Who Is In Charge if a Massive Cyber Attack Strikes the U.S?

Uploaded on 2015-11-11 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

Cyber physical attacks on infrastructure may be an unlikely sneak attack, but if it happens, the chain of command is far from clear. 

The threat of a massive cyber attack on civilian infrastructure, leading to loss of life and perhaps billions in damages, has kept lawmakers on edge since before former Defense Secretary Leon Panetta warned of it back in 2012 (or the fourth Die Hard movie in 2007). Many experts believe that a sneak attack would be highly unlikely. The Department of Homeland Security has the lead in responding to most cyber attacks. But if one were to occur today, DHS and the Defense Department wouldn’t know all the details of who is in charge of what.

The Department of Defense Cyber Strategy, published in April, carves out a clear role for the military and Cyber Command in responding to any sort of cyber attack of “significant consequence,” supporting DHS. Specifically, the strategy tasks the 13 different National Mission Force teams, cyber teams set up to defend the United States and its interests from attacks of significant consequence, with carrying out exercises with other agencies and setting up emergency procedures. It’s the third strategic goal in the strategy. It’s also “probably the one that’s the least developed at this – at this point,” Lt. Gen. James K. McLaughlin, the deputy commander of US Cyber Command, said at a Center for Strategic and International Studies event last month. He went on to describe the role that the military would play in such an event as “building the quick reaction forces and the capacity to defend the broader United States against an attack.” It’s something that the Defense Department, the Department of Homeland Security and the FBI and other agency partners all train for together in events like the Cyber Guard exercises, the most recent of which took place in July. The Defense Department, DHS and others worked through a series of scenarios related to a major attack on infrastructure.

McLaughlin described it as helpful in clarifying the difficult legal and policy issues that rear up when US troops are brought in to perform some military operation on US soil. But that doesn’t mean that all the kinks were ironed out.
 “I think we feel comfortable that if one of those events happened today you’d see the right discussion about the sort of the political leadership, you know, has this reached that threshold? To be honest, it will never be black and white, have a perfect recipe … we have a structure within the government to have that discussion, and the ability for a request to come forward where US Cyber Command forces would go.”

A structure to have a discussion is a bit different than a clear sense of who is in charge of what when the power goes out.
Army Brig. Gen. Karen H. Gibson, deputy commanding general of Joint Force Headquarters-Cyber at United States Army Cyber Command, essentially reiterated that point when Defense One caught up with her at the AUSA conference last month. When asked if there existed a specific doctrine that spelled out the leadership roles for the Defense Department and for DHS in event of an attack of significant consequence, she said “There are a number of exercises to work through those very issues and how do we leverage the National Guard to help? It is a high priority and they are working it but I don’t think there’s a ‘Hey, here’s the solution,’ yet. It’s just a high priority.”

One of the various legal considerations muddying the prospect of a clear strategy could be laws related to posse comitatus, which forbid anyone to use “any part of the Army or the Air Force as a posse comitatus or otherwise to execute the laws,” except “under circumstances expressly authorized by the Constitution or Act of Congress.”
This kind of attack is a perennial boogeyman, but the actual likelihood of a digital sneak attack that rises to the level of “significant consequence” is harder to pin down. In his novel Ghost Fleet, a fictional account of World War III, strategist Peter Singer makes a convincing argument that a cyber-physical attack is most likely to occur as part of hostilities already underway, not as a first strike.

However unlikely, were such an attack to occur today, the question of who is in charge of what remains somewhat open.
DefenseOne: http://bit.ly/1Y4aLOZ

 

 

 

« EU votes Snowden Human Rights Asylum
Energy Under Hacktivist Threat »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Exodus Intelligence

Exodus Intelligence

Exodus Intelligence are an industry leading provider of exclusive zero-day vulnerability intelligence, exploits, defensive guidance, and vulnerability research trends.

TenIntelligence

TenIntelligence

TenIntelligence provides due diligence, brand protection and fraud investigation services including digital forensics.

MIIS Cyber Initiative

MIIS Cyber Initiative

The Cyber Initiative's mission is to assess the impact of the information age on security, peace and communications.

Cyber 360

Cyber 360

Cyber 360 is a Cybersecurity contract and fulltime placement firm dedicated to identifying and hiring Cybersecurity professionals.

Altius IT

Altius IT

Altius IT reviews your website for security vulnerabilities and provides a report identifying vulnerabilities and recommendations to make secure.

enSilo

enSilo

enSilo secures customers data on premise or in the cloud. Regardless of the where the threat comes from, enSilo can protect your data.

Dispersive Networks

Dispersive Networks

Dispersive Virtual Network is a carrier-grade software-defined programmable network that is inspired by battlefield-proven wireless radio techniques.

ecsec

ecsec

ecsec is a specialized vendor of security solutions including information security management, smart card technology, identity management, cloud computing and electronic signature technology.

Invensity

Invensity

INVENSITY is an interdisciplinary technology and innovation consulting company. Centres of excellence include Cyber Security and Data Privacy.

Corsa Security

Corsa Security

Corsa Security is leading the transformation of network security with a private cloud approach that helps scale network security services with unwavering performance and flexibility.

Pratum

Pratum

Pratum is an information security services firm that helps clients solve challenges based on risk, not fear.

Yotta Infrastructure Solutions

Yotta Infrastructure Solutions

Yotta Infrastructure, a Hiranandani group company, provide Datacenter Colocation and Tech Services such as Cloud services, Network & Connectivity, IT Security and IT Management services.

TraitWare

TraitWare

The TraitWare mission is to increase user and company security while simplifying access to digital and physical resources through the elimination of the need for usernames and passwords.

CoinCover

CoinCover

Blockchain technology is changing everything. However, it brings its own set of unique risks. Coincover ensures everyone is protected, enabling them to innovate freely, without constraints.

Adsigo

Adsigo

Adsigo AG is your reliable and professional partner for all topics concerning PCI certification, compliance and information security.

Securitybricks

Securitybricks

Securitybricks specialize in cloud security and compliance. Our mission is to automate regulatory compliance backed by human validation.