Transportation Command upbeat in cyber progress report

The Senate Armed Services Committee last September released a report criticizing Transportation Command’s lack of awareness of cyber intrusions to its contractors. Appearing before the committee July 14, the sitting TRANSCOM commander and his potential successor made the case that the command’s cyber posture has improved significantly in the last 10 months.

“We’ve actually completely rewired the way we do cyber defense and cyber hygiene within the command,” said Air Force Gen. Paul Selva, the TRANSCOM commander whom President Barack Obama has nominated to be vice chairman of the Joint Chiefs of Staff. “So we have put our forces essentially on the offense, looking for people that are intruding into the network.”

The committee’s yearlong investigation concluded that Chinese hackers had breached the computer networks of contractors to the command 20 times over the course of a year, but that the command was aware of just two of those intrusions. The report faulted a lack of communication between the command, the U.S. military’s main artery for distributing troops and equipment, and other Defense Department components “regarding TRANSCOM’s need to know about cyber intrusions.” Among the inquiry’s other findings were “a lack of common understanding between TRANSCOM and its contractors as to the scope of cyber intrusions that must be reported,” and that the FBI and DOD components were often unaware that firms they identified as having been breached were TRANSCOM contractors.

Selva and the man nominated to succeed him as TRANSCOM head, Air Force Gen. Darren McDew, sought to turn the page on that checkered history at the hearing.

“I am beginning to understand the vastness of the [TRANSCOM] network,” said McDew, who most recently served as head of the Air Mobility Command. In his preliminary study of TRANSCOM, McDew said he learned the command “has put some things in place in their contracting system to allow the contractor to show assuredness of their network and to provide for requirements to report intrusions in their network.”  

Implicitly addressing the committee report’s criticism of TRANSCOM’s lack of coordination with the FBI, Selva said there is a bureau liaison at the command’s headquarters. The command can also turn cyber forensics over to Cyber Command for defensive or offensive responses in the event of a breach, he said. A recent cyber exercise doing just that produced “a pretty good outcome,” he added.

Tony Cole, vice president and global government CTO at FireEye, said Transportation Command would be wise to hold its contractors to higher standards. “We know third-party contractors have been the path to numerous breaches in recent history,” he told FCW in an email. “Transportation Command, like the rest of the department, needs to embrace this issue and build a more agile process for defending their networks – with more stringent policies on their contractors, and an acceptance of the fact that they are likely compromised.”

That TRANSCOM was hit by a wave of cyber intrusions attributed to China was no coincidence, said Armed Services Chairman John McCain (R-Ariz.). According to the Pentagon, he said, “Chinese military analysts have identified logistics and mobilization as potential U.S. vulnerabilities, and their military doctrine advocates targeting these networks to impact our ability to operate during the early stages of conflict.”