2 janvier 2019 | International, C4ISR

Four big questions for cybersecurity in 2019

By:

How will cybersecurity experts remember 2018?

In the past year, the Trump administration announced it would take more offensive hacking operations against foreign countries, the Department of Justice announcedsweeping indictments against Chinese hackers and the U.S. intelligence community reported that foreign countries continued to interfere in American elections.

So what comes next? Here are four overarching questions for the cybersecurity community in 2019:

What will the new Pentagon chief do with expanded cyber powers?

In August, the president gave the secretary of Defense the ability to conduct cyberattacks against foreign countries so long as they do not interfere with the national interest of the United States, according to four current and former White House and intelligence officials. But the resignation of Jim Mattis, the Defense secretary, means the next Pentagon chief will have a broad arsenal of cyber authorities.

For the cyber community, Patrick Shanahan, the current acting secretary, is a relative unknown. He has not given significant insight into how he views the role of offensive cyberattacks for the Pentagon, and his scheduled Jan. 1 elevation comes as some in the Trump administration and U.S. Cyber Command have pushed for even more authorities. However, he has spoken at length about the need for the defense industry to bolster its own cyber practices.

Although the appointment of Shanahan as acting Pentagon chief is temporary, he is on the short list of officials who may take on the job full time.

The new Pentagon chief may also have to decide when the National Security Agency and U.S. Cyber Command should split.

Both bodies are led by Gen. Paul Nakasone, but that may change. Cyber Command is in the process of gaining its own infrastructure to conduct offensive cyberattacks, and a Pentagon official told Fifth Domain in November that it appeared the split was all but certain to happen in the coming years, although no formal decision as been made.

What comes next in the U.S.-China cyber relationship?

The Department of Justice released a flurry of indictments against Chinese hackers in 2018, accusing Beijing's cyber sleuths of infiltrating American government agencies and defense contractors.

The most recent round of allegations came Dec. 18, and the legal action could continue in 2019. While announcing the most recent indictments, Deputy Attorney General Rod Rosenstein accused China of breaking an agreement not to use hacked materials for commercial use, although he did not offer evidence.

The hacking allegations come amid a broader trade war between the United States and China. Experts have told Fifth Domain a trade war could increase digital tension between the two nations. If the trade war continues, experts say they see little incentive for China to limit its cyberattacks.

Will America suffer blowback for more offensive cyber operations?

When the Trump administration announced the United States would take more offensive actions in cyberspace, some in the federal cybersecurity community criticized the plan as faulty.

“The side effects of the strategy of ‘persistent engagement' and ‘defend forward' are still ill-understood,” Max Smeets and Herb Lin, experts at Stanford University wrote for Lawfare. “A United States that is more powerful in cyberspace does not necessarily mean one that is more stable or secure.”

Experts also warn of making any rush judgments about the effectiveness of these offensive cyberattacks. Current and former intelligence officials worry that uncovering and attributing a hack can take more than a year, and, even then, that process is not perfect.

One former official pointed to the leaked documents about Russian targeting of American election infrastructure in 2016 that was sent to the news organization the Intercept. It took months for the intelligence community to understand the full extent of the hack, the official said, an example of how long it takes to detect a cyberattack.

However, all of that means it is reasonable to expect that the merits of the new offensive cyber operations may not be known publicly for years.

Will Congress take action to streamline cybersecurity contracting and research?

Yes, changing the way government does business is ambitious. But experts argue that if the United States wants to keep up with digital innovations from China and other countries it is necessary to change the American government's relationship with the private sector and academia. The effort to streamline cybersecurity funding and research will fall to the new Congress, in which Democrats will take over the House of Representatives.

But when it comes to the U.S. government's relationship with the cyber industry, structural barriers to innovation remain.

On average, it takes roughly seven years for an idea to get a contract inside the U.S. government. In that length of time, a product is already two generations old. Former Pentagon officials have used the digital fight against the Islamic State as an example of how long the process takes. It took roughly two years for Cyber Command to receive the proper equipment and training after the order to digitally defeat the Islamic State, officials told Fifth Domain.

In addition, the cybersecurity industry is watching a series of bills in Congress. Sen. Mark Warner, D-Va., has pushed for a streamlined security clearance process, and industry officials told Fifth Domain they expect him to continue the effort in the new year. The bill could make it easier and cheaper to get a security clearance.

And many in the federal cybersecurity community have called for a change in academia's relationship with cybersecurity.

The universities and research institutions in the United States focusing on quantum computing are “subpar,” George Barnes, deputy director at the NSA said in June.

Experts say that quantum computers will make traditional cybersecurity methods obsolete because of the expansive computing power.

However, new investments in artificial intelligence and a new Solarium Commission, which was created to help contextualize cyber in the broader national and economic security discussion, may provide solutions to these problems.

https://www.fifthdomain.com/industry/2018/12/31/four-big-questions-for-cybersecurity-in-2019

Sur le même sujet

  • The military has lots of stuff. The port can move it. A $15 million deal brings them together.

    18 mars 2021 | International, Terrestre

    The military has lots of stuff. The port can move it. A $15 million deal brings them together.

    Under a five-year, $15 million contract, the Port of Virginia will provide dockworkers and facilities to move cargo including tanks, helicopters and food supplies.

  • Integrated Hypersonic Plan Forms Amid Overlap Concerns

    1 août 2019 | International, Aérospatial

    Integrated Hypersonic Plan Forms Amid Overlap Concerns

    WEST LAFAYETTE, Indiana—The U.S. Defense Department says data from an upcoming four-year test campaign covering 40 flights and three basic vehicle concepts will lay the foundation for a comprehensive hypersonic weapon road map that should allay growing congressional concerns over potential overlaps in costly weapons development capability. To a quarter of the tests, representing as many as 10 flights, will be focused on air-breathing scramjet-powered vehicles, says Mike White, assistant director for hypersonics at the Office of the Under Secretary of Defense for Research and Engineering. Speaking to Aerospace DAILY on the sidelines of the inaugural National Defense Industrial Association (NDIA) hypersonics capability conference at Purdue University here, White says test results from both boosted glide vehicle flights and powered missiles will form the basis for the integrated development plan. The overarching road map also will include the integration of a counter hypersonic development strategy, the preliminary steps toward which have been proposed by both the recently formed Space Development Agency (SDA) and the Missile Defense Agency. The SDA is studying a space-based distributed satellite architecture, while the latter has proposed a Hypersonic and Ballistic Tracking and Surveillance System (HBTSS). “Offensive and defensive coordination is my job,” White says. The bulk of the prototype tests will be conducted using the common hypersonic glide body (C-HGB). Developed by Sandia National Laboratories, the bi-conic re-entry vehicle has been adopted as the basis for near-term boosted glide weapons by the U.S. Air Force, Army and Navy, with only minor differences in each version planned to reflect the varying operational characteristics of each role. The Army, which plans to ground launch the Long-Range Hypersonic Weapon (LRHW) from transporter erector vehicles, is meanwhile making the first moves toward industrializing production of what up to now has been small batch manufacturing runs of experimental vehicles. The service has issued a solicitation for transition of the design and production capability of the initial prototype LRHW C-HGB variant out of Sandia into industry. A contract award is expected to be issued this month. Other versions of the C-HGB are in development for the Navy's vertically launched Intermediate Range Conventional Strike Weapon (IR-CPS), and the Air Force's Hypersonic Conventional Strike Weapon (HCSW). Underwater launch tests of the IR-CPS, which follows the successful Flight Experiment-1 test in October 2017, from the Pacific Missile Range Facility in Kauai, Hawaii, are due to run through 2024. The Air Force is scheduled to complete critical design review of the HCSW in 2020 prior to launch tests from a B-52. At least five other flight-test campaigns make up the remainder of the hectic four-year plan, three of which will be focused on the DARPA-led Tactical Boost Glide (TBG) vehicle and two proposed follow-on air-launched rapid response weapon (ARRW) vehicles in competitive development by Lockheed Martin and Raytheon. The balance are two air breathing vehicles, also in development by Lockheed/Aerojet Rocketdyne and Raytheon/Northrop Grumman, which will be evaluated under the Air Force's Hypersonic Air-Breathing Weapon Concept (HAWC) program. Despite the ongoing efforts to refine the hypersonic road map, the proliferation of prototype vehicle programs continues to cause concern in Congress. Warning that not all programs will receive the funding requested in the fiscal 2020 budget, Peter Visclosky, chairman of the House Appropriations Subcommittee on Defense, says some reductions are planned. Commenting at the NDIA event, he says, “Justifications in the budget for this effort receive the same scrutiny as every other program in the department and unfortunately certain aspects of that 2020 budget request were lacking.” Without identifying particular initiatives, Visclosky adds, “There were cuts to those specific programs where the justifications did not lead to a review. Each of the services impacted have been made aware of the issues that the committee has raised and the need to better define the strategy for the investment in these systems.” Visclosky also cautions that hypersonics, which is provisionally funded with a budget of $2.3 billion for fiscal 2020 and $10.5 billion over the period to 2024, also faces broader threats at a time of increased spending on other high-profile defense programs. “I am concerned about affordability in the future because this is a competitive process,” he said. “We have a nuclear modernization process that is underway and there is going to be a bulge in the federal budget. There is a new submarine and there is going to be a bulge in the budget. It is the same for the new [B-21] bomber under development and, while the Army doesn't have that ‘one' new program, collectively for the modernization program there is going to be one. “We need to make sure there is a concerted effort for commonality and collaboration to a common technical standard and system architecture. I think this will drive better affordability into the sustainment of the system,” he adds. https://aviationweek.com/defense/integrated-hypersonic-plan-forms-amid-overlap-concerns

  • Space Force seeks bids for next phase of national security launches

    5 octobre 2023 | International, Aérospatial

    Space Force seeks bids for next phase of national security launches

    The strategy pursues a two-lane approach to procuring launches -- one for emerging providers a second for rockets that can fly more demanding missions.

Toutes les nouvelles