DoD’s cyber rules of engagement

DoD’s cyber rules of engagement

By Wednesday, March 21st, 2012 9:18 am
Posted in Cyber Security

How do you talk about something without talking about it? That is the trick for America’s new breed of cyber-troops and their commanders.

As we keep hearing, the world of cyber is so incredibly super-secret, and so densely complicated, there’s no way to actually discuss it in an open environment. But congressional lawmakers and defense leaders and reporters want to talk about it in the open, to make clear that they’re hep to the cyber-jive; they wink-wink know what’s happening, can you wink-wink dig it? So then we get this:

“We are working closely with the Joint Staff on the implementation of a transitional command-and-control model for cyberspace operations” while reviewing existing rules of engagement, Madelyn R. Creedon told the House Armed Services Committee’s subcommittee on emerging threats and capabilities.


Teresa M. Takai, DOD’s chief information officer, and Army Gen. Keith Alexander, commander of U.S. Cyber Command, joined Creedon at the hearing. “This interim framework,” Creedon told the panel, “will standardize existing organizational structures and command relationships across the department for the application of the full spectrum of cyberspace capabilities.”

That’s from DoD’s official account of a cyber-hearing Tuesday, at which cyber-leaders tried to describe to House members their progress in treating cyber just like another warfare area. And what they seemed to be saying is that cyber already needs a new org chart for the second or third slide in its deck, as well as codified rules of engagement to govern how cyber-troops actually wage cyber-combat. Do not expect much granularity about that to emerge in these open sessions.

There was some good news: Takai told lawmakers DoD was making good steps forward in a few key areas:

A pillar of that modernization is a move to a single, joint network architecture, Takai said, allowing DOD and Cyber Command better visibility into network activity and better defense against cyber attacks. Individually, she said, the services and agencies have taken action to better position the information enterprise and security posture.

The department has made significant progress in several areas, Takai said. One effort involved deploying a modular system called a host-based security system that enhances situational awareness of the network and improves the ability to detect, diagnose and react to cyber intrusions.

“We’ve also taken the lead in assessing the risk of the global supply chain to our critical information and communications technology,” Takai added, and has instituted a successful defense industrial base cyber security and information assurance program

Meanwhile the manning, training and equipping of the cyber-corps goes on. Cyber Command boss Gen. Keith Alexander told lawmakers he is focusing on five areas in his new command, which is charged with defending DoD’s networks:

Building the enterprise and training the force; developing a defensible architecture; getting authorities needed to operate in cyberspace; setting the teamwork properly across U.S. government agencies; and creating a concept of operations for operating in cyberspace.

“I think we’re making progress,” Alexander said, “but … the risks that face our country are growing faster than our progress and we have to work hard on that.”

So we keep hearing. As ever, it’s impossible to know what to make of it. Alexander’s update could mean DoD is getting its ducks in a row and will be well-fixed if it gets hit by the Big One — though it’s also possible that kind of mentality is the wrong way to think about it. If DoD and the intelligence community and the rest of the federal government is bombarded each day by tens of thousands of attacks, the government could be wasting time ordering cubicle dividers and having team-building activities in its new offices. Bad guys and foreign governments could still be robbing us blind as the agency alphabet soup plays not-it on cyber responsibilities. When there’s no way to talk about this stuff, there’s no way to know.

Join the Conversation

itfunk March 21st, 2012 at 3:42 pm

Cyberwar is the perfect consultant scam, a war without targets, deaths or results has limitless possibilities to waste money.

DensityDuck March 21st, 2012 at 4:52 pm

You’ll be singing a different tune when someone in China figures out how to brick a smart meter and suddenly every residential property in America gets its power shut off permanently.

itfunk March 21st, 2012 at 7:07 pm

I understand you are extrapolating from your laptop and mobile phone but to an engineer you just claimed something like the chinese can kill washing machine in America through the water system — you can see now how funny you sound.

itfunk March 21st, 2012 at 7:10 pm

Cyberwar relies on technological ignorance to extract money from it’s marks. That why the Pentagon is being targeted — lots of money and lots of ignorance.

DensityDuck March 22nd, 2012 at 11:45 am

Do you even know what a smart meter is?

Michael March 22nd, 2012 at 7:22 pm

You must have missed my last reply.
http://​www​.dodbuzz​.com/​2​0​1​2​/​0​2​/​2​9​/​s​e​c​d​e​f​s​-​n​i​g​h​tma

Seriously, on what are you basing your beliefs? In my opinion a lot of system (i.e. web server) are insecure because of people who have no clue about how a computer is working. Here is the words from people really know what they are talking about.
http://​www​.embedded​.com/​e​l​e​c​t​r​o​n​i​c​s​-​b​l​o​g​s​/​a​n​a​l​yst

You think this is science-fiction? http://​www​.lexology​.com/​l​i​b​r​a​r​y​/​d​e​t​a​i​l​.​a​s​p​x​?​g​=​fe7

Conclusion? There is no magic fairy dust making those system secure; actions have to be taken.

Carl_rover March 23rd, 2012 at 9:37 am

Honestly the DoD wants to do the right thing, but the ingrained institutions of the services components have made it incredibly hard. So when new commands (i.e. xxCYBER) just poach from other commands (i.e. NETCOM, 1st IO) then you haven’t really done much more than add another layer of bureaucracy.

What the DoD needs is an influx of highly creative thinkers in positions of authority who can take a non “thou-shalt only” mentality to C4I. Example, COCOMs and MACOMs must get past fighting each other at every level of NETOPS and IA/CND and agree to a common set of requirements, not technological solutions.

Additionally, the Acquisition community needs to stop spending so much money trying to out do each other with almost identical projects, as they rush have fielded systems out the door.

itfunk March 24th, 2012 at 4:08 pm

Have you ever designed one ? LOL

Seriously you don’t want to be comparing resumes, you guys wouldn’t be allowed to post anything then.

itfunk March 24th, 2012 at 4:37 pm

You realize that EEtimes pieces are largely written as marketing buy companies pushing product right ?

But there is no debate effectively, the same guys that were pushing total situational awareness ad network centric computing have moved into cyberwar. Like here there are joined a few clueless refugees from the web world and a saturated web security market.

The SCADA industry can see they haven’t a clue (distributed load balancing for a scada system — LOL) and simply ignores them.

itfunk March 24th, 2012 at 4:38 pm

>What the DoD needs is an influx of highly creative thinkers

and pigs will fly.

itfunk March 24th, 2012 at 4:39 pm

“Eric Marks is the industry practice leader for PricewaterhouseCoopers.”

says it all.

Michael March 27th, 2012 at 9:41 am

Do you realize that you make claim against the industry without any rational arguments? And I don’t pretend to have posted the best articles ever; if you dare reading carefully enough, you would find that most of the articles contain words from companies working on the field.

>The SCADA industry can see they haven’t a clue (distributed load balancing for a scada system — LOL) and simply ignores them.

Perhaps the article was too long, here is the relevant snapshot with some words capitalized to put emphasis on them.
“For instance, PcVue designed its SCADA to run in a DISTRIBUTES ARCHITECTURE of several stations including redundant ones. Its REDUNDANCY MECHANISM include SUCH CAPABILITIES AS load balancing AND hot, warm or cold standby REDUNDANCY methods. This allows the operator to NOT ONLY able to handle the REDUNDANCY of the real-time, alarm and historical data of your distributed application but also manage the REDUNDANCY of the communication with the devices and of the physical network. ”

And the article specify clearly that this distributed architecture is not for improving security, but for improving reliability through resiliency. While I don’t know the exact implementation, I believe it’s a safe assumption that it’s designed to address issue like power outage and hardware failure, because the site may not be so easy to reach, or the cost of a failure or its consequences is just so high that it justify to induce more complexity, and go for a distributed system. Of course it create new security concern as it induce more complexity.

And I am an unborn; if you are so knowledgeable of SCADA system, what are you waiting to participate to the discussion and provide arguments, instead of trying to lower the discussion? And why picking up the small part of the article that does NOT address security concern?

Michael March 27th, 2012 at 9:47 am

That’s the only argument you can say? Yes Eric Marks wrote an article, and matter of facts, the article contain more word from companies working in the field than his own. If that article contain disinformation, what are you waiting to providing argument against it?

>You realize that EEtimes pieces are largely written as marketing buy companies pushing product right ?

Again, what is the point? The fact that it promote some company with their solution doesn’t make SCADA system any more secure. We are not trying to design a SCADA system, aren’t we?

Michael March 27th, 2012 at 9:49 am

Please don’t, that can only lower the discussion. If you believe to be more knowledgeable about this than any of us, what are you waiting to really discuss about this?

If I could not afford to be pointed wrong, then I would not post my opinion, period.

Michael March 27th, 2012 at 9:53 am

>Cyberwar relies on technological ignorance to extract money from it’s marks.

That the attacker who rely on the technological ignorance of the target, not the opposite. And if the pentagon or any other instance are targeted, it’s not because they are ignorant, it’s because they have something that the attacker want.

King Simmons January 9th, 2013 at 3:45 pm

With all of the ventures out there new “ENEMIES” are always in the showdows lurking and wating for there prey too become vulnerable and weak. Like terroists this problem hurts all of us with the newer technology and the lack of ALL the other guys resources not fair to the ladies sometimes the enemy in the dark smells nice too. The weaker of the target is the fact information used too gather there intell goes somewere else black market goods terror groups and less for the purchase of arms to combatant the problem.

Decadence February 7th, 2013 at 7:08 am

I think we need to stop prosecuting Anonymous members, and hire them. Who would you trust to know more about defending against Hackers? some guy fresh out of college, or a 10 year veteran of hacking?

*required

NOTE: Comments are limited to 2500 characters and spaces.

By commenting on this topic you agree to the terms and conditions of our User Agreement

AdChoices | Become a fan on and follow us on
© 2013 Military Advantage
A Monster Company.