Pentagon cyber defense bill:$100 million in six months

Gen. Chilton
Protecting defense departments networks cost taxpayers more than $100 million over the past six months, U.S. Strategic Command officials said yesterday.

The motives of those attacking the networks go from just plain vandalism to theft of money or information to espionage. Protecting the networks is a huge challenge for the command, Air Force Gen. Kevin P. Chilton  told a cyber security conference in Omaha, Neb., this week.

"Pay me now or pay me later," said Army Brig. Gen. John Davis, deputy commander of Joint Task Force Global Network Operations. "In the last six months, we spent more than $100 million reacting to things on our networks after the fact. It would be nice to spend that money proactively to put things in place so we'd be more active and proactive in posture rather than cleaning up after the fact."

Chilton said Defense Department personnel need to change the way they think about cyberspace. "It's not just a convenience. It's a dependency that we have," he said. "We need to change the way we conduct ourselves in cyberspace and hold our military folks to the same high standards that we hold our air, land and sea operators to."

A prohibition on using so-called "thumb-drives" and other portable data storage devices on Defense Department computers will remain in effect, Davis said. "I don't think anybody realizes how much better shape we'd be in if we just did the basics right," he said. "People need to just apply the basic rules and procedures that have been put in place to protect ourselves."

Earlier this year researchers at the military's Defense Advanced Research Projects Agency (DARPA) awarded $30 million to the major contractors it expects will develop the first phase of technologies that it promises will improve cyber security "by orders of magnitude above our current systems."  The contracts are part of DARPA's ambitious National Cyber Range (NCR) program the agency says will develop revolutionary cyber research and development technologies.

The NCR has tons of objectives including the ability to offer highly advanced test facilities and the  administration needed to certify/accredit, manage security, schedule testing, and processes. It will offer the ability to replicate large-scale military and government network enclaves as well as replicate commercial and tactical wireless and control systems.

Defense Department networks are attacked thousands of times a day, he said. The attacks run the gamut from "bored teenagers to the nation state with criminal elements sandwiched in there," defense officials stated.  

The military's expenditures on cyber security might be a timely example of what it takes to protect giant networks. This week reports said cyberspies from China and Russia penetrated the U.S. electrical grid with the intent of being able to disrupt it in a time of conflict.

According to the Wall Street Journal article: "The espionage appears pervasive across the U.S. and doesn't target a particular company or region, said a former Department of Homeland Security official. 'There are intrusions, and they are growing,' the former official said, referring to the electrical systems. 'There were a lot last year.'"

Layer 8 in a box

Check out these other hot stories:

Largest high-tech tornado chase ever set to spin

NASA picks heat shield from hell to protect astronauts

Feds take gloves off to fight flood of mortgage scammers

Researchers spend $60M to build wicked fast circuits

15 foolish high-tech stories

FAA exec offers blunt, scary assessment of its network security

FBI: Computer crime cost  $265M in 2008, an all-time high

10 iPhone apps that could get you into trouble

Flying car takes to the sky

Identity theft leads to murder

3-D light system revolutionizes way fingerprints are taken

12 changes that would give US cybersecurity a much needed kick in the pants

Related:

Copyright © 2009 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022