Cybersecurity

Marines take prominent role in DOD cyber operations

Shutterstock image (by fotogestoeber): virus infection spreading out in a network.

QUANTICO, VA.

Marine Corps' cyber operatives have been at the forefront of two of the U.S. military's most prominent offensive and defensive cyber missions in the last year, reflecting the kind of maturity of capabilities the Pentagon is counting on to wield power in cyberspace.

Pentagon leaders called on a Marine Corps cyber protection team, among other network defenders, to evict hackers that had breached the Joint Chiefs of Staff's unclassified email network last summer, according to Brig. Gen. Lori Reynolds, head of Marine Corps Forces Cyberspace Command.

"That was probably the first real attack that we had…a finished CPT really get after," Reynolds said in an April 19 speech to AFCEA's Quantico-Potomac chapter.

Media reports have blamed that intrusion, which downed the Joint Chiefs' email network for about two weeks, on Russian spear phishers. Such cleanup operations can be laborious and time intensive. A 2013 operation to rid Iranian hackers from the unclassified portion of the Navy Marine Corps Intranet took three to four months.

Reynolds also shed light on recent offensive operations against the Islamic State terrorist group.

"There is a tremendous amount of signals intelligence that goes into developing a cyber target…and so the dependency on the National Security Agency right now is enormous," she said. Reynolds declined to talk further about the counter-ISIS cyber operation after her speech.

Defense Secretary Ash Carter in late January ordered U.S. Cyber Command, of which Reynolds' Marines are a component, to step up its hacking of ISIS operatives. Carter and other officials have been vocal about their intent to disrupt the group's communications, with Deputy Defense Secretary Robert Work saying recently that the U.S. military was dropping "cyber bombs" on ISIS.

'Operating on trust'

The annual Marine Corps IT Day at which Reynolds spoke is an opportunity to rally the Corps' IT professionals, as well as contractors, behind recent progress in network security. Marine Corps CIO Brig. Gen. Dennis Crall boasted that the Corps is leading the way on a Defense Department-wide directive to move IT systems to the Windows 10 operating system.

However, with the accomplishment-tallying came blunt talk about the shortcoming of the Corps' IT enterprise. Crall said the Corps could do more to deliver a standard toolkit for software development, something that he said vendors have requested. The lack of a standard makes it difficult to manage software upgrades, he added.

For her part, Reynolds worried about network visibility.

"Our current architecture makes seeing and understanding the battle space a significant challenge," she said. "In many cases I am operating on trust," when asking a domain owner to run a script to test compliance, for example.

The Marine Corps Enterprise Network has about 60 domains, Reynolds said, quipping: "that's like 59 too many."

Like the other service branches, the Marine Corps is adopting the Joint Regional Security Stacks, a set of servers, switches and software that is tantamount to a big firewall.  The Corps has been trying to time the switch from its own firewall to JRSS without sacrificing security. 

While praising the JRSS initiative, Crall also warned that it "could degrade our mission if we're involved too early." In other words, JRSS has to least provide the same level of security as the Corps' own firewall – "and then some," Crall said, adding, "depending on what version of JRSS we're talking about, that is kind of still an open-ended question."

About the Author

Sean Lyngaas is a former FCW staff writer.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.