DISA director: Cyber threat forced new command to evolve on the fly

Discussion in 'Cyber' started by AMDR, Nov 11, 2015.

Share This Page

  1. AMDR

    AMDR Captain Staff Member Administrator

    Joined:
    Oct 7, 2015
    Messages:
    376
    Likes Received:
    868
    Occupation:
    Student
    Location:
    United-States
    DISA director: Cyber threat forced new command to evolve on the fly
    https://defensesystems.com/Articles/2015/11/10/DISA-director-Lynn-cyber-threat.aspx?Page=1

    For Lt. Gen. Alan Lynn, director of the Defense Information Security Agency and commander of the Joint Force Headquarters Department of Defense Information Networks, or JFHQ-DODIN, who assumed both responsibilities in July, the ongoing cyber threat forced him to neglect his post at DISA for some time initially.

    “My first three weeks in the job I never went to the headquarters – I was never at DISA headquarters cause I was wearing the other hat,” he told an audience at an event hosted by AFCEA’s D.C. chapter. “I was the commander of Joint Force Headquarters DODIN, and DISA had to wait.”

    The headquarters opened with its initial operating capability in January. By September, it was “starting to take over the day-to-day functions assigned to U.S. Cyber Command in the area of operating and defending the networks,” DISA Vice Director Maj. Gen. Sarah Zabel said at the time.

    Lynn described how threats are evolving and becoming more persistent. One incident he pointed to was the breach of the Joint Chiefs email service in August. “What was surprising about this [incident] is it was a hit hard and hit fast and it was like – they made a lot of noise – normally they try to sneak in,” he explained.

    Given this persistent and evolving threat, Lynn and his team have been forced from the get-go to define how the nascent command will function. “For three weeks we went after this cyber event and worked to figure out ‘how do we now work as a new command’—the Joint Force Headquarters DODIN—how do we work this? Because it’s still in its infancy, it’s IOC…but the enemy doesn’t know that—they want to attack now,” he said. “So we spent the first three weeks working with the Joint Staff, network people inside the Pentagon, and it was an exciting time but it was non-stop to make that network what it needed to be.”

    Lynn returned to a familiar analogy many in the cyber field use to describe the environment. “Think about the Cold War, [except] it doesn’t cost [adversaries] that much to attack us. It costs money to fix it, it costs a lot of money to fix it. So if you’re looking at just chipping away at the United States and its infrastructure and its economy, what a neat way to do it—just a little at a time,” he said, describing the cyber threat as a long game.

    Lynn’s comments harken back to something DOD CIO Terry Halverson said at a conference in September. “From a standpoint of cybersecurity, right now we’re on the wrong side of the financial spectrum here. We’re losing…The truth is, you can spend a little bit of money and a little bit of time and exploit some our weaknesses, and cause us to have to spend a lot of money, a lot of time,” he said.

    When asked who the most capable adversary in cyberspace, Lynn replied “we are,” but refused to offer the next most capable adversary when pressed. “I don’t want to go into that because if I do that then I tip my hand on who’s doing good and who’s not in that space and I don’t want to talk about that because I’m fighting them.”

    Lynn did, however, provide a useful explanation of the different roles both outfits he oversees possess in cyberspace. He referred to DISA as the build side, creating the infrastructure for cyberspace. “They’re building the domain. Cyberspace is considered a domain – it’s no different than land, sea and air. … If you’re a land force you can change the land a little bit; air, not much change is happening there; sea, probably not a lot of change happening there. But cyber, we build it. So we’re the ones that build cyberspace…It’s the one domain we build.”

    Once DISA is informed by the cyber side of vulnerabilities in the network, DISA will patch it to prevent bugs in the future. The folks on the cyber side of the house are fighting inside the network against those trying to get in, he said. DISA will then build another network moving everyone over from an infected network to a more secure network following thwarted intrusions by the cyber folks, or turn “that infected network into a honeypot and we give [adversaries] information that we want them to know,” he added. “So it’s a game—spy vs. spy.”
     
    Admin likes this.
  2. Admin

    Admin Captain Staff Member Administrator

    Joined:
    Oct 3, 2015
    Messages:
    343
    Likes Received:
    461
    Location:
    United-States
    We are working hard on cyber, but like General Lynn said its expensive to defend our selves against inexpensive attacks. What we need to figure out is how to make it expensive to attack us, one way is using a lot of honeypots as mentioned by the general, another way could be to retaliate against attacks via sanctions, and other economic pressures. A cyber counter attack could also be used because we force the adversaries to spend money but who do we use to mount the counter attack? Use government employees? Do we have nationalist state backed hackers like Russia and China do to carry out such counter attacks?
     
    AMDR likes this.
  3. AMDR

    AMDR Captain Staff Member Administrator

    Joined:
    Oct 7, 2015
    Messages:
    376
    Likes Received:
    868
    Occupation:
    Student
    Location:
    United-States
    DISA mentioned autonomous defense against cyber attacks as a key concept they are working on fielding in the future, which might reduce costs a little bit and free up human cyber technicians to move onto to more important tasks.

    http://www.c4isrnet.com/story/milit...isa-automation-key-to-cyber-defense/75093938/

    But you are absolutely correct when you say that we are on the wrong side of the cost curve here and unless we find out how to shift ourselves into a better position we aren't gonna be nearly as effective as we could be.
     
    Admin likes this.
Loading...