[ISN] DOD's 'Manhattan Project'
InfoSec News
isn at c4i.org
Fri Aug 26 04:20:28 EDT 2005
Forwarded from: William Knowles <wk at c4i.org>
http://www.fcw.com/article90416-08-25-05
By Frank Tiboni
Aug. 25, 2005
Taking a page from the past and one from the future, the Defense
Department is devising ways to fight a new kind of threat that
requires the strategic tricks of ancient warriors and the untested
tools of network-centric warfare.
Unless DOD changes how it operates and learns to defend its cyber
networks, many military experts say it will not be able to wage an
effective battle in the cyberwar that is emerging as the 21st
century's biggest challenge.
The Pentagon is at a crossroads, said Air Force Lt. Gen. Charles
Croom, the new director of the Defense Information Systems Agency and
commander of the Joint Task Force for Global Network Operations
(JTF-GNO). "Networks are too important to the warfighter to not have
them when the warfight begins," he said.
Croom said DOD approaches computer network defense by emphasizing
convenience to users, but the department's future information
assurance strategy should tilt toward adding security.
"The threat is great," Croom said. "It requires constant vigilance."
Other countries - for example, China - crime gangs and thrill-seeking
hackers could steal information about U.S. military war plans and
weapon systems to gain intelligence and embarrass the Pentagon. The
threat has caused DOD to re-evaluate information assurance policies
and acknowledge that such reviews will continue.
In the past year, DOD implemented new policies to strengthen computer
network defense. In 2004, DOD created JTF-GNO to operate and defend
networks that operate under Strategic Command (Stratcom).
The department also approved a new command structure that identifies
four military officials who will report to Croom. The National
Security Agency published a new technical architecture guiding DOD's
acquisition and use of information assurance technology. DOD also
issued directives on managing ports, protocols and services, and
requiring periodic computer security training for all department
employees.
DOD turned to procurement to support these policies and develop new
kinds of defenses for cyberattacks. First, the department chose Retina
from eEye Digital Security to scan computers for vulnerabilities.
Then, DOD selected Hercules from Citadel to patch computers. Next, the
department built a new multimillion-dollar command center to monitor
global network operations and picked PestPatrol, antispyware from
Computer Associates International. DOD will soon begin testing Pest
Patrol before introducing it later in the year.
DOD identified nine new procurements to fill information assurance
gaps and improve security analyses and responses departmentwide, said
a DISA official who requested anonymity.
The procurements include:
* Tier 3 Security Information Manager, a comprehensive system that
tracks and analyzes data produced by scanning and sensing products.
* Insider Threat, technology that prevents spies and double agents
from installing malicious hardware and software.
* Secret IP Network Security Enhancements, a system that strengthens
protection of the U.S. military's classified network.
* Honeynets, fake networks that draw adversaries away from the U.S.
military's real networks, keep them occupied and collect intelligence
on their attack methods.
The DISA official said the Computer Network Defense Enterprise
Solutions Steering Group oversees those new procurements. It is led by
Stratcom and the Office of the Assistant Secretary of Defense for
Networks and Information Integration and Chief Information Officer.
That office develops DOD information technology policy and administers
the department's $2 billion annual budget for information assurance
products and services.
Bob Lentz, director of information assurance in the DOD CIO's office,
said he agrees with Croom that the department is at a crossroads as it
tries to operate and defend a complex of networks known as the Global
Information Grid (GIG).
"This is the equivalent of the Manhattan Project," Lentz said. "I will
say we are at that level of seriousness of securing this massive
network."
Every four hours, he said, the equivalent of the entire Library of
Congress' archives travels on DOD networks. To wage network-centric
warfare, he said, the department's 4 million users must trust the
confidentiality of the information that crosses GIG and be assured of
its availability.
Adversaries, however, recognize the U.S. military's dependence on
networks and electronic information and the importance of sharing data
- all of which are main principles of the evolving net-centric warfare
strategy. Enemies view that dependency as an opportunity to challenge
the most powerful fighting force in the world on an even battlefield,
military experts say.
Industry officials worry that all the steps the military will take
might not be enough. They argue that net-centric warfare opens the
services to hidden dangers.
"We tend to assume we will have a technological edge over our
adversaries," said Loren Thompson, chief operating officer at the
Lexington Institute, a public-policy think tank. "That quite possibly
may not happen because digital networking technology is readily
available in global markets."
Alan Paller, director of research at the SANS Institute, a nonprofit
organization that monitors computer security, warned that U.S.
warfighters are becoming dependent on IT rather than using it as an
enhancer.
"The risk of losing the engagement because the systems were hacked
grows explosively," Paller said. President Bush has pledged to defend
Taiwan if China attacks. And DOD has said the new local warfighting
strategy of China's People's Liberation Army is to use computer
network operations to seize the initiative and gain electromagnetic
dominance early.
Jack Keane, the retired Army vice chief of staff who is now a military
consultant and advises URS Corp., a federal contractor, said the new
warfighting strategies of the United States and China play off each
other. He said they could collide if China attacks Taiwan to unify it
with the mainland.
Paul Wolfowitz, former deputy secretary of Defense, did not name China
as one of the adversaries exploiting vulnerabilities in DOD networks
in a memo to agency officials and military leaders last year. But
"failure to secure our networks will weaken our warfighting ability
and potentially put lives at risk," he said.
-=-
A network defense strategy: Honeynets
Army Col. Carl Hunt, director of technology and analysis at the Joint
Task Force for Global Network Operations, has recommended that the
Defense Department fundamentally change how it protects its networks
by building fake networks, or honeynets.
Honeynets would draw adversaries away from real U.S. military networks
and gather intelligence on enemies' attack methods.
"These systems will collect information on methodologies, techniques
and tools while providing a realistic playground for the intruder,"
Hunt said. By adopting a new set of maneuvers, DOD can lead persistent
adversaries "to the terrain of our choosing."
Honeynets, however, will not solve all of DOD's computer network
defense problems, Hunt said, adding that the department must also
better understand its networks and the technologies available to
protect them.
Hunt's comments appeared in "Net Force Maneuver: A NetOps Construct,"
a paper he co-wrote for the Institute of Electrical and Electronics
Engineers Computer Society's Systems, Man and Cybernetics workshop.
The workshop was held in June at the U.S. Military Academy at West
Point, N.Y.
- Frank Tiboni
-=-
From horseback, soldiers call for bombs
John Luddy, an adjunct fellow at the Lexington Institute, a
public-policy think tank, said no better illustration of
network-centric warfare's potential exists than the image of an Army
Special Forces soldier on horseback in Afghanistan sending location
data via satellite from his notebook computer to an Air Force B-52
bomber crew. In less than 20 minutes, the crew could drop
precision-guided bombs on Taliban troops.
Luddy describes network-centric warfare as "getting the right
information faster to the right forces so they can take the right
action faster against the right objective." Afghanistan and Iraq show
that the new warfighting strategy works, he said.
In "The Challenge and Promise of Network-Centric Warfare," a report
published by the institute in February, Luddy writes that "albeit it
against markedly inferior military forces, American forces were able
to integrate information and communications systems and procedures to
accomplish more with less, and faster, than would have been possible
even a decade ago."
- Frank Tiboni
*==============================================================*
"Communications without intelligence is noise; Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*
More information about the ISN
mailing list