Pentagon plans expansion of cyberthreat alert system

The Joint Chiefs of Staff is crafting a plan to require all military commands to create a new alert system that will track cyberthreats to Defense Department information systems.

Similar to the well-known Defense Conditions, or DEFCONs, that mark the military's status in response to traditional foreign threats, this new departmentwide program is based on a concept created by the U.S. Strategic Command (Stratcom), which directs the nation's nuclear forces.

Stratcom's system, called Information Conditions, or INFOCONs, is composed of a series of levels that are raised or lowered based on threats to the command's information technology systems. As a threat to systems increases, officials take additional protective measures, such as cutting connections to the Internet or monitoring all communications in real time. Officials at Stratcom first used the system in February when multiple DOD systems at various locations came under electronic attack.

The levels and corresponding actions that the new plan will recommend are classified, according to a Joint Chiefs spokesman. However, he said the program was designed because Stratcom recognized the need to standardize procedures for responding to threats to information systems throughout DOD. The new program, which will hold DOD systems administrators accountable for system intrusions by requiring them to put into place procedures to respond to the changing conditions, will begin this summer, the spokesman said.

Barry Collin, senior research fellow at the Stanford, Calif.-based Institute for Security and Intelligence, said the move to take the program across the commands is "the largest coordinated information technology response" in U.S. military history. Speaking from Stratcom, where command officials gathered last week to discuss the plan, Collin said assessing information conditions requires agency buy-in at every level.

"If one is under what appears to be an attack, how do you inform other agencies?" Collin asked. "A more formalized process will help us determine when there is a large-scale attack. This indicates awareness and really emphasizes the purpose of the joint command."

Duane Andrews, a former assistant secretary of Defense for command, control, communications and intelligence from the Bush administration and now a senior vice president at Science Applications International Corp., said the new program will be one of the most aggressive efforts the department has undertaken as part of its information assurance program.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.