DefenseTech Military.com
  • Categories
  • Full Archives
  • Monthly Archives
  • About Defense Tech
Subscribe to RSS

About Defense Tech

Defense Tech exam­ines the inter­sec­tion of tech­nol­ogy and defense from every angle and pro­vides analy­sis on what’s ahead.

Tip Us Off

Tip for Defense Tech?

SEND IT!

It’s Confidential!

Categories

  • 'Canes
  • Afghan Update
  • Ammo and Munitions
  • Armor
  • Around the Globe
  • Av Week Extra
  • Axe in Iraq (and Elsewhere)
  • Bizarro
  • Blimps
  • Blog Bidness
  • Body Armor Blues
  • Bomb Squad
  • Brownshoes in Action
  • Bubbleheads, etc.
  • Cammo Green
  • Catch the "Buzz"
  • Chem-Bio
  • Civilian Apps
  • Cloak and Dagger
  • Commandos
  • Comms
  • Contingency Ops
  • Cops and Robbers
  • Cyber-warfare
  • Data Diving
  • Defense Tech Poll
  • Defense Tech Radio
  • Dissent Tech
  • Door Kickers
  • Drones
  • DT Administrivia
  • Eat DT's Dust
  • Extra! Extra!
  • Eye on China
  • Fast Movers
  • FCS Watch
  • Fire for Effect
  • FOS Files
  • Friday Funnies
  • Gadgets and Gear
  • Going Green
  • Grand Ole Osprey
  • Ground Vehicles
  • Guns
  • Homeland Security
  • In the Weeds with Eric
  • Info War
  • Iraq Diary
  • Jarhead Jazz
  • JSF Watch
  • Just War Theories
  • Lasers and Ray Guns
  • Less-lethal
  • Logistics
  • Los Alamos and Labs
  • M4 Monopoly
  • Medic!
  • Mercs
  • Missiles
  • Money Money Money
  • Most Wanted
  • MRAP Edge
  • Net-Centric
  • Nukes
  • Old Skool
  • Our Shrinking Planet
  • Planes, Copters, Blimps
  • Podcast
  • Politricks
  • Polmar's Perspective
  • Popular Mechanics
  • Rapid Fire
  • Raptor Watch
  • Red Team
  • Retro-Futuro
  • Robots
  • Roll Your Own
  • Sabra Tech
  • Ships and Subs
  • Snipertech
  • Soldier Systems
  • Space
  • Special Ops
  • Star Wars
  • Strategery
  • Stray Trons
  • Tactical Development
  • Terror Tech
  • The Deadlies
  • The Defense Biz
  • The Peoples' Site
  • The Sunday Paper
  • The Tanker Tango
  • The View from Av Week
  • Those Nutty Norks
  • Training and Sims
  • Trimble on the Case
  • Uncategorized
  • Video Lounge
  • War Update
  • Ward'z Wonderz
  • You can run…

Archives

  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006
  • May 2006
  • April 2006
  • March 2006
  • February 2006
  • January 2006
  • December 2005
  • November 2005
  • October 2005
  • September 2005
  • August 2005
  • July 2005
  • June 2005
  • May 2005
  • April 2005
  • March 2005
  • February 2005
  • January 2005
  • December 2004
  • November 2004
  • October 2004
  • September 2004
  • August 2004
  • July 2004
  • June 2004
  • May 2004
  • April 2004
  • March 2004
  • February 2004
  • January 2004
  • December 2003
  • November 2003
  • October 2003
  • September 2003
  • August 2003
  • July 2003
  • June 2003
  • May 2003
  • April 2003
  • March 2003
  • February 2003
  • January 2003

Home » Cyber-warfare » A Ship Without a Captain

A Ship Without a Captain

cyberspace-command.jpg

We have been cov­er­ing cyber now for sev­eral months and my work in cyber defense and secu­rity has been going on for over a decade. In that period of time the U.S. gov­ern­ment has failed to estab­lish the com­mand author­ity needed to pro­tect the nation. Critical ques­tions have gone unan­swered for months or even years. One of those ques­tions deals with where the cyber com­mand oper­a­tion head­quar­ters will be located. The phys­i­cal loca­tion for cyber com­mand is not yet decided. This has been a hot topic now for the last ten months and mul­ti­ple states are jock­ey­ing for position.

If that is not bad enough, the gov­ern­ment has failed to estab­lish a com­mand and con­trol struc­ture and author­i­ties for offen­sive cyber capa­bil­i­ties, defen­sive cyber capa­bil­i­ties and cyber intel­li­gence. With bil­lions of dol­lars of bud­get at stake, the amount of polit­i­cal pos­tur­ing and ver­bal war has risen to heights not seen before. The level of infight­ing became un-​​tolerable for Rod Beckstrm, Director of the National Cyber Security Center (NCSC) at the Department of Homeland Security. This past week­end he resigned. So what should we do?

I have given this much thought over the past decade and occa­sion­ally been asked by those look­ing into this what I would do. So here it is…

Recommendations:

1. Department of Defense (DoD) Secretary Robert Gates owns the offen­sive capa­bil­i­ties to fight a cyber war and defenses against cyber attack that orig­i­nate out­side the United States.

2. Homeland Defense (DHS) Secretary Janet Napolitano owns offen­sive and defen­sive cyber capa­bil­i­ties for activ­i­ties within the United States. (Remember a sig­nif­i­cant num­ber of com­pro­mised com­put­ers within the U.S. were used in the DDoS attacks against Estonia and Georgia and the uni­formed mil­i­tary can­not be used against it own cit­i­zens!) U.S. Strategic Command would include cyber in their uni­fied com­mand struc­ture. In addi­tion, DoD must appoint a liason/​coordinator to NATO given their role in cyber peace keep­ing and response to cyber attacks.

3. The National Security Agency (NSA) Director LTG Keith B. Alexander owns cyber intel­li­gence and espi­onage activ­i­ties both inside and out­side the United States. They con­tinue to col­lect, ana­lyze and dis­sem­i­nate cyber intel­li­gence as well as any and all counter cyber intel­li­gence activities.

4. A National Cyber Security Executive is added to the Presidential Staff and coor­di­nates all the efforts of DoD, DHS and NSA. Given the civil­ian, gov­ern­ment, busi­ness, edu­ca­tion inter­re­la­tion­ship that cyber has, this matrixed orga­ni­za­tional struc­ture is nec­es­sary to fully pro­tect and defend our nation (inter­nally and externally).

5. A National Cyber Attach would be appointed by President Obama and serve as spe­cial liai­son to the United Nations and other coun­tries in pur­suit of inter­na­tional cyber rela­tions.

Until the lead­er­ship is estab­lished and these ques­tions, and other, are answered cyber defense is like a ship with­out a cap­tain! That is the cur­rent sit­u­a­tion when it comes to cyber defense in the United States. As long as these ques­tions linger with­out answers, our nation remains at great risk!

– Kevin Coleman

Share |

March 10th, 2009 | Cyber-warfare | 438115 Comments »http://defensetech.org/2009/03/10/a-ship-without-a-captain/A+Ship+Without+a+Captain2009-03-10+12%3A49%3A15Ward You can skip to the end and leave a response. Pinging is currently not allowed.

« « Polmar on the C-​​130 | Boots on the Ground — The Taliban Surge » »

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

  1. Eddie V. says:
    March 10, 2009 at 4:23 pm

    Kevin;
    I very much like the last two points of your rec­om­men­da­tion, but I have some issues with the first three, issues which rise from the inher­ent nature of cyber­war­fare and which you obvi­ously have a knowl­edge of.
    The spec­trum of aggres­sive actions that actors can take seems to range from prob­ing to active intel­li­gence gath­er­ing to brute force attacks ala DDoS. Further, like you men­tion, these attacks are incred­i­bly dif­fi­cult to attribute and the work­sta­tion mak­ing the attack may or may not be in charge.
    This causes two issues. First, both state and non­state actors have an incred­i­ble flex­i­bil­ity across that spec­trum. Under your sit­u­a­tion, who makes the call when an action crosses from DoD’s respon­si­bil­ity to repel “cyber attack” and NSAs respon­si­bil­ity to counter intel­li­gence gath­er­ing? And how does the DoD respond?
    Second, when bot­nets can include both for­eign and domes­tic com­put­ers, who decides if it’s DHS or DoD which takes respon­si­bil­ity? You say, quite rightly, that DoD can’t oper­ate in the States or against its own cit­i­zens, but how do we know where the attack orig­i­nated?
    To my mind, split­ting up the respon­si­bil­ity geo­graph­i­cally is inef­fi­cient and dan­ger­ous. I would feel much more com­fort­able if one agency had full respon­si­bil­ity for cyberde­fense. Centralization allows for the coor­di­na­tion and (if done cor­rectly) flex­i­bil­ity which is nec­es­sary. That, or every agency needs to be respon­si­ble for safe­guard­ing its own sys­tems, includ­ing civil­ian cor­po­ra­tions. Either a top-​​down cen­tral­ized clear­ing­house or a cell-​​based resilient approach. I would think any­thing else is ask­ing for trou­ble.
    You’ve obvi­ously put more study into this then I have, how­ever, and I greatly appre­ci­ate the thought you’ve put in. Perhaps you see some­thing I don’t?

    Reply
  2. Carl says:
    March 11, 2009 at 5:55 pm

    Tim
    Perhaps you should relook at the law!!! Because of Posi Comitatus the Army (mil­i­tary) is not allowed to be used on US soil for these mat­ters — thats what the National Guard are for.

    Reply
  3. pedestrian says:
    March 12, 2009 at 12:55 pm

    Kevin, what do you think about this, your point of view within a new arti­cle if you don’t mind.
    http://​www​.space​war​.com/​r​e​p​o​r​t​s​/​U​S​_​C​y​b​e​r​_​H​e​a​d​_​Q​u​i​t​s​_​O​v​e​r​_​T​h​r​e​a​t​s​_​T​o​_​D​e​m​o​c​r​a​c​y​_​9​9​9​.​h​tml

    Reply
  4. Kevin says:
    March 12, 2009 at 5:37 pm

    Eddie V
    I wanted to address your com­ment — How then would putting respon­si­bil­ity in their (DoD) hands be an effec­tive tool?
    When I worked pri­mar­ily with the pri­vate sec­tor (busi­ness) I use to think that the pub­lic sec­tor (gov­ern­ment includ­ing DoD)did not really get it and was behind as you kind of hinted at in your post­ing. I agree mon­i­tor­ing on both the pub­lic and pri­vate sec­tor is crit­i­cal. I must tell you after a sig­nif­i­cant amount of inter­ac­tion with the defense and intel­li­gence com­mu­nity as well as DHS they see so many highly sophis­ti­cated attacks and the fre­quency of the attacks are so great, they are much fur­ther ahead in their think­ing, knowl­edge and capa­bil­i­ties it is unreal. The pri­vate sec­tor has a role but not leadership.

    Reply
  5. Eddie V. says:
    March 12, 2009 at 8:14 pm

    Kevin;
    I’m afraid that’s not what I meant at all. I’m quite aware that the DoD is work­ing over­time on deter­min­ing what, exactly, cyber­war­fare means. I know that it has some of the best defen­sive cyber tools and sys­tems in oper­a­tion today.
    What I meant by ques­tion­ing its effec­tive­ness was this: There are so many points of entry that it seems a waste of resources–indeed, beyond the logis­ti­cal capa­bil­ity of the DoD–to mon­i­tor _​all_​ data traf­fic enter­ing and leav­ing the United States. And yet, if they are to be aware of any attack with time enough to prevent/​defend/​retaliate, they must do exactly that.
    To my mind, a resilient, cell-​​based defense net­work would be much bet­ter. Don’t give cor­po­rate America the abil­ity to retal­i­ate (that’s just ask­ing for trou­ble), but set up pro­grams which encour­age them to build secu­rity archi­tec­tures that can with­stand vig­or­ous attack. Then, they can inform each other and the gov­ern­ment of attacks and leave the delib­er­ate retal­i­a­tion to whichever agency ends up bear­ing the respon­si­bil­ity.
    What we really have here is the tragedy of the commons–our infra­struc­ture as a whole is no one agency or company’s respon­si­bil­ity, and thus gets left by the way­side. One way to cor­rect this is to make it the government’s respon­si­bil­ity, as you have sug­gested. Another solu­tion is to cre­ate exter­nal­i­ties which drive nor­mal cit­i­zens to remem­ber the com­mons. Wouldn’t this method be more effec­tive in this case?

    Reply
  6. Kevin says:
    March 12, 2009 at 8:38 pm

    Eddie V
    2 things
    From an un biased semi insider view DoD is HIGHLY Effective!!!!!!
    As for the cel­lu­lar net­work archi­tec­ture and build­ing them right from the start. You have to defend what we already have invested in while highly resilient, cell-​​based defense net­work are devel­oped, pro­cured, installed, val­i­dated and imple­mented and with the gov­ern­ment pro­cure­ment process that could be a decade!
    PS I love this type of interaction!!!!

    Reply
  7. Dusitn L. Fritz says:
    March 14, 2009 at 6:56 pm

    All,
    We need to cre­ate a non-​​profit orga­ni­za­tion to start devel­op­ing solu­tions and leg­is­la­tion now. Submit to con­gress ASAP. Contact me if you are inter­ested! Kevin I have emailed you my num­ber.
    Dustin L. Fritz
    CEO | The Computer Network Defense Group LLC

    Reply
  8. Jim says:
    March 16, 2009 at 9:54 am

    The National Security Agency is part of the Department of Defense. Please do not double-​​count them. And they are legally pro­hib­ited from tak­ing action inside the United States wothout appro­pri­ate Attorney General/​Court action.
    Opinion: Homeland Defense should han­dle Defense and the (renamed) Department of War should han­dle offense.

    Reply

Leave a Reply

Click here to cancel reply.

Spam Protection by WP-SpamFree

    Most Popular Posts
    • What Does this Handle Do?
    • Marines Quiet About Brutal New Weapon
    • Starship Troopers Meets G.I. Joe
    • Dowd's Bogus Grief Deficit
    • Adapting Women to Subs
    • Fort Hood Rampage
    • Keep it Simple
    • Semi-auto Grenade Thrower
    • Mystery Drone Revealed
    • REPLACEMENT ARM, GOOD AS NEW
    Recent Comments
    • Fort Hood Rampage
      I've seen them to. Believe me, I hate those 19 just as much as...
      DualityOfMan
    • Fort Hood Rampage
      You are funny.
      Zandor
    • Adapting Women to Subs
      Wow after reading these varied comments, I am surprised and educated. I...
      John
    • Fort Hood Rampage
      No one is saying that christains never do violent things we do all faiths...
      Valcan
    • Fort Hood Rampage
      Hey look its zandor trying to make people think this is a hate site or...
      Valcan
    • Fort Hood Rampage
      It is sort of puzzeling that a room filled with highly trained US Army...
      Zandor
    • Keep it Simple
      Dear Big Daddy; Your last post is a laugh. You carried 100 lbs for 20 miles?...
      Zandor
    • Fort Hood Rampage
      All the Muslims in the USA should be immediately rounded up and shot. We...
      Zandor
    • REPLACEMENT ARM, GOOD AS NEW
      Yeah, and every president since Reagan has proposed a Mars...
      jmatt
    • Mystery Drone Revealed
      Awesome. Now to be a *real* military contract we have to spend $40...
      jmatt
    Recent Articles
    • Semi-​​auto Grenade Thrower
    • Market for Acoustic Defense Systems Heats Up
    • Fort Hood Rampage
    • Keep it Simple
    • Airbag Defense
    • Dowd’s Bogus Grief Deficit
    • Did Someone Move the Furniture Around?
    • Lockheed Says Sbirs Still on Track For 2010
    • What Does this Handle Do?
    • Adapting Women to Subs
  • Channels: Military.com | Military Benefits | Military News | Off Duty | Join the Military | Military Education | Veteran Jobs | Military Money | Military Deals | Military Family | Military Community
  • Military.com Network: Military.com | MilBlogging | Defense Tech | DoD Buzz | SpouseBuzz | Fred's Place | GI Bill Express
  • Services: Army | Navy | Air Force | Marine Corps | Coast Guard | National Guard | Military Spouse
  • About Military.com About Us | Advertise With Us | Press | Affiliate Program | Monster Network | Help | Feedback | Privacy Policy | User Agreement | © 2009 Military Advantage