A central point for collection of information that relates to computer security. Including, but not limited to, security advisories from the major vendors, major data breaches, "phishing" alerts, commentary regarding staffing levels. etc. etc.
DOD Cybersecurity Command
October 3, 2009 at 9:14 am #82256
U.S Cyber Command Goes Online
Posted by The Editors
Today, several Cyber Security experts including NSN Advisory Board member Richard Clarke, released the following memo on the launch of U.S Cyber Command, or USCYBERCOM:
Beginning today, the U.S Cyber Command, or USCYBERCOM, is supposed to go online. But the Pentagon has not yet revealed what the scope of Cyber Command’s mission will be. Even in the most basic terms, we do not know whom the Cyber Command will defend nor what sorts of cyber threats they will defend against. For instance, in the event of a cyber attack on U.S. infrastructure, such as the electrical grid, would Cyber Command help to repel the attack? Or will the Cyber Command only be concerned with defending military networks from cyber attacks?
We do not know the answers to these critical questions and others because even basic information on the Cyber Command has not been released to the public. These are the publicly known facts about the Cyber Command:
* Cyber Command will exist as a subordinate, unified command under the Strategic Command.
* The head of Cyber Command will be the Director of the NSA (currently Lt. Gen. Keith Alexander), who will receive a promotion from 3-stars to 4-stars.
Anything else about the Cyber Command, its mission, and how it will execute its mission is conjecture at this point for anyone not privy to the discussion going on behind closed doors.
Despite the veil of secrecy, the creation of Cyber Command does seem to signify the relevance of cyberspace as a new domain for fighting wars, making it at least equal in importance to land, sea, air and space. The Pentagon has considered cyberspace as a domain, however, since at least December 2006, when the Chairman of the Joint Chiefs of Staff issued a then-classified National Military Strategy for Cyberspace Operations (NMS-CO).
Yet the NMS-CO is not quite a strategy for the use of cyberspace operations, but more of an appreciation for the importance of them. It defines cyberspace as “a domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data via networked systems and physical infrastructures.” Cyberspace is thus imagined as a broad field of potential military action that stretches from personal desktop computers to corporate data systems to fighter pilots’ dashboards. Despite the obvious challenges of dominating every nook and node of cyberspace, the “strategy” speaks reverently of the importance of cyberspace to military operations, stating “the United States must have cyberspace superiority to ensure our freedom of action and deny the same to our adversaries.” It correctly points out that the U.S. risks parity with its adversaries in cyberspace if a “significant effort” is not made.
As words should be matched with deeds, grand ambitions of “cyberspace superiority” should be matched with a careful articulation of the means to achieve them. But the document, like the creation of Cyber Command, only begs the question: is it smart policy for the U.S. to signal to the rest of the world an intent to build offensive cyber capabilities without establishing a coherent defensive plan detailing which “significant efforts” are required to secure our cyber-based infrastructures and assets at home? Because so many facets of our society, economy and military depend upon Internet technologies, the U.S. is one of the most vulnerable nations to cyber attack, and therefore an attitude that considers “good offense as the best defense” might not necessarily be the best defense strategy in the case of cyber warfare.
This is just one of the many outstanding issues that arise from the creation of the Cyber Command. The following questions also need public discussion:
* Do the advantages of having a cyber offensive capability outweigh the disadvantages of potentially initiating a cyber arms race?
* Should the U.S., because of its vulnerabilities to cyber attack, initiate international negotiations on limiting the use of cyber weapons?
* Should the U.S. adopt a “No First Use” policy on the use of cyber weapons?
* How can the U.S. develop a credible cyber deterrence strategy?
* Will deterrence work if our cyber capabilities are kept secret and/or have not been demonstrated?
* Under what circumstances and how would the Cyber Command work with the private sector in the event of a cyber attack on civilian critical infrastructure systems?
* With the Director of the NSA dual-hatted as the head of Cyber Command, how will he balance his roles as chief of a major intelligence agency and the nation’s highest-ranking cyber warrior?
It was a few months ago, at the end of June, that Secretary of Defense Robert Gates ordered the creation of Cyber Command to oversee military operations in cyberspace. In a memorandum to Pentagon officials, Gates said that the nation’s increasing dependence on cyberspace, coupled with an increase in cyber threats and vulnerabilities, required a new command with the technical capabilities and a clear mission to secure the U.S. military’s freedom of action in cyberspace. He also ordered that the Cyber Command should achieve initial operating capability by October. It is now the first of October and, though the Cyber Command will soon come online, details are still scarce, particularly in regards to what its mission will be. We are therefore justified in wondering whether this latest initiative from the Pentagon will indeed make us safer or only arouse suspicions and fear that might provoke other nations to develop cyber warfare capabilities.
You must be logged in to reply to this topic.