Another high-level official has added his assessment to a rapidly expanding chorus of voices saying that the United States private and public computer networks are vulnerable to cyberattack: Air Force Gen. Kevin Chilton, reports The Washington Post's Walter Pincus.
The head of the Pentagon's Strategic Command warned Congress today that the United States is vulnerable to cyberattacks "across the spectrum" and that more needs to be done to defend against the potential of online strikes, which could "potentially threaten not only our military networks, but also our critical national networks."
But ... Chilton made clear to a House Armed Services subcommittee that he has not been asked to defend most government Web sites nor the commercial and public infrastructure networks whose destruction could cripple the nation.
That task now falls to the Department of Homeland Security (DHS), although that could change next month when President Obama's 60-day cybersecurity review comes due.
Chilton's responsibilities include not only operating and defending military networks but creating cyberattack capabilities to use against adversary networks when the president orders it. Operational control of the Pentagon's cyberdefense and offense, Pincus reports, has been given to the National Security Agency (NSA).
Chilton said giving control over both aspects of military cybersecurity to the NSA makes sense for three reasons: 1) it already has information security responsibilities; 2) cyberdefense and cyberoffense are completely interdependent; and 3) the agency will bring intelligence support that will help the Pentagon defend its networks better.
The NSA's expanding role in cybersecurity has come under attack recently, however. Rod Beckstrom, director of National Cyber Security Center, quit the DHS office last Friday, criticizing the NSA's mission creep into DHS' cybersecurity responsibilities. In his resignation letter, Beckstrom wrote that the essential task of protecting the nation’s cyberinfrastructure should be handled by a civilian agency and not a secretive intelligence agency.