Security roundup: DOD revving up cyber-defense for 2012; Microsoft to have big January Patch Tuesday

Symantec snafu: Source code stolen from third-party server; Department of Energy developing project to reinforce grid cybersecurity

Buried in the lengthy National Defense Authorization Act for Fiscal Year 2012, the $622 billion defense spending bill which was signed into law by President Obama on Dec. 31, 2011, are some interesting nuggets about how the U.S. military wants to expand its cyber-defense strategy over the course of this year.

For one thing, the law amends Title 10 of the United States Code to let the secretary of defense temporarily assign a member of foreign country's military forces to a U.S. Department of Defense (DOD) organization "for the purpose of assisting the member to obtain education and training to improve the member's ability to understand and respond to information security threats, vulnerabilities of information security systems, and the consequences of information security incidents."

LOOKING BACK: From Anonymous to Hackerazzi: The year in security mischief-making

The Secretary of Defense is allowed to pay for this expense related to foreigners temporarily assigned to the U.S. military in this "fellowship" program in the interests of national security. The new law says the secretary of defense has to submit to Congress within a year a report evaluating the "feasibility and benefits of expanding the fellowship program" authorized under what is now Section 1051c of Title 10, United States Code, "to include ministry of defense officials, security officials, or other civilian officials of foreign countries." In other words, the U.S. military is looking at bringing foreign allies into cooperative military cyber-defense.

To continue reading, register here to become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Buried in the lengthy National Defense Authorization Act for Fiscal Year 2012, the $622 billion defense spending bill which was signed into law by President Obama on Dec. 31, 2011, are some interesting nuggets about how the U.S. military wants to expand its cyber-defense strategy over the course of this year.

For one thing, the law amends Title 10 of the United States Code to let the secretary of defense temporarily assign a member of foreign country's military forces to a U.S. Department of Defense (DOD) organization "for the purpose of assisting the member to obtain education and training to improve the member's ability to understand and respond to information security threats, vulnerabilities of information security systems, and the consequences of information security incidents."

LOOKING BACK: From Anonymous to Hackerazzi: The year in security mischief-making

The Secretary of Defense is allowed to pay for this expense related to foreigners temporarily assigned to the U.S. military in this "fellowship" program in the interests of national security. The new law says the secretary of defense has to submit to Congress within a year a report evaluating the "feasibility and benefits of expanding the fellowship program" authorized under what is now Section 1051c of Title 10, United States Code, "to include ministry of defense officials, security officials, or other civilian officials of foreign countries." In other words, the U.S. military is looking at bringing foreign allies into cooperative military cyber-defense.

Another section of the defense authorization bill calls for the secretary of defense to advance its cybersecurity strategy by obtaining "advanced capabilities to discover and isolate penetrations and attacks that were previously unknown and for which signatures have not been developed for incorporation into computer intrusion detection and prevention systems and anti-virus software systems." The capability called for is to "enable well-trained analysts to discover the sophisticated attacks by nation-state adversaries that are categorized as 'advanced persistent threats.'" APTs are generally considered to be stealthy cyber-infiltrations aimed at stealing highly sensitive data.

It's hardly surprising that the DOD, which has already formed a U.S. Cyber Command led by NSA Director Gen. Keith Alexander, would try to put fresh emphasis on APTs given widespread evidence that China, for one, is attacking corporate and military networks. But it also appears the DOD wants to engage the larger Internet Service Providers as well in watching for APTs. Not only are there to be "network-layer gateways operated by the Defense Information Systems Agency where the Dept. of Defense network connects to the public Internet," it's also viewed as "appropriate" to involve "global networks owned and operated by private sector Tier 1 Internet Service Providers" in the anti-APT effort. These larger ISPs, and perhaps other types of companies, would contribute "behavior-based threat detection capabilities."