By Claudette Roulo
American Forces Press Service
WASHINGTON, Feb. 27, 2014 – The threat in cyberspace is
changing so rapidly that law and policy lag behind, the nation’s top cyber
commander said here today.
The gap is one of the “key and fundamental” issues that the
nation must address, Army Gen. Keith B. Alexander told members of the Senate
Armed Services Committee. Alexander is commander of U.S. Cyber Command in
addition to his duties as National Security Agency director.
“How do we protect our nation in this space and through this
space, … and how do we do it in such a manner that they know we're protecting
their civil liberties and privacy while concurrently protecting this nation?”
he asked.
Exploitative and destructive cyberattacks are both on the
rise, Alexander said. Exploitative attacks are designed to steal information or
money, he explained, while destructive attacks are intended to disrupt or
destroy devices or activities.
Defense and commercial systems are targeted in both types of
attacks, Alexander said.
“The best way to solve the exploitation problem and to also
defend against disruptive and destructive attacks is to form a defensible
architecture,” he said. “We should protect these networks better than we have
them protected today -- not just within the Defense Department, but also our
critical infrastructures. Time and again, we're seeing where people have
exploited into these networks only to find out that the way that they're
getting in is so easy that it's difficult to defend.”
Cyberattacks are on the rise, he said. Recent attacks on
Wall Street and around the world destroyed data on systems, which had to be
replaced, he noted.
“This is a significant change from disruptive attacks --
those distributed denials of service which only disrupt for the time that that
attack is going on, versus a destructive attack, where the information is
actually lost. Far more damaging, … far more costly,” Alexander said.
More nation-states are likely to adopt cyberattacks if
diplomacy fails, the general said. “We've got to be prepared for that as a
nation, and we've got to work with our allies to set up … the ground rules and
deterrence theory in this area.”
Cyber defense is a team sport in which the services must be
aligned and trained to a joint standard, Alexander said. The general
acknowledged that such training will take time.
“We'll have roughly one-third of that force fully trained by
the end of this calendar year, and I think that -- given the sequestration --
is a huge step forward,” he said.
The way forward includes educating not only service members,
but also the American people, the administration and Congress on what’s
happening in cyberspace, Alexander said.
“Many of the issues that we've worked our way through over
the [past] five years on the NSA side, working with a [Foreign Intelligence
Surveillance Court], boils down to an understanding of what's going on in
cyberspace -- our ability to articulate it, and their understanding of what
we're talking about,” the general said.
“I think we need to step back [and] set a framework for
discussion with the American people,” he continued. “This is going to be
absolutely important in setting up what we can and cannot do in cyberspace to
protect this country.”
Issues with NSA surveillance programs are overshadowing
cyber defense issues, the general said. “We have to get those resolved,
because, ironically, it operates in the same space,” he said.
Within the next several weeks, Alexander said, he expects to
return to Congress with a proposal to address President Barack Obama’s -- and
the nation’s -- concerns about surveillance programs.
No comments:
Post a Comment