Network defense to become more sophisticated, effective

Photo By David Vergun | A Warfighter Information Network-Tactical Increment 2-equipped Stryker brings up the...... read more read more

Photo By David Vergun | A Warfighter Information Network-Tactical Increment 2-equipped Stryker brings up the rear of this convoy during 2nd Stryker Brigade Combat Team, 2nd Infantry Division's Decisive Action Rotation at the National Training Center, California, Jan. 15, 2016. (Photo Credit: Pfc. Lisa Orender)  see less | View Image Page

DC, DC, UNITED STATES

07.18.2016

Story by David Vergun       

Defense Media Activity - Army   

✔ ✗ Subscribe

44

WASHINGTON (Army News Service) -- "We must rethink how we defend ourselves from the increasingly sophisticated and capable enemy cyber advances," said Maj. Gen. Paul Nakasone.

Nakasone, commander of the Cyber National Mission Force, U.S. Cyber Command, spoke on Thursday, July 14, at the "Network Readiness in a Complex World" panel hosted by the Association of the United States Army.

NATURE OF ATTACKS

Nation-state adversaries "continue to use phishing campaigns to achieve initial access to far too many users clicking on links," Nakasone cautioned. Additionally, "malicious cyber actors utilize open-source tools by sophisticated ones to break simple passwords, move laterally and sometimes ex-filtrate data."

"Even though we're aware of these techniques, we are uneven in applying industry's best practices," he continued. "Far too many networks are poorly maintained and well behind in patching."

Cyber defenders probably spend 90 percent of their effort against the bottom 10 percent of network intrusion threats, he said. "This is not an effective means of defending our networks."

RESPONSE TO ATTACKS

All Department of Defense networks will become much more secure over the next 12 to 18 months, Nakasone predicted, particularly with adoption of the Windows 10 operating system.

However, Nakasone said he expects adversaries will react rapidly to this rise in network security as they try to intrude on important parts of the network, "even our command and control nodes."

To respond to this longer-term threat, the Army and DOD will turn increasingly to the private sector for solutions, he said.

These solutions will most likely include artificial intelligence and machine-learning systems to monitor data and user patterns that will automatically detect intrusion, he opined. Networks will become "self-healing."

Once automation takes over, operators can concentrate on deeper levels of understanding the networks, developing better detection tools, algorithms and analytics, he said, adding he predicts this will take place within a decade.

In the meantime, Nakasone said each time adversaries "cross our network boundaries, they're putting at risk their cyber capabilities." In other words, the nature of their attacks allows U.S. cyber operators to decode their techniques and methods.

GETTING THE LATEST, GREATEST

Lt. Gen. Michael E. Williamson, principal military deputy to the assistant secretary of the Army for Acquisition, Logistics and Technology, who also spoke at AUSA, said the Army and DOD will need to ride the wave of technology or risk being left behind.

Consumer electronics are advancing at an "incredibly rapid pace. The average time to obsolescence of some devices, such as home computers and smart phones, is as fast as 24 months," he said.

"Keeping up with this rapid evolution and exploiting it is presenting challenges for the Army procurement system," Williamson said.

To address these challenges, future Army systems will likely require significantly smarter and smartly-defined network architecture, he said. The network of the future will need to be modular in design, allowing for the addition of new software to existing hardware to extend the life of the "base machine."

Williamson added that procurement will need to keep pace with rapid technological innovation.

"NDIs (non-developmental items) allow the government to field the latest proven technologies to the warfighter quicker and allows for technical advancements to be fielded in less than the five-year refresh that we've used as our model in the past," he said. This allows the Army to buy items off the shelf rather than using the traditional program of record approach.

As an example, the current tactical radio contracting strategy uses the NDI approach to shorten the procurement and get items to the field more quickly, he said.

He concluded: "We're using proven technology developed by the vendors, prior to the government sitting down and writing the requirement document. That's really important. Industry has led, as opposed to waiting for us to define the requirement and come back to them."