DISA chief: We're in 'an economic cyber cold war'

The U.S. government is fighting at least a two-front cyberwar right now, according to a top Pentagon official. The challenges involve the daily fending off of millions of attacks on defense networks and the slow burn of economic espionage carried out by adversaries.

"I believe there's an economic cyber cold war playing out right now," said Lt. Gen. Alan Lynn, director of the Defense Information Systems Agency. He made the comments Nov. 18 at CyberCon 2015, an event sponsored by Federal Times and C4ISR and Networks in Arlington, Va.

Lynn, who is also commander of DISA's Joint Force Headquarters DOD Information Networks, asked the audience of contractors and defense officials to imagine an adversary whose goal is to, over time, "erode global consumer confidence in U.S. ...wholesale goods and businesses."

That was perhaps a thinly veiled reference to China, which the Pentagon, lawmakers and Justice Department officials have accused of stealing U.S. intellectual property.

Another front in the ongoing contest for cyberspace is manifested in adversaries' attempts to infiltrate the industrial control systems that run the U.S. power grid. "We expect a cyberattack as a prelude to war," Lynn said.

"No one knows where the red line is yet," he added. "When do you cross the line that starts a kinetic war?"

Adm. Michael Rogers, commander of U.S. Cyber Command, has told Congress that a major cyberattack from a nation-state or rogue group will likely hit U.S. critical infrastructure networks before 2025.

Lynn said that during his first 30 days on the job, he was occupied with dealing with cyberattacks on the Joint Chiefs of Staff, whose unclassified email network was breached around that time in an attack reportedly carried out by Russian spear phishers.

Later in the conference, Homeland Security Secretary Jeh Johnson underscored the threat of spear phishing to the .gov, .mil and other domains.

"Perhaps the single most effective thing we can do to improve cybersecurity is actually pretty simple: raise the awareness of everyone who uses your systems to the dangers of spear phishing," Johnson said.

Contractors in the crosshairs

Earlier this month, it was revealed that DISA contractor NetCracker Technology had outsourced software-writing work to Russian programmers, which left U.S. military communications systems vulnerable.

"On at least one occasion, numerous viruses were loaded onto the DISA network as a result of code written by the Russian programmers and installed on servers in the DISA secure system," former NetCracker employee John Kingsley said in court documents from March 2011 that were unsealed recently and first reported on by the Center for Public Integrity.

The complaint triggered a four-year investigation that culminated with NetCracker and Computer Sciences Corp., which had subcontracted the work, agreeing to pay a combined $12.75 million in civil penalties. Both firms denied any wrongdoing.

At the Federal Times conference, Lynn declined to comment on the allegations and instead said all contractors have "to be held accountable for their actions on the network."

Costs will likely be imposed on contractors who fail to uphold DISA's security standards, he added.