A battle plan for cyberdefense
- By William Jackson
- Dec 22, 2008
The Commission on Cybersecurity for the 44th Presidency has laid out detailed proposals for the Obama administration for protecting our cyber infrastructure, calling for a comprehensive national strategy based on Cold War doctrines that allow a balanced but potentially massive retaliation against threats and attacks.
The commission, empanelled by the Center for Strategic and International Studies, presented its final report earlier this month.
“Comprehensive means using in a coordinated fashion all the tools of U.S. power,” the commission wrote, including “international engagement and diplomacy, military planning and doctrine, economic policy tools, and the work of the intelligence and law enforcement communities.”
This strategy served the United States well for 30 years, and we emerged from the Cold War intact and without the use of nuclear weapons. But the Cold War doctrine was backed by massive intelligence programs on multiple fronts to alert us to what dangers we were facing, from whom and why so that any response could be tailored to the threat.
That is a capacity we lack today in the online world, a difficulty acknowledged by two co-chairmen of the commission.
“It very difficult to get back to the source” of attacks on U.S. information resources, said Rep. Michael McCaul (R-Texas).
“We know too little about the identity and intent of those attacking,” added retired Air Force Gen. Harry Raduege, now at Deloitte & Touche.
This is a critical problem. The inability or unwillingness to distinguish between threats to national security that warrant a military response and criminal activities that call for law enforcement have marred government initiatives. When government “declares war” on some issue—such as drugs or terrorism—and responds without seriously evaluating the nature of the threat, the result tends to be a heavy-handed effort at a high cost that wins us few friends and produces few worthwhile results.
Information about apparent attacks on information systems is heavy on anecdote and light on specifics. Many of the systems involved are sensitive or classified, there is no comprehensive system for gathering data, and it is so easy to cover tracks on the Internet that we know far too little about who is doing what to us.
“In 2007, the departments of Defense, State, Homeland Security and Commerce, [as well as] NASA and [the] National Defense University all suffered major intrusions by unknown foreign entities,” the commission report said.
We do not know whether those entities really were foreign or what country most of them really were working from. We do not know whether they were working for a government, for a criminal gang, or were just casual hackers seeing what they could get into. We do not know if these systems were targeted or merely were targets of opportunity.
The commission acknowledged the difficulty of addressing problems in cyberspace and the need to ensure that any U.S. response is commensurate with the threat, so that a response to an incident does not actually make the situation worse.
“To some extent, expressing principles for cyberspace is more difficult than expressing a military doctrine designed to protect our physical territory,” the report says. “Any fundamental principle or doctrine related to the Internet will affect all aspects of U.S. life and must be carefully crafted.”
Before a truly comprehensive national strategy can be fully implemented there will have to be a vast improvement in our ability not only to monitor what is happening on our networks, but also to drill down and identify who is doing it and what the motives are. Most importantly, this must be done constitutionally, with full respect for the rights of citizens, and not extrajudicially.
Ensuring we have the technology and establishing the rules for doing this will be a key job in crating a national strategy.
William Jackson is a Maryland-based freelance writer.