"The best defense is a good offense, and an offensive (cyberwar) capability is essential to our national defense," Rep. James Langevin, D-R.I., told United Press International last week, calling it "a necessary deterrent."

"Warfare is forever changed �� never again will we see major warfare without a strong cyber-component executed as part of it," he added, citing as proof the assault on Georgian government Web sites that accompanied the Russian invasion there last month.

Langevin, the chairman of the House Homeland Security Subcommittee on Emerging Threats, Cybersecurity and Science and Technology, and a member of the House Intelligence Committee, also called on the White House to declassify much more of its Comprehensive National Cybersecurity Initiative, or CNCI, and said the Department of Homeland Security should be stripped of its lead role in defending the nation's computer networks.

His call for a more robust offensive capacity in cyber-warfare highlights an ongoing debate in government about how best to address the complex challenges posed by U.S. dependence on the Internet and other computer networks -- a vulnerability that could be exploited by the nation's enemies.

One issue highlighted by experts is the difficulty in determining the origins of cyberattacks, which are often launched using "bot-nets" of compromised computers owned by innocent users, which can be on an entirely different continent to the attackers themselves.

The issue was raised earlier this month in two House hearings at which lawmakers heard testimony from members of a bipartisan blue-ribbon panel, the Commission on Cyber-Security for the 44th Presidency.

"We have a tremendous amount of trouble determining attribution �� where an attack actually came from, who was responsible, who might have been behind that computer. And we have a very, very long way to go on that," former White House cybersecurity official and commission member Paul Kurtz told the House Intelligence Committee.

"Until we start to get clarity in that piece, it's going to be very difficult to contemplate the military option, of responding appropriately," Kurtz added.

Another issue raised at the hearings was that, in order for any offensive capacity to be a deterrent for potential adversaries, it would have to be made public, whereas the U.S. military's cyberwar capacities are largely classified.

"Clearly, our offensive capabilities and sources and methods we probably do not want to disclose in any detailed way," said AT&T executive John Nagengast, formerly an assistant deputy director at the National Security Agency.

"But," he told the hearing, "as part of an overall doctrine and strategy in cyberspace, we need to consider what are the deterrent factors �� what �� do we want to make public as part of that deterrence strategy and wha do we need to keep secret because most of our offensive capabilities should be kept secret?"

Former intelligence official Suzanne Spaulding told the hearing that focusing on offensive capabilities and giving a lead role to the military might also make it harder for the United States to work with other countries on cyber-issues, where the line between crime, terrorism and warfare is often hard to draw.

"My concern is that (the Department of Defense) has been so vocal about the development and deployment of cyber-warfare capabilities that it will be very difficult for that department to develop and sustain the trust necessary to undertake essential collaboration on defense cybersecurity efforts with the private sector and with international stakeholders," she said.

"There is a significant risk that these vital partners will suspect that the collaboration is really aimed at strengthening our offensive arsenal," she concluded.

Langevin told UPI that work on international treaties to deal with cyberwar offered no real alternative to developing an offensive capability.

"That discussion at the international level may be appropriate at some point," he said, adding, "There are treaties on cybercrime that do exist, but it doesn't mean that cybercrime doesn't occur."

Langevin also said the administration's Comprehensive National Cybersecurity Initiative was over-classified.

"I have had the opportunity to see elements of the plan in both the classified and unclassified portions, and I question the need for so much of it to be classified at this point," he said.

Some parts of the plan were very highly and appropriately classified, he added, "but not the vast majority" of it.

He said declassifying most of the initiative would allay public concerns about it, allow non-governmental experts to assess its effectiveness and help leverage the development of private-sector technologies to assist the government with its objectives.

"The more that is made public, the more outside experts can look at it and begin to generate a consensus of what will work and what won't," he said. "By making it public, it would provide the opportunity to start building broader support. �� When it's left classified, people are left wondering what are the authorities (granted to intelligence and other agencies under the initiative) and how effective will it be."

"It would spur (the development of) more private-sector technology if the private sector knew what the goals of the initiative were," he concluded.

The lack of transparency in the CNCI was also commented upon by commission members. "The White House has not been transparent on this issue," said Kurtz, noting that many agencies had provided briefings for the commission "despite White House staff wishes."

Spaulding pointed out that handing cybersecurity responsibility to the collection of spy agencies known as the U.S. Intelligence Community would likely exacerbate this trend.

"The risk in putting too much of the effort inside the I.C., however, is that it will fall prey to the over-classification that is so often the default mechanism in the Intelligence Community," she said.

Later this year, members of the commission are slated to brief the presidential campaigns about their findings.

Community
Email This Article
Comment On This Article

Share This Article With Planet Earth

del.icio.us	Digg	Reddit
YahooMyWeb	Google	Facebook

Related Links
Cyberwar - Internet Security News - Systems and Policy Issues

Memory Foam Mattress Review

SPACE MEDIA NETWORK PROMOTIONS Solar Energy Solutions Tempur-Pedic Mattress Comparison ... Newsletters :: SpaceDaily :: SpaceWar :: TerraDaily :: Energy Daily XML Feeds :: Space News :: Earth News :: War News :: Solar Energy News