16 January 2015

DISA, CYBERCOM Stand Up New Cyber HQ

January 12, 2015 

Brig. Gen. Robert Skinner

When the Pentagon’s social media accounts get hacked, as they did today, it’s acutely embarrassing. When the military’s internal networks get hacked, however, it’s potentially lethal. But the Defense Department doesn’t have a single organization clearly responsible for defending those networks. That changes Thursday.

“In three days, we will have initial operational capability [IOC],” said Brig. Gen. Robert Skinner, chief of staff at the Defense Information Systems Agency and deputy commander of the brand new Joint Force Headquarters DoDIN. DoDIN sounds like some awesomeAvengers-themed codename, but it actually stands for “Department of Defense Information Networks,” the bland designation for the military’s massive labyrinth of computer systems worldwide.

The DoDIN does not include commercial networks like Twitter and YouTube, so the new Joint Force Headquarters probably wouldn’t have stopped the Islamic State-affiliated hackers who hijacked Central Command’s social media accounts today. (What’s more, there’s an entirely separate JFHQ already assigned to protect CENTCOM’s internal networks). But the new JFHQ has considerable authority over the 39 military organizations (at last count) that it works with.

“We’re kind of the orchestrator, I’ll say, for these 30-plus organizations that have some type of tactical level execution [responsibilities] in regard to the DoDIN,” Skinner told me when I approached him after his public remarks to industry group AFCEA this afternoon. Fine, I said, but if something bad is happening on the network right now, who can order people to stop it?

“Joint Force Headquarters DoDIN,” Skinner said. “We can send out an order to these organizations to perform some type of action to operate, secure, and defend the DoDIN.”
JFHQ-DoDIN, in turn, takes orders from US Cyber Command, which is joined at the hip with the National Security Agency: The same officer, Adm. Michael Rogers, commands both. One of the new JFHQ’s first tasks is to take over a lot of day-to-day operational-level jobs so Cyber Command can focus on the strategic level, Skinner said. (Minute-to-minute tactical duties remain the responsibility of the specific organizations running the various networks, such as Army Cyber Command).

This Thursday, JHFQ-DoDIN will stand up in a limited or “scoped” capability, Skinner made clear to me. “Full initial operating capability” will take some time — he didn’t specify how long — and require growing to about 219 personnel. How many does he have now, I asked? Skinner politely declined to give specifics. What he would say: “We have enough individuals, working with our partners, to be able to do the initial operational task.”

As Central Command struggles to clear out its social media feeds, here’s hoping Skinner’s right.

[Updated: Here’s Central Command’s official statement on the Twitter & YouTube hack — note that “These sites reside on commercial, non-Defense Department servers [and] CENTCOM’s operational military networks were not compromised”]

No comments: