Effective cyber experts require an increasing skill set that is putting them out of reach of the government. As threats have become more diverse, so have the abilities needed to defend against them, and the government may need to turn to innovative methods of building its cyberforce.
While government and industry wrestle with issues of sharing cyber intelligence, different private sectors face an equally difficult—and important—task of information sharing among themselves. Many face similar threats, and their survival against cybermarauders may depend on how well they share threat knowledge.
Information sharing is a major discussion point in the two-day AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C. In a panel discussion, Robert Mayer, vice president of industry and state affairs at the U.S. Telecom Association, called for more cross-sector activity and engagement so that the industry sectors share more information.
Just as an earlier panelist at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., emphasized the importance of the human element in cyber intelligence, a subsequent panel sounded the alarm for acquiring and keeping cyber personnel. Obsolete hiring rules and competition from the private sector loom large as impediments to the government’s ability to hire and retain effective cyber intelligence personnel.
Companies that are hacked have valuable information that can help prevent future cyber intrusions, said an FBI cyber expert. Rick McFeely, executive assistant director of the FBI’s Criminal, Cyber, Response and Services Branch, told the audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that the bureau is depending on industry to share vital information on cyber attacks.
“A key part of what the FBI does is victim notification,” McFeely said. “But, by calling out methods used to attack one company, we can see if those methods are being used to attack others. We now do that [a great deal].
The same challenges facing the military now confront law enforcement as it embraces cyber capabilities. Disciplines ranging from data fusion to security are becoming integral parts of the curriculum for police officers.
Cathy Lanier, chief of the Washington, D.C., Metropolitan Police Department, did not understate the changes technology has wrought as she spoke at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C. “It almost feels like completely reinventing police work,” she said.
The military is so busy combating cybermarauders that it has not been able to shape an overall strategic approach to securing cyberspace, said the head of intelligence for the Joint Staff. Rear Adm. Elizabeth Train, USN, director for intelligence, J-2, the Joint Staff, told the audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that the cyberdomain is a multidimensional attack domain that threatens both the military and the private sector.
“We’re doing more tactical blocking and tackling than strategic defense right now,” Adm. Train said.
Information sharing, automated intelligence reporting and all-source analysis capabilities are cited by many experts as being necessary for helping ensure cybersecurity. However, the human element must remain not only present, but also dominant, in any cybersecurity process.
That was one point presented in a panel discussion at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C. Rear Adm. Elizabeth Train, USN, director for intelligence, J-2, the Joint Staff, cited an automated unclassified intelligence reporting system as one capability that is needed but is still a way off.
Hackers need to pay a greater price for intrusions if network security is to be effective, said a former director of national intelligence. Adm. Dennis Blair, USN (Ret.), who also is a former commander of the U.S. Pacific Command, told the audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that the nation needs to raise the cost to the hacker without breaking the bank for the defender.
The admiral emphasized that he is not advocating the legalization of counter-cyber attacks—as much as the concept appeals to him. Instead, he called for legalization of “a myriad of nondestructive counter cyber attacks” that would raise the minimal cost to these hackers.
The FBI has created an information sharing portal for cyber defense modeled on its Guardian counterterrorism portal. Known as iGuardian, the trusted portal represents a new FBI thrust to working more closely with industry on defeating cyberthreats. It is being piloted within the longtime InfraGard portal, according to an FBI cyber expert.
Rick McFeely, executive assistant director of the FBI’s Criminal, Cyber, Response and Services Branch, told the audience at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that information sharing with private industry is absolutely essential for defeating the cyberattacks on private networks.
The U.S. Senate is moving on a cyber bill that is more in line with the approach being taken by the House, said a member of the House Permanent Select Committee on Intelligence. Rep. Mac Thornberry (R-TX) told the morning audience at the AFCEA Global Intelligence Forum at the National Press Club in Washington, D.C., that this bill may be marked up by the Senate Commerce Committee this week. It would turn to standards established by the National Institute of Standards and Technology (NIST) for private sector guidelines.
The recently signed executive order on cybersecurity and the presidential directive on critical infrastructure protection are not separate documents. In fact, they are part of the same overall effort to protect the nation, said Rand Beers, undersecretary for the National Protection and Programs Directorate, U.S. Department of Homeland Security. Beers discussed the effort on Thursday at the AFCEA Homeland Security Conference in Washington, D.C.
Gen. Michael Hayden, USAF (Ret.), former director of the CIA, indicated an astounding extent of Chinese cyber espionage and said he believes the Iranians are attacking U.S. banks with unsophisticated but pervasive cyber attacks.
The hotel industry has seen a greater increase in terrorist attacks than any other industry in recent years, according to Alan Orlob, vice president of global safety and security for Marriott International. Orlob offered a first-hand account of the attacks on two hotels in Jarkarta, Indonesia, in 2009.
Orlob, the luncheon keynote speaker at the AFCEA Homeland Security Conference in Washington, D.C., was staying at a Ritz Carlton hotel, which is owned by Marriott, at the time of the attack.
What if your smartphone messages could self-destruct to ensure ultimate privacy and control over the content? No, it's not a scene from a spy movie. The newly released Wickr app for iPhone encrypts communication and permanently deletes personal data from your device. The free app provides military-grade encryption of text, picture, audio and video messages, and it gives the sender control over who can read messages and for how long. For example, a user could send a picture message but set it to self-destruct after 10 minutes. In addition, Wickr deletes all metadata from files.
More than 70 percent of energy security professionals believe smart grid security standards cannot keep pace with the ever-changing technology and threats, according to a recent survey sponsored by nCircle and EnergySec, a public-private partnership funded by the U.S. Department of Energy. The online survey, conducted in March, questioned 104 participants in the energy and utility industry about current smart grid security measures.
Next in SIGNAL's webinar series, "Securing the Data Center: A DOD Architecture for Information Assurance" will take place on May 7, 2009 at 11:00 AM ET. Targeted attacks by hackers and insiders are aimed where they'll do the most damage and where the most valuable assets are located - the agency data center. Government agencies can increase protection and reduce operational costs when security issues are considered at the very beginning of data center planning. So it's ironic that data center security is often an afterthought. A well thought-out defense-in-depth strategy includes multiple layers of security and different overlapping technologies.
Attendees will learn how a secure data center architecture can:
The Department of Homeland Security’s SAFETY Act is finding a new application as it may serve to protect against the potential for lawsuits arising from the National Institute of Standards and Technology Cybersecurity Framework. Lawyers are answering questions from clients about possible legal actions, and the department and institute are working together to ensure developers work with confidence.
Budget cuts and rapidly improving information technology are forcing the U.S. Defense Department to confront increasing cybersecurity demands without commensurate increases in available resources. Cybersecurity costs are increasing with both the complexity of new technologies and the worsening threat picture. However, solutions to this challenge do exist—if the Defense Department opts for new approaches.
One way of characterizing the current Defense Department situation is to view it as an inability to meet rising demands for systems without having adequate funding for cyberdefenses. Meanwhile, the costs of cybersecurity are rising. The progress in meeting increased cyberthreats is lagging, which is not acceptable.
U.S. Defense Department and interagency special operators are scheduled to begin receiving new tactical mesh networking equipment this month. The kit provides a mobile, ad hoc, self-healing network that offers a full range of situational awareness data, including intelligence, surveillance and reconnaissance feeds, blue force tracking and a voice over Internet protocol capability.
U.S. border patrol agents watched on surveillance videos as suspected drug smugglers chatted on cellular phones. But when agents sought phone records for investigations into the suspected nefarious activity along the Texas-Mexico divide, commercial service providers came up empty-handed. There simply were no logs. How were the smugglers evading commercial providers?
U.S. Customs and Border Protection turned to Lockheed Martin for its LUMEN Active Defense technology of sensors that can help detect rogue cellular base stations devised to circumvent cellular service providers.