U.S. Mulls Cyberspace Code of Conduct To Secure Global Networks

by

COLORADO SPRINGS, Colo. — The U.S. government wants to pursue an international set of standards and norms for cyberspace activities similar to the space code of conduct it hopes to begin negotiating with other spacefaring nations in the coming months, a senior Defense Department official said.

Madelyn Creedon, assistant secretary of defense for global strategic affairs, said a cyberspace code of conduct would provide many of the same economic and security benefits as the proposed space code of conduct, primarily by enhancing the reliability of computer networks worldwide. She said a cyberspace code of conduct is in the early conceptualization phase.

The International Space Code of Conduct, by contrast, is under development within the White House. Administration officials say it will be based on, but not identical to, a code of conduct proposed in 2008 by the European Union.

The space and cyberspace domains are inextricably linked, Creedon said in a luncheon speech here at Cyber 1.2, a one-day symposium being held in conjunction with the National Space Symposium. Both represent global and distributed capabilities that help the United States maintain its strategic edge over adversaries, she said.

Space and cyberspace are critical not only for national security but also for the economy, she said.

Lt. Gen. Michael Basla, vice commander of Air Force Space Command, said during a press conference here that space and cyberspace are both enabling capabilities that are all about gathering and transmitting information. The top priority in both space and cyberspace is command and control of nuclear operations, he noted.

The Air Force has assigned Space Command responsibility for cybersecurity activities, and Basla said he would be surprised if the command has the same name five years from now. Some experts view the merger of space and cyberspace to one seamless activity as inevitable.

Basla and Creedon said the United States is under constant attack in the cyberspace domain and is developing both defensive and offensive capabilities to address these threats. But defensive capabilities remain the No. 1 priority, Basla said.

The Defense Department is developing rules of engagement for cyberwarfare, they said, although Creedon made clear that the United States reserves the right to take offensive actions in cyberspace if necessary. Combined with kinetic and other offensive capabilities, cyberweapons give the U.S. military the broad range of options to respond to aggression at times and in ways of its own choosing.

The Pentagon’s Strategic Guidance document released this year identified cyberspace and space as two domains that will remain a priority as the U.S. military reshapes itself in response to declining budgets and changing threats. Creedon said cyberspace is one the few areas that could see budget increases in the coming years.

Basla warned, however, that current budget pressures are coming close to eroding what he characterized as the foundational capabilities in cyberspace protection. He also said Space Command expects to save $1.2 billion starting in 2012 by consolidating information technology networks and eliminating duplication. A top priority in cyberspace is AFNet migration, under which the Air Force is moving to a single, centrally managed and more defensible network.

Creedon said industrial espionage via cyberspace is a major problem area, particularly with defense contractors. Corporate networks are being targeted by hackers seeking to obtain “leap-ahead technology without investing the resources to develop it,” she said.

Ninety percent of Defense Department information is transmitted at some point over commercial satellite and terrestrial networks, Creedon said. Industry and government must work together to better secure their networks, she said.