BALTIMORE (AP) — The Defense Department is finalizing policies that will determine what the military can do in the event of a cyberattack as the government figures out who should have the power to shut down computer networks seized by an enemy nation, terrorist group or criminal hacker.
Gen. Keith Alexander, who heads U.S. Cyber Command, said Thursday that attacks against critical systems are increasingly carrying destructive viruses or malware that can hinder or destroy routers or networks. Alexander, who also is director of the National Security Agency, said the Pentagon and intelligence agencies must do more to protect their computer systems and coordinate with private companies to safeguard public networks.
“Is it the FBI? Is it the NSA? Is it the military or is it the ISPs — the Internet service providers? But somebody can turn that device off,” Alexander said during a conference of the International Systems Security Association.
Government cybersecurity officials say cyberattackers are using the Internet to steal money, ferret out classified secrets and technology, and disturb or destroy important infrastructure, from the electrical grid and telecommunications networks to nuclear power plants and transportation systems.
The Defense Department has set up a trial program to share cyberthreat data with some large military contractors in order to prevent intrusions. The Department of Homeland Security is looking at that model.
Alexander said that effort may need government action, but that Homeland Security must lead it, with reviews to ensure the protections of civil liberties and privacy.
He said it’s no longer good enough to try to monitor all networks at the Pentagon or across the government and then block the intrusions as they are detected. Cybersecurity experts note that it can sometimes take months to detect that someone has gotten in.
Instead, Alexander said the Defense Department is planning a drastic reduction in the number of routes into the network, so they can be better monitored and intrusions can be blocked in real time.
He also said defense and intelligence agencies will move to cloud computing, which would use highly secure, encrypted banks of remote computers to store data — much like people store photos or email in popular online programs.
Doing that, said Alexander, will allow officials to better see and block any threats trying to get into government systems. He also noted that commanders used cloud computing in Iraq, which allowed the military in intelligence officials to more quickly share and disseminate information to troops on the front lines who needed it.