STRATCOM commander: DOD network operators need to train to ‘fight through attacks’
- By Barry Rosenberg
- Aug 21, 2008
If you look at cyberspace as just another domain in which to defend and fight — just like land, sea, air and space — then the whole task to developing the doctrine and tools to make the enterprise a strategic advantage for the U.S. military forces is not as daunting as it might seem. That’s the word from Air Force Gen. Kevin Chilton, commander of the U.S. Strategic Command (STRATCOM), who gave the keynote address at the LandWarNet Show on Thursday.
"The cyber domain is not special, it’s like any other domain,” Chilton said. “The thing that separates this domain from the others is that it operates at the speed of light.”
Chilton added, “It’s not so unique that we don’t treat it like a warfighting domain that can be operated in, through and across, where we can deliver effects, and which can be supported by operations from other domains.”
And similar to other domains, one of the critical issues for cyberspace is keeping it operational while under attack. “My sense is that the hardest issue we have in cyberspace is operating the network.” Chilton said. “In this domain the hardest thing will be to fight through the attack. No defense is perfect and we will be attacked successfully, and how we fight through that will be vital to our success on the battlefield.”
The STRATCOM commander doesn’t necessarily look at the thousands of regular attempts to steal data from U.S. military networks as attacks as much as espionage.
“There’s a huge exfiltration of data, data that when pieced together can be detrimental to the United States of America, even when it comes from unclassified systems. The one thing that scares me the most is the doubt created in the force about its ability to trust in the data in the network,” Chilton said, giving the example of receiving an e-mail message from a friend with an attachment. He concluded that the e-mail message might not actually have been sent by his friend and could have introduced malware into his computer if he clicked on the attachment.
To prevent computer systems from being compromised, especially at the point where the Non-secure IP Router Network connects to the Internet, Chilton said he believes every member of the military must receive better training about the appropriate uses for the network. Watching videos of the NCAA basketball finals on your work computer is not appropriate, he said.
Breaches of network security must be addressed at the top. “We need to make defense of our network commander’s business,” Chilton said. “It’s not just the J6 or G6 or N6 business. People need to be held accountable.”
"If you open a vulnerability in our network are there consequences for that? When was the last time someone was called before the commander’s office, not the G6’s office, about opening a vulnerability?” Chilton said. “We need to teach people how to use the network and then hold them accountable.”
Barry Rosenberg is editor-in-chief of Defense Systems. Follow him on Twitter: @BarryDefense.