The Defense Department’s networks, as currently configured, are “not defensible,” according to the general in charge of protecting those networks. And if there’s a major electronic attack on this country, there may not be much he and his men can legally do to stop it in advance.
Gen. Keith Alexander, head of both the secretive National Security Agency and the military’s new U.S. Cyber Command, has tens of thousands of hackers, cryptologists, and system administrators serving under him. But at the moment, their ability to protect the Defense Department’s information infrastructure — let alone the broader civilian internet — is limited. The Pentagon’s patchwork quilt of 15,000 different networks is too haphazard to safeguard.
Take last year’s infection of drone cockpits at Creech Air Force Base in Nevada. Air Force network operators only learned about the virus weeks afterward — by reading about it on this website.
“15,000 enclaves: You can’t see ‘em all. You cannot defend them all,” Alexander told an FBI-sponsored gathering of law enforcement and cybersecurity professionals at New York’s Fordham University. “You’ve got to have an infrastructure that is defensible.”
Cybersecurity has become a top priority in the Pentagon — one of the few areas of the Defense Department set to increase during a time of budget cutbacks. For Alexander, one of the top cybersecurity priorities is to drastically consolidate the number of military networks, data centers, and help desks into a more manageable number — 3,000, instead of 15,000. Meanwhile, he wants the Defense Department to move towards cloud computing, which he contends is both cheaper and easier to protect.
“We know where we are today is not defensible,” he said. “We are pushing very hard for both the Defense Department and the intelligence community to move down this road. The National Security Agency’s going there first. We’re doing this first to show – if it’s good for us, it’ll be good for others.”