It's the Architecture!
A simple mantra can change the course of history. “It’s the economy, stupid!” shifted the tide of a political race by keeping partisan foot soldiers focused on the critical issue of a campaign.
This crude but highly effective approach might be just what
The architecture the government has today is not secure and will never be secure. Such a blunt statement might be expected to provoke a defensive response and a vigorous discussion in meetings with federal officials from the National Security Agency, the Office of the Director of National Intelligence, the Defense Information Systems Agency, the Office of the Secretary of Defense and elsewhere. Surprisingly, this ploy always fails for the simple reason that no federal official ever disagrees. Ironically, while everyone seems to agree that the emperor is naked, no one has clearly identified the requirement for developing and implementing a new model. Yet the current flawed architecture is the foundation upon which all federal organizations are building furiously: adding size, cost, complexity and risk.
The U.S. Defense Department would not build a tank on a Chevy Tahoe frame, although the Tahoe is a versatile and affordable vehicle. Yet wholesale adoption of Web-based commercial technologies, with foreign hardware and software, has become the norm for critical Defense Department logistical and—in some cases—warfighting networks. Fortunately, in the information technology realm, with a proper architecture that incorporates inexpensive, secure devices on much more rugged and intelligent networks, users potentially can have their cake and eat it, too.
Reportedly, the first step to overcoming addiction is to acknowledge the existence of a serious problem. In that regard, hearty congratulations should be extended to the commander of the U.S. Strategic Command, Gen. James E. Cartwright, USMC, who recently stated in testimony to Congress: “To date our time and resources have focused more on network defenses to include firewalls, antivirus protection and vulnerability scanning. While generally effective against unsophisticated hackers, these measures are marginally effective against sophisticated adversaries.” He also related that “the magnitude of cost in terms of real dollars dedicated to defensive measures, lost intellectual capital and fraud cannot be overestimated, making these attacks a matter of great national interest.”
Why is the present architecture so expensive and yet so hopelessly flawed?
First, in a Web-based model, remote devices connect directly to enterprises. Addresses on the Internet facilitate connections, but these signs are visible to friend and foe alike. Every Web site or static Internet protocol (IP) address becomes a potential target for hacking, spoofing and denial-of-service attacks.
The Defense Department spends hundreds of millions of dollars annually trying to police the gateways between the Web and the department’s nonsecure IP router network (NIPRNET). As noted by Gen. Cartwright, while this deters unsophisticated hackers, it is a futile defense against serious adversaries. And to make matters worse, the NIPRNET is connected to many more sensitive government networks. The present model is so weak that an enterprise has to open a connection before it can decide whether to reject it. These are deep and inherent flaws in the current paradigm.
Second, although it may be a futile gesture, each of these innumerable government IP addresses must be heavily defended not only at the edge of the network but also on every connected PC and server. Yet a vast organization such as the Defense Department has never had, and never will have, 100 percent compliance with all of the patches, upgrades, installations and configurations required to defeat recognized threats—much less those of a knowledgeable opponent.
In the nearly 10 years since the Defense Department implemented the Information Assurance Vulnerability Alert process to send alerts and monitor compliance with security fixes, there has never been anything approaching 100 percent compliance. Too many busy young soldiers, sailors, airmen and Marines compose the user community. To ensure compliance, Defense Department civilians and contractors at too many places would have to implement too many complex information technology policies and procedures flawlessly. One critical objective of a new architecture should be to lighten the burden the present model imposes on busy troops and all other federal employees.
Third, the current architecture is teeming with open input-output devices that make networks, even classified air-gapped networks, vulnerable to thousands and even hundreds of thousands of cleared insiders. Yet every intelligence agency and military department has been badly and repeatedly burned by
The problem is becoming more acute as adversaries recognize that
The insider threat in a networked environment has the potential to be especially devastating. Some in the Defense Department describe the classified networks as “crunchy on the outside; soft and chewy on the inside.” Espionage has been a fact of life from the American Revolution, with individuals such as Benedict Arnold and Dr. Benjamin Church, to the Manhattan Project era, with Klaus Fuchs and Julius and Ethel Rosenberg, to the present day with notorious names such as Aldrich Ames, Robert Hanssen, Brian P. Regan, Jonathan Pollard, John Walker Jr. and Ronald Pelton. Mitigating this threat must be another requirement of a new architecture.
Fourth, too many devices exist in too many places with too much data. Last year an estimated 1.7 million laptops were stolen, including some with vast quantities of personal information on
The myriad of problems stemming from the present model requires not only new capabilities but also a new architecture. Otherwise, the government merely is adding more horsepower and armor to a Tahoe chassis.
Solutions are feasible if the nation recognizes the need for change. Fortunately, the bandwidth limitations that forced the commercial adoption of the PC/Web model in the 1980s and 1990s are steadily disappearing. Local storage, processing and manipulation were imperative in the days of dial-up access, but that era is rapidly receding if not entirely gone. President George W. Bush has expressed support for broadband access for all Americans. Although the
This growing capacity offers more than a way to move files faster: Entirely new architectures are now possible. For example, a small start-up company has developed networks where pixels move instead of data, where firewalls can be completely closed to inbound traffic and where data never resides on devices yet is readily accessible. Other companies also are exploring wholly new architectures, and more will do so if the government identifies a clear requirement for the technology.
Gen. Cartwright has put the Defense Department, Congress and the public on notice that the nation has a serious problem. That is an important first step. Fortunately, with increased bandwidth, the
Christopher K. Mellon is president of Mellon Strategic Consulting LLC and the former deputy assistant secretary of defense for security and information operations.