Feeds

Pentagon plans massive surge in Cyber Command staff

Boosting online warrior numbers from 900 to 4,900

SANS - Survey on application security programs

The US military is planning a massive increase in the capabilities of its Cyber Command online-warfare department as it seeks to exert dominance over the digital battlefield.

"Given the malicious actors that are out there and the development of the technology, in my mind, there's little doubt that some adversary is going to attempt a significant cyberattack on the United States at some point," William Lynn III, a former deputy defense secretary, told the Washington Post.

"The only question is whether we're going to take the necessary steps like this one to deflect the impact of the attack in advance or . . . read about the steps we should have taken in some post-attack commission report," he said.

Currently there are around 900 uniformed and civilian staff employed by the Pentagon in its Cyber Command, which is separate from the National Security Agency – at least in principle. In practice, however, the two work side-by-side, and both are headed by the same man, General Keith Alexander

A senior defense official told the paper that the Pentagon would primarily focus on online activity outside of US domestic borders, and would only be involved in major online attacks, not minor hacking and phishing annoyances. US companies and those international companies that use American-hosted services won't be touched.

"There's no intent to have the military crawl inside industry or private networks and provide that type of security," the official said.

The staffing increase is scheduled to begin later this year and next, but there are likely to be problems simply finding that many people with the right skills to do the job. The military was at last year's Black Hat hacking conference looking for recruits and support from the private security industry, but weren't finding many takers.

Security researchers who have worked with the Pentagon have complained that all too often the government wants to know their security tricks, but isn't willing to share its knowledge or pay the kind of rates that researchers can make in private industry.

There's also the fact that other government agencies are increasingly targeting the security community for special investigation over the last few years, since WikiLeaks started releasing US State Department cables. Many in the industry are feeling little love for the US government at the moment, and this could reduce its ability to hire the best talent.

General Alexander has agreed to stay on in his roles until at least 2014 to manage the increase in numbers.

High performance access to file storage

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.