The U.S. Department of Defense (DoD) on Thursday unveiled its first-ever cyber strategy after hackers, in a single intrusion, stole 24,000 files containing sensitive data.
Pentagon's cyberspace strategy, which is detailed in a 19-page document, is centered on the following five points:
--- Treat cyberspace as an operational domain to organize, train, and equip so that DoD can take full advantage of cyberspace's potential
--- Employ new defense operating concepts to protect DoD networks and systems
--- Partner with other U.S. government departments and agencies and the private sector to enable a whole-of-government cybersecurity strategy
--- Build robust relationships with U.S. allies and international partners to strengthen collective cybersecurity
--- Leverage the nation's ingenuity through an exceptional cyber workforce and rapid technological innovation
It is critical to strengthen our cyber capabilities to address the cyber threats we're facing, said Secretary of Defense Leon Panetta. I view this as an area in which we're going to confront increasing threats in the future and think we have to be better prepared to deal with the growing cyber challenges that will face the nation.
Deputy Defense Secretary William J. Lynn III said he has a pretty good idea who was behind the attacks, but did not disclose the identity of the government.
It is a significant concern that over the past decade, terabytes of data have been extracted by foreign intruders from corporate networks of defense companies, Lynn said. In a single intrusion this March, 24,000 files were taken.
The stolen data ranges from specifications for small parts of tanks, airplanes and submarines to aircraft avionics, surveillance technologies, satellite communications systems and network security protocols.
In June, U.S. military contractor Lockheed Martin was compromised as hackers used Lockheed's own secure id technology to access its networks.
The cyber threats we face are urgent, sometimes uncertain and potentially devastating as adversaries constantly search for vulnerabilities, said Lynn in a statement.
Lynn said as part of its active defenses, the Pentagon would introduce new operating concepts and capabilities on its networks, such as sensors, software and signatures to detect and stop malicious code before it affects U.S. operations.
Our strategy's overriding emphasis is on denying the benefit of an attack, he said in a speech at the National Defense University. If an attack will not have its intended effect, those who wish us harm will have less reason to target us through cyberspace in the first place.
Foreign cyberspace operations against U.S. public and private sector systems are increasing in number and sophistication.
DoD networks are probed millions of times every day, and successful penetrations have led to the loss of thousands of files from U.S. networks and those of U.S. allies and industry partners. Moreover, this threat continues to evolve as evidence grows of adversaries focusing on the development of increasingly sophisticated and potentially dangerous capabilities.
Current countermeasures have not stopped this outflow of sensitive information, Lynn said. We need to do more to guard our digital storehouses of design innovation.
As a result, Secretary of Defense has assigned cyberspace mission responsibilities to United States Strategic Command (USSTRATCOM), the other Combatant Commands, and the Military Departments.
DoD is particularly concerned with the following three areas of potential adversarial activity:
-- theft or exploitation of data;
-- disruption or denial of access or service that affects the availability of networks, information, or network-enabled resources; and
-- destructive action including corruption, manipulation, or direct activity that threatens to destroy or degrade networks or connected systems.
While the threat to intellectual property is often less visible than the threat to critical infrastructure, it may be the most pervasive cyber threat today. Every year, an amount of intellectual property larger than that contained in the Library of Congress is stolen from networks maintained by U.S. businesses, universities, and government departments and agencies, DoD's document detailing cyber strategy showed.
DoD operates over 15,000 networks and seven million computing devices across hundreds of installations in dozens of countries around the globe.
DoD uses cyberspace to enable its military, intelligence, and business operations, including the movement of personnel and material and the command and control of the full spectrum of military operations.
In a new pilot program, the Pentagon is sharing classified threat intelligence with a handful of companies to help them identify and block malicious activity.
Lynn also said White House could be expected to consider using military force in response to a cyber attack if there is massive damage, massive human losses, significant economic damage.
In May, the White House unveiled a cyber-security proposal that it hopes Congress will use as a framework for legislation. The plan, among other things, includes national data breach reporting, increased penalties for computer crimes and rules that would allow the private sector to commiserate with the Department of Homeland Security (DHS) on cyber-security issues.
Last year, DoD established U.S. Cyber Command to direct the day-to-day activities that operate and defend DoD information networks. DoD also deepened and strengthened coordination with the DHS to secure critical networks.