'Bloated' But Not Adequate: Pentagon's Cyber-Defenders Unfit for Real Threats
US cyber defenders are unprepared against real-world threats due to understaffed and underfunded "Red Teams," according to a 2018 annual report published last week by the US Department of Defense's (DoD) Office of the Director of Operational Test & Evaluation (DOT&E).
Red Teams are groups of US troops, employees and contractors who test Defense Department networks for cyber vulnerabilities by assuming adversarial roles.
"Currently Red Teams lack the time and funding to develop new tools and capabilities. The manning models for the Service Red Teams vary widely and are not uniformly successful," the DOT&E wrote in its fiscal year 2018 Annual Report.
"Reviews of the capabilities of several Red Teams in FY18 showed that the best teams were overscheduled and overwhelmed by workload," the report added. The findings are based on data from more than 50 cybersecurity assessments with Combatant Command (CCMD) and Services. A CCMD is composed of forces from at least two military departments.
According to the report, the Army's Threat Systems Management Office Red Team did not have sufficient time to "prepare the array of representative cyber-attacks attributed to the portrayed adversary," resulting in what the DoD described as a "gap" between cyber Red Team capabilities and cyber threat groups.
"Assessments that do not include a fully representative threat portrayal may leave warfighters and network owners with a false sense of confidence about the magnitude and scope of cyber-attacks facing the Department," the DoD noted, also adding the DOT&E is collaborating with DoD Red Teams to close that gap, which includes helping them obtain additional personnel as well as more advanced capabilities and training.
However, according to web developer and technologist Chris Garaffa, the understaffed and underfunded Red Teams reveal the Pentagon's misplaced priorities, not a lack of money.
"The Department of Defense will get more than $8 billion for cybersecurity-related activities," Garaffa told Sputnik Tuesday.
"The fact that this is far more than any other federal agency is not surprising given the bloated DoD budget in comparison with the funding of the rest of the federal government, but it's a small fraction of the $686 billion total budget for the DoD overall," he added, citing a White House report outlining federal budgets.
"In comparison, the Department of Energy recently announced grants of up to $28 million – frankly a pathetic and insufficient amount – for development of resources to secure the country's energy infrastructure. While the most common narrative we hear about cyber threats are attacks on our electricity grid from China and Russia, the government priorities are clear in these budget allocations," Garaffa noted.
A US National Intelligence Strategy released last month identified Russian and Chinese cyber activities as among some of the major emerging threats to the United States.
In October 2018, a Government Accountability Office report found that the DoD faces "mounting challenges in protecting its weapon systems from increasingly sophisticated threats," citing the department's "late start in prioritizing weapon systems cybersecurity," its "nascent understanding of how to develop more secure weapons system" and its "software dependent DoD weapon system" as some of the underlying reasons behind the challenges.
"This study [the DoD report published last week] makes sense, especially in the context of a Government Accountability Office report from October 2018 that highlighted the massive increase in exploitable software and hardware in military weapons. The lethality and danger of the Pentagon's weapons can never be understated, and neither can the risks if these weapons fell into the hands of another malicious actor," Garaffa added.
|Join the GlobalSecurity.org mailing list|