Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
Pentagon still grappling with rules of cyberwar
Wednesday - 7/25/2012, 7:31pm EDT
WASHINGTON (AP) - The Pentagon is still grappling with how to write the rules of cyberwarfare, such as when and how to fire back against a computer-based attack, senior military leaders told Congress Wednesday.
Four months ago the military's top cyberwarrior predicted the rules would be ironed out in a "month or two" and sent to other federal agencies for discussion. But the complex world of cyberspace, which has no real boundaries and operates at the speed of light, has proven to be a difficult battlefield for the military to map out.
House members said that working out the rules of cyberwar is critical so that the military will be able to respond quickly when U.S. networks are attacked or threatened. Rep. Mac Thornberry, R-Texas, told military leaders that there likely won't be time for Congress to pass a declaration of war if or when a computer-based attack happens.
So, consultation with lawmakers beforehand would smooth things over, said Thornberry, chairman of the House Armed Services emerging threats subcommittee.
"The devil is in the details," acknowledged Vice Adm. Michael Rogers, commander of the Navy's Fleet Cyber Command. He said it has been an issue for some time, and that he expects there will be some developments "at some point in the near term."
During hearings in March, members of Congress pressed Army Gen. Keith Alexander, head of U.S. Cyber Command, for details on the military rules of engagement for offensive cyberoperations, particularly so that U.S. forces have the proper authority to act quickly when an attack is discovered or a network is breached. Alexander, who also heads the secretive National Security Agency, said at the time that U.S. officials were reaching some agreement on the rules.
The military has longstanding rules of engagement for conventional warfare that lay out the appropriate response to a particular act or attack by another country or faction. And last year President Barack Obama signed execute orders that detailed how far military commanders around the globe can go in using cyberattacks against enemies and laid out when the military must seek presidential approval for a specific cyberassault.
The current ground rules for cyberoperations were written in 2005, but are not adequate for the current technologies. The new rules, said Alexander in March, would allow the military to stop breaches as they were happening and would detail the conditions necessary to take those actions.
Senior officers from the Army, Navy, Air Force and Marine Corps who are responsible for cyberoperations testified before the subcommittee. They said that the armed services are using bonuses and other enticements to recruit and retain cyberwarriors, while competing with private industry for candidates.
But lawmakers wondered about funding shortfalls that could stifle the increase in cyberpersonnel the Pentagon is bringing on.
"We are facing significant fiscal challenges in the coming years," said Rep. Jim Langevin, D-R.I. "Cyberrelated activities are faring reasonably well so far, but nothing is immune, and even noncyberspecific cuts could have an impact on your commands as personnel resources are reduced or research and development funding decreased."
Rogers said that attracting and keeping his cyberworkforce is a "significant challenge, given the rapidly evolving nature of cyberspace and the intense competition from industry for top talent."
And other said that dramatic budget cuts, which will become necessary early next year if Congress can't agree on funding, would be a problem.
Maj. Gen. Suzanne Vautrinot, commander of Air Forces Cyber, said the cuts would be devastating and cause the Air Force to lose ground.
As to the size of their cyberworkforce, the Air Force has about 17,000, the Army has about 11,000; the Navy has about 14,000; and the Marines have about 700. Cyber has been one defense area where spending has increased, even as budget cuts hit other places.
Vautrinot also noted that the Air Force has been working to make sure that key drone operations are protected against cyberattacks, focusing on the highest priority missions. Last year, a computer virus infected the Pentagon's drone program, but it did not get into flight controls.
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.
Lolita C. Baldor can be followed on Twitter at http://twitter.com/lbaldor
(Copyright 2012 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.)