Protecting any nation’s citizens and institutions is difficult under any circumstances, but today’s economic limitations make this task even more challenging. Government and business leaders will meet at the Ronald Reagan International Trade Center February 28 to March 1 to tackle this topic during AFCEA International’s 11th annual Homeland Security conference.

Conference discussion topics include cloud computing, cyberwar, procurement, wireless broadband and social media. Small businesses’ interaction with the U.S. Department of Homeland Security (DHS) also will be explored.

Speakers and panelists include Jim Flyzik, president, The Flyzik Group; Peter Tseronis, chief technology officer, U.S. Department of Energy; Cathy Lanier, chief of police, District of Columbia; and Bruce Walker, acting vice president, homeland security, Northrop Grumman Information Technology.

Although the first day of DHS IT strategy sessions is not affiliated with the AFCEA conference, coverage of the sessions will be featured on the Coverage and Collaboration: Homeland Security 2012 Web page.

The U.S. Department of Homeland Security and the Defense Advanced Research Projects Agency have called upon industry to develop a low-cost and secure communications, network management and situational awareness system for the U.S. military, public safety agencies and commercial clients. The solution must enable remote and secure mission-based communications with or without cloud connectivity. The goal is to design a technology with both military and security applications that offers real-time information regardless of the infrastructure and equipment first responders or military members use. Under a two-year agreement, SRI International and Covia Labs will develop the enhanced capabilities for communications devices such as smartphones. In the long term, the companies plan to design a low-cost solution that features the seamless formation of secure teams across different military and public safety agencies.

Situational awareness that borders on command and control (C2) may be necessary to protect vulnerable networks in the nation’s critical infrastructure. The threat to these increasingly complex industrial control systems will require more than just commercial off-the-shelf security solutions, according to a panel of experts at TechNet Asia-Pacific 2011 in Honolulu.

Rear Adm. Paul Becker, USN, the U.S. Pacific Command (PACOM) J-2, warned that the proliferation of control systems, coupled with a lack of network situational awareness, are prime opportunities for cybermarauders. In calling for C2 of networks, he noted that while nation-states appear to be the only cyberthreat with the ability to attack the nation’s infrastructure, organized crime now is able to develop or hire hacker talent.

Bryan Richardson, a critical infrastructure security expert with Sandia National Laboratories, stated that the good situational awareness tools that the infrastructure needs largely must be customized specialty solutions, although some could come from traditional information technology sources. Sandia has performed many assessments, so it understands the different types of systems and what needs to be done for them, Richardson said.

David Rolla of the Hawaiian Electric Company added that a good network situational awareness tool must be able to weed out legitimate security threats from natural disasters or even overzealous marketing events. His company is trying to put in place a holistic system that protects the entire network from start to finish.

The new technologies that are enabling elements of the critical infrastructure to operate more efficiently also are making them more vulnerable to devastating cyberattacks. Advanced mobile connectivity and supervisory control and data acquisition (SCADA) systems have created fertile ground for cybermarauders to target key aspects of the infrastructure a number of ways.

These were the findings of a panel comprising a number of experts from Hawaii and the U.S. Pacific Command (PACOM) at TechNet Asia-Pacific 2011 in Honolulu. Rear Adm. Paul Becker, USN, the PACOM J-2, described how the use of SCADA industrial control systems was a primary threat to the infrastructure. These systems are the focus of malevolent hackers, whose growing sophistication has increased the likelihood that they will be able to launch a devastating attack.

David Rolla of the Hawaiian Electric Company elaborated on how the SCADA threat has grown. Companies such as his have trended toward more integrated and more sophisticated control systems, and greater interconnectedness means more interdependency. The need for a communications infrastructure, which requires external communication links, also has increased vulnerabilities. Where the threat used to be broad-based—such as simple denial of service—it now takes the form of highly targeted attacks focused on a single entity, Rolla said. “We’re coming to a point where there is no such thing as a trusted source,” he warned.

Tasked with patrolling millions of square miles of water over vast ocean distances, the U.S. Coast Guard is looking to augment its surveillance forces with unmanned air vehicles (UAVs). These craft would serve to alert cutters to what lies over the distant ocean horizon.

Rear Adm. Charles W. Ray, USCG, the commander of the 14th Coast Guard District, told the final breakfast audience at TechNet Asia-Pacific 2011 how the vast area of responsibility across the Pacific Ocean tasks Coast Guard operations. Many isolated islands and atolls are U.S. territory, and their fish-rich waters constitute more than a million square miles of U.S. exclusive economic zones. The Coast Guard needs a persistent presence in these waters, and UAVs can help fill that need, the admiral said.

Adm. Ray called for an inexpensive UAV that can provide that over-the-horizon presence. He added that while the Coast Guard does not have a program of record for UAVs, it is partnering with Customs and Border Patrol on its Predator program in the hopes of developing a maritime version. It also is following the U.S. Navy’s development of UAVs, the admiral noted.

The Air Force and Arlington County, Virginia, are taking preventative measures against hackers such as the ones that recently attacked Sony, costing them over $170 million. It’s not just money at risk for government networks, however.

The Air Force has the lead for the Next Generation Airspace and lead for the Department of Defense. Arlington County, which collaborates extensively with the department on many levels, has undertaken continuous monitoring and risk analysis and is currently evaluating its supervisory control and data acquisition (SCADA) systems.

Maj. Gen. Edward L. Bolton Jr., USAF, director of cyber and space operations, office of the DCS for ops, plans and requirements, led a discussion with B.G. Ranck Jr., director of warfighter systems integration at the office of the Secretary of the Air Force, and Mark Orndorff, PEO for Information Assurance and NETOPS for DISA at the AFCEA D.C. chapter’s cyber security luncheon on May 20 describing the Air Force’s approach.

Gen. Bolton asked everyone in the audience to say at what level they thought we should protect. The audience answered that we should protect “every link at every level.”

He also suggested that Air Force’s biggest issue with communications is the “lack of transportability” of the equipment and parts driven by its inability to interoperate between stovepiped systems. He described a soldier as having to carry a pack with three computers, multiple batteries, and multiple wires in order to communicate.

According to Bolton, the Air Force will focus on three main areas: capabilities, employment, and people. He also stated that the Air Force will change the discussion from aircraft allocation to “what information do I need vs. how many airplanes do I have in the air?” It also maintains that, “every airman must have a certain understanding of cyber.”

The Defense Department envisions a joint architecture and joint services information-sharing requirement that is not specific to a particular agency that promotes interoperability and information sharing across previously discrete domains. In keeping with this vision, the Air Force will migrate away from the plethora of often proprietary and stove-piped systems and transition to a single standards-based network. These systems often do not interoperate with other systems both in and outside of the Air Force. The Air Force will channel the resulting savings into building operational capability.

Gen. Bolton also asked the defense contracting community to help the Air Force by not perpetuating proprietary and controlled environments and boxing the Air Force into a technology or proprietary solution.

Though the panel focused primarily on the network and interoperable systems, it did not address the issue of SCADA systems, which are an integral part of Air Force and Defense Department infrastructure. We often don’t realize that our traffic lights, transportation systems, bridges, dams, power systems, water treatment plants and other systems contain digital information vulnerable to attack and theft even though they are not a part of other network systems.

Arlington County has undertaken an initiative to evaluate its SCADA systems and mitigate any risks found. In a public forum, Chief Information Security Officer David Jordan mentioned an article that described how U.S. officials who initially were going to conduct a public forum to discuss the risk of SCADA systems quietly decided the risk was too great to bring it to the public’s attention and cancelled the forum. “We started with the critical infrastructure systems; those connected to the network and are conducting other evaluations according to priority. SCADA systems are vital in the support of day-to-day life in a city,” Jordan stated.

But there are other important systems not directly under the control of the jurisdiction or the Federal Government; such as local phone switching center operating systems, cable, and wireless broadband operating systems and their related command and control networks, he continued.

The Defense Department would do well to conduct similar analyses across the Defense Department, if these are not already under way.

U.S. government agencies continue to expand their biometric identity management capabilities and their ability to share biometrics data among the various agencies and international partners, according to government officials speaking at AFCEA’s Homeland Security Conference in Washington, D.C.

 “Within the Department of Defense, this is a growth industry,” says Thomas Killion, the new director of the Defense Department’s Biometrics Identity Management Agency (BIMA). He adds that biometrics has already “grown up” from relatively humble beginnings at the turn of the century when the department used it primarily for securing access to information systems. “As operations grew overseas, it became more of an operational necessity to identify and track individuals in the battlespace.”

The Defense Department’s, Automated Biometric Identification System (ABIS) has grown exponentially in terms of the size of the database itself, how it is used and the Defense Department’s ability to share information with other agencies, such as the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS).

“It is a growing database in terms of the number of entries that are in it and in our capacity to process the information,” says Killion, adding that the government is moving toward a common environment in its ability to share biometrics data between agencies. “We already have substantial connections with the FBI. We have limited connectivity with DHS, but that’s growing as well.”

Last spring, the FBI deployed a large contingent of agents to Afghanistan, according to Dan Roberts, FBI assistant director, Criminal Justice Information Services Division. They gathered biometric data on about 9000 people in local prisons and linked 11 to the manufacture of improvised explosive devices.

For its part, DHS can now process ten fingerprints as quickly as it once processed two, says Robert Mocny, who manages the DHS United States Visitor and Immigration Status Technology (US-VISIT) program, which collects fingerprint data on all visitors to the country. In 1989, Mocny relates, it was his job to interview immigrants entering the country, and he would have to  decide based on the information he had, whether or not to let people into the United States. “I bet I let the wrong people in sometimes. Because we didn’t have the full complement of information,” he says, explaining that availability of biometrics data allows officials to make better decisions.

“The FBI now sends us thousands of prints a day. We make more informed decisions and terrorists and sexual predators and such are being identified every single day because of the interoperability we have with the FBI,” Mocny explains. “We can now search the FBI’s criminal record files—65 million in under 15 seconds. That is a tremendous step forward in both information sharing and the technical interoperability between the two systems.”

Of the nearly 30,000 transactions sent to the FBI’s Integrated Automated Fingerprint Identification System (IAFIS) database, 261 have been matched with known troublemakers and 91 percent of those matches were returned within 15 seconds. When it started, IAFIS was intended to handle 62,000 transactions a day. It now averages about 200,000 a day. From October 2008-January 2010, 62,000 criminal aliens have been deported, Mocny cites. And within the next year, DHS will have a similar level of data sharing capability with the Defense Department.

In addition, DHS was recently able to help the United Kingdom identify an Australian citizen who had been convicted of rape but was living in England under an assumed name and receiving asylum benefits. He has been extradited back to Australia to serve his term in prison.

Sharing biometrics data with other countries is wrought with complexities, but Roberts says that efforts with the United Kingdom, Canada and New Zealand are productive because those countries have similar capabilities and similar attitudes toward biometrics data as the United States. In fact, Canada has the same level of access to the FBI database as does the sheriff’s office in Fairfax County, Virginia, he says.

All three agencies—the Defense Department, FBI and DHS—are looking to expand the types of biometrics data they can collect, to include more facial recognition, iris scans and palm prints, and may someday include other possibilities, such as scent detectors and gait analysis, which theoretically can identify an individual based on the person’s walking pattern.

DHS intends to put out a series of requests for information and requests for proposals over the next year or so to improve its capabilities. The agency can do 5 million searches within a matter of seconds and needs to do 500 million searches in that time.

The FBI, meanwhile, hopes to replace its 60-pound biometrics data-gathering gear with something much smaller, lighter and more mobile. The agency is also upgrading its database with the Next Generation Identification system, another increment of which should be rolled out February 25^th, offering improved accuracy and speed for matching fingerprints.

The FBI is also building a biotechnology center in West Virginia, which it will share with the other agencies and academia. It is expected to be complete in the fall of 2013.

Creating a deterrence strategy in cyberspace similar to the Cold War approach to nuclear weapons is a difficult proposition, according to Gen. Keith Alexander, USA, who commands U.S. Cyber Space Command and is director of the National Security Agency.

 “There is no deterrence model out there analogous to what we had during the Cold War for nuclear détente. If you think about it, there are no rules of the road yet. There are no norms. We don’t have all that figured out, so there is no deterrence strategy. In fact, I would posit that it is much more difficult to have a deterrent strategy in cyber space because all countries, nation states and non-nation states, can have these capabilities in cyberspace,” says Alexander.

Speaking at the AFCEA Homeland Security conference, Alexander called for greater cyber situational awareness and a more active network defense. He also said government can protect the nation’s networks while also protecting individual privacy and civil liberties, and he called for the public to demand more secure technologies.

 Alexander offered several statistics to demonstrate what he called a phenomenal rate of change. He said that there are now 2.06 billion Internet users worldwide and that in 2010, 107 trillion e-mails were sent, which equals about 294 billion per day, 89 percent of which were spam. In addition, there were 35 billion tweets last year, which he predicts will “really take off this year.” Facebook just crossed 600 million users. If they were a country, Facebook users would be the third largest nation on Earth. In 2001, the average person had less than a gigabit of storage. In 2010, that was 128 gigabits, and in 2020 it is predicted to be 131 terabits, according to Alexander. “It took two centuries to build the Library of Congress—29 million books, 2.4 million recordings, 4.8 million maps, 57 million manuscripts. Today, that would take five minutes on the network. Five minutes,” he says.

A devastating terror attack that would cripple the United States could happen as soon as tomorrow. However, unlike the events of 9/11, this attack would take place in cyberspace and involve accounting figures, not any physical plant.

That gloomy assessment was offered by Adm. Mike McConnell, USN (Ret.), executive vice president of Booz Allen Hamilton and former director of national intelligence (DNI). Giving the Wednesday plenary address at TechNet Asia-Pacific 2010, Adm. McConnell shared with the audience how his concerns over the vulnerability of the banking sector date back to when he was named DNI by then-President George W. Bush.

Putting the threat in perspective, Adm. McConnell noted that the United States has a $14 billion economy. Two banks in New York move $7 billion in one single day. This money is data moving electronically, and even those banks’ backup systems are connected. This makes all that data vulnerable to cyberspace attack, and the results of a successful terror attack would be devastating.

This type of attack can be prevented, and both the Bush and Obama administrations have taken some steps toward addressing it. However, the admiral sees three potential scenarios developing in sequence: first, the country talks about what needs to be done, but never gets around to doing it. Then, as a consequence, the United States suffers a catastrophic event. Third, with history as a guide, the country overreacts.

This could be avoided with effective action in as little as one year, he offers. It will require a legal framework to empower necessary policies. Ultimately, the United States may develop a “dot-secure” cyber realm in which the vital infrastructure operates outside of public Internet access, he suggested.

Joint Warfighting Conference attendees enjoyed the rare opportunity to listen to the former leaders of homeland security and homeland defense in a roundtable discussion moderated by David Hartman, former host of Good Morning America. Hartman asked some of the pointed questions that were on many attendees’ minds going from as far back as the institution of the PATRIOT Act through to cyberthreats.

The Honorable Michael Chertoff, former DHS secretary, and Adm. Timothy J. Keating, USN (Ret.), former commander, U.S. Pacific Command, agreed that the increase of information sharing between agencies is by far the greatest tool the U.S. has to support homeland security and aid in homeland defense.

Hartman also asked for clarification regarding the military role in homeland security. Adm. Keating emphasized that the limitations on the military are clear cut: within the homeland, the military only acts in a supportive role to first responders. That said, the admiral pointed out that one of the issues that must be addressed quickly is the National Guard and particularly the Air National Guard. When the writers of the U.S. Constitution allowed for each state to form its own militia, the role of these organizations was apparent. Now, however, with guardsmen serving not only around the United States’ borders but also as far away as Iraq and Afghanistan, its responsibilities are not quite as clear.

The topic of cybersecurity brought up a nuance about the topic that has rarely been discussed at technology forums: the issue of intent. Referring specifically to China, Adm. Keating pointed out that the Chinese government can be very aloof in its description of its cyberactivities. While they say they only act in defense of their interests, the definition of “interests” remains unclear. This is an area that requires more study and action, Keating stated.

Chertoff agreed and emphasized that a great deal of study about cyberattacks is going on throughout government and academia; however, he believes it is time to move forward on this topic in a more concrete fashion because it is a “very real, consequential threat.”