Pentagon to expand cyber-security force

Monday, January 28, 2013

— The Pentagon has approved a major expansion of its cyber-security force over the next several years, more than quadrupling its size to bolster the nation’s ability to defend critical computer systems and conduct offensive computer operations against foreign adversaries, according to U.S. officials.

The move, requested by the head of the Defense Department’s Cyber Command, is part of an effort to build an organization that until now has focused largely on defensive measures into the equivalent of an Internet-era fighting force. The command, made up of about 900 personnel, will expand to include 4,900 troops and civilians.

Details of the plan have not been finalized, but the decision to expand the Cyber Command was made by senior Pentagon officials late last year in recognition of a growing threat in cyberspace, said officials, who spoke on the condition of anonymity because the expansion has not been formally announced. The gravity of that threat, they said, has been highlighted by a string of sabotage attacks, including one in which a virus was used to wipe data from more than 30,000 computers at a Saudi Arabian state oil company last summer.

The plan calls for the creation of three types of forces under the Cyber Command: “national mission forces” to protect computer systems that under gird electrical grids, power plants and other infrastructure deemed critical to national and economic security; “combat mission forces” to help commanders abroad plan and execute attacks or other offensive operations; and “cyber protection forces” to harden the Defense Department’s networks.

Although the command was established three years ago for some of these purposes, it has largely been consumed by the need to develop policy and legal frameworks and ensure that the military networks are defended. Current and former defense officials said the plan will allow the command to better fulfill its mission.

“Given the malicious actors that are out there and the development of the technology, in my mind, there’s little doubt that some adversary is going to attempt a significant cyber attack on the United States at some point,” said William Lynn, a former deputy defense secretary who helped fashion the Pentagon’s cyber-security strategy. “The only question is whether we’re going to take the necessary steps like this one to deflect the impact of the attack in advance or ... read about the steps we should have taken in some post-attack commission report.”

Although generally agreed to by the military’s service chiefs, the plan has raised concerns about how they will find and train so many qualified cyber-security personnel and about how closely the Cyber Command should be aligned with the National Security Agency, the giant electronic spying agency that provides much of its intelligence support.

The head of the Cyber Command, Gen. Keith Alexander, is also the director of the National Security Agency, which employs some of the nation’s most advanced cyber operations specialists.

Front Section, Pages 3 on 01/28/2013