Feeds

NSA head confirmed as chief of US cyber command

Cry havoc, and unleash the .mil dogs of war

SANS - Survey on application security programs

The US government, after some delay, has formally confirmed in post the head of its now-forming military Cyber Command. Keith B Alexander, head of the NSA, has been promoted to four-star general* and will now head the new cyber forces as well as his current agency.

The Cyber Command will be based alongside the NSA, perhaps the world's most powerful crypto and intercept agency, at Fort Meade in Maryland.

The new command, which will be subordinate to US Strategic Command (STRATCOM), was created last June and it was hoped that Alexander would be in post before now. However, in the USA top jobs of this sort must be confirmed by Congress and in this case the legislators took their time. Many expressed concerns over control of the possible offensive capabilities of the nascent US military cyber forces, or worried that they might present threats to Americans' privacy or civil liberties.

Alexander, during his confirmation hearings, stressed that in his view the cyber forces' mission was primarily that of protecting American networks rather than striking at those of others.

“This command is not about an effort to militarize cyberspace,” he said at a Washington hearing last month. “Rather, it’s about safeguarding our military assets.”

Specifically, according to the Department of Defense, Cyber Command will be responsible for securing and policing the .mil domain. The wider .gov domain is the responsibility of the Department of Homeland Security.

“We are pleased that the Senate has moved forward with his confirmation,” Pentagon spokesman Bryan Whitman said in a statement issued yesterday. “General Alexander brings to the job the leadership to stand up this command, and the skills and expertise that will be critical to the new command in dealing with security challenges in the cyber domain.”

The separate US services are setting up their own cyber forces too, and are expected to draw heavily on NSA/Cyber Command expertise and doctrine. The US Navy cyber force is the 10th Fleet; the US 24th Air Force is also in the process of forming up. The cyber airmen have lately announced the creation of a "cyber wings" chest badge to be worn by qualified digital warriors.

Despite Alexander's soothing talk of network defence, there is no doubt that the US cyber forces are also developing the capability to do unto others. One of the main sub-units of the 24th AF, for instance, is the 67th Network Warfare Wing - whose stated mission is to "execute computer network exploitation and attack" as required. It is also worth noting that Pentagon tech agency DARPA is currently developing a "Cyber Range" in which to test-fire the terrible digital weapons of tomorrow.

The NSA probably has some interesting capabilities already. Not everyone always remembers this, owing to its large number of civilian employees and its involvement in crypto standards used almost universally in commercial IT, but the NSA has always been an arm of the US military. Formally it is a "combat support agency" of the DoD. ®

Bootnote

*Full general, as opposed to a mere lieutenant-general (three stars), major-general (two stars - yes, a major-general is junior to a lieutenant-general, it's because once upon a time the rank was sergeant-major-general) or brigadier (one star).

The USA still has five-star generals too, equivalent to the now disused British rank of field-marshal.

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.