The Pentagon’s computer networks are under attack on a daily basis, and military officials are updating concepts for operating those systems to clarify how various organizations will respond to those attacks.
These attacks include viruses intended to shut down military networks, as well as hacking attempts to steal data. Some experts believe that the military may be at risk of future adversaries hacking into networks to scramble data so as to make it useless.
Potential enemies recognize how valuable these networks, called the Global Information Grid (GIG), are to the Pentagon, and they pose attractive targets to enemies that do not have the resources to engage in a head-to-head confrontation with U.S. fighting forces, according to U.S. Army Col. Jim Barrineau, director of strategy, plans, policy and international relations for the Joint Task Force for Global Network Operations (JTF-GNO).
The JTF-GNO identifies potential threats to the GIG and develops and disseminates countermeasures.
The task force is headed by U.S. Air Force Lt. Gen. Charles Croom and reports to U.S. Strategic Command. Croom also serves as the director of the Defense Information Systems Agency.
The GIG includes at least five million computers spread across roughly 65 countries, depending on where U.S. forces are deployed at any given time, Barrineau said. Those computers can range from systems used in offices to those used by tactical forces like the Army’s 82nd Airborne Division, he said.
While it is easy to point to pieces of the GIG, it is difficult to physically define its limits, Barrineau said.
Computer networks have proven themselves valuable to the military during modern combat , but their relative infancy as a technology compared to systems like aircraft could mean the Defense Department has only scratched the surface of their capability and their uses are only likely to increase, Barrineau said.
The Pentagon is in the process of developing its annual update to its concept of operations for defending the GIG, and hopes to have U.S. Marine Corps Gen. James Cartwright sign off on the document around the end of July, Barrineau said.
One of the key issues under discussion is distinguishing whether the Joint Task Force for Global Network Operations should respond to an attack, and when that responsibility should be handled by a regional command, Barrineau said.
Some officials believe that the speed with which attacks like computer viruses can spread around the world makes all defense of the GIG a global issue that should be handled by the JTF-GNO, Barrineau said. However, others believe that response should be handled by the regional command where the attack begins, he said.
While the JTF-GNO can help coordinate a response to an attack across several regional commands, the task force also can bring some tools to the table not found within those organizations, Barrineau said. This includes that ability to isolate the networks used by particular theaters from each other to quarantine an attack, he said.
Meanwhile, the JTF-GNO is hoping to improve the way it responds to computer network attacks through greater automation, Barrineau said.
While computers cannot replace human decision making, they can help speed the process by conducting rapid analysis of an attack and presenting a variety of options for response, Barrineau said. The Air Force currently is pursuing a similar approach to the way it identifies and destroys enemy targets.
A long-term challenge for the military is finding a system that can correlate information from various computer security tools like intrusion-detection systems and analyze the impact different levels of users if the task force must shut down certain connections to the Internet to quarantine the attack, Barrineau said.
James Lewis, a senior fellow and director of technology and public policy at the Center for Strategic and International Studies, a think tank here, said the Pentagon has been largely successful at identifying and defending the vulnerabilities of its networks.
However, more attention may be needed to protect the links to communications satellites that carry a heavy load of the information on the GIG, Lewis said. While doing significant damage to the GIG likely would entail a coordinated set of cyber attacks, striking one of those satellites through an electronic or physical attack on a military or commercial ground station might be the most effective single blow, he said.