The U.S. Pentagon's decision last week to open a cybercommand for both offensive and defensive cyberwarfare activities raises a host of questions. U.S. Defense Secretary Robert M. Gates issued a memo to military leaders ordering the Strategic Air Command to have the cybercommand up and running by October 2010, and also assigning Pentagon policy chief Michele A. Flournoy to head a "review of policy and strategy to develop a comprehensive approach to [Department of Defense] cyberspace operations."
At a recent talk, Deputy Defense Secretary William J. Lynn III asked how cyberattacks can be deterred and prevented if it is so difficult to identify adversaries in cyberspace, while Internet Storm Center director Marcus Sachs questioned how rules that apply to real-world warfare, such as the Geneva Convention, can be extended to cyberspace. He also stressed that these issues need to be debated publicly, not privately.
Gates' memo urged an "implementation plan" for setting up the cybercommand that would "delineate [its] mission, roles and responsibilities" and its "command and control, reporting and support relationships with combatant commands, [military] services and U.S. government department and agencies." Sachs inquired as to whether the long-term strategy is to have the command concentrate exclusively on military networks, or to cover the entire U.S. critical infrastructure. Lynn implied that the Homeland Security Department would continue to be responsible for the defense of federal civilian networks, while the private sector would watch its own networks.
The cybercommand will be placed under the authority of the National Security Agency director.
The SANS Institute's Alan Paller said that civilian defense against cyberattacks is hampered by civilians' lack of access to the military's latest, best information about attackers and their methods.
From The Washington Times
View Full Article
Abstracts Copyright © 2009 Information Inc., Bethesda, Maryland, USA
No entries found