Pentagon Says Cyberspace Now an 'Operational Domain'

rated by 0 users
This post has 2 Replies | 0 Followers

Top 10 Contributor
Posts 24,918
Points 1,117,845
Joined: Sep 2007
ForumsAdministrator
News Posted: Fri, Jul 15 2011 12:02 PM
It's not as though the Pentagon has militarized cyberspace in the mode you might think of in some sort of anime like "Ghost in the Shell," but they are going to look at cyberspace differently. On Thursday, the Pentagon announced it would begin treating cyberspace as an operational domain, like land, sea, and air.

Deputy Defense Secretary William Lynn III outlined the new strategy in a speech at the National Defense University. At the same time, he spotlighted the importance of cyberdefense with an example that is most telling: in March alone, 24,000 files at a defense contractor were accessed.

Here's what Lynn said, "Our strategy's overriding emphasis is on denying the benefit of an attack. If an attack will not have its intended effect, those who wish us harm will have less reason to target us through cyberspace in the first place."

That's all pretty obvious: if they can't break in, why bother? The problem is, that considering that the truism is not if, but rather when a system will be hacked into, it's hard to see how this could be done. Even security firms see their systems broken into.

Wikimedia Commons

While Lynn did not go into more detail, it's possible he's speaking about a hack into EMC's RSA security division in March. That hack also led to later attacks, as the RSA attack gave the hackers the ability to create duplicate "SecurID" electronic keys for two-factor authentication.

Two-factor authentication requires two different pieces of identification to be presented in order for a user to access a system or network. In the case of RSA SecurID keys (or tokens), the token gives the user a constantly changing code to use, and a PIN or password is the second factor in the authentication.
  • | Post Points: 35
Top 200 Contributor
Posts 385
Points 3,845
Joined: Jun 2011
RTietjens replied on Fri, Jul 15 2011 2:22 PM

This is why we need Black ICE* on government systems; active firewalls that check for authorization of any system connecting, and if no such authorization is found, a backtrace and all-out counterattack, designed to completely disable the attacker, is automatically launched. Bonus points if it can cause physical damage to the attacking system(s), like some copy-protection schemes did to the Commodore 64 floppy drives..

ICE: Intrusion Control Electronics

  • | Post Points: 5
Top 50 Contributor
Posts 2,864
Points 29,610
Joined: Mar 2011
Location: United States, Connecticut

With so much of the world connected to the internet. It is important that they consider "cyberspace" another front. Hackers could easily take down something like the electrical grid to disrupt operations.

  • | Post Points: 5
Page 1 of 1 (3 items) | RSS