The Pentagon’s weapons systems are increasingly dependent on computer networks, making them vulnerable to cyber-attacks. The Department of Defense and U.S. Cyber Command have taken steps to organize cyberspace operations, but there is a lack of clarity about roles and responsibilities.
Cyber warfare poses a great threat to U.S. military power at little cost, a tactic already realized by LulzSec, a hacker group which recently attacked the website for the U.S. Senate, CIA and FBI. In February, the Deputy Secretary of Defense said that more than 100 foreign intelligence agencies have tried to breach DOD computer networks, one of which was successful in reaching networks with classified information.
DOD created the U.S. Cyber Command in 2009 under the U.S. Strategic Command, which allows military, civilian and contractor personnel to staff cyberspace operations for military network security. But the Government Accountability Office found a lack of specifics about civilian roles responsible for cyberspace operations for the military.
Military officials said DOD guidance was insufficient to determine precisely what work could be performed by civilians, and that could inadvertently restrict some positions to uniformed personnel.
Demands from other missions may also make it difficult to provide additional military personnel to support U.S. Cyber Command, a predicament that will be exacerbated by the Secretary of Defense’s plan to reduce the military strength of the Army and Marine Corps by 2015 and to reduce Navy personnel on shore.
The Pentagon is still reviewing roles for government civilians in the cyberspace domain but current guidance is insufficient to determine precisely what civilian activities or duties are prohibited, GAO said. A majority of cyberspace operations will originate at the theater, placing civilian cyber operators under the immediate control of combat commanders. Of particular concern to the military is how this relationship between U.S. Cyber Command and the combat commands will be carried out.
“Detailed and formalized guidance is needed to clarify roles, responsibilities, command structures, and mission requirements. Until such detailed guidance is articulated, the military services will continue to move forward in planning, budgeting, recruiting, and training personnel to conduct cyberspace operations without knowing whether their efforts will meet U.S. Cyber Command’s mission needs,” the GAO said.
FAST FACT: There are 1.8 billion attacks on U.S. government servers every month and cyber-attacks cost the U.S. economy an estimated $8 billion a year, according to Rep. James Langevin, D-R.I.