Pentagon cyberdefenses weak, report warns

The Defense Department “is not prepared to defend against this threat”

From Ellen Nakashima, Washington Post:  A new report for the Pentagon concludes that the nation’s military is unprepared for a full-scale cyber-conflict with a top-tier adversary and must ramp up its offensive prowess.

The unclassified version of the study by the Defense Science Board also urges the intelligence community to boost its collection on leading nations’ cyber-capabilities and maintain the threat of a nuclear strike as a deterrent to a major cyberattack.

The 138-page report by the panel of civilian and government experts bluntly states that, despite numerous Pentagon actions to parry sophisticated attacks by other countries, efforts are “fragmented” and the Defense Department “is not prepared to defend against this threat.”

The report lays out a scenario in which cyberattacks in conjunction with conventional warfare damaged the ability of U.S. forces to respond, creating confusion on the battlefield and weakening traditional defenses.

In one of the more critical comments, the report notes that Pentagon “red” teams established to test the military’s cyberdefense abilities have “relative ease . . . in disrupting, or completely beating, our forces in exercises using exploits [software] available on the Internet."

The 33-member task force recommends a strategy combining deterrence, refocused intelligence priorities, and a stronger offense and defense. . . .

The report advocates establishing a clear response strategy for cyberattacks, outlining the need to use offensive cyber-capabilities preemptively or in response to an attack when the president decides it is appropriate.

The report calls for better understanding of the parameters of a full-scale military conflict in cyberspace, which it said could include hundreds of simultaneous, synchronized offensive cyber-operations.  (graphic: AP)

Image: ap%209%2029%2012%20pentagon_0.jpg