Cyber security is more pressing than ever, yet U.S. and its allies are just getting started
THE MIL & AERO BLOG, 14 Oct. 2014. Cyber warfare and cyber security are hot issues these days in the aerospace and defense electronics business. Cyber security is considered to be one of the few growth areas in the defense business, and the Pentagon is pouring millions of dollars into safeguarding the military from malicious computer hackers.
Still, neither the military, private business, nor crucial public concerns like power utilities, energy pipeline operations, and water treatment plants are adequately prepared today to resist determined cyber attacks, experts say.
"We are way too vulnerable to cyber attacks," says Danielle Poblete, vice president and director of marketing for military systems integrator and research and development specialist Leidos in Reston, Va. Poblete made her comments this week in an interview during the Association of the U.S. Army (AUSA) conference and trade show in Washington.
Leidos, spun off from Science Applications International Corp. (SAIC) last year, is focusing on the company's core expertise in cyber security, smart grid technology, unmanned systems, data analytics, geospatial intelligence, and related fields for growth opportunities in today's difficult defense market.
When it comes to effective cyber security, Leidos's Poblete says the public and private sectors need to come together to share ideas, technologies, and resources to devise adequate defenses against determined and growing cyber attacks against the military and against crucial public-service infrastructure like banking, energy, and public utilities.
"We need a consortium of companies" to counter malicious computer hacking, she says. Other experts have warned that near-continuous computer hacking attacks -- some crude and other sophisticated -- are aimed at U.S. government computer resources all day, every day.
Increased training of cyber security experts is one step toward safeguarding crucial computer systems, Poblete says. "Today we don't have enough cyber security analysts trained," she cautions.
On the technology front, Poblete says developing the ability to predict and block cyber attacks before they happen is a key component of a successful national cyber security strategy. This ability to predict and counter cyber attacks before they happen is what she calls offensive cyber warfare.
"We want to move away from purely defense cyber security; we need to be offensive," Poblete says. Defensive cyber security simply involves reacting to cyber attacks as they happen, and after the fact. It's a strategy with weaknesses that attackers eventually will be able to exploit.
We need to be able to predict and respond to cyber attacks," Poblete says, warning that "we are still in our infancy with predictive cyber warfare." Automated behavior analysis technology will be key to cyber warfare prediction, she says.
At AUSA Leidos cyber security experts are showcasing the company's Global Monitoring & Planning System (GLIMPS), which is designed to forecast global instability as far in advance as five years through data mining and machine learning.
GLIMPS is intended to discover unseen complex relationships between historical geospatial and cultural indicators, as well as instability metrics and events, company officials say. Web-based services fuse this information with other intelligence in a geospatial context, providing mission planners with a forward look at the stability of a region.
This can help government authorities plan future military and humanitarian missions well in advance of a conflict or crisis situation, Leidos officials say. GLIMPS is intended to provide a proactive analytic method to respond to future events before they arise.
The technological approach to GLIMPS could be applied to predictive cyber security, yet even this kind of capability is not enough, Poblete says. "It's not just about technology," she says. "We need policy and we need legislation, and we are not even close."