[Infowarrior] - DoD expanding domestic cyber role

Wed Oct 20 21:15:39 CDT 2010

DoD expanding domestic cyber role

By William Matthews - Staff report
Posted : Wednesday Oct 20, 2010 17:25:08 EDT

http://www.navytimes.com/news/2010/10/defense-dod-expands-domestic-cyber-role-102010/

The Defense Department is quietly taking on an expanding role in defending U.S. critical infrastructure from cyber attacks.

In a break with previous policy, the military now is prepared to provide cyber expertise to other government agencies and to certain private companies to counter attacks on their computer networks, the Pentagon’s cyber policy chief, Robert Butler, said Wednesday.

An agreement signed this month with the Department of Homeland Security and an earlier initiative to protect companies in the defense industrial base make it likely that the military will be a key part of any response to a cyber attack.

While the Department of Homeland Security officially remains the lead government agency on cyber defense, the new agreement “sets up an opportunity for DHS to take advantage of the expertise” in the Pentagon, and particularly the secretive electronic spying agency, the National Security Agency, said Butler, who is a deputy assistant defense secretary.

The two agencies — Defense and Homeland Security — “will help each other in more tangible ways then they have in the past,” Butler told a group of defense reporters.

Among other things, a senior DHS cyber official and other DHS employees will move to the NSA to be closer to the heart of the military’s cyber defense capability. Closer collaboration provides “an opportunity to look at new ways that we can do national cyber incident response, he said.

“DoD’s focus is really about getting into the mix. We want to plan together and work together with other departments” to ensure that they understand the military’s cyber capabilities and that the military understands what other agencies and private companies can do for cyber defense, Butler said.

Improving agency and industry “situational awareness” in cyberspace is a central objective, Butler said.

Developing and maintaining a clear picture of the threats in cyberspace remains difficult, apparently even for the NSA. In part, that’s because new uses for the Internet are invented every day, Butler said, and it’s not always clear whether new activity is harmful or benign. Even the Defense Department is still “in the mode of understanding.”

In the event of a cyber attack, it’s still extremely difficult to tell who is attacking. It’s not even clear what constitutes an attack.

“As we move forward, one of the key things we have is to agree on is the taxonomy,” he said. There is lots of discussion about “cyberwar,” “cyber attacks,” and “hostile intent,” but there is no agreement on exactly what those terms mean.

Developing standard definitions remains under discussion among U.S. government agencies and between international governments and organizations, he said.