Feeds

US military cyberwar force will work with NSA

Priority is net 'defense'. As in Department of Defense

SANS - Survey on application security programs

The long wrangle among the US military about who gets to be in charge of cyber warfare and who gets all the resulting pork appears to have been settled. Questions remain, however, regarding the level of America's readiness to take offensive military cyber action against enemies presumably overseas.

Reuters reports that the main decisions on the US military cyber command were announced yesterday at the Pentagon. Defense Secretary Robert Gates signed an order to create the new organisation, intended to be based at Fort Meade outside Washington and subordinated to the head of the US National Security Agency (NSA), widely believed to be the most powerful crypto, intercept and eavesdropping agency in the world.

The news wire quotes Department of Defense (DoD) spokesman Bryan Whitman, responding to questions about "offensive" as opposed to "defensive" cyber warfare by the US forces, as remaining noncommital.

"This command is going to focus on the protection and operation of DoD's networks," he said. "This command is going to do what is necessary to be able to do that."

The Pentagon has previously stated on many occasions that its networks and those of the US government in general are nowadays constantly subject to cyber attacks, most of which appear to emanate from abroad. China is the foreign country most often mentioned in this context, but Deputy SecDef William Lynn has recently stated that "more than 100" foreign intelligence organisations have tried to penetrate the US military's cyber grid on various occasions.

"There is simply no exaggerating our military dependence on our information networks: the command and control of our forces, the intelligence and logistics on which they depend, the weapons technologies we develop and field – they all depend on our computer systems and networks,” said Lynn earlier this month. “Indeed, our 21st century military simply cannot function without them.”

The American Forces Press Service, indeed, characterised Lynn's assessment as amounting to a "clear and present danger" from cyberwarfare. This is a powerful phrase in US law: where a clear and present danger is deemed to exist, the authorities may be able to suspend the First Amendment right of free speech (or in this case, perhaps free net traffic). On the other hand, the term does get tossed around quite casually these days, having been popularised by Tom Clancy.

As for the matter of the US taking the cyber offensive (as opposed to defensive) this would seem to be a foregone conclusion. The very meaning of the word "Defence" in modern English has now changed to mean "activities formerly carried out by ministries or offices of War - including attack and offence as required". It's a universally acknowledged military truism that defence of one's own territory is often best conducted on someone else's.

If that wasn't enough, it should also be noted that the US military is at present engaged in building a cyber firing range - in effect a Matrix-esque virtual world - in which to test the effects of cyber weapons.

The new command's subordination to the NSA makes sense - the NSA is already hugely expert in crypto and other useful subjects. Not everyone remembers that it is a military organisation, but unlike the CIA it is indeed "a Combat Support Agency of the Department of Defense".

The cyber command is due to kick off in October, and reportedly will be fully up and running a year later. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.