DoD creating cyber "offensive" teams to strike back against foreign attackers

Share this article:
DoD creating cyber "offensive" teams to strike back against foreign attackers
DoD creating cyber "offensive" teams to strike back against foreign attackers

The Department of Defense (DoD) is creating 13 teams, consisting of programmers and computer experts, whose sole mission will be to carry out offensive attacks against foreign adversaries should a critical attack on the U.S. occur.

On Tuesday, National Security Agency Director Gen. Keith Alexander, who is also the chief of the newly minted Cyber Command, told Congress that he would be leading the effort to establish the teams. The Cyber Command was created to integrate cyber space operations for the protection of DoD networks. According to a New York Times article, Gen. Alexander said the DoD would use the cyber teams for offensive measures only – a noteworthy, and first, admittance by the administration that weapons for cyber combat are being conceived by the government.

“I would like to be clear that this team, this defend-the-nation team, is not a defensive team,” Gen. Alexander told the House Armed Services Committee on Monday. “This is an offensive team that the Defense Department would use to defend the nation if it were attacked in cyber space. Thirteen of the teams that we're creating are for that mission alone.”

The Obama administration has increasingly encouraged the public and private sector to adequately prepare for and counter critical infrastructure attacks or spying attempts made by foreign countries aiming to steal corporate and government data that drives economic competitiveness.

On Monday, President Obama, through comments delivered to the Asia Society in New York by his national security adviser, called for China to stop raiding U.S. organizations of intellectual property. In response to concerns raised by government officials and the media, a foreign ministry spokesperson said that China was willing to cooperate with the U.S. and other nations to respond to cyber attacks originating from within its borders.

Using offensive measures to thwart cyber attacks is a topic that has long been under discussion in the IT security industry, though more extreme tactics, like dismantling the infrastructure of hackers through preemptive attacks, are frowned upon by many experts when used for corporate purposes.

Jeffrey Carr, cyber security analyst and founder of consultancy Taia Global, told SCMagazine.com on Wednesday that DoD's creation of offensive cyber teams was a “natural” progression for the government to stave off growing threats to critical operations.

“I think it's a natural extension of stepping up our cyber command,” Carr said, adding that cyber responses from the government would be “proportional” and used in accordance with law.

“I don't think this should be interpreted as the U.S. becoming more aggressive," Carr said. "I think this is just a natural part of the process. Many countries are doing the same things that the U.S. is doing – having the ability to conduct cyber warfare operations.”

Ian Amit, director of services at security firm IOActive, told SCMagazine on Wednesday that the news was a sign that the government was becoming more transparent about its cyber operations to defend the nation.

“I definitely think it's a necessary step, but I think it's a more of [a move towards] transparency,” Amit said.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

VBA malware on rise, templates make it easier to write code

VBA malware on rise, templates make it easier ...

Researchers at SophosLabs found an uptick in VBA samples in July.

Analysts spot 'Critolock,' ransomware claims to be CryptoLocker

Trend Micro noted several differences between Critolock and CryptoLocker, however.

Citadel used in APT attacks against petrochemical firms

Citadel used in APT attacks against petrochemical firms

In an interesting twist, financial malware Citadel was used to infect firms outside of the finance sector via APT attacks, Trusteer found.