milware attacks

NSA's Quade: ‘Milware’ defense requires automated security

Cyberthreats against military targets have become so widespread and sophisticated that there’s a new name for them at the National Security Agency.

“We’re starting to use the term 'milware.'… It’s not a scientific term, but what it represents is the sophistication of attacks,” Philip Quade, special assistant to the director for cyber for the NSA’s Cyber Task Force, said. 

“It’s often a type of malware that’s been customized” by a foreign government,” Quade said. “Sometimes it starts with plain old malware,  [but] it often is a planted attack -- some parts of it might be physical, some parts might be otherwise.”  He described milware as “ a multi-staged set of malicious activities” that is  more sophisticated than typical threats.

Quade told the audience at an event hosted by AFCEA’s Bethesda chapter that leveraging automated, adaptive and active cyberdefenses are necessary to defend against these milware  threats. “We have organizations and machines that are capable of sharing information automatically, but … we need more machines to be able to automatically ingest it and act on it.”

To develop systems that can to go from sensing to acting at machine speed, Quade said NSA has partnered with the Department of Homeland Security to create an architecture representing a cyber version of the OODA loop – observe, orient, decide and act.  Such a system would sense, make decisions and act, feeding data into a messaging fabric that would ultimately contribute to shared situational awareness, he said. 

Quade used as an example an active cyber defense technology that was deployed in an operational environment locally.  The system was capable of going from looking at 65 security events per day, taking ten minutes to 11 hours to adjudicate them, to looking at 10,000 events per second and taking one second to ten minutes to adjudicate.    

With government under constant attack, resiliency of networks is crucial.  “We think the next big thing is focusing on what we call automated resiliency and automated regeneration,” Quade said. Metrics that measure and model the quality of resistance and regeneration will contribute to the development of a more exact computer science, he said.

About the Author

Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected