Pentagon pondering cyber attacks
21 October 2011, 12:08
US - The defence department is finalising policies that will determine what the military can do in the event of a cyber attack as the government figures out who should have the power to shut down computer networks seized by an enemy nation, terrorist group or criminal hacker.
General Keith Alexander, who heads US cyber command, said on Thursday that attacks against critical systems are increasingly carrying destructive viruses or malware that can hinder or destroy routers or networks.
Alexander, who also is director of the national security agency, said the Pentagon and intelligence agencies must do more to protect their computer systems and co-ordinate with private companies to safeguard public networks.
Government cyber security officials say cyber attackers are using the internet to steal money, ferret out classified secrets and technology, and disturb or destroy important infrastructure, from the electrical grid and telecommunications networks to nuclear power plants and transportation systems.
The defence department has set up a trial programme to share cyber threat data with some large military contractors in order to prevent intrusions. The department of homeland security is looking at that model.
Alexander said that effort may need government action, but that homeland security must lead it, with reviews to ensure the protections of civil liberties and privacy.
He said it's no longer good enough to try to monitor all networks at the Pentagon or across the government and then block the intrusions as they are detected. Cyber security experts note that it can sometimes take months to detect that someone got in.
Instead, Alexander said the defence department is planning a drastic reduction in the number of routes into the network, so that they can be better monitored and intrusions can be blocked in real time.
He also said defence and intelligence agencies will move to cloud computing, which would use highly secure, encrypted banks of remote computers to store data - much like people store photos or email in popular online programmes.
Doing that, said Alexander, will allow officials to better see and block any threats trying to get into government systems.
He also noted that commanders used cloud computing in Iraq, which allowed the military and intelligence officials to more quickly share and disseminate information to troops on the front lines who needed it.