09:21 AM
Connect Directly

Cyber Command Director: U.S. Needs To Secure Critical Infrastructure

General Keith Alexander says the new U.S. Cyber Command will work to protect the nation's key industries and defense networks from devastating cyber attacks.

General Keith Alexander, director of the new U.S. Cyber Command and the National Security Agency, is advocating the creation of a "secure, protected zone" in which critical infrastructure like the financial industry, the power grid and the defense industrial base would operate on the Internet, he said in an interview with select group of reporters Wednesday afternoon ahead of his testimony to the House Armed Services Committee on Thursday morning.

Though Gen. Alexander noted that such a solution was just one that is on the table, he stressed that the federal government, including U.S. Cyber Command, will likely be part of a team approach to helping protect the nation's critical infrastructure from devastating cyber attacks.

The White House, he said, is leading a group to look at cybersecurity policy and at the authorities currently in place to protect the nation's networks, including critical infrastructure networks.

"The question is, how do we do it," Alexander said. "Doing it, technically, is fairly straightforward. Getting everybody satisfied is the harder thing." Any such plan, he said, would leave the commercial Internet, "where our kids might communicate," untouched.

For today, Cyber Command's role is limited strictly to defending Department of Defense networks from cyber attacks and standing ready to execute offensive cyber operations on command, and as directed help the Department of Homeland Security defend broader government networks. The White House and Congress will ultimately lead the way in better defining any broader role that Cyber Command will have.

That said, Alexander confirmed that his team has taken part in analysis of the recent Stuxnet worm that successfully attacked several power plant control systems worldwide earlier this summer.

Alexander is also already working on plans to help protect the defense industrial base, a key task in the wake of successful attacks against defense contractor networks over the past few years that have stolen sensitive information. "It gets to, how do we provide them a level of protection analogous to what the government would have, so that their secrets aren't going to be stolen," he said.

U.S. Cyber Command is slated to formally reach full operating capability on October 1, and Alexander plans Thursday morning to inform Congress of the progress being made at Cyber Command as well as the military service components that will support it. About 1,000 military, civilian, and contractor employees work in Cyber Command today, supporting, among other things, an always-on joint operations center to direct the defense and operations of DoD networks.

1 of 2
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Current Issue
Dark Reading Tech Digest September 7, 2015
Some security flaws go beyond simple app vulnerabilities. Have you checked for these?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-09
The Telephony component in Apple OS X before 10.11, when the Continuity feature is enabled, allows local users to bypass intended telephone-call restrictions via unspecified vectors.

Published: 2015-10-09
The Safari Extensions implementation in Apple Safari before 9 does not require user confirmation before replacing an installed extension, which has unspecified impact and attack vectors.

Published: 2015-10-09
The API in the WebKit Plug-ins component in Apple Safari before 9 does not provide notification of an HTTP Redirection (aka 3xx) status code to a plugin, which allows remote attackers to bypass intended request restrictions via a crafted web site.

Published: 2015-10-09
The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5877.

Published: 2015-10-09
The Login Window component in Apple OS X before 10.11 does not ensure that the screen is locked at the intended time, which allows physically proximate attackers to obtain access by visiting an unattended workstation.

Dark Reading Radio
Archived Dark Reading Radio
What can the information security industry do to solve the IoT security problem? Learn more and join the conversation on the next episode of Dark Reading Radio.