Who Is In Charge if a Massive Cyber Attack Strikes the U.S?

Uploaded on 2015-11-11 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

Cyber physical attacks on infrastructure may be an unlikely sneak attack, but if it happens, the chain of command is far from clear. 

The threat of a massive cyber attack on civilian infrastructure, leading to loss of life and perhaps billions in damages, has kept lawmakers on edge since before former Defense Secretary Leon Panetta warned of it back in 2012 (or the fourth Die Hard movie in 2007). Many experts believe that a sneak attack would be highly unlikely. The Department of Homeland Security has the lead in responding to most cyber attacks. But if one were to occur today, DHS and the Defense Department wouldn’t know all the details of who is in charge of what.

The Department of Defense Cyber Strategy, published in April, carves out a clear role for the military and Cyber Command in responding to any sort of cyber attack of “significant consequence,” supporting DHS. Specifically, the strategy tasks the 13 different National Mission Force teams, cyber teams set up to defend the United States and its interests from attacks of significant consequence, with carrying out exercises with other agencies and setting up emergency procedures. It’s the third strategic goal in the strategy. It’s also “probably the one that’s the least developed at this – at this point,” Lt. Gen. James K. McLaughlin, the deputy commander of US Cyber Command, said at a Center for Strategic and International Studies event last month. He went on to describe the role that the military would play in such an event as “building the quick reaction forces and the capacity to defend the broader United States against an attack.” It’s something that the Defense Department, the Department of Homeland Security and the FBI and other agency partners all train for together in events like the Cyber Guard exercises, the most recent of which took place in July. The Defense Department, DHS and others worked through a series of scenarios related to a major attack on infrastructure.

McLaughlin described it as helpful in clarifying the difficult legal and policy issues that rear up when US troops are brought in to perform some military operation on US soil. But that doesn’t mean that all the kinks were ironed out.
 “I think we feel comfortable that if one of those events happened today you’d see the right discussion about the sort of the political leadership, you know, has this reached that threshold? To be honest, it will never be black and white, have a perfect recipe … we have a structure within the government to have that discussion, and the ability for a request to come forward where US Cyber Command forces would go.”

A structure to have a discussion is a bit different than a clear sense of who is in charge of what when the power goes out.
Army Brig. Gen. Karen H. Gibson, deputy commanding general of Joint Force Headquarters-Cyber at United States Army Cyber Command, essentially reiterated that point when Defense One caught up with her at the AUSA conference last month. When asked if there existed a specific doctrine that spelled out the leadership roles for the Defense Department and for DHS in event of an attack of significant consequence, she said “There are a number of exercises to work through those very issues and how do we leverage the National Guard to help? It is a high priority and they are working it but I don’t think there’s a ‘Hey, here’s the solution,’ yet. It’s just a high priority.”

One of the various legal considerations muddying the prospect of a clear strategy could be laws related to posse comitatus, which forbid anyone to use “any part of the Army or the Air Force as a posse comitatus or otherwise to execute the laws,” except “under circumstances expressly authorized by the Constitution or Act of Congress.”
This kind of attack is a perennial boogeyman, but the actual likelihood of a digital sneak attack that rises to the level of “significant consequence” is harder to pin down. In his novel Ghost Fleet, a fictional account of World War III, strategist Peter Singer makes a convincing argument that a cyber-physical attack is most likely to occur as part of hostilities already underway, not as a first strike.

However unlikely, were such an attack to occur today, the question of who is in charge of what remains somewhat open.
DefenseOne: http://bit.ly/1Y4aLOZ

 

 

 

« EU votes Snowden Human Rights Asylum
Energy Under Hacktivist Threat »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Beyond Security

Beyond Security

Beyond Security is a leader in automated vulnerability assessment and compliance solutions - enabling customers to accurately assess and manage security weaknesses in their networks and applications.

Dragos

Dragos

Dragos has built the first industrial cybersecurity ecosystem, the ultimate security defense.

Data443 Risk Mitigation

Data443 Risk Mitigation

Data443 Risk Mitigation provides next-generation cybersecurity products and services in the area of data security and compliance.

Checksum Consultancy

Checksum Consultancy

Checksum Consultancy specializes in Information security, Risk management, and IT governance.

Cyber Security Advisor

Cyber Security Advisor

Notice how sophisticated the cybersecurity market is. Think how would you pick the security provider, assess your company, and be sure of your security decisions? Cyber Security Advisor is the answer!

WhiteHawk

WhiteHawk

WhiteHawk is the first online Cyber Security Exchange. We help you understand your cyber risk and match you to tailored and affordable solutions.

Gray Analytics

Gray Analytics

Gray Analytics is a Cybersecurity Risk Management company providing best-practice services across a broad spectrum of cyber scenarios for both government and commercial customers.

Fortified Health Security

Fortified Health Security

Fortified’s team of cybersecurity specialists is dedicated to helping healthcare providers, payers and business associates protect their patient data across the Fortified Healthcare Ecosystem.

ITSEC Asia

ITSEC Asia

ITSEC Asia works to effectively reduce exposure to information security threats and improve the effectiveness of its clients' information security management systems.

Symptai Consulting

Symptai Consulting

Symptai Consulting is a leading Cyber Security, Digital Transformation and Anti-Money Laundering firm serving the Caribbean and the wider world.

AutoSec

AutoSec

AutoSec supports the FFI program Electronics, Software and Communication by dissemination and exploitation of the results of projects related to automotive cybersecurity.

RealTyme

RealTyme

RealTyme is a secure communication and collaboration platform with privacy and human experience at its core.

Avetta

Avetta

Avetta One is the industry’s largest Supply Chain Risk Management (SCRM) platform. It enables clients to manage supply chain risks and suppliers to prove the value of their business.

Inspectiv

Inspectiv

Inspectiv offers a turn-key solution to continuously identify security vulnerabilities and provide security assurance.

Quantum Ventura

Quantum Ventura

Quantum Ventura is a technology innovation company with a single mission of delivering customer-centric advanced solutions to US Federal & State Governments and Private Sector customers.

Aegis9

Aegis9

Aegis9 is an Australian owned and sovereign consultancy that specialises in providing tailored security solutions for both public and private sector clients based on their specific needs.