Defense Secretary Robert Gates today approved the creation of a unified U.S. Cyber Command to oversee the protection of military networks against cyber threats.
In a memorandum issued today to the Joint Chiefs of Staff, Gates said he intends to recommend to the President that the new command be led by the director of the National Security Agency (NSA) Lt. General Keith Alexander.
Some security experts warn that the Internet will become a battleground as governments and opposition groups look to use distributed denial of service attacks for political gains.
Earlier this year, University of Toronto researchers announced they have uncovered a cyberspying network based in China that has infected more than 1,295 computers in 103 countries, calling the discovery “a wake-up call.”
China subsequently denied running the cyber spy network , but has since clamped down on various social networking sites such as Twitter, Facebook and YouTube.
Gates directed the Commander of the U.S. Strategic Command, General Kevin Chilton, to develop implementation plans for USCYBERCOM, as the new unified command will be called.
The plans are due by Sept. 1 and need to include the new command’s mission, roles and responsibilities, reporting structures, and accountability measures, Gates said.
The new command will most likely headquartered in Fort Meade, MD. and will reach initial operating capabilities by October, and full operating capability by October 2010, Gates said in his memo.
The “subordinate unified” cyber command will operate under U.S. Strategic Command for military cyberspace operations.
Gates also ordered the Under Secretary of Defense for Policy to develop policies and strategies for what he described as a comprehensive approach to Department of Defense cyberspace operations.
The proposal to create the new command has been expected for some time now and is part of an effort to address growing threats to Department of Defense and Pentagon networks from a wide range of foreign and domestic threats. As part of its mission U.S. Cybercom is also expected to develop a range of offensive cyber warfare capabilities.
Earlier this month, security experts form around the world gather in Estonia, site of the most devastating cyberattack in recent years, to figure out how to deal with ever escalating cyber security threats.
The proposal for Cybercom is part of a broader effort by the Obama administration to bolster federal and military cybersecurity capabilities. It comes a few weeks after President Obama announced the creation of a White House cyber security coordinator role and plans to develop a comprehensive national strategy for protecting U.S. interests in cyberspace.
That effort is largely targeted at protecting U.S. civilian government and critical infrastructure targets in cyberspace, while the new command’s mission is to do the same for DoD networks.
Alan Paller, director of research at SANS Institute, a security training and certification body, said the move to create a unified cybercommand across the Department of Defense is a “spectacular idea.”
Melding both defensive and offensive missions under the same command will allow for better threat preparedness, he said. A unified command also increases the “potential for interoperability and both process sharing and real time information sharing among the services,” Paller said.
He said the only downside is the possibility that the cybercommand will “so militarize the Information Assurance Division of NSA” that it could negatively impact the public-private partnerships that are so important for security.
