US Department of Defense and National Policy

Published: 2010-09-05. Last Updated: 2010-09-06 14:16:00 UTC
by Tony Carothers (Version: 1)
14 comment(s)

A recent article released by the US Department of Defense (DoD) spoke of the worst compromise in DoD history, facilitated by what was said to be the unauthorized use of a USB drive.  As a result of this incident, the US government has seen fit to step up the DoD involvement, working with the US Department of Homeland Security (DHS), in an effort to protect critical national infrastructure.  The full article (requires registration) by WIlliam J. Lynn, Undersecretary of Defense, speaks of the DoD and it's experiences which makes it uniquely qualified for cyberdefense.  "Cyberattacks offer a means for potential adversaries to overcome overwhelming U.S. advantages in conventional military power and to do so in ways that are instantaneous and exceedingly hard to trace. Such attacks may not cause the mass casualties of a nuclear strike, but they could paralyze U.S. society all the same," he wrote. "In the long run, hackers' systematic penetration of U.S. universities and businesses could rob the United States of its intellectual property and competitive edge in the global economy."

The announcement by the DoD that within the last 24 months it had suffered it's worst compromise in history would seem embarrassing, but then to announce in the same week that they will become more involved in the protection of national critical infrastructure is disconcerting.  The DoD is the US arm for defense of national interests, however I do not believe that makes the DoD the best agency for this role. 

I welcome your comment,

 

tony . carothers at   gmail dot com

Keywords:
14 comment(s)

Comments

According to http://blog.threatexpert.com/2008/11/agentbtz-threat-that-hit-pentagon.html this was a worm called agent.btz that spread by dropping an Autorun.inf and a DLL on removable USB drives.

From http://support.microsoft.com/kb/967715/: "Before Windows XP SP2, AutoPlay was disabled by default on removable drives, such as the floppy disk drive (but not the CD drive), and on network drives. Starting with Windows XP SP2, AutoPlay is enabled for removable drives". They're referring to the NoDriveTypeAutoRun registry-value, which affects autorun behavior, and defaulted to 0x95 prior to XP SP2, and defaults to 0x95 in XP SP2 and XPS SP3.

From http://www.net-security.org/malware_news.php?id=1444: "In 2010, 25 percent of new worms have been specifically designed to spread through USB storage devices connected to computers, according to PandaLabs."

Fact: on XP SP3, fully patched, manual action (registry modification or policy) is required to prevent Autorun.inf from being executed on USB drives such as memory sticks, smartphones, picture frames etc.

Perhaps an operating system primarily targeting "user experience" (which I fail to recognize in this case) shouldn't be used when "Cyberattacks" may take place?
Oops, typo, NoDriveTypeAutoRun defaults to 0x91 in XP SP2 and XP SP3. Sorry!
The biggest historical threats to the USA have been internal ones; perhaps the Civil War between the Yankees and the Confederates is the best example. I believe it to be the same again with "Critical National Infrastructure"; for example, when power tripped out a few years ago on the Eastern Seaboard, it turned out to be an overloaded circuit in the MidWest somewhere ... not an external attack, at all.

And I don't believe in US Universities and US Businesses having an 'edge'. Education ... and businesses ... are global nowadays, and IBM, Microsoft, and many others develop and market around the planet. Exploit talent wherever you find it.

I pledge allegiance to the Flag, and to the Republic for which it Stands.

God Save the Queen.

Take your choice, either suits me, but I think that William J should look a bit more globally. It isn't just the good ol' USA at the moment.
So which government agency do you feel is better able to address Cyber security
@Roy

None. Set up a new dedicated agency instead for cyber security that merges elements of NSA, DHS together as a bridge between the two.

A hand-shake agency... so both work together on cyber security.
The answer is "None". Look, the FAA isn't doing their job, the FDA isn't doing its job, the INS is obviously not doing its job either. What is there to make anyone think any new agency is going to do the job?
Because if you fusion all the elements of the different agencies together, and create a national cyber security fusion agency, then I feel its going to be more effective than having one department holding the key to the kingdom. There should be no power grab from one particular agency. We need all the agencies with a vest interest in cyber security to come together, take its best staff and fusion them into a bridge agency, so all parties can work together, info share and best human resources under one umbrella. It wouldn't be a "new" agency per se, it would merge the current talents of multiple agencies to form the agency. You wouldn't hire new guys, you would take your best from each current agency and use them for the fusion agency.
I would imagine the new Cyber Command will perform most of those functions
I thought U.S cyber comm was a strictly *offensive* command and is no way involved with *defensive* capability.
USCYBERCOM plans, coordinates, integrates, synchronizes, and conducts activities to: direct the operations and defense of specified Department of Defense information networks

http://www.stratcom.mil/factsheets/cc/

The primary function if the U.S Cyber Command is to protect the pentagon.

Diary Archives