The news from the U.S. Department of Defense (DoD) last week was sobering – if not overly surprising – as the department announced that during March an unnamed foreign intelligence service hacked into the computer system of a corporate contractor and obtained 24,000 Pentagon files during a single intrusion. The New York Times reported this as the DoD suffering “one of its worst digital attacks in history.”
The Times article noted that files stolen from defense and industry data networks have included plans for missile tracking systems, satellite navigation devices, surveillance drones and top-of-the-line jet fighters. It quoted William J. Lynn III, Deputy Defense Secretary, as saying “A great deal of it concerns our most sensitive systems, including aircraft avionics, surveillance technologies, satellite communications systems and network security protocols.”
That’s a serious list.
The DoD underscored the significance of the breach in its own announcement that quoted Lynn as saying, “The cyber threats we face are urgent, sometimes uncertain and potentially devastating as adversaries constantly search for vulnerabilities. Our infrastructure, logistics network and business systems are heavily computerized. With 15,000 networks and more than seven million computing devices, DoD continues to be a target in cyberspace for malicious activity.”
While most reports focused on the size and significance of the data theft, DoD took the occasion to announce release of its DoD Strategy for Operating in Cyberspace (DSOC), which puts into writing what we in the security industry have known for a while: “National security is being redefined by cyberspace.”
The 13-page document is must reading, but for a quick overview, you could look to the write up in Defense Systems which included this summary:
The overarching DOD strategy hinges on five strategic pillars, including:
- The establishment of cyberspace as an operational domain like air, sea, land or space, and organize, train and equip forces accordingly to perform cyber missions.
- The introduction and employment of new operating concepts on networks, including active defenses using sensors, software and signatures.
- Partnership with the private sector and other government agencies, particularly the Homeland Security Department, which is responsible for civilian network protection, to protect critical infrastructure.
- The build-up of collective cyber defenses in coordination with U.S. allies and international partners.
- Capitalization of U.S. technological and human resources, including an exceptional cyber workforce and rapid technological innovation.
All of this reinforces the need for creating a new wave of highly trained security professionals, as called for in the Commission for Strategic and International Studies report A Human Capital Crisis in Cybersecurity.