US reveals plans to hit back at cyber threats

US reveals plans to hit back at cyber threats

Summary: The US Air Force Cyber Command is just as interested in attack as defence, according to a senior general

SHARE:
TOPICS: Security
1

The US Air Force Cyber Command is developing capabilities to inflict denial of service, confidential data loss, data manipulation, and system integrity loss on its adversaries, and to combine these with physical attacks, according to a senior US general.

Air Force Cyber Command (AFCYBER), a US military unit set up in September 2007 to fight in cyberspace, is due to become fully operational in the autumn under the aegis of the US Eighth Air Force. Lieutenant general Robert J Elder, Jr, who commands the Eighth Air Force's Barksdale base, told ZDNet.co.uk at the Cyber Warfare Conference 2008 that Air Force is interested in developing its capabilities to attack enemy forces as well as defend critical national infrastructure.

"Offensive cyberattacks in network warfare make kinetic attacks more effective, [for example] if we take out an adversary's integrated defence systems or weapons systems," said Elder. "This is exploiting cyber to achieve our objectives."

However, this is a double-edged sword, as adversaries will also attempt to develop similar capabilities, especially considering the US military's heavy use of technology, said Elder.

"Terrorists and criminals are doing the same thing. We depend so heavily as a military on the use of cyber, we have to be cautious about it," said Elder. "Cyber gives us a huge advantage but adversaries look at our capabilities and see areas they can undermine. We need to protect our asymmetric advantage — on the one hand by having people further exploit cyber, and on the other by having mission assurance."

This problem is made more pressing by the military's reliance on the public internet to perpetrate cyberattacks. The infrastructure the US military uses to both launch and defend against cyberattacks runs through the public internet system. Military networks such as the Global Information Grid are linked to US government and critical national infrastructure systems, which in turn are linked to the public internet. Adversary systems are subverted by the US military through public channels — however, this also leaves the US military open to attack through the same channels, said Elder.

Read this

Feature

Corporate espionage: Not if, but when

When it comes to business-to-business theft of information, experts agree — it's best to assume it will happen to your company

Read more

"The infrastructure on which the Air Force depends is controlled by both military and commercial entities and is vulnerable to attacks and manipulation," said Elder.

Other causes for military concern include possible supply-chain vulnerabilities, where vulnerabilities are introduced into chipsets during manufacturing that an adversary can then exploit, and electronics vulnerabilities.

"We need to make sure chips aren't manipulated — we're worried about information assurance just like everyone else," said Elder.

Other problems being faced by the Cyber Command are centred around different Air Force and military units needing to improve their channels of communication before the autumn.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • From what i'm reading it seems the Air Force needs some formal training

    It seems the AFCYBER needs formal training on how to structure their network for setting up these kind of attacks.
    sakamura@...