The revelation that an unnamed defense contractor suffered a large-scale data breach emphasized the urgency and importance of a Defense Department strategy for operating in cyberspace.
Deputy Secretary of Defense William J. Lynn outlined the strategy yesterday in a major policy speech at the National Defense University in Washington, D.C.
Lynn acknowledged in his speech that an “intrusion” took place last March in the system of an unnamed defense contractor.
“In a single intrusion this March, 24,000 files were taken,” he explained. During a press conference, Lynn elaborated by saying that the data taken was “related to systems that are being developed for the Department of Defense. It was done, we think, by a foreign intelligence service. In other words, a nation-state was behind it.” He refused to elaborate on who was responsible or the company involved.
Lynn acknowledged that this previously secret breach may not have been the largest such attack, which he said have been taking place against both military and contractor systems for the last five to six years. He said this is why the first-ever Defense Department “Strategy for Operating in Cyberspace” is important.
He stated that the strategy, of which an unclassified version was released yesterday, has five primary pillars. The first is treating cyberspace as an operational domain, much as the military regards land, air, sea and space as places where it must be prepared to operate. The second is introducing “active cyber defenses,” including the use of “sensors, software and signatures to detect and stop malicious code before it affects our operations.”
The third is working with the Department of Homeland Security and the private sector to protect the nation’s critical infrastructure, including that which supports military functions. The fourth is to work with allies and international partners to “build collective cyber defenses.” The fifth is to enhance network security, resulting in what Lynn described as a “more secure and resilient Internet.”
Lynn said that the United States has negotiated cooperative cyber agreements with NATO, as well as individual allies such as the United Kingdom and Australia.
The revelation of the massive contractor breach comes a week after the Defense Department proposed additions to the Defense Federal Acquisition Regulation Supplement (DFARS) that would require contractors to secure classified government data residing on the contractors’ computer systems.
Details of the cybersecurity plan were also released two weeks ago when the Defense Information Systems Agency unveiled its 2012 Campaign Plan.
SIGNAL Magazine will have additional coverage of federal cybersecurity issues in the upcoming August issue.
Deputy Secretary of Defense William Lynn’s speech at National Defense University on July 14, 2011: http://www.defense.gov/speeches/speech.aspx?speechid=1593
Lynn’s post-speech media availability with Vice Chairman of the Joint Chiefs of Staff Gen. James Cartwright, USMC: http://www.defense.gov/transcripts/transcript.aspx?transcriptid=4854
SIGNAL Online: Cyber warfare, Media Integration Dominate DISA Plans. http://www.afcea.org/signal/articles/templates/Signal_Article_Template.asp?articleid=2651&zoneid=318