Joint Chiefs Chair: Fewer Admins NeededMilitary Network Consolidation Should Help Mitigate Insider Threat
A side benefit of the Department of Defense's continuing consolidation of some 15,000 U.S. military networks will be the need for fewer systems administrators; that should make IT less vulnerable to insider threats, the chairman of the Joint Chiefs of Staff says.
See Also: The Accidental Hacker
Army Gen. Martin Dempsey's remarks come as federal authorities hunt for Edward Snowden, the former systems administrator at the Defense Department's National Security Agency who leaked classified information about NSA intelligence collection programs [see IT Tools Available to Stop NSA-Type Leaks].
"I think systems administrators is the right place to begin to clean this up, though, because they have such ubiquitous access, and that's how he ended up doing what he did," Dempsey said in a June 27 speech at the Brookings Institution, a Washington think tank. "We're got to take a much harder look at this as we become more reliant on cyber-activity."
Air Force Lt. Col. Damien Pickart, a Pentagon spokesman, says the military has thousands of systems administrators, but he couldn't provide a precise number.
Dempsey, in his presentation, compared the Snowden leak to the insider attacks on American troops by allied Afghani soldiers. "You can't prevent; you can mitigate the risk," he said.
"You can't stop someone from breaking the law 100 percent of the time. You can certainly increase the scrutiny in terms of their background investigation. You can reduce the number of them. You can put different degrees of oversight in place."
Building Its Own Secure, 4G Network
Dempsey said the DoD's previously announced network consolidation effort, known as the Joint Information Environment, would increase security and help ensure the integrity of battle systems in the face of disruption. The new environment, based on secure cloud, will include a 4G wireless network that will provide network access for certified smart phones and tablets. "In fact, I have a secure mobile phone with me here today," the general said, holding up a smart phone. "The phone would make both Batman and James Bond jealous."
Dempsey touched on a wide range of cybersecurity concerns during his hour-long presentation.
Rules of Cyber-Engagement: The chairman said the military has developed a draft of a playbook that describes how the United States should respond to a cyber-attack on the nation's critical infrastructure by taking specific steps. Those include:
- Gather information on the malicious code and the systems under attack. "Our first instinct will be to pull up the drawbridge and prevent the attack, that is to say, block or defend."
- Launch an active defense if the attack cannot be repulsed. Dempsey characterized that response as being a proportional effort to disable the attacking botnet.
- If that fails, consult with other "higher-level" authorities in the government to determine what to do next. Any massive retaliation would require decisions by civilian leaders, he said.
Cyber-Attack Response: Dempsey said a cyber-attack on the United States could, conceivably, be met with a conventional military response. "There is an assumption out there ... that a cyber-attack that had destructive effects would be met by a cyber-response that had destructive effects. That's not necessarily the case. I think that what [President Obama] would insist upon, actually, is that he had the options and the freedom of movement to decide what kind of response we would employ."
Negotiating with the Chinese: Dempsey dismissed the idea that Snowden's disclosures of the cyber-intelligence collection programs weaken America's moral standing in cybersecurity negotiations with the Chinese. He said all nations, including the United States and China, conduct espionage in a variety of domains, including cyber, but China has developed a particular niche of stealing intellectual property.
"Their view is there are no rules in cyber, there are no laws that they are breaking, there are no standards in behavior. So, we have asked them to meet with us ... in order to establish some rules of the road so that we don't have these friction points in our relationship."
Future of Cyber Command: The chairman envisions a day when the U.S. Cyber Command, a sub-unified command under the U.S. Strategic Command, becomes its own command. He said the current structure works, for now, but added that passage of cyberthreat information sharing legislation before Congress could change that. "If we get the kind of information sharing we need, that could be a catalyst for changing the organization, because the span and scope of responsibility will change."
Hack-Back Opposition: The general said he opposes private companies launching their own counter-attacks against cyber-assailants - so-called hack-back attacks [see Questioning the Legality of Hack-Back]. "We don't want private cyber-organizations conducting operations that could be perceived as hostile acts. And, if they're perceived as hostile acts, it could lead us into conflict."