News Security

US Military Finds Cyber-Defence Scheme ‘Very Promising’

The US Department of Defence is to extend a pilot programme that brings third-party contractors in on classified military planning

The US Department of Defence is planning to extend a cyber-defence pilot programme in which it shares classified threat intelligence with defence contractors and other companies.

The Defence Industrial Base Cyber-Pilot provides member organisations with classified information about viruses, malware and other cyber-threats to help them defend against sophisticated attacks and network intrusions. The pilot will be extended through mid-November, the Associated Press reported on 26 September.


So far, the trial programme involves at least 20 defence firms. There are discussions as to how it can be expanded to include more companies and subcontractors. The Department of Homeland Security (DHS) is also evaluating the programme to provide similar information to defend power plants, electrical grids and other critical infrastructure from cyber-attack.

“The results this far are very promising,” William Lynn, deputy secretary of defence, told Associated Press. “I do think it offers the potential opportunity to add a layer of protection to the most critical sectors of our infrastructure,” Lynn added.

The data collected and shared since the programme launched in May has helped stop “hundreds of attempted intrusions” by identifying malware signatures, Deputy Defence Secretary William Lynn said earlier this month.

The Obama Administration is interested in this kind of public-private partnership to protect United States defence companies from sophisticated cyber-attacks targeting sensitive information. A senior DHS official told AP that implementing this kind of a programme would be easier if Congress would pass legislation explicitly giving DHS the lead role in helping private sector companies secure critical infrastructure.

DHS needs more authority over critical infrastructure and must be able to “mandate” risk-based performance, according to James Lewis, director of the technology and public policy programme at the Centre for Strategic and International Studies. Currently, the Defence Department does not have the legal authority to defend civilian systems, and Homeland Security, which oversees private-sector cyber-security, does not have the power to regulate those systems.


Representative Dan Lungren, chairman of the Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies, has proposed creating a United States Computer Emergency Response Team (US-CERT) within DHS that is responsible for protecting federal and critical infrastructure systems and a non-profit organisation called the National Information Security Organisation that would be managed by the DHS secretary.

The non-profit organisation would have a board of directors comprising a representative from DHS, three representatives from different federal agencies that deal with cyber-security and five representatives from the private sector that operate networks or facilities that have been deemed critical infrastructure, such as energy, water and communications networks.

There have been a number of high-profile attacks against defence companies this year, including unknown attackers who used information stolen from RSA Security to compromise Lockheed Martin, a March attack in which criminals stole files related to missile tracking systems from a defence contractor and Anonymous leaking information belonging to military personnel.

Intrusions into defence networks are now close to 30 percent of the Pentagon’s Cyber Crime Centre’s workload, senior defence officials told AP.

More than 60,000 new malicious software programmes or variations are identified every day, “threatening our security, our economy and our citizens,” Defence Secretary Leon Panetta said earlier this year .

News Security Wikileaks

WikiLeaks Spurs MoD To Step Up Cyber Defences

The Ministry of Defence has allocated funds to improving its defences against cyber attacks and information leaks following the WikiLeaks debacle

The Ministry of Defence has strengthened its cyber-defences in response to WikiLeaks’ release of confidential cables, the ensuing denial-of-service attacks launched by WikiLeaks supporters and a recent attack on an Iranian nuclear processing plant by the Stuxnet worm.

The measures were revealed by Armed forces minister Nick Harvey in response to MPs’ questions in the Commons.

Security concerns

Conservative MP Robert Halfon asked what recent steps the MoD has taken to reduce the risk of attacks such as the Stuxnet attack.

Meanwhile, Conservative MP James Morris described the WikiLeaks incident as a critical attack on national infrastructure, and said such attacks are “only likely to grow”.

Morris urged the involvement of private firms in preventing future such incidents. “We must involve the private sector in ensuring that we can be ahead of the game when it comes to our cyber security,” he said.

Harvey said that cyber defence is a “high priority” and that the MoD has allocated £650 million to improving cyber protections.

“There are technical and procedural measures in place to protect MoD systems from cyber attack and to ensure we can mitigate the impact of those attacks,” Harvey said.

He declined to comment on the detail of those measures, but said defences are tested regularly by intruders.

“The threat is of course changing in extent and complexity, which requires continual improvements in our security measures and novel approaches to dealing with the more sophisticated threats,” Harvey said.

He said the MoD intends to work closely with private firms on cyber defence.

DDos attacks

The MoD is “committed to working closely with the private sector in defence not only of our own systems but of systems across government”, he said.

WikiLeaks’ editor-in-chief Julian Assange was released from custody last week, following a court hearing’s decision to disregard an appeal, believed to have been filed by the Swedish authorities.

Over the past few weeks, Anonymous Operation has been named as the loosely organised gang behind DDoS attacks on MasterCard, Visa, PayPal and other organisations perceived as being anti-WikiLeaks. The group has also threatened the UK with reprisal attacks if Assange is extradited – as it did with the Swedish government for pressing to have him arrested.