Skip Links

U.S. cyber counterattack: Bomb 'em one way or the other

National Cyber Response Coordination Group establishing proper response to cyberattacks

By , Network World
February 08, 2007 12:06 PM ET

Network World - San Francisco — If the United States found itself under a major cyberattack aimed at undermining the nation’s critical information infrastructure, the Department of Defense is prepared, based on the authority of the president, to launch a cyber counterattack or an actual bombing of an attack source.

The primary group responsible for analyzing the need for any cyber counterstrike is the National Cyber Response Coordination Group (NCRCG). The three key members of the NCRCG, who hail from the US-CERT computer-readiness team, the Department of Justice and the Defense Department, this week described how they would seek to coordinate a national response in the event of a major cyber-event from a known attacker.

This week’s massive but unsuccessful denial-of-service (DoS) attack on the Internet’s root DNS, which targeted military and other networks, did not rise to the level of requiring response, but made the possibility of a massive Internet collapse more real than theoretical. Had the attack been successful there may have been a cyber counterstrike from the United States, said Mark Hall, director of the international information assurance program for the Defense Department and the Defense Department co-chair to the NCRCG, who spoke on the topic of cyber-response during the RSA Conference here.

“We have to be able to respond,” Hall said. “We need to be in a coordinated response.”

He noted that the Defense Department networks, subject to millions of probes each day, has “the biggest target on its back.”

But a smooth cyber-response remains a work in progress. The NCRCG’s three co-chairs acknowledge it’s not simple coordinating communications and information-gathering across government and industry even in the best of circumstances, much less if a significant portion of the Internet or traditional voice communications were suddenly struck down. But they asserted the NCRCG is “ready to stand up” to confront a catastrophic cyber-event to defend the country.

“We’re working with key vendors to bring the right talent together for a mitigation strategy,” said Jerry Dixon, deputy director for operations for the National Cyber Security Division at US-CERT. “We recognize much infrastructure is operated by the private sector.” The U.S. government has conducted cyber war games in its CyberStorm exercise last year and is planning a second one.

The third NCRCG co-chair, Christopher Painter, principal deputy chief at the Justice Department, said the cyber-response group also seeks to communicate with 50 countries around the world where monitoring for massive cybersecurity events go on as well. “Some of them have some of the same communications issues we have here,” he noted.

The Department of Homeland Security’s National Response Plan calls for coordination with a number of agencies, including the Department of Treasury, when the decision for a national response is made. So far, there has been no major cybersecurity event against the United States that has prompted the need for a national response.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News