Who Is In Charge if a Massive Cyber Attack Strikes the U.S?

Cyber physical attacks on infrastructure may be an unlikely sneak attack, but if it happens, the chain of command is far from clear. 

The threat of a massive cyber attack on civilian infrastructure, leading to loss of life and perhaps billions in damages, has kept lawmakers on edge since before former Defense Secretary Leon Panetta warned of it back in 2012 (or the fourth Die Hard movie in 2007). Many experts believe that a sneak attack would be highly unlikely. The Department of Homeland Security has the lead in responding to most cyber attacks. But if one were to occur today, DHS and the Defense Department wouldn’t know all the details of who is in charge of what.

The Department of Defense Cyber Strategy, published in April, carves out a clear role for the military and Cyber Command in responding to any sort of cyber attack of “significant consequence,” supporting DHS. Specifically, the strategy tasks the 13 different National Mission Force teams, cyber teams set up to defend the United States and its interests from attacks of significant consequence, with carrying out exercises with other agencies and setting up emergency procedures. It’s the third strategic goal in the strategy. It’s also “probably the one that’s the least developed at this – at this point,” Lt. Gen. James K. McLaughlin, the deputy commander of US Cyber Command, said at a Center for Strategic and International Studies event last month. He went on to describe the role that the military would play in such an event as “building the quick reaction forces and the capacity to defend the broader United States against an attack.” It’s something that the Defense Department, the Department of Homeland Security and the FBI and other agency partners all train for together in events like the Cyber Guard exercises, the most recent of which took place in July. The Defense Department, DHS and others worked through a series of scenarios related to a major attack on infrastructure.

McLaughlin described it as helpful in clarifying the difficult legal and policy issues that rear up when US troops are brought in to perform some military operation on US soil. But that doesn’t mean that all the kinks were ironed out.
 “I think we feel comfortable that if one of those events happened today you’d see the right discussion about the sort of the political leadership, you know, has this reached that threshold? To be honest, it will never be black and white, have a perfect recipe … we have a structure within the government to have that discussion, and the ability for a request to come forward where US Cyber Command forces would go.”

A structure to have a discussion is a bit different than a clear sense of who is in charge of what when the power goes out.
Army Brig. Gen. Karen H. Gibson, deputy commanding general of Joint Force Headquarters-Cyber at United States Army Cyber Command, essentially reiterated that point when Defense One caught up with her at the AUSA conference last month. When asked if there existed a specific doctrine that spelled out the leadership roles for the Defense Department and for DHS in event of an attack of significant consequence, she said “There are a number of exercises to work through those very issues and how do we leverage the National Guard to help? It is a high priority and they are working it but I don’t think there’s a ‘Hey, here’s the solution,’ yet. It’s just a high priority.”

One of the various legal considerations muddying the prospect of a clear strategy could be laws related to posse comitatus, which forbid anyone to use “any part of the Army or the Air Force as a posse comitatus or otherwise to execute the laws,” except “under circumstances expressly authorized by the Constitution or Act of Congress.”
This kind of attack is a perennial boogeyman, but the actual likelihood of a digital sneak attack that rises to the level of “significant consequence” is harder to pin down. In his novel Ghost Fleet, a fictional account of World War III, strategist Peter Singer makes a convincing argument that a cyber-physical attack is most likely to occur as part of hostilities already underway, not as a first strike.

However unlikely, were such an attack to occur today, the question of who is in charge of what remains somewhat open.
DefenseOne: http://bit.ly/1Y4aLOZ

 

 

 

« EU votes Snowden Human Rights Asylum
Energy Under Hacktivist Threat »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Electus Recruitment Solutions

Electus Recruitment Solutions

Electus is a leading recruitment specialist in the Engineering, Technology & Digital and Cyber & Security sectors.

Recorded Future

Recorded Future

Recorded Future arms security teams with threat intelligence powered by patented machine learning to lower risk.

ISARA Corp

ISARA Corp

ISARA Corporation is a security solutions company specializing in creating class-defining quantum-safe cryptography for today's computing ecosystems.

Coursera

Coursera

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online. Subject areas include Computer Security & Networks.

Wotan Monitoring

Wotan Monitoring

Wotan Monitoring is the software solution for fully automatic process monitoring, infrastructure monitoring and end-to-end monitoring.

Smarttech247

Smarttech247

Smarttech247 deliver a range of cyber security solutions, including cognitive security services using IBM Watson for Cybersecurity, SIEM, Compliance & Governance, and Penetration Testing.

AKATI Sekurity

AKATI Sekurity

AKATI Sekurity is a security-focused consulting firm providing services specializing in Information Security and Information Forensics.

Yaana Technologies

Yaana Technologies

Yaana is a leading provider of intelligent compliance solutions including lawful interception, data retention & disclosure, and advanced security analytics.

ReliaQuest

ReliaQuest

ReliaQuest’s GreyMatter solution connects existing technology, people, and process – then equips security teams with unified, actionable insights across their entire environment.

Cube 5

Cube 5

The Cube 5 incubator, located at the Horst Görtz Institute for IT Security (HGI), supports IT security startups and people interested in starting a business in IT security.

FAIR Institute

FAIR Institute

The FAIR Institute is a non-profit professional organization dedicated to advancing the discipline of measuring and managing information risk.

Digital Beachhead

Digital Beachhead

Digital Beachhead has the expertise to provide a range of Cyber Risk Management and other Professional Services with specifically tailored solutions at competitive prices.

Cyber Security Services

Cyber Security Services

Cyber Security Services is a cyber security consulting firm and security operations center (SOC).

Redington

Redington

Redington offer products and services in solution areas including digital transformation, hybrid infrastructure and cybersecurity.

DNS Research Federation (DNSRF)

DNS Research Federation (DNSRF)

DNSRF's mission is to advance the understanding of the Domain Name System's impact on cybersecurity, policy and technical standards.

Guardian Angel Cyber

Guardian Angel Cyber

Guardian Angel Cyber, is your trusted ally in safeguarding your digital assets and online presence.