Panel: Allies need cybersecurity coordination

Cooperation among the United States and ally nations on cybersecurity is ad hoc and erratic, according to members of a panel of U.S. and international military officials.

“I often get a blank stare,” Mark Hall, director of information assurance policy and strategy, international information assurance programs in the Defense Department's office of networks and information integration, said of the general reaction he receives. Hall spoke April 8 in Omaha, Neb., in a conference on cybersecurity sponsored by Armed Forces Communications Electronics Association International.

“We don’t fight alone anymore and we’re going to connect our networks together,” he said. “We need to address how we do that, whether it’s cross domain solutions, whether it’s cryptography, whether it’s access to the network controls we put in place across the world.”

Whether information about cybersecurity issues is shared with coalition partners often depends on the initiative of single people rather than policy, Hall said. In 2008, for example, 840 cybersecurity reports were sent to Australia through the U.S. military’s computer emergency response team (CERT). Then, following a personnel change, it dropped to zero. “We cannot have his person dependent, personality dependent,” Hall said. “We don’t really have people dedicated to sending the send switch.”

Even unclassified information is difficult to share. Hall said the Army set up a site on its Army Knowledge Online portal for sharing sensitive but unclassified information with coalition partners. “We went through great pains on getting them all the military CERT member certificates to access that site,” he said. “Two months after we did that, AKO shut down and [Defense Knowledge Online] came online and those certificates are no longer available or possible,” he added.

Of course, international cooperation has limits. Any attempt to “demilitarize” cyberspace along the lines of the international consensus on outer space would fail, said Australian Air Commodore Andrew Dowse, who works in the office of Australia’s Director General, Integrated Capability Development. “Treaties as such are typically between nation states and they wouldn’t tie interest groups or individuals,” he noted, adding “if we do get into conflict, that would be the first thing that gets thrown out,” he added. The Australian military’s restricted network – the equivalent of the United States’ Non-Secure Internet Protocol Router Network – is the third largest in Australia, Dowse said.

For its part, Canada is “very conscious of being seen to be a trustworthy partner on the continent and yet keeping our own information technology infrastructure secure,” said Canada Brig. Gen. John Turnbull, chief of that country’s Military SIGNIT Communications Security Establishment.

Canada’s military network is small – and as a result is administered by a single operational and technical authority, Turnbull said. Consolidating the network was painful, Turnbull said. “Everyone believes in configuration management until they hear the word ‘no,’ ” he added.

The United Kingdom also enjoys the benefits afforded by a smaller network, said U.K. Air Commodore Bob Judson, head of Defence Targeting and Information.

“It’s quite easy to coordinate things amongst ourselves,” he said. Of course, that smallness is dictated by the relative strength of the British military.

“We used to have global interests; they’re a lot less now,” Judson said.