DoD Cyber Command will take a defensive posture

Friday - 4/16/2010, 7:02am EDT

WFED's Jason Miller

Click below to hear the report

Download mp3

By Jason Miller
Executive Editor
Federal News Radio

Two of the top federal cyber officials disagree over whether a cyber war is possible.

White House cyber coordinator Howard Schmidt said earlier this month at the RSA conference in San Francisco that there is no cyber war, according to Wired.com.

But the nominee to head the Defense Department's U.S. Cyber Command provided a different story when asked Thursday by Sen. Mark Udall (D-Colo.) whether he agrees with Schmidt's comments.

Lt. Gen. Keith Alexander tells the Senate Armed Services Committee that a cyber war in and of itself would not exist, but it more likely would be a part of a larger military campaign.

"I believe the tools and stuff for command and control that we have today to affect those in cyberspace are analogous to the tools we had 40 years ago for jamming communications," he says. "But now in cyberspace you can not only jam, but do a lot more to information and therein lies part of the problem. We see that going on in the civilian industry and in governments around the world. So the issue is, from a military perspective, if these things are impacting our networks today, we have a responsibility to defend those."

The White House did not respond to a request for a comment on these seemingly divergent opinions.

The question of what is a cyber war is not a new one. There is (little agreement among experts in and out of government of what would a cyber war means.

But cyber war was only a small focus of the long-waited hearing on Alexander's nomination. President Obama picked the three-star general to be head of the U.S. Cyber Command in October.

Lawmakers focused more on the command's relationship with the Homeland Security Department, other defense agencies, such as the National Security Agency - which Alexander is the director of - the Defense Information Systems Agency and the private sector.

Alexander made it clear at the hearing that the goal of the cyber command is defensive. And as for the organization's offensive capabilities, little is publicly known as many of his answers to committee questions were classified.

"If confirmed, my main focus will be on building the capacity, the capability and the critical partnerships required to secure our military's operational networks," he says. "This command is not about efforts to militarize cyberspace. Rather it's about safeguarding the integrity of our military's critical information systems. Working with U.S. Strategic Command, department leadership and with help from this committee, my goal, if confirmed, would be to significantly improve the way we defend ourselves in this domain."

Alexander says NSA, the Defense Information Systems Agency and the command would have distinct and separate responsibilities and roles. But he says DoD is entering unchartered territory as it relates to cyber policy, law and doctrine.

"If confirmed, I intend to work closely with the undersecretary of Defense for policy [Michèle Flournoy] charged by Secretary Gates to develop a comprehensive strategy for DoD cyberspace operations," he says. "U.S. Cyber Command will operate under the same authorities and oversight as other combatant commands and sub-unified commands."

Lawmakers also wanted assurances from Alexander about how the command would work with the Homeland Security Department to help protect the .gov and .com domains.

Sen. Joseph Lieberman (I-Conn.), chairman of the Homeland Security and Governmental Affairs Committee, says DHS, NSA and eventually the command need to maintain a specific relationship.

"The bottom line here is the NSA is a national treasure and its resources are extensive," he says. "No one would want DHS to replicate those resources to carry out its responsibility to protect federal government civilian networks."

Lieberman wanted more details about DoD's role during a crisis.

Alexander put to rest any fears of a DoD take over. He says, like with any emergency situation, the military must be invited to come in to help out.

"One of our requirements in our unified command plan is to prepare for that task," he says. "If asked to do that, we would get an execute order and have standing rules of engagement."

But Alexander also recognizes that the rules are much more complicated because there are citizens' privacy and civil liberties concerns as well as the private sector challenges.

"I think that is one of the things the administration is trying to address with DHS and with DoD, how do we do that with industry?" he says. "That is probably the most difficult and the one we will spend our most time trying to work out way through. How does DoD help DHS in a crisis like that?"