Feeds

US Air Force: Looking for a few good cyber warriors

Military wants to fortify cyberspace against China

Reducing security risks from open source software

Uncle Sam wants you ... to become a cyberspace warrior.

In a document released this week, the US Air Force is laying out plans for a new cyber command, which is scheduled to become operational in October. It tries to make the case that the ability to wage war and parry attacks over electronic networks is crucial to maintaining national security.

"Controlling cyberspace is the prerequisite to effective operations across all strategic and operational domains - securing freedom from attack and freedom to attack," the document, titled Air Force Cyber Command Strategic Vision, states. "We will develop and implement plans for maturing and expanding cyberspace operations as an Air Force core competency."

Its definition of cyberspace is considerably broader than that of many in the security field, encompassing electronic communications that take place over the internet, but also those in the air and space. That includes conducting operations in the electromagnetic spectrum, presumably to fight against electromagnetic pulse attacks, which could disrupt the nation's electronic devices by setting off a high-altitude nuclear blast.

"Cyberspace attacks can be conducted on an adversary's terrestrial, airborne and space-based communication infrastructure as well as his forces, equipment and logistics," the document (PDF here) says. Other areas of expertise include sensor disruption, data manipulation, decision support degradation, command and control disruption and weapon system degradation.

The document is the latest push by US military leaders for more authority and funding for cyberspace. The campaign has been ramping up amid a growing number of intelligence disclosures that finger the People's Republic of China as a threat to the US communications infrastructure.

Earlier this week, the Pentagon released an assessment of China's military might that included cautionary statements about attacks to numerous computer networks, including some belonging to the US government. While it remained unclear if the intrusions were conducted by the People's Liberation Army, "developing capabilities for cyberwarfare is consistent with authoritative PLA writings on this subject," the report warned.

Additionally, Defense Department officials speaking on Capitol Hill last week said enemies are keenly aware of the government's dependence on the internet and continue to look for ways to exploit it.

And according to Federal Computer Week, President Bush issued a classified directive in January designed to fortify government networks, including possible offensive tactical maneuvers.

While some may see the military push as little more than a power grab, Alan Paller, director of research at the SANS Institute, is not among them. He says the US military leadership was slow to act on intelligence reports in 1990s that the Russian KGB had founded a school for cyber hacking. He says it's important leaders don't make similar mistakes in response to intelligence reports concerning China.

"The reason that we're willing to spend so much money right now is that the Chinese in particular had visible and massive success in not only penetrating our systems and stealing highly sensitive military information but also taking over our systems so they can control them in the future," he says. "It's essential that we do this." ®

Maximizing your infrastructure through virtualization

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.