From John Reed, Killer Apps: The Defense Department has reached what Pentagon officials describe a key agreement with some of the United States’ closest international allies to share information in the cyber realm.
The agreement allows the Pentagon to quickly share broad amounts of information on cyber attacks with the four other members of the so-called Five Eyes intelligence-sharing group (formally known as the UKUSA Agreement): the United Kingdom, Canada, Australia, and New Zealand.
"We have far more ability to share, particularly in relation to network defense and information assurance, than we’ve ever had previously. That’s very positive," said Marine Corps Maj. Gen. George Allen, director of plans and policy for U.S. Cyber Command said on August 16. "I think you’ll see a far better partnership with our coalition partners than you’ve ever seen" as the Five Eyes countries integrate the information into their exercises and planning.
"At this point it’s not a full treaty because it’s more an operational type cooperation; it’s through a policy type memorandum of understanding," Eric Rosenbach, deputy assistant secretary of defense for cyber policy told Killer Apps during a Sept. 4 interview while discussing how the U.S. shares cyber information with its closest allies. The cyber information-sharing agreement falls under a 2003 MOU on general information sharing between the Five Eyes, according to a DoD spokesman.
The agreement will speed up information sharing, which is crucial in cyber, Allen said: "It’s extremely important because you may see a certain threat in the U.K. that we haven’t yet seen in the U.S. and you want to be able to try to bolster your defenses by seeing that before it hits us. We still have a long way to go on near real time information sharing but the technology is there."
Agreements like the one between the Five Eyes are being reached as a result of a National Disclosure Policy regarding the sharing of sensitive cyber information that was enacted "just a couple of months ago," said Allen.
The new policy also allows less extensive information sharing with other U.S. allies around the globe, according to Allen. . . .
"The more we can build a solid relationship with a partner, the more we’re going to be able to crack the code in rapid information sharing, indications, and warnings with those partners," said Army Maj. Gen. John Davis, the military’s top advisor for cyber to the undersecretary of defense for policy on August 15.
"If we can do that, we can get these partners to rapidly react to [cyber attacks] that we may be seeing that they may not see. We may be able to tip and cue them so that they can take action. If some of their equipment is being hijacked, we can inform them, and if we have good working relationships we can leverage that to get them to take action rather than relying on any type of U.S. government activity because then you run into issues of sovereignty and that can be very complex," he said. . . .
One of the challenges with sharing information with allies is by building a single more defendable network for sensitive communications, said Army Maj. Gen. Mark Matthews deputy commander of U.S. Army forces in the Pacific.
Right now, Army forces in the Pacific resort to using separate, secure networks that are designated for information sharing between the U.S. and its allies who may not have the same high network security standards as the U.S., according to Matthews. However, the United States must ensure that its networks can be defended against any intrusions by hackers manipulating allied networks that are tied to the Pentagon’s, said Matthews.
"The best we can do is to craft secure networks, especially because we’re moving more and more toward multilateral exercises, away from bilateral, and allowing them to play and have access [to U.S. information] we have to find ways to build that secure network," said Matthews on August 15. (photo: U.S. Air Force)