http://www.jya.com/ 5 December 1997, Defense Daily: PENTAGON WORKING ON KEY ASSET PROTECTION PROGRAM By Frank Wolfe The Pentagon is crafting a set of recommendations on a national infrastructure architecture to present to President Clinton next year. First, the recommendations are to be given Dec. 16 to the Principals Committee of the Presidential Commission on Critical Infrastructure Protection (PCCIP). That committee is composed of cabinet level officers and equivalents, including the Secretaries of Defense, Commerce, Energy and the Director of Central Intelligence. The recommendations are designed to provide protection for key Pentagon infrastructures and cyber and communications assets and to insure these assets do not conflict with those in the private world. Clinton created the commission in July last year to assess threats to eight of the nation's critical infrastructures, including telecommunications and banking, and recommend solutions. The commission's advisory committee--chaired by retired Sen. Sam Nunn (D-Ga.) and former Deputy Attorney General Jamie Gorelick--is looking at several studies, including one this year by the Defense Science Board and analyzing them to issue advice to Clinton. "Maybe we treat national security as a separate sector to insure that these threats are addressed," Sheila Dryden, the Pentagon's principal director of emergency preparedness policy, told Defense Daily yesterday. The Federal Bureau of Investigation has been collaborating with the Pentagon in fashioning the infrastructure protection strategies of both agencies. In July last year, the FBI started critical infrastructure threat assessment teams in each of its 56 field offices. "Some of them are doing better than others," David Keyes, the FBI's former commission representative, told Defense Daily. "It's a tough problem. You have different levels of industry acceptance and different levels of competence within field offices." The FBI has been sharing threat data with industry, including public utilities, and is looking to expand that data to the classified realm, Keyes said. "That's very important (to build trust)," Nunn said. "They (industries) have to understand the general scope of the threat." DoD and the FBI have collaborated in the past, Keyes said. When retired Gen. Colin Powell was commander of the Army's Forces Command (FORSCOM), the FBI and FORSCOM signed a memorandum of agreement concerning key asset protection programs in the United States, Keyes said. "It's a concerted effort," Keyes said of the FBI/DoD collaboration. "As DoD comes to closure on their program, our goal is to continue to be complementary programs." In October the commission issued its recommendations to Clinton, advising a "doubling" of the federal government's research and development funding for infrastructure protection, to $500 million per year, with 20 percent increases for the next five years. Other recommendations included establishing a prototype system of encryption in collaboration with the private sector and a joint setting of standards for information security by the National Institute of Standards and Technology and the National Security Agency. Those standards are to be shared with government agencies and industry. The DSB study recommended a threat and warning center in the Pentagon to alert DoD to foreign cyber attack and a private sector entity to respond to private sector requests while the commission's report recommended a government cell within the FBI and private sector alert and warning centers. "Our report suggest they will all be interconnected to share information, " Gorelick said. "The way we envision things is that when a warning center has specific information that needs to be provided to certain industries or individuals, that would allow for the free flow of information directly to those people and in and among those structures that currently provide information and warning." ---------- 5 December 1996, C4I News: INFORMATION ASSURANCE/ THE KEY IS THE RIGHT COMBINATION BY JOHN WOODWARD For the second installment of "Point of View," C4I NEWS asked John Woodward of the MITRE Corp. to address the topic of information warfare. Woodward is the technical director of MITRE's Intelligence and Special Programs Division, which executes MITRE's Air Force intelligence program, and serves as corporate director of information warfare. Woodward has more than 23 years of experience in software engineering with MITRE and has specialized in information assurance for the last 20 years. He has also managed the company's prototype development of the Joint Worldwide Intelligence Communications System and was responsible for MITRE's intelligence information system support to the Defense Intelligence Agency, North American Air Defense/U.S. Space Command/Air Force Space Command and Strategic Air Command. Woodward also led MITRE's Artificial Intelligence Technical Center. MITRE is an independent non-profit company that provides technical support to the government. Information dominance, the emerging mantra for our military, depends on achieving interoperabilitity, as Kenneth Allard suggested in his inaugural "Point of View." Our facility in collecting, processing, disseminating and acting upon C4I information will indeed be key to future military operations and to getting the most (or even a return on investment) from an ever-improving arsenal of "high-tech" weapons. Our dependence on information technology is growing rapidly, probably more so than our future enemies'. Achieving and maintaining information dominance will rely on information assurance--preserving the free flow and processing of information, and controlling our dependence on it. Controlling our dependence? Surely our insatiable appetite for technology will be fed by the rapid evolution of commercial information processing technology on which our military increasingly depends. Why must we control our dependence, and what would that mean? The answers lie in a broad understanding of information assurance and of threats to our information systems. A major, and increasingly understood, part of information assurance is known by several popular names: information security, information protection, defensive information warfare and others. But true information assurance, to be successful in the long run, must have a larger "bag of tricks," applied in the right combination. We can broaden our perspective by realizing that C4I is not alone in having a growing dependence on rapidly evolving information technology. Most aspects of our daily life are similarly reliant. An important aspect of that dependence is on the infrastructures that underlie the military, the government and the private sector: telecommunications, electric power systems, banking and finance, gas and oil systems, transportation, water supply systems and emergency services. The President's Commission on Critical Infrastructure Protection (PCCIP), which recently released its final report, is focusing attention on the vulnerabilities of these infrastructures due to their reliance on information technology. A major (some say the major) recommendation of the PCCIP is an unprecedented partnership between the government and private sector operators of these infrastructures. Each partner has much to learn from the others, and they all share a common need for information assurance. What can we learn from looking at the common information assurance practices of the military and the infrastructure providers? One of the first things to become evident is that many different information assurance techniques are employed, including system hardening, intrusion detection, reaction, backup, recovery, redundancy, diversity, deterrence, graceful degradation and deception. System hardening refers to any action taken to make it more difficult to monitor, change or disrupt information. Common examples include employment of "firewalls," which seek to keep outsiders from penetrating information systems, and scanning for (typically configuration) vulnerabilities that make it harder for insiders to penetrate other users' systems. Intrusion detection seeks to find penetration attempts and successes. Reaction can cover a wide range of activities, from disconnecting the intruder's access to creating a "fishbowl" in which his actions can be observed. Backup and recovery allow for timely reconstitution of service after a successful disruption. Redundancy and diversity of communications or information processing capabilities provide for more system robustness. Deterrence includes visibly upgrading one's hardening and vigorously pursuing intruders. Graceful degradation derives from the philosophy that it is better for an information system to operate in a (possibly pre-planned) degraded mode than to shut down for complete recovery. Deception takes advantage of the difficulty in attacking a system you do not understand. The military and infrastructure operators employ these information assurance techniques in various combinations. The military favors system hardening, intrustion detection and reaction. It is interesting to note that the military has a long history of employing deception (prominently in the Gulf War) in its warfighting, but has not yet embraced deception in its information systems, though these systems are touted as the battleground of the future. The banking and finance community additionally favors redundancy, backup and recovery. In performing air traffic control, the Federal Aviation Administration favors graceful degradation. Intruders, whether hackers or more sophisticated professionals, tend to keep up with emerging technologies better than our defenses do. Even the "holy grail"--a fully encrypted information infrastructure--is susceptible to disruption or denial of service attacks. Therefore, defending our evolving information systems-- whether their purpose is C4I or infrastructure operation--against a consistently growing threat will involve a prudent combination of these information assurance techniques, as well as others perhaps yet to be discovered. This combination will likely be different for each system and must be one that we control and evolve over time. In addition, we should seek to control our dependence on information. To do this, we must first understand it. We often don't realize our degree of reliance until a critical infrastructure or capability is disrupted. How helpless do we feel when our power goes out in a storm? If we correctly assess those areas in which we are most dependent on information technology, then we can better gauge what combination of information assurance techniques we should apply and where they would be most effectively employed. We can better understand and control our dependence when we understand how others do. The military and the private sector infrastructure providers are in this together. Common use of modern information technologies breeds common vulnerabilities that are best addressed centrally. "Best practices" of employing information assurance technologies must be shared to raise the overall level of hardening. Information about attacks must be shared to enable effective threat determination and projection. Only through partnering and sharing can we achieve the long-term information assurance that will be required for information dominance. Our investment for the future in this critical area must be increased, and the time to act is now. Those who do not may soon find themselves in the electronic gunsights of others who have. The military has a long history of employing deception (prominently in the Gulf War) in its warfighting, but has not yet embraced deception in its information systems, though these systems are touted as the battleground of the future. ---------- 5 December 1997, C4I News: STUDY RECOMMENDS INTELLIGENCE OVERHAUL, STREAMLINED CIA A new study by the non-profit National Institute for Public Policy advises a wholesale restructuring of the intelligence community to support U.S. military forces and save money. "Overall the intelligence community has been among the most successful parts of the postwar U.S. national security apparatus. Without basic reforms, however, that judgment will not remain valid indefinitely," according to the study, entitled Modernizing Intelligence: Structure and Change for the 21st Century. "Over the last thirty years, the intelligence community has witnessed enormous changes in the way intelligence is gathered and processed, but during this time, with the exception of the recent establishment of the National Imagery and Mapping Agency (NIMA), the intelligence community has not undergone significant structural reform," according to the study, which was conducted under the direction of retired Army Lt. Gen. William Odom, the director of national security studies at the Hudson Institute and a former Director of the National Security Agency (NSA). These are some of the report's wide-ranging suggestions: * the National Reconnaissance Office (NRO) should be abolished and its functions placed under NSA and NIMA; * separate the Directorate of Intelligence (DI) from the Central Intelligence Agency, greatly reduce its size and put it under the Director of Central Intelligence (DCI) through the National Intelligence Council; * a formal J-2 office under the Joint Chiefs of Staff should be developed to provide support to current military operations; * put all Defense Intelligence Agency (DIA) electronics intelligence (ELINT) collection under NSA and its imagery intelligence (IMINT) collection under NIMA; and * establish an overt human intelligence (HUMINT) organization in the Defense Department as a joint activity coordinating its activities with the national HUMINT manager. Asked about Defense Secretary William Cohen's recent recommendation that a separate Assistant Secretary of Defense for Intelligence (ASDI) be created, Odom said that "he (Cohen) needs a guy up there who asks are my intelligence guys doing things consistent with my intelligence aims?" Odom said that the current Assistant Secretary of Defense for Command, Control, Communications and Intelligence (ASDC3I) structure is "spread too thin. " The key for the ASDI will be finding "staff expertise," Odom said. According to the report, the DI is also "spread too thin" and " has become too large and bureaucratic to perform innovative and insightful analysis." "The DI has tried to be the 'central processor' for intelligence production while 'distributed processing' has taken the lion's share of the market," according to the report. "It (DI) has efforts in virtually all areas of intelligence analysis--general military, technical military, science and technology, economics, political, counterintelligence, and so forth. Yet it is not comprehensive in any of these areas. For example, the DI does analysis of foreign tanks. No U.S. Army tank development program, however, could survive on the DI's tank analysis. The DI's work is simply too eclectic, incomplete, or untimely." "The same is true for intelligence support to any Navy or Air Force weapons program," according to the report. "In matters of the services' development of military doctrine, the DI's products on foreign militaries would not even begin to provide sufficient information to satisfy their needs." The report suggests reducing DI in size "rather dramatically" and converting it to "a flexible analysis unit that looks for problems and issue areas being neglected by other intelligence community (IC) components, develops them for the DCI, and then passes them off to appropriate IC components for sustained and comprehensive analysis if that appears necessary. " CIA spokesman Mark Mansfield recently told C4I NEWS that CIA had no comment on the report because the agency had not yet reviewed it. But DCI George Tenet, in a speech Nov. 19 at the Gerald Ford library in Michigan, said the U.S. still needs the CIA and its production of " outstanding all-source analysis that is timely, prescient and persuasive." The CIA's four mission areas--all source analysis, clandestine operations, counterintelligence, and covert action--"are missions that I do not believe can be successfully replicated any place else in the United States government," Tenet said. Asking other agencies, such as the Department of State or the Pentagon, to pull together all source intelligence to present to the President "would place an unfair burden on them," he said. Tenet also defended the CIA's efficiency and its relationship with the military in response to a question about competition between the CIA and the Defense Intelligence Agency (DIA). "I think that there is a real synergy between the civilian agency and the defense agencies, of which the Defense Intelligence Agency is only one," Tenet said. "We attempt to rationalize our work so that we don't duplicate our work, particularly in the analytical arena. " The amount of the intelligence budget--$26.6 billion--was recently declassified. Tenet said the CIA's relationship with the military may be its "most important" one. "We pay a lot of time and attention to it," he said. U.S. commanders in Bosnia would say that support by the CIA and defense agencies is "the best intelligence story in the history of the United States," Tenet said. ----- National Institute for Public Policy Keith Payne, President 3031 Javier Road Suite 300 Fairfax, VA 22031-4662 703/698-0563, fax 703/698-0566 ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:56:10 PDT