By Kevin Coleman — Defense Tech cyberwarfare correspondent
Last week, on July 14, the U.S. Department of Defense released the long awaited public version of its Strategy for Operating in Cyberspace. DoD was able to summarize its stratagems into five initiatives within the thirteen-page document. Reviews, acknowledgements and criticisms of the document are already beginning to appear.
Within hours of its release the Vice Chairman of the Joint Chiefs of Staff, Marine Corps Gen. James Cartwright, had commented on the strategy and it appears he feels the strategy is wrong. Comments attributed to the general suggest he thinks the strategy is 90 percent defensive and 10 percent offensive. He believes that a better strategy would be the reverse, with military officials focused on the offense. Cartwright went on to say, “if it’s OK to attack me and I’m not going to do anything other than improve my defenses every time you attack me, it’s very difficult to come up with a deterrent strategy.” It would be hard not to agree with his comments. DoD networks are attacked thousands of times a day, and adversaries are conducting reconnaissance on their networks in search of vulnerabilities millions of times each day. We should also include in our consideration the recent attack that resulted the theft of 24,000 files that has been called the worst DoD (defense contractors) breach in recent times.
The document seems a bit sheepish after recent Pentagon comments saying that cyber attacks may be considered an act of war and that such attacks could result in a missile strike as retaliation.