DoD Readies for Stuxnet-like Attack

Monday, February 13, 2012 @ 05:02 PM gHale

By Richard Sale
It wasn’t that long ago at an Air Force base in Rome, NY, when an intruder, using a computer from overseas, hacked into military computers that controlled logistics supply and swapped two order numbers from the files.

When the motor pool in one U.S. Air Force base ordered headlights, they ended up getting missiles, and when a fighter wing ordered missiles, it got headlights. While no lives were lost, it did cause a huge mess and after straightening out the red tape, the intrusion cost $500,000 in personnel and system time.

Cyber Report: Bad Guys Winning
Security Best Practices will Cut Downtime
Government Tries to Define Cyber Security
DHS Unveils Cyber Strategy Plan
Grid Ripe for Cyber Attacks

Yes, this was a military incident and not an industrial control system, but the issue still remains that staying vigilant and on top of all possible attack vectors remains paramount.

In light of the Stuxnet attacks on the Iran nuclear facilities and the potential for retaliation or attack from other well-funded nation states, the U.S. government is stepping up its cyber security posture.

That is why President Barack Obama last month signed into law the National Defense Authorization Act which will vastly boost U.S. cyber war capabilities, including approval of offense cyber warfare, according to Pentagon sources.

The U.S. Cyber Command, the U.S. Air Force, Army, Marine Corps and Navy components all embarked on new operations designed to thwart and baffle its adversaries. Under the Cyber Insider Threat (CINDER) plan, Defense Advanced Research Projects Agency (DARPA) will explore new approaches for improving the speed and accuracy of threat detection, seeking new proposals to identify and monitor intruder attacks.

Cooperation between the private sector and the Department of Defense (DoD) will also increase. More than 90 percent of the military communications infrastructure, platforms and programs currently consist of commercial software and network companies. Before stepping down late last year as deputy defense secretary, William Lynn outlined the Defense Industrial Base Cyber Pilot program whose aim is to bring together military and industry leaders to share knowledge of the best techniques for fighting cyber threats including the insertion of viruses and worms like Stuxnet, that can act to weaken U.S. ability wage modern war.

The new program will mean that DoD and the Department of Homeland Security (DHS) will work more closely together, and it requires annual reports on the Chinese military and an analysis of its cyber capabilities, thought to be the most formidable threat to the United States.

“The Chinese have already caused a lot of headaches – they shut down the White House site beginning in the 1990s, they recently were behind last year’s pillaging of U.S. Defense Department data,” said a former senior U.S. intelligence official. “The worry is that even in those operations we think they are not yet deploying their best stuff.”

New Chinese or Russian cyber offensives will attempt to attack the heart of U.S. information systems degrading, disrupting his supply information, and through deception crashing computers and planting false data, the source said.

The U.S. Air Force first discussed inserting mal worms and viruses as early as 1995, he said.

The President will direct the new threat program and is subject to the laws of the war and the War Powers Resolution. The goal is not necessarily to develop new ways of detecting individual malicious insiders, but, instead, DARPA wants to read tell-tale signs of network activities that users should monitor before any disruption occurs.

Included in the act is a push toward standardization across the military’s security information and event management systems in an effort to improve Cyber Command’s ability to see and correlate data across the military’s disparate cyber security systems.

The act directs the secretary of defense to acquire more advanced cyber security capabilities to “discover and isolate” successful attacks for which signatures haven’t been developed including scanning emails, databases and file transfers.

The U.S. military seeks to block any unauthorized software and constantly monitors system settings to detect any deviations. At the gateway level, the military must capture and analyze network traffic and Cyber Command will set how much data these systems must capture and store.

“It will take time to ramp up these measures and enemies are already way ahead,” said another U.S. government expert.
Richard Sale was United Press International’s Intelligence Correspondent for 10 years and the Middle East Times, a publication of UPI. He is the author of Clinton’s Secret Wars and Traitors.

One Response to “DoD Readies for Stuxnet-like Attack”

  1. […] DoD Readies for Stuxnet-like Attack (Richard Sale ISS Source 13/2/2012) […]

Leave a Reply

You must be logged in to post a comment.