Éditoriaux Défense Sécurité Terrorisme Zones de conflits Logistique Livres de référence Liens
Terre Air Mer Gendarmerie Renseignement Infoguerre Cyber Recherche

Alexander

Alexander: Defending Against Cyber Attacks Requires Collaboration

By Cheryl Pellerin, American Forces Press Service.

Washington D.C. – (AFPS) – October 30, 2013 – Catastrophic cyber attacks loom in the nation’s future, and only collaboration among government agencies, Internet service providers and U.S. allies worldwide can help citizens prepare for them, the commander of U.S. Cyber Command said this afternoon.

Army Gen. Keith B. Alexander, who also serves as director of the National Security Agency, delivered the keynote address to senior government security officials and industry executives attending a cybersecurity conference.

“Over the last 14 months, we’ve seen over 350 distributed-denial-of-service attacks on Wall Street, with varying levels of success. In August 2012, the whole world saw a destructive attack on Saudi Aramco’s computer systems that … wiped out the data on over 30,000 systems,” Alexander said.

The general asked the audience to imagine if that attack had hit Wall Street and to consider the impact it would have on the nation’s finances and the global financial structure.

“Those types of catastrophic attacks are in our future,” the general said. “We have to prepare for them. This is something the government cannot do by itself -- this is something government, industry and our allies have to work [on] together.”

Alexander said the partnership must start with legislation that allows Internet service providers such as those who have large financial industry clients on Wall Street to tell government law enforcement agencies exactly when a cyber attack is happening so it can be stopped.

“We need a way for industry to tell us when there’s an attack going on,” he said. “The chances of us seeing it in time to do something about it are very small, especially for a destructive attack.”

Alexander likened the way such a process would work to the way the E-ZPass electronic toll collection system scans cars on the highway to collect tolls. In the case of Internet traffic, the Internet service provider would scan network packets to see if they are good or bad, he explained.

If a bad packet is coming into Wall Street, Internet service providers would see that, he said, and could tip off the FBI, the Department of Homeland Security, the National Security Agency or U.S. Cyber Command about the bad packet, including where it’s going and where it’s coming from, at network speed.

“That’s the key,” Alexander said. “In order to respond to these types of threats, we need that information at network speed, and we’ve got to come up with the rules and the operational concepts to actually work at network speed if we’re going to stop some of these attacks.”

Some questions remain about how the process would work, he added.

“How do we scan traffic to know that it’s good to go in such a way that we protect our civil liberties and privacy and insure it’s not something that’s going to destroy our financial networks?” he asked. Our thoughts are that this is where government and industry can work together.

“We don’t need the contents of the packet,” he continued. “We don’t need to know anything more than it’s a bad packet and it came from Point A and it’s going to Point B. But for industry to provide us that information, we need legislation.”

Five areas are most important to the Cyber Command and NSA missions, the general told the audience. First, and perhaps most important, is to have a trained and ready force, he said.

“If you don’t have that and if [the cyber warriors] aren’t trained to the right level,” Alexander said, “they will never detect the threats that are going on in our networks.”

Second is to have operational concepts and command and control, the general said, defining that as Team Cyber, or the integration of NSA and Cyber Command as a team alongside the Department of Homeland Security and the FBI.

“We have a team and a concept that says if an attack is happening on Wall Street, we have to know how we’re going to work it,” he said. “NSA and Cyber Command do not respond inside the United States; that’s the role of the FBI. Outside, we work with our allies; that’s where NSA and Cyber Command come in. The operational concept says how we stop an attack and how we tell the right authorities what’s coming.”

Third is to have a defensible architecture, he said, using the Defense Department’s networks to explain the problem.

“Within the Defense Department we have 15,000 enclaves, each with different system administrators, each with their own firewalls, and each presenting a potential vulnerability if they’re not patched at the same time,” Alexander explained.

Having 15,000 groups of people trying to patch a network at the same time is problematic, he said.

“Somebody’s going to make a mistake, and … in cyberspace that means an adversary has a good probability of getting access to our network,” he said. “It’s the same thing for industry. How are we going to fix it? This is where the thin virtual cloud comes in.”

Such problems must be addressed at network speed “if we’re ever going to get out in front of this,” he added.

The fourth area is shared situational awareness in cyberspace, or how cyberspace is seen.

“Today, when somebody talks about an attack into your network, ask them to draw you a picture,” Alexander said. The issue, he added, is that if someone can’t describe what’s happening in cyberspace so that every decision maker understands it, how can they respond?

“We need shared situational awareness in cyberspace. We’re working that -- we call it the cyber common operational picture -- but we also have to have that shared space with industry,” Alexander said. “That’s one of the key things that industry and government have to work on together. How do we see the threats?”

Seeing good airplanes and bad airplanes coming in requires that they be sorted out, Alexander said. “We do that for air defense,” he added. “How do we do it for cyber defense, and how do we share it with our allies? That’s a key issue we have to address in solving some of the problems coming up.”

The fifth area is authorities, he said.

“The secretary of defense and the president are the policymakers, and it’s their decision on when we act and when we don’t act,” Alexander said. “But we have to set up some of the authorities -- what we’ll call the rules of the road.”

From a military perspective, these are the rules of engagement, he said, “and we are actually working that with the Defense Department, the White House and others. … But those, I think, absolutely should be on the table, and they should be transparent.”

Biographies:
Army Gen. Keith B. Alexander

Related Sites:
Special Report: The Cyber Domain – Security and Operations


Derniers articles

Verdun 2016 : La légende de la « tranchée des baïonnettes »
Eyes in the Dark: Navy Dive Helmet Display Emerges as Game-Changer
OIR Official: Captured Info Describes ISIL Operations in Manbij
Cyber, Space, Middle East Join Nuclear Triad Topics at Deterrence Meeting
Carter Opens Second DoD Innovation Hub in Boston
Triomphe de St-Cyr : le Vietnam sur les rangs
Dwight D. Eisenhower Conducts First OIR Missions from Arabian Gulf
L’amiral Prazuck prend la manœuvre de la Marine
Airmen Practice Rescuing Downed Pilots in Pacific Thunder 16-2
On ne lutte pas contre les moustiques avec une Kalachnikov...
Enemy Mine: Underwater Drones Hunt Buried Targets, Save Lives
Daesh Publications Are Translated Into Eleven Languages
Opération Chammal : 10 000 heures de vol en opération pour les Mirage 2000 basés en Jordanie
Le Drian : Daech : une réponse à plusieurs niveaux
Carter: Defense Ministers Agree on Next Steps in Counter-ISIL Fight
Carter Convenes Counter-ISIL Coalition Meeting at Andrews
Carter Welcomes France’s Increased Counter-ISIL Support
100-Plus Aircraft Fly in for Exercise Red Flag 16-3
Growlers Soar With B-1s Around Ellsworth AFB
A-10s Deploy to Slovakia for Cross-Border Training
We Don’t Fight Against Mosquitoes With a Kalashnikov
Bug-Hunting Computers to Compete in DARPA Cyber Grand Challenge
Chiefs of US and Chinese Navies Agree on Need for Cooperation
DoD Cyber Strategy Defines How Officials Discern Cyber Incidents from Armed Attacks
Vice Adm. Tighe Takes Charge of Information Warfare, Naval Intelligence
Truman Strike Group Completes Eight-Month Deployment
KC-46 Completes Milestone by Refueling Fighter Jet, Cargo Plane
Air Dominance and the Critical Role of Fifth Generation Fighters
Une nation est une âme
The Challenges of Ungoverned Spaces
Carter Salutes Iraqi Forces, Announces 560 U.S. Troops to Deploy to Iraq
Obama: U.S. Commitment to European Security is Unwavering in Pivotal Time for NATO
International Court to Decide Sovereignty Issue in South China Sea
La SPA 75 est centenaire !
U.S. to Deploy THAAD Missile Battery to South Korea
Maintien en condition des matériels : reprendre l’initiative
La veste « léopard », premier uniforme militaire de camouflage
Océan Indien 2016 : Opérations & Coopération
Truman Transits Strait of Gibraltar
Navy Unveils National Museum of the American Sailor
New Navy, Old Tar
Marcel Dassault parrain de la nouvelle promotion d’officiers de l’École de l’Air
RIMPAC 2016 : Ravitaillement à la mer pour le Prairial avant l’arrivée à Hawaii
Bataille de la Somme, l’oubliée
U.S., Iceland Sign Security Cooperation Agreement
Cléopatra : la frégate Jean Bart entre dans l’histoire du BPC Gamal Abdel Nasser
Surveiller l’espace maritime français aussi par satellite
America's Navy-Marine Corps Team Fuse for RIMPAC 2016
Stratégie France : Plaidoyer pour une véritable coopération franco-allemande
La lumière du Droit rayonne au bout du chemin





Directeur de la publication : Joël-François Dumont
Comité de rédaction : Jacques de Lestapis, Hugues Dumont, François de Vries (Bruxelles), Hans-Ulrich Helfer (Suisse), Michael Hellerforth (Allemagne).
Comité militaire : VAE Guy Labouérie (†), GAA François Mermet (2S), CF Patrice Théry (Asie).

Contact