June 14 2014
14June2014
Newswire
Declassified 2008 directive: Hackers and insiders hit utilities on three continents
Posted: June 6, 2014
Christopher J. Castelli (ccastelli@iwpnews.com)
Utilities on at least three continents have been “penetrated or shut down” by hackers and insiders, according to a formerly classified 2008 presidential directive on cybersecurity that was obtained through the Freedom of Information Act and released today by privacy advocates.
The Electronic Privacy Information Center disclosed a redacted 16-page copy of National Security Presidential Directive 54, which former President George W. Bush used to set U.S. “policy, strategy, guidelines, and implementation actions to secure cyberspace” and to launch the Comprehensive National Cybersecurity Initiative.
A clear statement on successful major attacks against critical infrastructure worldwide – contained in a paragraph that had been classified secret and not releasable to foreign nationals – is striking and among the few interesting elements of the directive, Jason Healey of the Atlantic Council told Inside Cybersecurity.
“Hackers and insiders have penetrated or shut down utilities in countries on at least three continents,” the directive states. “Some terrorist groups have established sophisticated online presences and may be developing cyber attacks against the United States.”
Healey said the initial decision to classify much of the information in the document – including a definition of computer network exploitation – now appears inane. It also makes no sense, he said, that officials classified that definition while using the less restrictive label “for official use only” on a paragraph about developing offensive cyber capabilities.
Federal officials have in recent years repeatedly underscored the risk that cyber attacks pose to critical infrastructure. Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, recently voiced concerns at the Atlantic Council about the nation’s lack of preparedness for a cyber attack, cited strategic shortcomings and assigned blame to Congress.
“There are some big issues involved with achieving that kind of coherence — issues related to privacy and cost, information sharing and all of the liabilities that come in the absence of legislation to incentivize information sharing,” Dempsey said.
A White House spokeswoman said that current U.S. cyber strategy is coherent. “Given that cyberspace permeates every aspect of the economy and national security, no single document can meaningfully capture our strategic direction. Instead, our efforts are informed by specific strategy and policy documents,” she said. Earlier this year, the administration released a federal framework of cybersecurity standards as directed in President Obama’s cybersecurity executive order.
The Obama administration is “working to close out the 2008 Comprehensive National Cybersecurity Initiative and transition ongoing programs to steady state management,” the White House spokeswoman said, noting officials are “continuing to review existing policy and develop new policy as warranted.”
There is a consensus among the president, the National Security Council staff and Dempsey that certain key powers and resources needed to realize federal cybersecurity goals — including new statutory authorities — can only be bestowed by Congress. Lawmakers acknowledge that time is running out for this Congress to enact comprehensive cybersecurity legislation. The leaders of the Senate Intelligence Committee are working to reach consensus on a bipartisan information-sharing bill for cybersecurity. —
Unmanned intel app could keep small units informed
Jun. 8, 2014 – 06:00AM |
By Kevin Lilley
Staff writer
The Army is testing smartphone technology with Dragon Runner, an unmanned ground vehicle, and the Raven, an unmanned aerial vehicle. Zoom
The Army is testing smartphone technology with Dragon Runner, an unmanned ground vehicle, and the Raven, an unmanned aerial vehicle. (Army)Combat veterans refresh unmanned aircraft skills Zoom The Army is testing smartphone technology with Dragon Runner, an unmanned ground vehicle, and the Raven, an unmanned aerial vehicle. (Army)
Small-unit leaders seeking info from unmanned ground and aerial vehicles have two choices: Attach themselves to their systems operator so they can see what he sees, or bombard him with questions over the radio that could chip away at both soldiers’ concentration.
A new device tested last month at Fort Benning, Georgia’s Maneuver Battle Lab provides a third option. And like many advancements in communication, it soon could come in app form for a smartphone.
The Small Unit Leader Situational Awareness Tool, or SULSAT, gives leaders their own real-time feed from available unmanned sources — tests at Benning included a Dragon Runner ground robot and a Raven UAV. The tech isn’t all that mysterious: A wireless signal from the unit’s tactical robotics controller, or TRC, gets beamed to the team leader, who can monitor the feeds on a smartphone. First Lt. Brandon Slusher, with A Company, 1st Battalion, 29th Infantry Regiment, used a specially designed Nexus 5, but SULSAT may integrate into the modified Samsung Galaxy models used in the Army’s Nett Warrior program.
The expanded situational awareness impressed Slusher, who served as platoon leader in the exercise.
The current system “definitely limits the leaders, and where they can position themselves,” he said. “Even when I did not have a SULSAT [during one version of the test], I didn’t look at the TRC controller. I relied on what [the operator] was seeing. During the scenario, that was fine. In a real scenario, I wouldn’t be able to ask him questions. I’d be controlling too many other elements at that time.”
Staff Sgt. Vincent Kelly, also of A Company, served as squad leader during the exercise and also praised the system, saying it “allowed me to make a better, conscious decision to maneuver my squad.” But there was a catch: The unit only received a clear signal up to about 10 feet away from the TRC.
Developers want SULSAT to reach 200 to 250 meters.
“One of the recommendations that we’re making is [researching] the type of Wi-Fi extenders you have in your home,” said James Falkenberry, project officer for the Battle Lab’s unmanned systems team.
Other solutions: Devices with external antennas, or changes to the backpack used to carry the router, putting less fabric between the antenna and the air.
Many of the Wi-Fi concerns could prove moot: Plans to integrate SULSAT and the TRC into the Nett Warrior system would put the signal over a secure radio band instead of Wi-Fi — extending range and providing necessary security measures.
“To continue the proof of concept, we have to get a little more range. … Again, the goal is to get it transmitting with FM signals, not Wi-Fi. We’re just looking at what’s possible,” Falkenberry said.
The system’s slated for another exercise in October.
U.S. Shifts On Allowing Defense Data In Cloud
June 9, 2014, 5:10 PM ET
By Joel Schectman
The U.S. is loosening its policy on how companies may store sensitive defense data, allowing use of cloud services like Google Inc.’s Gmail, provided adequate security steps are taken, according to U.S. State Department officials.
The State Department recently told the startup Perspecsys Inc., in an advisory opinion, that it could store defense data in the cloud provided it “take all steps necessary” to make sure only U.S. persons could view the data, according to an official from the agency. Both Perspecsys and the State Department denied Wall Street Journal requests to review the advisory opinion.
To stop rivals from eroding the U.S. military edge, defense contractors are prohibited from bringing both physical arms and information on how to build them out of the U.S., without special permission. The law, known as International Traffic in Arms Regulations, can apply to both the plans for F-16 jets and more innocuous information like the specs for military handsets that are nearly identical to consumer devices.
The defense industry, like most sectors, has begun to look for cheaper computing power by outsourcing storage to cloud providers, like Google Inc. But legal experts say the cloud has been largely forbidden for defense data. Because most cloud providers can store customer data distributed in hubs across the world, few can promise that sensitive information won’t end up residing in another country or managed by foreigners. In the past, heavily encrypting the data before it was stored in the cloud provided no exemption to ITAR, which hasn’t been revised to reflect the growth of the cloud. Even if the information was a garbled series of numbers and letters, it has still been considered an illegal export if it left the U.S, said Josephine Aiello LeBeau, an export attorney at Wilson Sonsini Goodrich & Rosati.
But the advisory opinion appeared to be a significant softening of the stance. “What we’ve said is that if a U.S. person takes sufficient means to ensure data is only viewed by authorized U.S. persons we’re fine with them putting it on the cloud,” a State Department official said. “We’re not saying whether those means exist yet.”
The official said the State Department would issue broader guidance on putting ITAR data in the cloud by the end of the year.
A Perspecsys spokesman said in an email the company worked closely with State Department officials as they crafted their advisory opinion and welcomed their decision on cloud computing.
Ms. Aiello LeBeau said the opinion was likely a sign that State Department will now consider various security tools as means of rendering ITAR data non-sensitive. “If this is true it’s very significant,” said Ms. Aiello LeBeau, who emphasized that she hasn’t read the advisory opinion. “No one else has done this before as far I know.”
But companies should be careful about broadly interpreting this exemption. Officials strongly rebuked Perspecys for trumpeting a “‘Groundbreaking’ reinterpretation” to ITAR cloud computing rules in the company’s press release. “They made a bunch of extremely inflated claims and left out the clarifications and caveats,” a State Department official. The company has since revised the press release on its site.
Officials took particular issue with the company characterizing the particular technique it used in scrambling the sensitive data–known as tokenization–as the key to its ITAR exemption. “Tokenization is almost irrelevant to the exemption. We did not in any shape or form endorse tokenization as a means,” a State Department official said.
Still, allowing ITAR data to transit and reside overseas in any form is a big step. “If you say this is how we’re going to [scramble] the data and the State Department says they won’t consider this an export, I understand why the company is excited,” Ms. Aiello LeBeau said. “It is a game changer.”
Congress Told of Possible Gap in Air Force’s Nuclear Strike Capability
June 9, 2014
By Rachel Oswald
Global Security Newswire
A new congressional report highlights the potential for a shortfall to emerge in the Air Force’s ability to mount long-range nuclear bomber attacks.
A Congressional Research Service report published online on Saturday highlights a number of factors that could result in a gap in the country’s ability to conduct long-range nuclear strikes by air, among them foreign nations’ development of sophisticated anti-access and area-denial capabilities and reductions in defense spending imposed by the 2011 Budget Control Act.
The Pentagon is planning on building a new long-range stealth bomber, but the first units are not expected to become available until the mid-2020s. In the meantime, the ability of the Air Force’s current fleet of nuclear-capable bombers “to get close enough to targets to employ weapons will likely continue to deteriorate” as potential adversaries acquire more advanced air defenses, according to the report by Congress’ internal think-tank.
“Already, against today’s toughest air defenses, the B-52 and B-1 are largely regulated to standoff roles; only the B-2 is expected to get through,” states the report by analyst Michael Miller. “In the years to come, the Air Force anticipates the B-2’s ability to penetrate will also decline, even though the Air Force plans to upgrade all three bombers with new systems and weapons.”
Not much is publicly known about the envisioned characteristics of the next-generation bomber, including what capabilities it will be given to defeat opponents’ anti-access weaponry. The Air Force wants to buy between 80 and 100 new bombers.
Much has been written in recent months and years about the potential for China’s growing arsenal of cruise and ballistic missiles to inhibit the ability of the U.S. military to project naval power in the Asia-Pacific.
There are approximately 157 long-range B-52s, B-1s and B-2s in the U.S. arsenal. The Defense Department plans to maintain a bomber fleet of roughly 156 aircraft through at least 2022, the report notes. However, the nearly $500 billion in congressionally imposed defense cuts that are to be implemented over the next decade, as well as the potential for further military cutbacks, could impact the size of the Air Force’s legacy dual-capable fleet, according to Miller.
The reduced military budget comes as Pentagon spending on its nuclear bombers is projected to double by fiscal 2020 to over $9 billion annually, thanks to the cost of acquiring the new long-range bomber and installing upgrades to the B-52, B-1 and B-2 at the same time. Current service modernization plans are designed to keep the former two planes “operational” through 2040, and the B-2 deployable through 2058.
The CRS report flags for Congress’ oversight attention the question of whether to continue to pay for “sustainment and modernization efforts” for legacy bombers in the face of potential adversaries’ growing air defense capabilities, or to alternatively allow the bombers to “become increasingly irrelevant.”
“In large part, decisions by Congress will determine just how much longer the B-52, B-1 and B-2 will remain relevant, and ultimately, will likely determine the future of the nation’s long-range strike capabilities,” the document reads.
http://www.fas.org/sgp/crs/weapons/R43049.pdf
Even the GAO Can’t Figure Out if There’s a STEM Worker Shortage
By Anne L. Kim
Posted at 9:11 a.m. June 10
http://blogs.rollcall.com/technocrat/gao-stem-worker-shortage/
In the debate over whether or not there’s a shortage of STEM workers, Congress’ top watchdog office says the answer isn’t clear.
“It is difficult to know if the numbers of STEM graduates are aligned with workforce needs, in part because demand for STEM workers fluctuates,” says a Government Accountability Office report that was published last month and recently publicly released.
The GAO says estimating demand for STEM workers is a “challenge, in part because demand for STEM workers can fluctuate with economic conditions”:
For example, the number of jobs in core STEM occupations declined by about 250,000 between 2008 and 2010 (from 7.74 million jobs in 2008 to 7.49 million in 2010), though it then increased (to 7.89 million jobs in 2012). Subject matter specialists and federal officials we interviewed also noted that employer needs in STEM fields are difficult to predict because they may change with technological or market developments.
Other reasons it’s difficult to know whether there are enough STEM workers to meet demand, according to the report:
•If students are going into STEM fields because of favorable economic conditions in that field, it can take several years for them to get their degrees, meaning that supply can lag behind demand.
•Looking at people with STEM degrees might not be a good way to think about how many STEM workers are out there because “students often pursue careers in fields different from the ones they studied.” Take for example, the percent of people in 2012 with STEM bachelor’s degrees who worked in a STEM job – only 38 percent according to GAO. Sixty-two percent worked in non-STEM jobs.
“The survey data cannot tell us how many of these STEM -educated workers are in a non-STEM occupation by choice and how many would prefer to work in a STEM occupation but cannot find a position suitable to them,” the report says, but notes that they have relatively low unemployment rate, indicating that there’s generally demand for them both in STEM and non-STEM jobs.
FAA Gives Approval to BP to Use Commercial Drones Over Land
AeroVironment Will Capture, Analyze Data at Prudhoe Bay Operations
http://online.wsj.com/articles/bp-launches-landmark-drone-program-in-alaska-1402404549
By Jack Nicas
June 10, 2014 9:00 a.m. ET
BP PLC signed a five-year contract to use drones for its oil operations in Alaska, the first large-scale, government-approved commercial use of unmanned aircraft in the U.S.
BP said it has hired AeroVironment Inc. to use the California drone maker’s 13.5-pound aircraft to capture and analyze data about BP’s operations at its Prudhoe Bay oil field in Alaska, one of the largest oil fields in North America, including 3-D maps of its roads, pipelines and well pads there.
The operation, which began on Sunday, marks the first routine commercial drone flights in the U.S. approved by the Federal Aviation Administration, and comes amid growing excitement about the commercial market for unmanned aircraft.
The FAA has approved one other drone for commercial use, the 40-pound ScanEagle made by Boeing Co. BA -0.93% subsidiary Insitu Inc., but that device has only been used in trial flights off the coast of Alaska by ConocoPhillips. COP +0.72%
The FAA prohibits the commercial use of drones in the U.S. without its approval. The agency aims to propose a long-delayed rule later this year that would make it easier to operate small drones commercially. Until then, drone makers and users must complete a lengthy certification process, similar to that of manned aircraft, if they want FAA approval for commercial uses.
AeroVironment spokesman Steve Gitlin said it took about a year and considerable monetary investment to get FAA approval. “If that’s what it takes to prove the commercial viability, then it’s something we’re committed to doing,” he said.
Transportation Secretary Anthony Foxx, who oversees the FAA, said in a news release that BP’s use of drones is “another important step toward broader commercial use of unmanned aircraft.”
Curt Smith, a director in BP’s technology office, said that manned aircraft are sometimes less expensive for each flight than the AeroVironment devices, but that the drones will gather far more data, enabling BP to operate “more effectively, more safely and at a lower cost.”
For instance, he said, BP relies heavily on gravel roads that it must constantly maintain. AeroVironment’s Puma drones, which are hand-launched and have a 9-foot wingspan, use laser-based sensors that can pinpoint problems on the roads, identify how they should be repaired and calculate how much gravel is needed, the companies said.
The drones also can create 3-D models of gravel pits, calculate how much gravel remains and identify areas that are vulnerable to flooding. After the drones’ first 3-D model of a pit there, officials overseeing it said, “That’s more data in 45 minutes than we’ve gotten in the last 30 years,” Mr. Smith said. “It’s revolutionary.”
The companies said they could also use the drones to monitor wildlife, ice floes and BP’s infrastructure and to respond to oil spills or search-and-rescue missions.
Despite the FAA’s effective ban on commercial drones, many U.S. entrepreneurs in recent months have employed the devices to make maps, film movies, inspect infrastructure and monitor crops. But BP is one of the first major companies to invest in the technology for its operations.
“We went through and thought about all the applications that we could use these for. We’ve got a whole list of things,” said Mr. Smith of BP. Once the company vets the technology further and the regulatory landscape becomes clearer, he said, “we’ll be taking [drones] to other onshore fields around the world.”
First overland UAS flight takes off
http://gcn.com/blogs/pulse/2014/06/faa-uas-drone.aspx?s=gcntech_120614
Posted by GCN Staff on Jun 11, 2014 at 12:10 PM
The FAA has begun to clear the way for domestic drones to operate lawfully across the United States.
Earlier this week it gave a green light to the first commercial operation of a unmanned aircraft system over land, and also granted Nevada a certificate of authority to begin operating a UAS test site in the United States.
Energy giant PB and UAS maker AeroVironment June 8 were granted permission to use the Puma AE drone to conduct a survey of BP pipelines, roads and equipment at Prudhoe Bay, Alaska, the largest oilfield in the United States.
AeroVironment made the first flight for BP June 8, the FAA announced.
“These surveys on Alaska’s North Slope are another important step toward broader commercial use of unmanned aircraft,” said Transportation Secretary Anthony Foxx. “The technology is quickly changing, and the opportunities are growing.”
AeroVironment’s Puma AE is a small, hand-launched UAS that is about 4 1/2 feet long with a wingspan of 9 feet. Using data generated by the Puma’s sensors, BP wants to target maintenance work on specific roads and infrastructure. BP said the application will save time and support safety and operational reliability goals.
Meanwhile the FAA granted the state of Nevada a certificate of authority to operate a UAS test site.
The state is one of six sites across the country that the FAA tapped to host one of the facilities. The others are at the University of Alaska; Griffiss International Airport in Rome, N.Y.; the North Dakota Department of Commerce; Texas A&M University’s Corpus Christi campus; and Virginia Tech University in Blacksburg. The University of Alaska received its COA in early May and North Dakota received the first one in April.
The FAA said June 6 that it granted Nevada a two-year certificate of waiver or authorization to use an Insitu ScanEagle at the Desert Rock Airport in Mercury.
The facility, according to the FAA, is owned and operated by the Department of Energy and is not for general use. The ScanEagle will fly at or below 3,000 feet, monitored by a visual observer and mission commander. Initial flights will verify that a UAS can operate safely at the airport, said FAA.
The Nevada Governor’s Office of Economic Development said in a June 6 statement that the unmanned aerial vehicle will be used for a first responder exercise in which the vehicle “will be ‘eyes on scene’ during a mock emergency exercise.”
Hidden volcanoes melt Antarctic glaciers from below, study finds
http://www.foxnews.com/science/2014/06/09/hidden-volcanoes-melt-antarctic-glaciers-from-below/
By Stephanie Pappas
Published June 09, 2014
The edge of the Thwaites glacier, shown here in an image taken during Operation Icebridge, a NASA-led study of Antarctic and Greenland glaciers. The blue along the glacier front is dense, compressed ice.NASA photograph by Jim Yungel
Antarctica is a land of ice. But dive below the West Antarctic Ice Sheet, and you’ll find fire as well, in the form of subglacial volcanoes.
Now, a new study finds that these subglacial volcanoes and other geothermal “hotspots” are contributing to the melting of Thwaites Glacier, a major river of ice that flows into Antarctica’s Pine Island Bay. Areas of the glacier that sit near geologic features thought to be volcanic are melting faster than regions farther away from hotspots, said Dustin Schroeder, the study’s lead author and a geophysicist at the University of Texas at Austin.
This melting could significantly affect ice loss in the West Antarctic, an area that is losing ice quickly.
“It’s not just the fact that there is melting water, and that water is coming out,” Schroeder told Live Science. “It’s how that affects the flow and stability of the ice.”
Antarctic heat
Researchers have long known that volcanoes lurk under the ice of West Antarctica. This is a seismically active region, where East and West Antarctica are rifting apart. In 2013, a team of scientists even found a new volcano beneath the West Antarctic Ice Sheet.
West Antarctica is also hemorrhaging ice due to climate change, and recent studies have suggested there is no way to reverse the retreat of West Antarctic glaciers. However, the timing of this retreat is still in question, Schroeder said it could take hundreds of years, or thousands. It’s important to understand which, given that meltwater from the West Antarctic Ice Sheet contributes directly to sea level rise.
Scientists use computer models to try to predict the future of the ice sheet, but their lack of understanding of subglacial geothermal energy has been a glaring gap in these models. Measuring geothermal activity under the ice sheet is so difficult that researchers usually just enter one, uniform estimate for the contributions of geothermal heat to melting, Schroeder said.
Of course, volcanism isn’t uniform. Geothermal hotspots no doubt influence melting more in some areas than in others.
“It’s the most complex thermal environment you might imagine,” study co-author Don Blankenship, a geophysicist at UT Austin, said in a statement. “And then, you plop the most critical dynamically unstable ice sheet on planet Earth in the middle of this thing, and then you try to model it. It’s virtually impossible.”
Hotspots melting
To unravel the complexity, the researchers built on a previous study they published in 2013 that mapped out the system of channels that flows beneath the Thwaites Glacier, a fast-flowing glacier that scientists say is vulnerable to global warming.
Using radar data from satellites in orbit, the researchers were able to figure out where these subglacial streams were too full to be explained by flow from upstream. The swollen streams revealed spots of unusually high melt, Schroeder said. Next, the researchers checked out the subglacial geology in the region and found that fast-melting spots were disproportionately clustered near confirmed West Antarctic volcanoes, suspected volcanoes or other presumed hotspots.
“There’s a pattern of hotspots,” Schroeder said. “One of them is next to Mount Takahe, which is a volcano that actually sticks out of the ice sheet.”
The minimum average heat flow beneath Thwaites Glacier is 114 milliwatts per square meter (or per about 10 square feet) with some areas giving off 200 milliwatts per square meter or more, the researchers report Monday in the journal Proceedings of the National Academy of Sciences. (A milliwatt is one-thousandth of a watt.) In comparison, Schroeder said, the average heat flow of the rest of the continents is 65 milliwatts per square meter.
“It’s pretty hot by continental standards,” he said.
The extra melt caused by subglacial volcanoes could lubricate the ice sheet from beneath, hastening its flow toward the sea, Schroeder said. To understand how much the volcanic melt contributes to this flow and what that means for the future of the West Antarctic Ice Sheet glaciologists and climate scientists will have to include the new, finer-grained findings in their models. Schroeder and his colleagues also plan to expand their study to other glaciers in the region.
“Anywhere in the West Antarctic Ice Sheet is going to be a candidate for high melt areas,” he said. “And we have radar data covering much of it.”
CEO: Companies Need To Use More Commercial Tech in Weapons
Jun. 11, 2014 – 01:55PM | By MARCUS WEISGERBER | Comments
WASHINGTON — Global defense companies need to import and adapt more commercial technology into military weapons and systems of the future, a former US deputy defense secretary turned industry CEO said Wednesday.
The Pentagon is more often using these types of technologies, such as 3-D printing and IT systems, allowing troops to use smartphones to view real-time reconnaissance information.
“The model was to develop things internally and then put them out [commercially],” said Bill Lynn, CEO of Finmeccanica North America and a former deputy defense secretary under Robert Gates and Leon Panetta.
“We still need to do that in some cases, but in many more cases we’re going to have to pull commercial technologies in and militarize them and operationalize them,” he said Wednesday at a Center for a New American Security (CNAS) conference.
Lynn and retired Adm. James Stavridis, now dean of Tufts University’s Fletcher School of Law and Diplomacy, presented a just-completed CNAS report on the future of the global defense industry.
There is more commercial technology in defense than there has been in past decades, Lynn said. In the past five years, the commercial content in defense acquisitions has risen from about 10 percent to about 30 percent, he said.
“To maintain our technological edge, what you’re going to have to see is the defense sector is going to have to become more an importer [of commercial technology] than we have in the past,” Lynn said. “The balance has been more toward export.”
Those exports have included GPS and the Internet. Some capabilities that will shape the future include cyber, unmanned, biology and nano technologies, Lynn said.
But, the Defense Department needs to lower the barriers of entry to allow more commercial technology into defense acquisitions, Lynn said.
That said, the defense industry is moving too slowly to adjust to trends in technology and security, Lynn and Stavridis said in the CNAS report.
Many defense companies have been investing less in research-and-development programs, instead executing a short-term strategy of moving cash back to shareholders, Lynn said. That puts the industry at risk, he said.
Some companies are starting to raise research-and-development investment levels, Lynn noted.
Marillyn Hewson, Lockheed Martin’s chairman, CEO and president, said Monday that her firm plans to boost its internal research-and-development spending by more than $30 million this year.
But despite the increase, the company’s investment in these types of projects is still tens of millions of dollars less than it was 15 years ago. ■
NSA Chief: Military Not Organized for Cyber Warfare
By Sandra I. Erwin
The U.S. military’s hidebound culture and outdated procurement system are slowing down efforts to improve cyber defenses against increasingly sophisticated network attacks, said Navy Adm. Michael S. Rogers, director of the National Security Agency and head of U.S. Cyber Command.
The Pentagon created the cyber command four years ago to prepare to wage war against hackers and foreign spies. It has a $500 million annual budget and a sprawling campus on Fort Meade, Maryland. Its ability to protect Defense Department networks is limited, however, by the military’s disjointed organization and outdated attitudes about information technology, Rogers said June 12.
“Our greater challenge is not technology but organization,” he told a conference of the Association of the U.S. Army, in Arlington, Virginia.
The Pentagon by some estimates operates 15,000 networks across the Defense Department and the military services. Each branch of the military buys and manages its own systems. Of most concern to Rogers is that cyber security tends to be put on the back burner.
“Military commanders must ‘own’ cyber,” said Rogers. “Networks and cyber [should be] the commanders’ business.”
In his previous job as head of the Navy’s cyber fleet, Rogers was frustrated by a culture where information networks are relegated to the technical support staff, rather than viewed as a command priority. As cyber attacks become more pervasive and intractable, “our ability to integrate cyber into a broader operational concept is going to be key,” he said. Now, “we treat cyber as something so specialized, so different, so unique, that resides outside the operational framework.”
Commanders operate under the “flawed” notion that they can turn over network responsibilities to the unit’s information technology experts, said Rogers. “Commanders have to own this mission and integrate it into operations.” Senior officers ought to be as knowledgeable about a unit’s network capabilities and potential vulnerabilities as they would be about its fuel and ammunition supplies, he added. “The challenge to that is as much cultural as it is technical.”
The military, indeed, needs advanced technologies to build stronger cyber defenses, said Rogers. But a disjointed procurement system makes that difficult. The Defense Department today, he said, cannot “synchronize our capabilities as a team.”
The Pentagon must build a “joint network backbone,” he said. “I never understood why the services each spend money creating, maintaining, building and operating a global communications backbone. We do it independently. It makes no sense to me. It is inefficient. It does not lead to an integrated approach to problem solving,” he added. “We need a joint framework.” Each service could still address its own needs for the “last tactical mile.”
The Defense Department last year launched a network integration effort, called “joint information environment,” to help protect systems from cyber attacks. Rogers does not see any easy fixes to this problem other than a “fundamental change in how we do acquisitions.” Networks are not viewed as “war fighting platforms,” he said. “We generally turn to our CIO and tell them to go build a network. … We don’t entwine acquisition and operations.”
Rogers also called on the military services to beef up their in-house talent. “We need to create a workforce that understands the vision, has the tools and capabilities to execute the vision,” he said. “We, the Defense Department, are not on the cutting edge when it comes to networks, and information technology. … We need to build a trained and ready operational cyber force.”
Cyber Command wants to “partner” with the services because it cannot do its job without their cooperation, he said. “It makes no sense to develop some joint vision and jam it down the throats of our services. I tell the services that we are doing this as one team.”
Future networks, said Rogers, not only must be joint, but also “defensible … with an architecture in which defensibility, resiliency and redundancy are core design characteristics. … I can’t say that about current networks.”
For Cyber Command, it can be daunting to have to defend networks that it cannot “see,” said Rogers. “We have got to create shared situational awareness. It is awfully hard to operate — whether on the offensive or defensive side — in an environment where you cannot see the environment where you operate.” Military commanders have “tactical operations centers” where they can follow events in real time. “We don’t have that in the cyber world. We have to create that. It’s hard to be agile when you can’t visualize what you’re doing.”
Rogers’ criticism of military culture echoes the argument made by his predecessor, now retired Army Gen. Keith Alexander. In one of his first public speeches as incoming Cyber Command chief in June 2010, Alexander complained that the command lacked visibility into the Defense Department’s networks, which limited its capacity to prevent attacks. He said Cyber Command only becomes aware of intrusions after they happen, and then reacts to the events, because it has little “situational awareness.” He suggested the command could not do its job without a “common operating picture.” In maneuver warfare, military commanders on the battlefield need situational awareness so they can pinpoint the location of the enemy and try to anticipate what it might do. In cyberspace, the military has no such capability.
Rogers said Cyber Command is preparing for cyber warfare as it also deals with thorny policy issues. His dual-hat role as chief of the NSA and Cyber Command puts Rogers at the center of a growing firestorm over domestic spying and privacy rights. “We need to be mindful of policy and administrative changes to apply these capabilities,” he said. “What legal frameworks do we need to execute this mission? Technology has moved much faster than our policy.”
NORAD Scrambles Fighters Against Russian Bombers
By Richard Sisk Thursday, June 12th, 2014 5:55 pm
http://www.dodbuzz.com/2014/06/12/norad-scrambles-fighters-against-russian-bombers/
Northern Command scrambled two F-22 Raptor and two F-15 Eagle fighters on Monday against a fleet of Russian bombers off the Alaska and northern California coasts, Pentagon officials said Thursday.
The Russian planes included four long-range Tu-95 Bear bombers and a refueling aircraft that briefly entered the U.S. Air Defense Identification Zone off Alaska at about 4:30 p.m. Pacific time.
Two of the bombers turned back when the F-22s made visual contact but the other two turned south and again briefly entered the ADIZ at about 9:30 p.m. Pacific time off northern California, where they were met by two F-15s, said Maj. Beth Smith, a spokeswoman for the North American Aerospace Defense Command (NORAD).
The ADIZ extends about 200 miles off the coast while “sovereign airspace” extends 12 nautical miles from land. A NORAD statement said the Russian planes never came near U.S. sovereign airspace.
The Russian fly-bys were not unusual, said Col. Steve Warren, a Pentagon spokesman. There have been about 50 such incidents over the last five years, Warren said.
Rasmussen Reports
What They Told Us: Reviewing Last Week’s Key Polls
Bottom of Form
Saturday, June 14, 2014
Fortunately for us, the Founding Fathers weren’t worried about offending the British, and we still enjoy the resulting freedoms to this day. Or do we? A surprising number of Americans aren’t so sure.
Mozilla CEO Brendan Eich’s recent forced resignation over a political contribution he made three years ago in support of traditional marriage prompted even leading gay columnist Andrew Sullivan to say political correctness has gone too far. Only 22% of Americans think we have true freedom of speech today. Seventy-four percent (74%) think instead that Americans have to be careful not to say something politically incorrect to avoid getting in trouble.
Sixty-two percent (62%) worry, too, that school textbooks today are more concerned with presenting information in a politically correct manner than accurately providing information to students.
While most Americans are concerned about so-called hate speech, just 29% think a ban on such speech is a good idea. Eighty-two percent (82%) think it is more important to give people the right to free speech than it is to make sure no one is offended by what others say.
But 54% of voters now consider the federal government a threat to individual liberty rather than a protector.
Forty-two percent (42%) of Americans think most people who get involved in politics do so to protect themselves from what the government might do. Slightly fewer (39%) think most turn to politics to make the country a better place. Eighteen percent (18%) are not sure.
Just 19% think the government today has the consent of the governed.
The federal Environmental Protection Agency is pressing forward on its own with new restrictions on carbon dioxide emissions from power plants, mostly ones fuelled by coal. Yet while most voters (57%) approve of the EPA’s new regulations, just 30% think the agency should be able to move ahead on energy controls like this without Congress’ approval.
Most voters also continue to have an unfavorable opinion of the new national health care law. Only 16% say they personally have been helped by the law, while 31% say they have hurt by it instead.
More voters than ever (63%) think it is unlikely that most of the current problems with the law will be fixed within the next year. But voters remain closely divided over how the health care law will influence their vote in the November congressional election.
Republicans are counting on both these issues to help them pick up the six seats they need to take control of the U.S. Senate. The new coal restrictions are already at play in the Senate races in Kentucky and West Virginia. The health care law is front and center in the races in Arkansas, Louisiana and North Carolina, but add Montana and South Dakota to that list, too. Opposition to Obamacare is higher in all those states than it is nationally. Other than Kentucky, all these Senate seats are now held by Democrats.
In this week’s polling, we find that Republican Congressman Steve Daines has moved to an 18-point lead over interim Senator John Walsh in the U.S. Senate race in Montana. Former Governor Mike Rounds still leads his Democratic opponent Rick Weiland by double digits in South Dakota’s U.S. Senate race, but Republican-turned-Independent Larry Pressler has made the race a bit closer.
At the same time, incumbent Democrat Mark Warner has opened up a slightly larger lead over Republican challenger Ed Gillespie in Virginia’s U.S. Senate race.
Democrats lead Republicans again on the latest Generic Congressional Ballot.
The biggest political news of the week, though, was challenger Dave Brat’s win over House Majority Leader Eric Cantor in Tuesday’s Republican primary in Virginia. Cantor’s loss, depending on whom you listen to, was due to Cantor’s poor constituent services, his shifting stance on immigration reform or the influence of the Tea Party movement. Or all of the above.
In a survey conducted just prior to Cantor’s defeat, Republicans show slightly less enthusiasm for the Tea Party and its potential impact on this year’s elections. Thirty-three percent (33%) of GOP voters still think the Tea Party will help their party in the November elections, while 37% say it will hurt the party’s candidates instead. But 75% continue to believe it’s important for Republicans in Congress to work with the Tea Party.
In other news this week, public opinion is shifting away from support for the prisoner swap that brought U.S. POW Bowe Bergdahl home from Afghanistan.
At mid-week, the Rasmussen Consumer and Investor Indexes which measure daily confidence in both groups hit their highest levels in seven years. They remain near their highs for this year and well ahead of findings since the Wall Street meltdown in the fall of 2008.
Forty-eight percent (48%) of Working Americans believe they will be earning more money a year from today. That’s the highest level of optimism in nearly five years.
No major changes in President Obama’s daily job approval rating, however. He’s still tracking at levels we’ve seen for much of his presidency.
Our first look at three gubernatorial races, following the party primaries in those states, shows three potential routs, but there’s a lot of time until Election Day.
Republican Governor Robert Bentley is far ahead of Democratic challenger Parker Griffith in his bid for reelection in Alabama. Democratic Governor Jerry Brown has an equally impressive lead over Republican challenger Neel Kashkari in California. Republican incumbent Dennis Daugaard posts a 20-point lead over Democratic challenger Susan Wismer in South Dakota’s race for governor.
In other surveys this week:
— Thirty percent (30%) of Likely U.S. Voters think the country is heading in the right direction. Sixty-two percent (62%) think it is headed down the wrong track.
— But 84% consider themselves patriotic Americans. Among this group, 94% claim to know the words to “The Star-Spangled Banner,” and 80% oppose replacing it with an easier-to-sing anthem.
— Sixty percent (60%) of all Americans say they or someone in their family displays the flag on most national holidays, and even more think children should honor the flag and say the Pledge of Allegiance in school every morning.
— Eighty-five percent (85%) of Americans think wearable computers like Google Glass are likely to violate the privacy of others, and a sizable number would be more likely to patronize a bar or restaurant that bans Google Glass.
— Virgin Galactic has announced that it will begin commercial passenger space flights as early as the end of this year, and 39% of Americans are ready to go if they can afford it.
Newswirefeed 
Comments are closed.