The U.S. military is using cyber attacks to undermine ISIS’s ability to control its forces in Syria, Defense Secretary Ash Carter told reporters at the Pentagon on Monday. The goal was “to cause them to lose confidence in their network to overload their network so that they can’t function and do all of these things that will interrupt their ability to command and control forces there.”
This is, of course, exactly the sort of thing that the U.S. military doesn’t want happening to its own troops. On Tuesday, speaking to a crowd in Silicon Valley at the Commonwealth Club, Carter acknowledged that the Pentagon is as reliant on encryption and other security technologies as anyone.
Carter also said the Pentagon intends to spend $35 billion over five years on its cyber missions: preparing to attack U.S. enemies, protecting military networks, and helping Homeland Security and other civilian agencies deal with catastrophic digital attacks — all three part of the 11-month-old DOD Cyber Strategy.
Bloomberg yesterday published a breakdown of the $35 billion, citing previously undisclosed sources. Some $14.3 billion will go to Defense Department cyberspace activities, which includes shoring up DoD networks and $2.7 billion for building cyber weapons; and $10.5 billion toward helping protect infrastructure and funding the Pentagon’s cybercrime unit.
Carter even touched on the FBI-vs.-Apple debate.
“Encryption is a necessary part of data security, and strong encryption is a good thing,” he told his Commonwealth Club audience, according to his prepared remarks. “DoD is the largest user of encryption in the world, principally because our troops need it. It helps keep our fighter jets and sensor networks from getting hacked. It allows us to surprise our adversaries. And it lets our people deployed around the world communicate securely with their families back home – from sailors aboard aircraft carriers to soldiers in Afghanistan. For all these reasons, we need our data security and encryption to be as strong as possible.”
While that may sound like a ringing endorsement of Apple and the tech companies that are filing amicus briefs on its behalf, Carter was careful not to pick sides.
“The Internet was created by DoD, academia, and industry working together, and since then we’ve seen it enable boundless transformation,” Carter said. “But as we’ve also seen in recent years, these same technologies present a degree of risk to the individual people and businesses who rely on them every day.”
What is needed, he said, was better partnership and not a “law hastily written in anger or grief.”
The days when the Defense Department could control the Internet are long past, said Carter, and it’s not a past he longs for.
“The rules of the Internet, to the extent they exist, have always been a product of all its users,” he said. “They weren’t written or dictated by anyone. They came out of garages, dorm rooms, home offices, and research labs. In many ways, they still do, and are continuing to be shaped by individuals, including many in the Bay Area.”
The defense secretary has spent much time and energy reaching out to those innovators in garages, dorm rooms, and research labs. His tenure has seen the creation of the Defense Innovation Unit Experimental, or DIUX; the FlexTech Alliance; and the Defense Digital Service.
Carter’s pitch Tuesday seemed designed to persuade skeptical Silicon Valley types that the Defense Department shares their values, an open information exchange thriving on energy and creativity. He also used the opportunity to draw a distinction between the United States, Russia, and China, who, he said, were pursuing a “different vision,” for the future of the Internet, “One predicated on absolute government control of the Internet, anti- access policies like the ‘Great Firewall,’ state-sponsored cyber theft, including theft of intellectual property, cyberespionage, and also cybercrime.”
Carter will speak at the annual RSA conference on Wednesday.