DOD Considers Shielding Private Networks -- Redmondmag.com

DOD Considers Shielding Private Networks

By Amber Corrin
06/01/2010

As the risk of an attack on the nation's critical infrastructure increases with the rising cyber threat, the Defense Department could take on a bigger role in protecting the computer networks of private industry, according to a top DOD official.

To support such a move, a task force comprising industry and government information technology and defense interests, which deputy defense secretary William Lynn III termed an "enduring security framework," has been forged to examine issues surrounding critical infrastructure network security.

"In terms of protecting the nation's security...it's the vulnerability of certain critical infrastructure -- power, transportation, finance," that is the target of these cybersecurity efforts, Lynn said.

One possibility Lynn discussed, speaking with a small group of reporters at the U.S. Strategic Command Cyber Symposium on May 26 in Omaha, Neb., is the development and deployment of Einstein 2 and 3 for civilian networks. The intrusion detection and prevention systems are being developed by the Homeland Security Department for use on govnrnment computer networks.

Einstein 2 is in place in at least 11 of the 21 government agencies that police their own networks the other 89 federal agencies will go through one of four major technology contractors for the Einstein monitoring, according to the Associated Press. Einstein 3 is in a trial phase.

Lynn said that, in theory, participation in the protection would be voluntary and private sector organizations could opt in -- though likened the decision to opt out to remaining "in the wild, wild west of unprotected Internet."

That wild frontier of unprotected Internet is becoming increasingly dangerous, according to Lynn and Air Force Gen. Kevin Chilton, STRATCOM commander.

"The Internet doesn't respect sovereignty," Lynn said. "The cyber threat doesn't track well with the history of traditional military power. We can't predict where the threat will come from."

Chilton noted that the increase of cyber crime requires a response cultivated by the cooperation of government and industry, and also international partners. "To be successful in cyberspace we need to be ambidextrous. We need all hands."

The response to cyber threats is complicated by rules of engagement that are still being negotiated. "Are they right? That's what we're examining," Chilton said.

About the Author

Amber Corrin is a staff reporter covering defense and national security.

Featured

Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.
Fallout from Microsoft's 'Midnight Blizzard' Saga Hits Feds

When the Russian attack group Midnight Blizzard successfully breached Microsoft corporate e-mail accounts late last year, it apparently managed to steal U.S. government agency e-mails, too.
PowerShell Script Used in Phishing Attack May Be AI-Generated

A PowerShell script being used in a novel malware campaign may have been created by AI, according to security researchers at Proofpoint.
Using Microsoft Office to Build a Network Diagram, Part 1

Keeping documentation is a great way to ease your future hardware refresh and have what you need for insurance purposes.