DHS and NSA getting married?

George_Bonser · October 22, 2010, 5:46am

An agreement signed this month with the Department of Homeland Security
and an earlier initiative to protect companies in the defense industrial
base make it likely that the military will be a key part of any response
to a cyber attack.

While the Department of Homeland Security officially remains the lead
government agency on cyber defense, the new agreement "sets up an
opportunity for DHS to take advantage of the expertise" in the Pentagon,
and particularly the secretive electronic spying agency, the National
Security Agency, said Butler, who is a deputy assistant defense
secretary.

The two agencies - Defense and Homeland Security - "will help each other
in more tangible ways then they have in the past," Butler told a group
of defense reporters.

Among other things, a senior DHS cyber official and other DHS employees
will move to the NSA to be closer to the heart of the military's cyber
defense capability. Closer collaboration provides "an opportunity to
look at new ways that we can do national cyber incident response, he
said.

http://www.defensenews.com/story.php?i=4939254&c=AME&s=TOP

Christopher_Morrow · October 22, 2010, 3:04pm

are any of the civilian agencies really prepared/capable of dealing
with 'cyber attack'? it seems fairly natural that a 'cyber attack' (on
the gov't, or it's pieces/parts) is equivalent to an 'attack' on same.
We don't arm the NIST folks with Ar-15's and send them over the hill,
we do that with marines.

-chris

Steven_Bellovin · October 22, 2010, 3:08pm

Is it a cyberattack, a clumsy criminal, or a bored teenager? From http://www.nap.edu/openbook.php?record_id=12651&page=142 :

In the words of a former Justice Department official involved with critical infrastructure protection, “I have seen too many situations where government officials claimed a high degree of confidence as to the source, intent, and scope of an attack, and it turned out they were wrong on every aspect of it. That is, they were often wrong, but never in doubt.”

--Steve Bellovin, http://www.cs.columbia.edu/~smb

Jeff_Shultz2 · October 22, 2010, 3:17pm

Okay, so the Feds have set up a way to not duplicate effort (and waste money at the same) between agencies.

Don't really see the downside here.

Full disclosure: Assigned to Army TCAE at Ft. Meade in the NSA compound for a couple years in the late 90s - assigned for awhile with the unit that is probably now associated with this.

Christopher_Morrow · October 22, 2010, 3:32pm

this happens with non-cyber things as well... all the time. Point
being: "cyber-attack" follows down the path of 'send the people that
deal with "attacks" to deal with this'.

-chris

Marshall_Eubanks2 · October 22, 2010, 3:40pm

In the words of a former Justice Department official involved with critical infrastructure protection, “I have seen too many situations where government officials claimed a high degree of confidence as to the source, intent, and scope of an attack, and it turned out they were wrong on every aspect of it. That is, they were often wrong, but never in doubt.”

this happens with non-cyber things as well... all the time. Point
being: "cyber-attack" follows down the path of 'send the people that
deal with "attacks" to deal with this'.

And for those people, being highly confident is typically viewed as a positive feature.

Regards
Marshall

George_Bonser · October 22, 2010, 3:50pm

From: christopher.morrow@gmail.com
Sent: Friday, October 22, 2010 8:05 AM
To: George Bonser
Cc: NANOG
Subject: Re: DHS and NSA getting married?

are any of the civilian agencies really prepared/capable of dealing
with 'cyber attack'? it seems fairly natural that a 'cyber attack' (on
the gov't, or it's pieces/parts) is equivalent to an 'attack' on same.
We don't arm the NIST folks with Ar-15's and send them over the hill,
we do that with marines.

-chris

"cyber attack" wasn't what caught my eye. It was the notion of NSA
having a domestic role defined in policy that I thought was different
here.

I do believe there are a lot of people who are afraid of "cyber attack"
but aren't exactly sure what that would look like. A cyber attack might
go completely unnoticed until it is too late. The enabling pieces of
such an attack might already be deployed on computers and inside various
devices people are buying, who knows. The notion that you are going to
stop some invading army of packets might be completely off the mark. It
might look more like millions of pieces of equipment suddenly going dark
or misbehaving for no apparent reason or might be coordinated with some
physical action. A lot of people got caught short with those AT&T cable
cuts in the SF Bay a while back.

Christopher_Morrow · October 22, 2010, 4:08pm

not all packets have source addresses in the US, not all facilities in
the US Gov't cares about are in the Us.

TGLASSEY · October 22, 2010, 6:08pm

An agreement signed this month with the Department of Homeland Security
and an earlier initiative to protect companies in the defense industrial
base make it likely that the military will be a key part of any response
to a cyber attack.

are any of the civilian agencies really prepared/capable of dealing
with 'cyber attack'?

Yes...

it seems fairly natural that a 'cyber attack' (on

the gov't, or it's pieces/parts) is equivalent to an 'attack' on same.

true...

We don't arm the NIST folks with Ar-15's and send them over the hill,
we do that with marines.

So you clearly have never been on a DDCC S&D Raid I can tell.

Todd

_Matt_Palmer · October 22, 2010, 10:57pm

For non-cyber things, that would be "the police" almost every time. We
don't send a squad of marines out after every mugger (although it'd have an
interesting deterrent effect...)

- Matt

Quinn_Kuzmich · October 22, 2010, 11:07pm

You know, if my tax dollars paid for that I'd probably sit back with a video
camera and laugh.

Q