 28-year-old neighborhood watchman who shot and killed', 15]], 'http://news.yahoo.com/photos/white-house-stays-out-of-teen-s-killing-slideshow/', 'Click image to see more photos', 'http://l.yimg.com/cv/ip/ap/default/120411/martinzimmermen.jpg', '630', ' ', 'AP', ], [ [['Titanic', 7]], 'http://news.yahoo.com/titanic-anniversary/', ' ', 'http://l.yimg.com/a/p/us/news/editorial/b/4e/b4e5ad9f00b5dfeeec2226d53e173569.jpeg', '550', ' ', ' ', ], [ [['He was in shock and still strapped to his seat', 6]], 'http://news.yahoo.com/photos/navy-jet-crashes-in-virginia-slideshow/', 'Click image to see more photos', 'http://l.yimg.com/cv/ip/ap/default/120406/jet_ap.jpg', '630', ' ', 'AP', ], [ [['xxxxxxxxxxxx', 11]], 'http://news.yahoo.com/photos/russian-grannies-win-bid-to-sing-at-eurovision-1331223625-slideshow/', 'Click image to see more photos', 'http://l.yimg.com/a/p/us/news/editorial/1/56/156d92f2760dcd3e75bcd649a8b85fcf.jpeg', '500', ' ', 'AP', ] ]
    [ [ [['did not go as far his colleague', 8]], '29438204', '0' ], [ [[' the 28-year-old neighborhood watchman who shot and killed', 4]], '28924649', '0' ], [ [['because I know God protects me', 14], ['Brian Snow was at a nearby credit union', 5]], '28811216', '0' ], [ [['The state news agency RIA-Novosti quoted Rosaviatsiya', 6]], '28805461', '0' ], [ [['measure all but certain to fail in the face of bipartisan', 4]], '28771014', '0' ], [ [['matter what you do in this case', 5]], '28759848', '0' ], [ [['presume laws are constitutional', 7]], '28747556', '0' ], [ [['has destroyed 15 to 25 houses', 7]], '28744868', '0' ], [ [['short answer is yes', 7]], '28746030', '0' ], [ [['opportunity to tell the real story', 7]], '28731764', '0' ], [ [['entirely respectable way to put off the searing constitutional controversy', 7]], '28723797', '0' ], [ [['point of my campaign is that big ideas matter', 9]], '28712293', '0' ], [ [['As the standoff dragged into a second day', 7]], '28687424', '0' ], [ [['French police stepped up the search', 17]], '28667224', '0' ], [ [['Seeking to elevate his candidacy back to a general', 8]], '28660934', '0' ], [ [['The tragic story of Trayvon Martin', 4]], '28647343', '0' ], [ [['Karzai will get a chance soon to express', 8]], '28630306', '0' ], [ [['powerful storms stretching', 8]], '28493546', '0' ], [ [['basic norm that death is private', 6]], '28413590', '0' ], [ [['songwriter also saw a surge in sales for her debut album', 6]], '28413590', '1', 'Watch music videos from Whitney Houston ', 'on Yahoo! Music', 'http://music.yahoo.com' ], [ [['keyword', 99999999999999999999999]], 'videoID', '1', 'overwrite-pre-description', 'overwrite-link-string', 'overwrite-link-url' ] ]

    News For You

    Loading...