Transcom takes holistic approach to cyber defense to combat intruders
- By Defense Systems Staff
- Mar 07, 2013
The U.S. Transportation Command is hard at work reducing the number of access points available to cyber intruders as a way to improve its network defensive posture, and also is working closely with its commercial suppliers to strengthen their interfaces with the command, the Transcom commander told Congress March 7.
The command is the target of more cyberattacks than any other combatant command, according to a news story on the DOD website that summarized the testimony before the House Armed Services Committee of Air Force Gen. William M. Fraser III.
Transcom was hit by as many as 180,000 cyberattacks in 2012, which was quadruple the number it experienced in 2011, Fraser told lawmakers. The attacks range in severity from hackers simply trying to enter the network to more advanced, persistent attacks, he said.
Unlike most combatant commands that interface primarily with other secure military and government networks, Transcom relies heavily on its commercial suppliers that deliver 70 percent of its supplies and passengers around the world, Fraser said in his written statement to the committee.
The majority of the command's distribution and deployment transactions are conducted over unclassified and commercial systems that lack the safeguards provided on “dot-mil” and “dot-gov” networks, he said.
The command is taking a holistic approach to cyber defense that involves not only shoring up its own network defenses, but also working closely with its commercial and interagency partners to help them strengthen theirs, he said.
Transcom established a secure enclave that reduced the number of touchpoints its partners use to connect with the command’s networks, Fraser said. So far, the effort has prevented any major intrusions into the command's network, he said.
In addition, to underscore partners’ role in the security of Transcom’s networks and the mission they support, the command has started inserting specific language into its contracts to promote cyber awareness and cybersecurity, Fraser said.
The new language encourages contractors to provide details about their information assurance plans and steps they are taking to protect their networks, he said. It also calls on them to notify Transcom when they detect intrusion or intrusion attempts into their networks.