Sequester May Slow Pentagon Response to WikiLeaks
The across-the-board budget cuts known as sequestration that are expected to take effect on March 1 could impede the government’s ability to respond to WikiLeaks and to rectify the flaws in information security that it exposed, a Pentagon official told Congress recently.
Zachary J. Lemnios, the assistant secretary of defense for research and engineering, was asked by Sen. Rob Portman (R-Ohio) to describe the “most significant” impacts on cybersecurity that could follow from the anticipated cuts to the Pentagon’s budget.
Mr. Lemnios replied that “cuts under sequestration could hurt efforts to fight cyber threats, including […] improving the security of our classified Federal networks and addressing WikiLeaks.”
The sequester could also interfere with the Comprehensive National Cybersecurity Initiative that began under President Bush, he said, and could hold up plans to “initiat[e] continuous monitoring of unclassified networks at all Federal agencies.”
Mr. Lemnios’ response to Sen. Portman’s question for the record (which had not specifically mentioned WikiLeaks) followed a March 2012 Senate Armed Services Committee hearing on Emerging Threats and Capabilities that was published in December 2012 (at page 42).
Generally speaking, computer security within the military is a daunting problem, Mr. Lemnios told the Committee, particularly since “The Department operates over 15,000 networks and 7 million computing devices across hundreds of installations in dozens of countries around the globe.”
The challenge of cybersecurity cannot be fully described in public, said Dr. Kaigham J. Gabriel of DARPA. “The complete picture requires a discussion at the special access level.” But he told the Committee last year that several basic points can be openly acknowledged:
“Attackers can penetrate our networks: In just 3 days and at a cost of only $18,000, the Host-Based Security System” — the Pentagon’s baseline computer security system — “was penetrated.”
“User authentication is a weak link: 53,000 passwords were provided to teams at Defcon; within 48 hours, 38,000 were cracked.”
“The Defense supply chain is at risk: More than two-thirds of electronics in U.S. advanced fighter aircraft are fabricated in off-shore foundries.”
“Physical systems are at risk: A smartphone hundreds of miles away took control of a car’s drive system through an exploit in a wireless interface.”
“The United States continues to spend on cybersecurity with limited increase in security: The Federal Government expended billions of dollars in 2010, but the number of malicious cyber intrusions has increased.”
Though it was presumably not intentional, the WikiLeaks project galvanized government information security programs and accelerated efforts to devise “insider threat” detection mechanisms, along with intensified surveillance of classified and unclassified government computer networks.
“New classes of anomaly detection methods have been developed and are based on aggregating events across time and multiple sources to identify network and host-based behavior that might be malicious,” James S. Peery of Sandia National Laboratories told the Senate Armed Services Committee at last year’s hearing. “These approaches and behavioral-based methods have been successful in finding previously undiscovered malware.”
“One drawback of this technology, though, is that it has a very high false positive rate,” he said.
The FAS Nuclear Notebook is one of the most widely sourced reference materials worldwide for reliable information about the status of nuclear weapons, and has been published in the Bulletin of the Atomic Scientists since 1987.. The Nuclear Notebook is researched and written by the staff of the Federation of American Scientists’ Nuclear Information Project: Director Hans […]
On 14 April 2023, the Belarusian Ministry of Defence released a short video of a Su-25 pilot explaining his new role in delivering “special [nuclear] munitions” following his training in Russia. The features seen in the video, as well as several other open-source clues, suggest that Lida Air Base––located only 40 kilometers from the Lithuanian border and the […]
A photo in a Los Alamos National Laboratory (LANL) student briefing from 2022 shows four people inspecting what appears to be a damaged B61 nuclear bomb.
In early-February 2023, the Wall Street Journal reported that U.S. Strategic Command (STRATCOM) had informed Congress that China now has more launchers for Intercontinental Ballistic Missiles (ICBMs) than the United States. The report is the latest in a serious of revelations over the past four years about China’s growing nuclear weapons arsenal and the deepening […]