Pentagon plans three-fold cybersecurity staff increase to counter attacks
Speaking at what has been considered the “first-ever live broadcast” from the National Security Agency’s headquarters at Ft. Meade, Maryland, Hagel said that an ongoing campaign to both recruit civilians as well as encourage military personal to retrain for the positions will see the number of “cyber professionals” reach 1,800 by year’s end. By 2016, the Pentagon should have 6,000 cyber professionals, he said Friday.
“The Department of Defense is on its way to building a modern cyberforce. This force is enhancing our ability to deter aggression in cyberspace, deny adversaries their objectives, and defend the nation from cyberattacks that threaten our national security," AP cites Hagel as saying during a speech for outgoing Cyber Command and NSA chief Gen. Keith Alexander.
"Our nation's reliance on cyberspace outpaces our cybersecurity," he continued. "Our nation confronts the proliferation of destructive malware and a new reality of steady, ongoing and aggressive efforts to probe, access or disrupt public and private networks, and the industrial control systems that manage our water, and our energy and our food supplies."
The move is part and parcel of the Pentagon’s efforts to develop “full-spectrum” offensive cyber capabilities. US Cyber Command defines full-spectrum cyber operations as the employment of “the full range of cyberspace operations to support combatant command operational requirements and the defense of DOD information networks.”
The three-pronged approach centers on computer network defense, computer network attack, and computer network exploitation (See Fact Box)
Computer network defense is defined as actions taken to protect, monitor, analyze, detect, and respond to unauthorized activity within DOD information systems and computer networks. Computer network attack is defined as actions taken to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves. Computer network exploitation is defined as enabling operations and intelligence collection capabilities conducted through the use of computer networks to gather data from target or adversary automated information systems or networks.
However, Hagel also appeared to placate concerns that the United States was gearing up to be military cyber-aggressor.
“The United States does not seek to ‘militarize’ cyberspace,” Hagel said. “Instead, our government is promoting the very qualities of the internet – integrity, reliability, and openness – that have made it a catalyst for freedom and prosperity in the United States, and around the world.”
With the cyber threat having been identified as one of the most serious national security challenges facing the United States.
“During the course of my remarks today, DoD systems will have been scanned by adversaries around 50,000 times,” he said. “Our nation confronts the proliferation of destructive malware and a new reality of steady, ongoing, and aggressive efforts to probe, access, or disrupt public and private networks, and the industrial control systems that manage our water, energy, and food supplies.”
While Hagel stressed that the US must be ready to counter it with not only increased personnel, but also cyber-weapons development. He claimed, however, that it would not be US policy to strike first.
“DoD will maintain an approach of restraint to any cyber-operations outside of US government networks,” he said. “We are urging other nations to do the same. We will continue to take steps to be open and transparent about our cyber-capabilities, doctrine, and forces – with the American people, our allies and partners, and even competitors.”
Hagel’s landmark speech comes on the eve of an upcoming trip to China, where he is expected to be grilled over reports US intelligence has been spying on a major Chinese telecom firm.
Following the report, based on leaks provided by NSA whistleblower Edward Snowden, China announced it would ramp up internet security.
Reports that the US National Security Agency infiltrated servers at the headquarters of Huawei Technologies "lay bare the United States' hypocrisy and despotic rule," Chinese Defense Ministry spokesman Geng Yansheng told a briefing on Thursday.
"For a while now, some Americans have jabbered on and on, condemning Chinese hacking attacks," he said. "But the truth is that this is without any basis in fact, it's simply a thief crying 'Stop, thief!'"
Yansheng did not elaborate on what steps would be taken to beef up cybersecurity.
Washington had previously insisted the US did not engage in industrial spying, with the latest revelation undermining a longstanding US complaint that Chinese companies conduct corporate espionage and intellectual property theft.
Mutual accusations of cyber-espionage have strained China-US relations, though US President Barack Obama defended NSA espionage tactics during a private meeting Chinese President Xi Jinping on the sidelines of a nuclear summit in Brussels on Monday.
Meanwhile, Hagel promised a “more open dialogue” about NSA activities as Alexander steps down and Vice Adm. Mike Rogers, head of the Navy's Cyber Command, prepares to succeed him.
Rogers, who is awaiting Senate confirmation for a fourth star to allow him step in for Alexander, has said he will not take the job pending Senate approval. No confirmation is needed for his appointment as head of the NSA, but officials told AP Friday that Rogers will not step into either job until the Senate approves him as head of Cyber Command.