The Pentagons says the United States must reinforce its cyber perimeter to more effectively counter the digital threat posed by terrorist groups and rogue states.
“All of the advanced capabilities we have, whether it’s targeting or navigation or communication, have a backbone that’s run through information technology,” Deputy Defense Secretary William J. Lynn III explained during a briefing about the DoD’s new cyber strategy.
“So if you’re a smart adversary and you’re seeking an asymmetric way to come at the United States, cyber will appeal to you very, very quickly.”
According to Lynn, the new strategy is based on five pillars: treat cyber as a domain; employ more active defenses; support the DHS in protecting critical infrastructure networks; practice collective defense with allies and international partners; and reduce the advantages attackers have on the Internet.
However, the deputy defense secretary was quick to emphasize the Pentagon had little interest in following a static “Maginot Line” approach that would focus solely on defending a rather lengthy digital border.
Rather, the DoD plans to adopt an active method of securing the nation’s cyber infrastructure to more effectively prevent hostile infiltrations. Indeed, Lynn confirmed that a hack and extract operation in March had resulted in the theft of over 24,000 files by “foreign” intruders.
“We have, within Cyber Command, a full spectrum of capabilities, but the thrust of the strategy is defensive. We think we need to be able to defend our networks just to maintain our offensive advantages in all of the other areas,” he said.
“You want to be able to hunt on your own networks, to find things that get past the perimeter. It’s a more dynamic approach to defense.”
Lynn added that the U.S. had recently clinched various cyber defense agreements with a number of countries and entities, including NATO, the United Kingdom and Australia.
“The White House just put out an international strategy with the idea of broadening that group of international partners. [Of course], there are sovereignty issues.
“[But] I think that’s where collective defense is a critical element. If you exchange information about the kinds of threats, the kinds of signatures you’re seeing… You’re able to get early warning.”