By Geoff Fein
Determining how best to defend against the increasing number of probes and attacks the Department of Defense is seeing, particularly this year, was one of the big issues that led to establishing a United States Cyber Command (USCYBERCOM), according to a top military official.
“One of the underlying principles that the Secretary of Defense (Robert Gates) had for standing up this command was just the amount of attacks we are seeing coming into the Department of Defense (DoD) gateways everyday,” Army Lt. Gen. Keith Alexander told the Senate Armed Services Committee (SASC) yesterday.
The committee was taking testimony from Alexander for his nomination to head up the new cyber command. Alexander is currently director of the National Security Agency (NSA).
DoD gets hundreds of thousands of probes everyday, Alexander told Sen. Joseph Lieberman (D/I-Conn.). “The issue we saw [was] how do you fight against that? Putting the command together was the first big step we had to make to take that on.”
Lieberman is both a member of the SASC and chairman of the Homeland Security and Governmental Affairs committee. He asked Alexander not only about the scope of the threat to the DoD but also the origin of those threats.
“We have been alarmed by the increase [of intrusions, probes and attacks], especially this year, both in the critical infrastructure within the nation and within DoD. It’s growing rapidly,” Alexander added.
Alexander’s confirmation hearing had been delayed for several months due to SASC members’ concerns over privacy and the new command’s mission.
He told SASC the probes and intrusions come from people just trying to see if they can get past the DoD’s defenses to more serious efforts from individuals trying to access data and information.
“They may scan the network to see what kind of OS (operating system) you have, to then facilitate an exploit or attack,” he said.
Lieberman also wanted to know about the relationship between the NSA and the Department of Homeland Security (DHS), and how the USCYBERCOM will play a supporting role to DHS in protecting networks.
“[At] NSA, our responsibility is to provide technical support to DHS. We’ve done that under the Comprehensive National Cybersecurity Initiative…to build them the technology they need to defend those networks,” Alexander said. “We have the responsibility to provide the technical information for what the threat is trying to do them, provide early warning, and they would operate and defend that system. We’d provide the people and capability to do that.”
That partnership continues to grow, he added.
“On the cyber command side, if a crisis were to occur, cyber command or DoD may be called in to help. We’d be asked to do, depending on the situation…to provide technical support or help prevent an attack or in the case of a sustained attack, actually help defend our networks,” Alexander added. “As you get into each one of those, you get into a series of issues we have yet to work out on the roles and responsibilities, especially with private industry.”
DHS Secretary Janet Napolitano and the nation are going to have to look at how the government works with the private sector, which owns and operates much of the nation’s critical infrastructure, Alexander said.
The key issues that come on the table, Alexander told SASC members, is that most of the infrastructure for our government is owned and operated by private industry.
“If we are going to be successful in protecting our networks, we are going to have to have a great partnership between DHS, who has the lead in this area, DoD, and the intelligence community, to work with private [industry],” he said. “That is the hard issue facing us today.”