U.S. Strategic Command (USSTRATCOM) is responsible for the defense for all military network communications used by the Air Force, Navy, Army and Marines. With operations around the world, it is one of the largest networks (voice and data) to monitor and defend against attack. US STRATCOM mission statement says it all;
The Joint Task Force-Global Network Operations (JTF-GNO) directs the operation and defense of the Global Information Grid to assure timely and secure Net-Centric capabilities across strategic, operational, and tactical boundaries in support of DoD's full spectrum of war fighting, intelligence, and business missions.
In an interview with a USSTRATCOM spokesperson (who asked not to be identified) asking how the organization is facing current security concerns, the response by the team at USSTRATCOM is straight forward and common sense. Perhaps we could learn a few things ourselves by going back to basics. The Department of Defense (DoD) is constantly upgrading its tactics, training and abilities.
US STRATCOM's interview;
USSTRATCOM has a wide variety of responsibilities and support roles securing the computer networks of the military. Does USSTRATCOM secure all U.S. Military networks around the world or specific regions?
Within DoD, the United States Strategic Command (USSTRATCOM) has been designated as the military lead for coordinating, supporting, and conducting network operations in support of regional and national objectives. USSTRATCOM directs and conducts continuous operation and defense of the DoD's information systems, as a single enterprise, to assure DoD access to and use of cyberspace across DoD's full spectrum of operations.
How is this accomplished?
The DoD employs a layered-defense approach and each of the Services and other Combatant Commands implement complementary policies, structures, roles, and missions. We are creating a dynamic defense, a culture of cyber capabilities that can be brought to bear at the speed of the Internet. For security reasons, we do not discuss specifics about how this mission is carried out.
How much has USSTRATCOM grown to support and defend the networks under its management and responsibility?
The information technology within the DoD is extremely vast and complex, so it's impossible to put a finite number to that. The Internet continues to expand -- there are somewhere in the neighborhood of a billion users right now -- and the DoD information infrastructure is also quite expansive; approximately 15,000 individual networks and more than 7 million pieces of IT equipment. Every user is responsible for maintaining operational security, computer security, and personal integrity.
As far as specific forces arrayed, USSTRATCOM currently has subordinate commands responsible for protecting the system and mitigating efforts to intrude upon this environment, which collectively includes the computers, cabling, satellites and infrastructure that support all DoD missions. Component commands from the Army, Navy, Air Force and Marine Corps have their own Network Operations Centers and work directly with STRATCOM's subordinate commands.
Has new military and civilian / commercial hardware and applications challenged how USSTRATCOM has to look at network security?
Advanced computers, sophisticated software programs, and information technology are widespread. Computer and information technology advances are available globally, both easily and inexpensively, making the threat to the DoD information infrastructure extensive, pervasive, and increasingly sophisticated. This has given adversaries the potential to develop and employ capabilities to exploit information systems and networks worldwide. It is common knowledge that a number of nations are developing and implementing various defensive and in some cases, offensive capabilities. We have seen attempts by a variety of actors to gain unauthorized access to, or otherwise degrade, our information systems. The cyber threat is real, and we take it very seriously, because cyberspace has emerged as a domain not unlike land, air, and sea. The healthy functioning of cyberspace is essential to our national security.
With the military now having so many commercial contractor relationships, does it worry USSTRATCOM that some of these relationships create vulnerabilities that in some cases are beyond your security reach?
The DoD requires that companies with an interest in providing services to the military develop, maintain, and aggressively pursue policies and practices to mitigate cyber threats.
Where does USSTRATCOM see its priorities preventing cyberspace attacks from within and outside of the U.S.?
USSTRATCOM, is concerned with protecting the networks and systems of the Department of Defense and takes measures to ensure the security, availability and reliability of its networks for our soldiers, sailors, airmen and Marines; that is our first priority. Concurrently, the Department of Homeland Security is tasked with overseeing the protection of other government networks. The DoD will support, when requested and directed to, any U.S. Government agency request for assistance. There are established procedures and relationships to make that support happen.
How often do you put your teams through training and simulator/ practice operations and exercise programs of a cyber attack?
Several times a year we validate and enhance our techniques, tactics, and procedures through rigorous full-dimensional exercises across the DoD. These exercises often include other federal agencies as well as state and municipal entities, and even other nations.
How often does USSTRATCOM deal with attacks on military networks?
There are millions of incidents (such as scans) affecting the DoD's information infrastructure every day. These may come in the form of self-inflicted or benign acts such as an accidental fiber cut, or may be a result of a natural disaster such as Hurricane Katrina. Others may be in the form of a deliberate intrusion attempt or exploitation by a variety of hostile actors. Some incidents are considered more serious due to their impact. For reasons of security, we do not specifics.
Is USSTRATCOM confident it can prevent significant damage its Network as new threats emerge?
We're not immune, but we have defenses in place that we routinely validate and enhance through rigorous full-dimensional exercises across the DoD. These exercises often include other federal agencies as well as state and municipal entities, and even other nations. The DoD is focused on being proactive, both to prevent and deter malicious activity and intrusions, and to defend and respond to such incidents. The DoD has incorporated intrusion detection software in its networks, erected firewalls, and increased awareness training for its personnel. However, continued dedication, vigilance, and resourcing are necessary to maintain a strong defense.
The U.S. Navy announced the commencement of Fleet Cyber Command. How does USSTRATCOM plan to support this new organization announced by Adm. Gary Roughead, CNO, who named Vice Adm. Bernard J. McCullough III the commander of both FCC and 10th Fleet?
All services have organizations constituted to manage cyber operations, and all of them support USSTRATCOM's mission of coordinating, supporting, and conducting network operations in support of regional and national objectives.
What three pieces of advice would you suggest to civilian IT administrators to protect their networks?
Training, vigilance, and maintenance are the three most important aspects: Train your people and instill in them a sense of purpose, pride, and dedication; be vigilant; and maintain your hardware and software rigorously.