Study calls for reserve virtual IT warfare unit
- By Dan Verton
- Jul 25, 1999
A year-long study completed last week by a senior panel of Defense Department officials recommended an unprecedented expansion in the role the reserves play in national defense, including the formation of a virtual cyberdefense unit to protect the nation's critical infrastructure.
The study, Reserve Component Employment Study 2005, was initiated in April 1998 at the request of Defense Secretary William Cohen and concluded that the reserves are "particularly well-suited to homeland defense missions." In addition, the study called for the formation of a "joint [reserve component] virtual information operations organization" and tasked various senior-level DOD organizations to complete a "proof of concept" study for creating the unit by June 30, 2000.
The new reserve cyberdefense unit "would consist of individuals with information technology skills who could perform their duties from dispersed locations rather than working as a single consolidated unit at a specific training center," the report said. To accomplish their mission of protecting various critical infrastructure nodes, the unit would communicate from existing reserve centers and other DOD facilities across the country that have access to the Secret Internet Protocol Routing Network.
To form the new unit, the study recommended looking for reserve members in regions of the country where high concentrations of IT skill already exist.
In addition, the study suggested that the reserves consider recruiting high-tech-savvy people from the civilian sector, requiring them to join the reserves for a specific number of years in exchange for high-tech training provided by DOD.
Establishing a "virtual organization" also would go a long way toward solving the department's problem of retaining personnel with critical IT skills and may allow DOD to reduce its reliance on external contractor support, the report said. "A 'virtual organ-
ization' [also] could support the Joint Task Force [for] Computer Network Defense," the report said. Cohen established the JTF-CND in December 1998 to monitor and take defensive actions against hackers and other unauthorized users who try to penetrate DOD networks.
Rick Forno, a security officer for Network Solutions Inc. and the former senior security analyst at the House of Representatives' Information Resources Security Office, said the report's recommendation to use the reserves for cyber defense "is a great idea" and represents one of DOD's more innovative initiatives. "I'm thrilled that DOD is looking to go outside the box on the Info-Protect/
InfoCorps idea in the reserve components," said Forno, who proposed a similar idea to DOD a year ago. However, "it comes down to endorsement and support from senior leadership [whether or not] they let this organization function as intended," he said.
Anthony M. Valletta, vice president of C3I systems for SRA Federal Systems and former acting assistant secretary of Defense for command, control, communications and intelligence, said the concept of using the reserves in this manner is one that the intelligence community has proven works.
"When we did this with the intelligence community, it worked extremely well," Valletta said. "We have a lot of expertise in the reserves that we need to take advantage of."
The main challenge facing the reserve cyberdefense corps idea, according to Valletta, is training and equipping the reserves to carry out the mission. "We have to keep up with the technology, and the reserves have to have the latest capabilities," Valletta said. "That is a major change of philosophy in terms of equipping the reserves."
However, the idea of establishing a JTF for Homeland Defense also is an idea that some groups, particularly civil liberties organizations, may question.
"The main issue is the Posse Comitatus Act and the limits on military activity within the U.S.," said Mark Lowenthal, former deputy assistant secretary of State for intelligence and now a member of Valletta's C3I consulting team at SRA. "If it is limited to what are clearly DOD facilities, then there should be no problem," he said. "If it steps over that line, then there are some legal issues that have to be addressed."
Other recommendations contained in the report include using the reserves as part of a Joint Task Force headquarters for Homeland Defense, which would work with the Federal Emergency Management Agency and other civil authorities to coordinate responses to attacks involving nuclear, chemical and biological weapons, and increasing the use of smart card technology to reduce delays in processing reserve members for active-duty assignments.