Risk
8/17/2011
12:44 PM
Connect Directly
RSS
E-Mail
50%
50%

DOD Expanding Contractor Cybersecurity Program

Pilot program that shares threat information with defense contractors, network providers has stopped hundreds of intrusions, DOD says.

Inside DHS' Classified Cyber-Coordination Headquarters
(click image for larger view)
Slideshow: Inside DHS' Classified Cyber-Coordination Headquarters
A Department of Defense (DOD) program that shares cyber-threat information with defense contractors and their network providers has already stopped "hundreds of intrusions" in its 90-day pilot phase, the deputy secretary of defense said this week.

The DOD soon plans to expand its Defense Industrial Base (DIB) experimental program--which currently has 20 participants--to the remainder of the industry base, as well as "key areas of critical infrastructure," deputy secretary of defense William J. Lynn told attendees Tuesday at the Defense Information Systems Agency (DISA) Customer and Industry Forum in Baltimore.

A transcript of his talk is available online.

The DOD launched the program, in which the agencies also work with defense contractors to use the threat information in a practical way to stabilize their networks, in June.

"By furnishing this threat intelligence, we are able to help strengthen these companies' existing cyber defenses," Lynn said Tuesday, adding that the pilot "also appears to be cost effective."

In his speech, he reminded people that the program is voluntary, and stressed that it does not violate anyone's privacy because the feds are not "not monitoring, intercepting, or storing any private sector communications."

Lynn also elaborated a bit on the specific work being done in DIB to prevent intrusions. He said that those participating are loading malicious code signatures that have been gathered by previous intelligence efforts onto existing systems to increase their cybersecurity effectiveness.

"In this way, the DIB Cyber Pilot builds off existing capabilities that are widely deployed through the commercial sector," he said.

Lynn did not name the current participants in the program, and a DOD spokeswoman declined to name them at the time when the program was revealed. However, a published report in the Washington Post released at that time identified AT&T, Verizon, and CenturyLink as participating Internet service providers, and Lockheed Martin, CSC, SAIC, and Northrop Grumman as participating contractors.

DIB is a collaborative effort between the DOD and Department of Homeland Security (DHS), but the National Security Agency is providing technical advice and cybersecurity information upon request by the DOD.

The Obama administration has been proactive in its efforts to work with the private sector on a host of technology fronts, and cybersecurity is a key area of collaboration. The DHS, for instance, already is sharing cybersecurity intelligence with some private-sector CIOs through another program launched last year.

Join us for GovCloud 2011, a day-long event where IT professionals in federal, state, and local government will develop a deeper understanding of cloud options. Register now.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2227
Published: 2014-07-25
The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Networks UniFi Video (formerly AirVision aka AirVision Controller) before 3.0.1 does not restrict access to the application, which allows remote attackers to bypass the Same Origin Policy via a crafted SWF file.

CVE-2014-5027
Published: 2014-07-25
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via a query parameter to a diff fragment page.

CVE-2014-5100
Published: 2014-07-25
Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new super user account via a request to admin/users/add, (2) insert cross-site scripting (XSS) sequences via the api_key_...

CVE-2014-5101
Published: 2014-07-25
Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) TPL_name, (2) TPL_nick, (3) TPL_email, (4) TPL_year, (5) TPL_address, (6) TPL_city, (7) TPL_prov, (8) TPL_zip, (9) TPL_phone, (10) TPL_pp_email, (11) TPL_authn...

CVE-2014-5102
Published: 2014-07-25
SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 allows remote attackers to execute arbitrary SQL commands via the criteria[startswith] parameter to ajax/render/memberlist_items.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.