Slashdot Mirror
Pentagon Cyber-Command In the Works
An anonymous reader sends word of a new cybersecurity project to defend US networks from attacks and strengthen the government's "offensive capabilities in cyberwarfare." Right now, the most likely candidate to lead the project is the Director of the NSA, Keith Alexander, who was quick to assert that the NSA itself wouldn't try to run the whole show (something they've been criticized for in the past). Quoting the Wall Street Journal:
"Cyber defense is the Department of Homeland Security's responsibility, so the command would be charged with assisting that department's defense efforts. The relationship would be similar to the way Northern Command supports Homeland Security with rescue capabilities in natural disasters. The NSA, where much of the government's cybersecurity expertise is housed, established a similar relationship with Homeland Security through a cybersecurity initiative that the Bush administration began in its final year."
It wants its buzzword back. Please stop using "Cyber-". Thank you.
You know it's a bad article when the first comment is a troll and all the others whine about the overuse of a word.
Why is it that EVERYTHING that tries (and usually fails) to connect itself to the net label itself "cyber?" Seriously, can we come up with something different, like "Network Operations" or something that doesn't remind me of bad movies from the 80's?
"The Obama administration plans to create a new military command to coordinate the defense of Pentagon computer networks and improve U.S. offensive capabilities in cyberwarfare, according to current and former officials familiar with the plans." Right, because the military does such a good job of keeping up with the latest in security, see yesterday's sat com article: http://tech.slashdot.org/article.pl?sid=09/04/21/151225
Politicians thrive on buzzwords. Thus, those who work for politicians thrive on buzzwords. The assumption is that people in general do not know more about a subject than the buzzwords themselves... unfortunately the assumption is usually right.
DISCLAIMER: I am very rarely serious. If the above comment seems asinine makes no sense, it is most likely a bad joke.
I'm just glad they're finally taking this sort of shit seriously. With plans for fighter jets being stolen by hackers making front page news, reports that the pentagon spends boat loads of money at reactive threat defense, our [insert computer buzz word]-security at a national level is severely lacking. Even movies like transformers seem to think that the best hackers are still fat dudes living with their grandparents and no one at any national department is capable of anything.
The musings of just another geek and his junk.
When a group that exploits a communication network system for information is also in charge of its security, what happens when a weakness is found? Do you:
A) Keep the weakness secret so you can exploit it.
B) Publish the fix so your networks are fixed, but also allowing those you may be monitoring to fix as well, and cut off an information source.
Bruce Schneier has a great commentary on this at his blog.
DMCA - Chilling free speech since 1998.
Let's form a committee and draw up a plan. Budget meeting tomorrow!
Umm, why is it a job for the Air Force, as opposed to the Navy, Army or some other Governmental agency? Offensive cyber-warfare may be a role for the air force, as in blowing up the computers of our adversaries by dropping bombs on them.....
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
The other top contenders for the project is Cyberdyne Systems and a man calling himself "The Architect."
DISCLAIMER: I am very rarely serious. If the above comment seems asinine makes no sense, it is most likely a bad joke.
The only thing DHS is good at defending is its budget. Their own systems and networks are notoriously mismanaged and vulnerable. You have to go to the Bureau of Indian Affairs to find anything more inept.
The technical talent at NSA is the best in the world. It's their administrative and political leadership that could stand some fumigation.
Comment removed based on user account deletion
Is that what they will call it?
Because we don't have a Tube Force?
It may be offtopic, but it's clearly true. You're being censored by the elite communist team of Slashdot police whose goals include the destruction of capitalism and the total annihilation of American values.
OK, while I agree that cyber- anything has been over used, the Air Force has already stepped forward ahead of the other services to stand up a "Cyber Command". However, USSRATCOM has Cyber warfare and defense in its mission statement. A joint task force is the most likely form of any cyber-related activity, either offensive or defensive. The big problem is, how can you defend against something when it's already inside your walls? The Pentagon's networks have been infiltrated more times than I can count with bare feet and my pants down (more than 21). Not to mention DOE computers. All networks are vulnerable if they are connected to the Internet. No one service can do the entire job.
Because the Air Force decided to add "cyberspace" into their mission statement to justify asking more money from Congress.
http://www.af.mil/news/story.asp?storyID=123013440
Being in the military, its very frustrating knowing a plethora of ways to make your job more secure but lacking the ability to change anything. Most of the branches, instead of pushing the envelope of computing like in the 30s, 40s, and 50s, have removed themselves from the business and contract it out (its not sexy enough and doesn't envolve tangable assets). Reminds me of the notorious deal in the 70s when IBM contracted Microsoft to build its disk operating system...
Who else would run the air force's, the army's, the navy's, the marines', and the coast guard's cyber commands, hm?
You might as well say the Army has a conflict of interest since if they have a new weapon they could take over the country.
It's both true and not true. in some countries the army does indeed take over when it wants to. In others it tries to protect it's citizens. Why should the NSA not be expected to do this as well? What is needed is proper oversight.
Now as for How to approach this. I'm utterly puzzled why trusted platform computing (e.g. Palladium) has not take off for government and embedded computing. Sure you may not want it on your computr because it locks down what you can do to an outside source's approval. But this is exactly what we do want on single use computers and on computers protecting data bases and on government computers.
Seems like there's a huge market for this. Way way way more than needed to make it worth manufacturing the hardware changes to the motherboards and firmware. Why has TPC not proceeded since it was developed.
Some drink at the fountain of knowledge. Others just gargle.
Yes, please take another huge gob of my money to fund yet another huge government bureaucracy in order to fund the closing of the barn door now that the horse has run out.
It's spelled websites (or web sites), not "web-sights".
Also, Mac OS X is also backed by a major corporation. One that knows what it's doing, as opposed to Microsoft.
What the Pentagon really needs is some sort of visual "sky above us" command and control.
Seriously these are the guys that let a plane crash straight into them. And no-body saw it coming???
What is needed is proper oversight
That's the whole problem. The NSA is already in charge of the entire nation's cyber-security. They just don't want anyone to know about it.
I am not your blowing wind, I am the lightning.
Welcome to the War On CyberPirates.
Another war to consume most of the U.S. federal budget.
Yours In Communism,
Kilgore Trout
P.S. to Obama fans: Universal healthcare ONLY in your dreams.
What is needed is proper oversight.
That's the whole problem. The NSA has been in charge of cyber-security for the entire nation for years. They junt don't want anyone to know about it.
I am not your blowing wind, I am the lightning.
Of all the Government agencies that might have the capability to manage cyber security, I would not have put Homeland Security on the short list.
These guys need an air-command to ensure planes dont fly directly into their control center, they should start their....
Sounds like "Netforce" to me... Reality echo's fiction quite often it seems.
Comment removed based on user account deletion
I don't see us getting too much useful info from hacking into China/Russia.
We can go in there and get our information back!
The analogy is flawed.
Taking over the country with a weapon requires a violent coup, drawing the opposition of the government and other branches of the military.
Spying on the country without authorization is, by definition, covert, and can be denied or declared a matter of national security.
I know this will be a bit paranoid but I'd feel much happier if they took away all those Warrantless Wiretapping and many of the other freedoms stolen recently by the Federal Government BEFORE they create a Pentagon Cyber-Command. If the Federal Government wants to make a Cyber-Command for the Pentagon, that's fine, but I want oversight that's being held accountable for their actions dammit!
If the Federal Government can issue itself a secret warrant to search my house, you think they're going to give a rats ass about curtailing cyber break-ins? "Who watches the Watchmen" as it were. It just doesn't sit right with me that the Federal Government is continueing to expand it's policing power at the expense of our freedoms.
I know, if someone in the program really wanted to abuse the system to break into our computers, they would, but at least give us the tools to defend ourselves legally!
Posting with out proof reading since 2001.
Whether the Air Force, NSA, FBI, or whatever agency gains the specific monopoly of offensive cyber warfare in the US is irrelevant. The real question is why the US wants it and the US government wants offensive cyber capabilities for one reason and one reason alone...
China got there first.
Oh, and to 'protect American interests at home and abroad'. Maybe two reasons...
sudo mount --milk --sugar
For planes coming at their building and such..
That would be a good start...
The NSA already has full privs on DoD systems.
Best Slashdot Co
to spend some tax payer money! Seriously, this thing better be scrutinized, and not another building full of $15000 toilets. I believe most of our country's cyber security issues could be solved by NOT PLUGGING EVERY FUCKIN' COMPUTER TO THE INTERNET. Especially the ones that control sensitive infrastructure.
The saving grace in all this is you know the system will have billions in cost overruns and in the end not work.
Python: 'And then suddenly you have a language which says "we're all stuck with whatever the whiniest coder wants".'
You've obviously never seen hackers. You have to fly through the system to find the files.If theres a branch of the military that can fly its the air force...
I wonder how many people tend to notice the coincidental timing of things like this. What was it, yesterday or the day before that there was a front-page post in every major newspaper about the JSF plans getting siphoned? Then, just coincidentally, a few days later plans to beef up 'cyber' operations at a federal level are put forth publicly (despite the fact that making decisions for any new programs at a federal level take days, if not weeks to make).
It seems to me that the average layman probably hears things like 'cyberwarfare' and 'fighter plane plans stolen via hacking' and 'we need a new, federally controlled cyberwarfare program' and probably doesn't think about the difference between 'offensive' and 'defensive' type network operations since the average layman says, "Computers and Hackers and Cyberspies! Oh My! Save us!" Thus, convincing the public that a new, expensive, powerful (and probably not well-regulated) federal cyber-department will keep them safe. Besides, our very own military networks were just hacked maliciously to download the plans for our newest jet fighter, didn't you hear?
I guess what I am trying to say is:
Increase public knowledge of cyberthreats + Offer federal solution to the new cyberthreat problem = Immediate public approval new program that increases federal spending and power.
Yay!
Motorcycles, Robots, Space Gossip and More!
"Cyber defense is the Department of Homeland Security's responsibility, so our networks are $@%&ed."
Fixed.
I'm staying anonymous for a reason. All i will say is this. USTRANSCOM was way ahead of the Air Force in terms of network and system security. They made the Air Force look plain sloppy and probably still do.
There is bureaucratic fight between the NSA and the White House (DHS is a cabinet position) over who gets unfettered access to ALL government networks in the guise of security.
The stories of power grid and SCADA control breaches, the F-35 leaks and nameless Chinese hackers are FUD originating from the NSA to scare other government entities into surrendering full control of their networks to the NSA.
The first place to start reading up on this fight over network control should be the National Cybersecurity Center former head Rod Beckstrom's resignation letter to the head of DHS.
In his resignation letter he states that " NSA effectively controls DHS cyber efforts through detailees, technology insertions, and the proposed move of NPPD and the NCSC to a Fort Meade NSA facility. NSA currently dominates most national cyber efforts. While acknowledging the critical importance of NSA to our intelligence efforts, I believe this is a bad strategy on multiple grounds. The intelligence culture is very different than a network operations or security culture. In addition, the threats to our democratic processes are significant if all top level government network security and monitoring are handled by any one organization (either directly or indirectly). During my term as Director we have been unwilling to subjugate the NCSC underneath the NSA. Instead, we advocated a model where there is a credible civilian government cyber security capability which interfaces with, but is not controlled by, the NSA. "
flamebait? This is how the goverment works. the NSA doesn't have a domestic charter, yet they have deep packet inspection [http://tinyurl.com/c59puz] unconstitutional deals with AT&T walking on the 4th amendment.
Government programs are like a leaky API. (time of crisis) Agency1 has private data. (It's getting close to the release date), Agency2 sneaks in there and pokes around so they can get it out the door. It's crap, all the programmers (congress) know it's crap, but they release anyways because of promises to the american people. Then when the bug reports start coming in, the revision history is magically rm -rf'd. (oops, We can't find those emails senator) It's a nightmare, but unavoidable due to human nature. With the government's monopoly on force there is no accountability and there never will be - even through chasms of mind bending injustices.
No, man, you have to have someone to fly the carbon black Briggs-Daimler ultralights past Soviet security so the console jockeys in their Zeiss-Braun helmets can release our Mole VII virus from the Sinclair-Nixdorf decks strapped to them with micropore tape.
Literalism isn't a form of humor, it's you being irritating.
1995 called 1984?
Don't you just hate it when you re-post a rewording and you ADD a typo?
Umm, why is it a job for the Air Force, as opposed to the Navy, Army or some other Governmental agency? Offensive cyber-warfare may be a role for the air force, as in blowing up the computers of our adversaries by dropping bombs on them.....
The parent was trying to troll, but the Air Force DID try to hog the "cyber warfare" mission, and SecDef Gates slapped them down for it. The Army and Navy protested, and they had a valid point: since all the services rely on computer networks, why should one service have a monopoly on "computer warfare"?
Life is hard, and the world is cruel
Just another way for the DHS to spy on those really mean and nasty Tea Party people.
After all how dare they even think of questioning his most holy and his minions in D.C., that's just plain un-Amerikan
Sounds like someone is jealous.
"If you only knew the POWER of the DARK SIDE!"
Ontop of that, this is just another example of US aggression. First we militerized space, now we are militerizing the internet. Disgusting, this is an example of Bush era policy that simply must be ended if we are going to run a country which reflects our supposed "ideals."
Especially, if we are going to complain when Chinese hackers invade our power grid. We've got no right to complain if we ourselves are developing the same capability. More Bush-era hyporcrasy.
Netbooks, they come with Linux or a $3 copy of Windows. Either way, Microsoft loses.
"Cybercommand" has been in the works for years, as noted in this 2007 article on /. : http://it.slashdot.org/article.pl?sid=07/10/12/1837258
Also here: http://slashdot.org/article.pl?sid=08/03/12/1427252
here: http://slashdot.org/article.pl?sid=08/02/12/2217201&from=rss
and here....aw hell, just Google it: http://www.google.com/search?sourceid=navclient&ie=UTF-8&rlz=1T4GGLG_enUS307US307&q=cyber+command+site%3Aslashdot.org
The latest word is that LTG Alexander will *not* command CYBERCOM, and that he will retire as a 3-star. Circumstantial evidence supports this rumor; Alexander's lapdog technologist Dr. James Heath, who has followed Alexander from post to post for the past ~15 years, has punched out of NSA and has taken up residence in Korea at SUSLAK. The only way Heath would let go of Alexander's coat tails is if those coat tails weren't valuable to him any more.
NSA is a DoD component -- it's part of the "Pentagon" you would rather have running this than a "three letter agency."
If the "Pentagon" were to run cyber command, there is absolutely no reason to assume that NSA would not be heavily involved. Given that the current DIRNSA (LTG Keith Alexander) was one of the early front runners to command cyber command, one would have to assume that the "Pentagon" is quite comfortable with NSA being involved with the cyber project.
What one moment, according to the Army they already have one and are using it to recruit people.
What oh my goodness was that a misleading advertisement by the Army? No they wouldn't lie to possible recruits would they???
YES......