Back to news

January 2, 2019 | International, C4ISR

Four big questions for cybersecurity in 2019

By:

How will cybersecurity experts remember 2018?

In the past year, the Trump administration announced it would take more offensive hacking operations against foreign countries, the Department of Justice announcedsweeping indictments against Chinese hackers and the U.S. intelligence community reported that foreign countries continued to interfere in American elections.

So what comes next? Here are four overarching questions for the cybersecurity community in 2019:

What will the new Pentagon chief do with expanded cyber powers?

In August, the president gave the secretary of Defense the ability to conduct cyberattacks against foreign countries so long as they do not interfere with the national interest of the United States, according to four current and former White House and intelligence officials. But the resignation of Jim Mattis, the Defense secretary, means the next Pentagon chief will have a broad arsenal of cyber authorities.

For the cyber community, Patrick Shanahan, the current acting secretary, is a relative unknown. He has not given significant insight into how he views the role of offensive cyberattacks for the Pentagon, and his scheduled Jan. 1 elevation comes as some in the Trump administration and U.S. Cyber Command have pushed for even more authorities. However, he has spoken at length about the need for the defense industry to bolster its own cyber practices.

Although the appointment of Shanahan as acting Pentagon chief is temporary, he is on the short list of officials who may take on the job full time.

The new Pentagon chief may also have to decide when the National Security Agency and U.S. Cyber Command should split.

Both bodies are led by Gen. Paul Nakasone, but that may change. Cyber Command is in the process of gaining its own infrastructure to conduct offensive cyberattacks, and a Pentagon official told Fifth Domain in November that it appeared the split was all but certain to happen in the coming years, although no formal decision as been made.

What comes next in the U.S.-China cyber relationship?

The Department of Justice released a flurry of indictments against Chinese hackers in 2018, accusing Beijing's cyber sleuths of infiltrating American government agencies and defense contractors.

The most recent round of allegations came Dec. 18, and the legal action could continue in 2019. While announcing the most recent indictments, Deputy Attorney General Rod Rosenstein accused China of breaking an agreement not to use hacked materials for commercial use, although he did not offer evidence.

The hacking allegations come amid a broader trade war between the United States and China. Experts have told Fifth Domain a trade war could increase digital tension between the two nations. If the trade war continues, experts say they see little incentive for China to limit its cyberattacks.

Will America suffer blowback for more offensive cyber operations?

When the Trump administration announced the United States would take more offensive actions in cyberspace, some in the federal cybersecurity community criticized the plan as faulty.

“The side effects of the strategy of ‘persistent engagement' and ‘defend forward' are still ill-understood,” Max Smeets and Herb Lin, experts at Stanford University wrote for Lawfare. “A United States that is more powerful in cyberspace does not necessarily mean one that is more stable or secure.”

Experts also warn of making any rush judgments about the effectiveness of these offensive cyberattacks. Current and former intelligence officials worry that uncovering and attributing a hack can take more than a year, and, even then, that process is not perfect.

One former official pointed to the leaked documents about Russian targeting of American election infrastructure in 2016 that was sent to the news organization the Intercept. It took months for the intelligence community to understand the full extent of the hack, the official said, an example of how long it takes to detect a cyberattack.

However, all of that means it is reasonable to expect that the merits of the new offensive cyber operations may not be known publicly for years.

Will Congress take action to streamline cybersecurity contracting and research?

Yes, changing the way government does business is ambitious. But experts argue that if the United States wants to keep up with digital innovations from China and other countries it is necessary to change the American government's relationship with the private sector and academia. The effort to streamline cybersecurity funding and research will fall to the new Congress, in which Democrats will take over the House of Representatives.

But when it comes to the U.S. government's relationship with the cyber industry, structural barriers to innovation remain.

On average, it takes roughly seven years for an idea to get a contract inside the U.S. government. In that length of time, a product is already two generations old. Former Pentagon officials have used the digital fight against the Islamic State as an example of how long the process takes. It took roughly two years for Cyber Command to receive the proper equipment and training after the order to digitally defeat the Islamic State, officials told Fifth Domain.

In addition, the cybersecurity industry is watching a series of bills in Congress. Sen. Mark Warner, D-Va., has pushed for a streamlined security clearance process, and industry officials told Fifth Domain they expect him to continue the effort in the new year. The bill could make it easier and cheaper to get a security clearance.

And many in the federal cybersecurity community have called for a change in academia's relationship with cybersecurity.

The universities and research institutions in the United States focusing on quantum computing are “subpar,” George Barnes, deputy director at the NSA said in June.

Experts say that quantum computers will make traditional cybersecurity methods obsolete because of the expansive computing power.

However, new investments in artificial intelligence and a new Solarium Commission, which was created to help contextualize cyber in the broader national and economic security discussion, may provide solutions to these problems.

https://www.fifthdomain.com/industry/2018/12/31/four-big-questions-for-cybersecurity-in-2019

On the same subject

  • Contract Awards by US Department of Defense – October 13, 2020

    October 14, 2020 | International, Aerospace, Naval, Land, C4ISR, Security, Other Defence

    Contract Awards by US Department of Defense – October 13, 2020

    ARMY Longbow Ltd., Orlando, Florida, was awarded a $32,154,552 modification (P00001) to contract W58RGZ-20-F-0464 for generic spare parts kits for AH-64E Apache helicopters. Work will be performed in Orlando, Florida, with an estimated completion date of April 30, 2024. Fiscal 2020 Foreign Military Sales (India, Morocco, Netherlands, and United Arab Emirates) funds in the amount of $32,154,552 were obligated at the time of the award. U.S. Army Contracting Command, Redstone Arsenal, Alabama, is the contracting activity. Spence Brothers, Saginaw, Michigan, was awarded a $19,304,000 firm-fixed-price contract to modify the Union Street Dam and a bi-directional fish passage. Bids were solicited via the internet with five received. Work will be performed in Traverse City, Michigan, with an estimated completion date of Sept. 2, 2024. Fiscal 2021 Great Lakes Fishery Commission funds in the amount of $19,304,000 were obligated at the time of the award. U.S. Army Corps of Engineers, Detroit, Michigan, is the contracting activity (W911XK-21-C-0001). DEFENSE LOGISTICS AGENCY Altamira Ltd., Pittsburgh, Pennsylvania, has been awarded a maximum $11,875,000 fixed-price with economic-price-adjustment, indefinite-delivery/indefinite-quantity contract for medical equipment and accessories for the Defense Logistics Agency electronic catalog. This was a competitive acquisition with 130 responses received. This is a five-year contract with no option periods. Location of performance is Pennsylvania, with an Oct. 12, 2025, ordering period end date. Using military services are Army, Navy, Air Force and Marine Corps. Type of appropriation is fiscal 2021 through 2026 defense working capital funds. The contracting activity is the Defense Logistics Agency Troop Support, Philadelphia, Pennsylvania (SPE2DH-21-D-0051). https://www.defense.gov/Newsroom/Contracts/Contract/Article/2380512/source/GovDelivery/

  • Heavy polar icebreaker questions mount for Coast Guard

    July 27, 2018 | International, Naval

    Heavy polar icebreaker questions mount for Coast Guard

    By: Andrew C. Jarocki WASHINGTON ― Potential funding woes and questions about the aggressive proposed timelines have cast doubts about the future of the Coast Guard's new heavy polar ice breaker. The Government Accountability Office is dubious the service's lone heavy polar icebreaker can make it to its proposed 2023 retirement date and questioned whether the Coast Guard's construction schedule was too optimistic. The Coast Guard is planing to replace the Polar Star with the new heavy icebreaker the same year, something GAO said may not be “realistic and feasible.” The watchdog noted the aging Polar Star could reach the end of its service life as soon as 2020, and the “highly optimistic” delivery date of the new vessel could be delayed and leave the service without a heavy polar icebreaker to defend strategic Arctic interests for several years. Vice Adm. Daniel Abel, deputy commandant for operations, recently told the Coast Guard and Maritime Transportation Subcommittee at a hearing that the Polar Star is “limping along, and nothing with a US flag could rescue her [in the Arctic] if something happened, putting our polar capabilities at risk." To further complicate matters, House appropriators are currently debating cutting $750 million in funding for the Coast Guard. Vice Adm. Michael McAllister, deputy commandant for mission support, said at the hearing that the entire program schedule is at risk if the appropriations cut is finalized but that he remained confident that the Coast Guard is “well-poised to award the detailed construction contract in fiscal year 2019” for the heavy polar ice breaker. https://www.defensenews.com/naval/2018/07/26/heavy-polar-icebreaker-questions-mount-for-coast-guard

  • BAE Systems to Deliver Autonomy Capabilities for Army’s Future Vertical Lift Initiative

    November 4, 2020 | International, Aerospace

    BAE Systems to Deliver Autonomy Capabilities for Army’s Future Vertical Lift Initiative

    BAE Systems announced today it has been awarded multiple contracts from the U.S. Army to develop key technologies for the Advanced Teaming Demonstration Program (A-Team). BAE Systems was the only company awarded contracts for three of the program's four focus areas, designed to advance manned and unmanned teaming (MUM-T) capabilities that are expected to be critical components in the U.S. Army's Future Vertical Lift (FVL) program. In order to combat the increasingly complex, contested, and communication-denied battlespace presented by near-peer adversaries, the U.S. Army developed the A-Team program to create an automated system to offload the cognitive burden of pilots while enabling them to command swarms of unmanned aircraft. BAE Systems was selected to deliver a highly automated system to provide situational awareness, information processing, resource management, and decision making that is beyond human capabilities. These advantages become exceedingly important as the Army moves toward mission teams of unmanned aircraft that will be controlled by pilots in real time. The contracts total $9 million and include awards for the Human Machine Interface, Platform Resource Capability Management, and Situational Awareness Management elements of the program. To deliver the critical autonomy technology, BAE Systems' FAST Labs research and development team and Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance (C4ISR) Systems business area will leverage their decades of work pioneering autonomy technologies. The program will leverage the Future Open Rotorcraft Cockpit Environment Lab to conduct simulation tests and demonstrations with products from different contractors in consideration of transition to the FVL program. Work for the program takes place at the company's facilities in Burlington, Massachusetts and San Diego, California. https://www.defenseworld.net/news/28242#.X6L0RWhKiUk

All news