funsec mailing list archives
Fwd: [Infowarrior] - Classified Memo Toughens Cyber-Threat Portrayals In DOD Exercises
From: Paul Ferguson <fergdawgster () gmail com>
Date: Fri, 21 Jan 2011 13:54:01 -0800
Cheers, - ferg Forwarded message ---------- From: Richard Forno <rforno () infowarrior org> Date: Fri, Jan 21, 2011 at 12:26 PM Subject: [Infowarrior] - Classified Memo Toughens Cyber-Threat Portrayals In DOD Exercises To: (h/t Anonymous) Inside the Pentagon - 01/20/2011 https://defensenewsstand.com/component/option,com_ppv/Itemid,287/id,2351617/ Classified Memo Toughens Cyber-Threat Portrayals In DOD Exercises The military's top officer has issued a classified memo directing the Defense Department to use tougher, more realistic portrayals of cyber threats in its exercises. A reference to the September 28, 2010, memo, stamped "secret" and signed by Chairman of the Joint Chiefs of Staff Adm. Michael Mullen, is buried in the latest annual report from Michael Gilmore, the Pentagon's operational testing chief. Cyber threats portrayed during military exercises have been "consistently below that expected from a nation-state," but "red teams" playing the enemy role have generally beaten U.S. defenses, according to the report released last week by the director of operational test and evaluation (DOT&E). The report announces that "the level of cyber-threat portrayal in future exercises is expected to increase significantly" in response to Mullen's classified memo. A spokesman for Mullen declined to release the memo, but told Inside the Pentagon that the excerpts included in the report "seem to summarize an important point -- that our combatant commands must integrate aggressive cyber threats into their training events in order for us to maintain our competitive advantage in the field." Mullen's directive makes sense because cyber threats are becoming increasingly sophisticated, said Stewart Baker, who served as the Department of Homeland Security's first assistant secretary for policy. "In general, it's fair to say that you have to change your exercises on a regular basis because the threat gets more consistent on a regular basis," Baker told ITP. "If you're still doing the same thing you were doing three years ago, you're out of date." Baker acknowledged a "competing consideration" when looking to bolster the level of cyber-threat portrayal in exercises. "You don't want to run an exercise between people doing a good job and people doing a bad job," he said. "If it's so one-sided the attackers win all the time . . . then the exercise is not actually teaching people anything." However, "we're going to have to dramatically up our game given the sophistication of the attacks," he added. Gilmore's report states that "assessing organizations" within DOD performed information assurance and interoperability assessments during 21 combatant command and services exercises, eight of which involved units deployed or preparing to deploy to Iraq or Afghanistan. The information assurance posture observed during FY-10 exercise assessments is insufficient to prevent an advanced adversary from "adversely affecting the missions that were being exercised," the report states. "Improvements in certain areas of network defense were observed," but red teams "generally overcame defense during exercises by increasing their level of effort," the report adds. All red teams "reported increasing difficulty in penetrating network defense," but with sufficient time, they "typically managed to penetrate networks and systems," the report states. Although in some cases red teams were "successfully blocked from employing certain attacks due to specific preparations or precautions on the part of network defenders," the overall assessment is that information assurance "remains a significant operational concern" across the Defense Department, according to the report. DOD's operational testers also conducted interoperability assessments on cyber exercises and found that issues encountered "typically hindered, rather than prevented, mission accomplishment" due to "operators who developed and executed effective workarounds." But the workarounds "often resulted in degraded efficiency of completing tasks," the report adds. -- Amanda Palleschi _______________________________________________ Infowarrior mailing list Infowarrior () attrition org https://attrition.org/mailman/listinfo/infowarrior [end] -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Fwd: [Infowarrior] - Classified Memo Toughens Cyber-Threat Portrayals In DOD Exercises Paul Ferguson (Jan 21)