Pentagon developing ‘Scorecard’ database for assessing security threats

19 Sep 2015 | Author: | No comments yet »

Pentagon Designing Cyber Automated “Scorecard” To Combat Hackers.

National Harbor: The US Defense Department is building a massive, electronic system to provide an overview of the vulnerabilities of the military’s computer networks, weapons systems, and installations, and help officials prioritize how to fix them, the deputy commander of US Cyber Command said on Thursday. THE PENTAGON WANTS TO KEEP a close eye on its cyber muscle and its threats and weaknesses and be in a position to refer to an electronic scorecard that rates and ranks its networks and systems.The US Military is to build a massive database of system vulnerabilities in order to track threats to critical systems and remain one step ahead of hackers. Air Force Lieutenant General Kevin McLaughlin told Reuters officials should reach agreement on a framework within months, with a goal of turning the system into an automated “scorecard” in coming years. The Pentagon security team will first establish a database of all the vulnerabilities ever found with their corresponding CVE number, and then will assess all of the computers in the network to stop hackers from exploiting them.

The effort, being led by the Pentagon’s chief information officer, grew out of a critical report about cyber threats released earlier this year by the Pentagon’s chief weapons tester, and escalating cyber attacks by China and Russia. A recent Pentagon study found that the bulk of US weapons systems have a vulnerability of some sort, while a Russian hacking group has been on an unofficial tour of the White House. American computer networks will now have a security database helping the engineers to fix the potential threats before any hacker gang uses them to disrupt the work and leak the documents.

The report by Michael Gilmore, the Pentagon’s director of testing and evaluation, warned that nearly every major US weapons system was vulnerable to cyber attacks. The suggestion is that managing threats and vulnerabilities is like herding cats, and that the scorecard will help the authorities focus on which cats are most unruly and which can be left pretty much to their own devices. McLaughlin told the conference that Cyber Command had already set up about half of 133 planned cyber response teams with about 6,200 people, and all of them would achieve an initial operational capability by the end of 2016.

No cats will be involved, but data and information will be, and the Pentagon will eventually have a live map of its strengths and weaknesses. “There’s probably not enough money in the world to fix all those things, but the question is what’s most important, where should we put our resources as we eat the elephant one bite at a time,” he said. Cyber Command staff would do the initial data entry by hand, but the goal was to create a fully automated system that would help defense officials instantaneously detect and respond to any attacks, McLaughlin said after a speech at the annual Billington Cybersecurity Summit. One of the officials said that initially it will be hard-coded, however, later it may detect and add new vulnerabilities automatically to help the engineers respond to a newly discovered exploit quickly.

We imagine that any threat scorecard that the US authorities might hold on its rivals would look like a long column with the stars and stripes at the top and everyone else below and under scrutiny. McLaughlin said the scorecard was initially intended to look at weapons and networks, but the Pentagon was now looking at a broader and more sophisticated approach that also accounted for how data was moved among agencies within the military. US Army, Navy and Air Force officials, who also spoke at the event, mapped out their own cybersecurity efforts, citing new levels of communication and collaboration among the services around these issues.

Recently it looked like security company Kaspersky was suggesting that the NSA, or the US government, was supporting an international cyber espionage outfit called the Equation Group. µ The prime focus of the upcoming ‘Scorecard’ and the response team would be to combat some of the greatest threats that could harm the entire network. A majority of attacks are because of human weaknesses, and the government must enforce a standard cyber security course in schools to prepare future generations for the upcoming cyber warfare.

Here you can write a commentary on the recording "Pentagon developing ‘Scorecard’ database for assessing security threats".

* Required fields
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site