By Cheryl Pellerin, American Forces Press Service
A recent example of cyber threats facing the Defense Department is a computer virus that affected a stand-alone ground control system for the nation's drone fleet based at Nevada's Creech Air Force Base, according to Stratcom commander Air Force Gen. C. Robert "Bob" Kehler.
The virus was not targeted at the drone fleet but entered "from the wild," Kehler said, adding the precise means of infection is still under investigation.
Stratcom systems detected the virus, quarantined it, and it had little to no impact on operations, he noted.
Both accidental and targeted attacks on DOD networks are on the rise, the general said.
"The trend is that we see multiple, deliberate attempts to try to get into our networks almost daily," he said.
Based at Offutt Air Force Base near Omaha, Neb., Stratcom serves as U.S. Cyber Command's headquarters, and also oversees the nation's missile defense, and global strike and space operations, as well as combating weapons of mass destruction.
The Stratcom mission set touches that of every other combatant command, Kehler said, noting that there are vital linkages between military and commercial information networks in areas like transportation and logistics.
"The Internet is mostly in the commercial and civil domains ... but we use it," he said.
Perfect defense of all networks is probably not achievable, but "mission assurance is something that we must achieve," Kehler said.
The Defense Department has made great progress in cyber defense, but "sometimes ... the more you know, the worse you look," he said.
In the past, some attacks may have gone undetected, the general explained, but defense officials are "far more aware today of the things that are happening to us, and we are taking strides to deal with the realities of operating in cyberspace."
Robust protections are in place on the "dot mil" domain and defense officials have begun a pilot program that extends some of those safeguards to defense industries, he noted.
A fundamental issue in cyber domain operations is defining what an attack is, and developing a legal framework, doctrine and rules of engagement for those operations, Kehler said.
"In other domains ... rules of engagement are based on things like hostile intent," he said. "Much of what we see on our networks or at our boundaries, at our firewalls, I'm not sure you could describe as an attack."
Cyberspace threats include predators, vandals and spies, not all of whom are attackers by national security terms, Kehler said.
He noted much of the hostile activity on DOD's networks involves attempts to steal industrial or military secrets.
"The word 'attack' makes it sound as though people are trying to take our systems down every day, and that's not the case," the general said.
Attempts to exploit military information or disrupt network activities could evolve into destructive attacks, Kehler said.
The United States has a military edge in cyberspace, but other nations possess "very sophisticated" capabilities in that domain, he said.
An important question being asked inside the Defense Department, Kehler said, is how to retain that edge as the global population gets smarter in cyberspace.
"I think there's a great question for us that goes all the way into our education system [and] our university system," the general said. "Can we, as a nation, provide the wherewithal in the information age to maintain a national security advantage, like we did in the industrial age?"
"I don't know that we quite have the answer yet," he added.