No Consensus on Cyber Attacks

The U.S. government still lacks a consensus about how to ward off and retaliate against cyberattacks, analysts said after a week in which the world's largest defense contractor and other companies acknowledged their computer networks had been infiltrated.
"Although Lockheed [Martin] nipped this attack in the bud, it's pretty obvious that the federal government isn't prepared to cope with the kind of cyber onslaught that it's facing," said Loren Thompson of the Lexington Institute, Arlington, Va.
Each government agency - and even the military services within the Defense Department - has a different picture of what cyber is and how it contributes to the mission, according to Charles Dodd, a cybersecurity consultant in Washington who has advised Congress and other government agencies.
"The biggest problem is they look at the data security and the way forward only as it pertains to their mission," Dodd said. "What they miss is that cyber isn't different. It doesn't change just because your mission does. How you use it does."
U.S. government computer networks are attacked about 1.8 billion times per month, according to a recent Center for New American Security (CNAS) report, and Dodd said the weeks since U.S. forces killed Osama bin Laden have seen an uptick.
So-called hacktivists tend to "stretch their cyber legs" following major world events - and state-sponsored entities are starting to behave similarly, he said.
"The techniques of both these groups are kind of the same," he said.
Lockheed Martin, the largest supplier of weapons to the U.S. military, acknowledged last week that its network had been breached.
In a May 29 statement, company officials said the May 21 attack was detected "almost immediately," and that no customer, program or employee data had been compromised.
The FBI is leading an investigation into the intrusion, according to Robert Butler, the Pentagon's deputy assistant secretary for cyber policy.
"The analysis on these activities ... is challenging, it's diffuse, and lots of different pieces have got to be put together," said Butler, who spoke June 2 as part of a panel at a CNAS conference.

Coordination Efforts

The CNAS report said deterring and preventing cyberattacks will require "stronger and more proactive leadership" by the federal government. It suggested the White House create an office of cyber policy.
The Obama administration is striving to get government agencies on the same page. In May, the White House sent a package of proposed cybersecurity legislation to Capitol Hill, largely dealing with securing networks and defining the Department of Homeland Security's role.
But federal officials and analysts said that more legislation is needed; in particular, stricter laws to deter cyber offenders.
"The penalty for cyber criminals [is] not adequate at this point in time," Rand Beers, DHS's undersecretary for its national protection and programs directorate, said at the CNAS conference. "We're going to have to fix that."
Dodd said those who use bullets or bombs face far greater, or at least clearer, consequences than online attackers.
"These groups are attacking these networks, and there's just no fear of retaliation," he said. "I think that that's going to start bringing these other more guerilla-style tactics from groups we haven't seen in the past."
The CNAS report agreed, recommending the government lay out a declaratory policy that explains how it will retaliate, at least in certain situations.
In coming weeks, the Defense Department is expected to release its own strategy for cyber warfighting. That document will create a framework for training and equipping forces, as well as call for more international cooperation in this evolving domain, Mary Beth Morgan, Pentagon director for cyber strategy, said in March.
Dodd said the fruits of the effort would likely become apparent only after a major cyber attack.
"There has to be a uniformed way to move forward pertaining to the threat, not how we use the network and not how we defensively posture ourselves, because these [attackers] are looking at things offensively," he said.
The CNAS report also recommends the U.S. strengthen its international cybersecurity agenda.
Butler concurred.
"We can make the greatest inroads on the international side with working to develop norms, understanding ways that we can help each other to think about a safe and secure, reliable cyberspace," he said.
Thompson said that since many of the attacks appear to originate in countries such as China and Russia, the U.S. should treat them as a national security challenge rather than a law enforcement one.
He questioned DHS's ability to adequately defend U.S.-based networks from cyberattacks, and opined that the U.S. National Security Agency might be better positioned for the task.
But Dodd said NSA lacks the resources to protect such a large number of systems.
Cyber tools, both defensive and offensive, remain among the most classified systems in the U.S. arsenal. DoD and industry officials frequently remain tight-lipped on attacks and their success, or lack thereof, that an intruder has achieved.
"We have a wide range of physical, electronic, computing and personnel policies/ practices to investigate suspected issues," said Boeing spokesman Dan Beck. "Boeing takes the security of its people, products and information very seriously, and we have systems in place for detection and prevention."
Similarly, Northrop Grumman spokesman Randy Belote said his company "continuously monitors and proactively strengthens the security of our networks, and is vigilant to protect our employee, customer and program data and systems."
But Dodd, the cybersecurity consultant, said he believes the defense industry has been "completely arrogant" about the capabilities it possesses and is not fully prepared to combat a state-sponsored entity.
"This is not the stage for arrogance," he said. "You've brought a stick to a gunfight, and you're arrogant about your capabilities?"
Thompson said, "Lockheed probably has the most sophisticated network defenses of any company in the United States, bar none … and even they had a problem. So what does that tell you?"

Vietnam Confirms Kilo Sub Buy at Shangri-La

SINGAPORE - Vietnam will procure six Russian-built Kilo-class attack submarines "to defend" the country. Vietnam's Defense Minister, Gen. Phung Quang Thanh, made the comment June 5 at the 10th Shangri-La Dialogue in Singapore 5. Analysts put the price tag for the deal at just over $3 billion.

Vietnamese Defense Minister Gen. General Phung Quang Thanh speaks June 5 during the annual Shangri-La Dialogue in Singapore. (Roslan Rahman / Agence France-Presse)

The announcement comes in the wake of official protests lodged by Hanoi over a May 26 incident when three Chinese vessels operated by the State Oceanic Administration harassed the Binh Minh 02, a Vietnamese oil exploration seismic survey vessel belonging to the Vietnam Oil and Gas Group (PetroVietnam). One of the Chinese vessels cut the ship's survey cable. The incident occurred within Vietnam's Exclusive Economic Zone.

The incident causes "considerable concern on the maintenance of peace and stability in the East Sea [South China Sea]," he said. Further, Vietnam has "exercised patience in managing the incident with peaceful means in accordance with the international laws and the principle of determinedly protecting our national sovereignty."
The incident caused outrage in Vietnam, resulting in public protests at the Chinese embassy and hacker attacks on Chinese government websites.
Thanh met with Chinese Defense Minister Liang Guanglie at a bilateral meeting during the Shangri-La to discuss issues, including the incident. The Dialogue is organized by the London-based International Institute of Strategic Studies (IISS) and held annually each June in Singapore.
Lt. Gen. Nguyen Chi Vinh, Deputy Minister of Defense, also confirmed the Kilo submarine deal and added that Vietnam was also buying "Su-30 fighters and surface-to-air missiles." However, the procurements were not tied to the May 26 incident and were "part of our weapons appreciation program for enhancing our capabilities." He said Vietnam has a "legitimate need to upgrade our military capability."
Vinh emphasized that the recent incident with China was a "civilian clash" and not a military issue. Vietnamese law enforcement and maritime agencies are responsible for these types of problems, he said. "What happened, happened" and it must he handled within the guidelines of international law by peaceful means. However, Vinh stressed that Vietnam would use "all means to protect our national sovereignty."
China's military has been expanding its capabilities and influence in the South China Sea with a new submarine base on Hainan Island, and preparations are underway to begin sea trials of its first aircraft carrier.
China and Vietnam have been bumping into one another in the South China Sea since the 1970s. In 1974 China took the Paracel Islands by military force from then-South Vietnam, and Hanoi has continued to claim sovereignty over the islands. Periodic arrests of Vietnamese fishermen in the area have also caused frustration in Hanoi.
In 1988 China and Vietnam fought over the Johnson South Reef in the South China Sea. China sank two Vietnamese naval vessels and opened fired on Vietnamese troops occupying the reef. A video documentary widely aired in Vietnam, dubbed the "Spratly Islands Massacre," available on YouTube, allegedly shows a Chinese frigate gunning down around 30 Vietnamese soldiers on the reef.
The latest incident has raised concerns China is becoming aggressive in the South China Sea and risks sparking a conflict. However, a member of the Chinese delegation attending the Shangri-La Dialogue said the Chinese vessels involved in the May 26 incident might be acting unilaterally without the consent or encouragement of Beijing. The State Oceanic Administration and other non-military maritime patrol and law enforcement organizations have in the past acted carelessly, he said. These organizations are often fighting over budgets and attempting to justify their existence, thus they sometimes "act muscularly."

IISS Launches North Korea Nuke Study

SINGAPORE - North Korea's third nuclear test will likely be a highly enriched uranium (HEU) bomb, and neither China nor the United States can stop or reverse Pyongyang's nuclear weapons program.

These are the conclusions of a new study by Jonathan Pollack, a senior fellow at the Brookings Institution, at a book launch at the Shangri-La Dialogue on June 3 in Singapore.

"No Exit: North Korea, Nuclear Weapons and International Security" looks at how North Korea has staked its future on the development of nuclear weapons and why the hermit nation will never surrender them.
Organized by the London-based International Institute of Strategic Studies (IISS), the book launch is part of the 10th Asia Security Summit, dubbed The Shangri-La Dialogue, being held June 3-5 in Singapore. The book is part of IISS Adelphi book series that looks at international defense and security issues.
North Korea conducted two underground plutonium bomb tests in 2006 and 2009, and has been developing advanced long-range ballistic missile capabilities that could someday threaten the continental U.S.
Pollack looks at why North Korea disregards United Nations censure and openly circumvents sanctions by selling weapons and technology to other pariah nations to fund its nuclear program.
North Korea is more of a traditional Korean dynasty and not a communist state, Pollack said. The Kim family has successfully ignored efforts by China and the U.S. to influence it to abandon its nuclear program and adopt capitalist reforms. Instead, the Kim family has created an "impregnable fortress" that protects the family dynasty.
With the collapse of the Soviet Union in 1991 and China's push towards improved relations with South Korea during the 1980s and 1990s, North Korea became concerned that its traditional protectors would abandon it. The only course of action was to create a mechanism that guaranteed its survivability. Nuclear weapons have clearly served that purpose well, he said.
U.S. Secretary of State Hillary Clinton once referred to North Korea's pursuit of nuclear weapons as a "small child seeking attention." Pollack does not believe this is the correct analogy. "This is a system of old men who have made the pursuit of these capabilities their life time work." He pointed out that North Korea made a conscious decision to begin a nuclear program in the 1970s, as ties between Beijing and Washington began improving.
Despite the fact that North Korea occasionally "drops hints" the nuclear program is a "bargaining chip" that can be exchanged for rice and oil, the reality is that Pyongyang has no intention of surrendering the capability.
The best course of action, Pollack said, is to continue sanctions and other pressure that slows further development, especially efforts by the North to miniaturize a nuclear warhead for fitting on a ballistic missile.

Russia: France, U.K. Could Send Troops Into Libya

MOSCOW - Russia's top diplomat warned June 4 that the NATO operation in Libya was "sliding towards" a land campaign, a prospect he said Moscow viewed as "deplorable," the RIA Novosti news agency reported.
"We know that France and Britain intend to use military helicopters. We have given our view of NATO's actions," Foreign Minister Sergei Lavrov said, quoted by the RIA Novosti news agency.

"We consider that what is going on is either consciously or unconsciously sliding towards a land operation. That would be very deplorable," he added.
"We think our Western partners understand that the events in Libya are taking an undesirable turn, but the decisions that have been taken are continuing by momentum," Lavrov told journalists in Odessa, according to the news agency.
Lavrov's comments came after NATO acknowledged June 4 that it had deployed British and French attack helicopters against Moammar Gadhafi's forces for the first time.
Russian President Dmitry Mevedev's special representative on Africa said earlier June 4 that he would travel late June 6 to Libya to try to mediate the conflict, the Interfax news agency reported.
Mikhail Margelov said he plans to visit the rebel stronghold of Benghazi "to meet leaders of Libya's National Transitional Council," according to the Interfax report.
Russia abstained from the U.N. Security Council resolution on Libya and has called for a negotiated solution to the conflict, which has cost thousands of lives since it erupted in mid-February.

Top Al-Qaida Militant Killed in Pakistan: Officials

ISLAMABAD - A U.S. drone strike likely killed Pakistan's Al-Qaida commander Ilyas Kashmiri, in what would deal a major blow to the terror network a month after Osama bin Laden's death, officials said June 4.
The 47-year-old Kashmiri is one of the most feared operational commanders of the network that bin Laden founded and has been blamed for a string of high-profile attacks on western targets, as well as in India and Pakistan.
He has a maximum U.S. bounty of $5 million on his head, and Pakistani officials said he was the target of a U.S. drone strike in South Waziristan on the Afghan border on June 3, in which nine members of his banned group died.
His killing would likely be seen as a huge achievement in the United States after U.S. Navy SEALs killed bin Laden in Pakistan, itself feted as the greatest psychological victory over al-Qaida since the Sept. 11, 2001, terrorist attacks.
A senior Pakistani security official said there were "strong indications" that Kashmiri had been killed, but that it was impossible to provide 100 percent confirmation so soon after the attack without access to the bodies.
The corpses were burnt beyond recognition and swiftly buried. Militants also barred access to the site of the attack in Ghwakhwa in South Waziristan, a militant stronghold despite a sweeping Pakistani offensive in 2009.
"There are strong indications that he has been killed in the strike, but we cannot confirm it and we are still trying to confirm it," the senior Pakistani official said on condition of anonymity.
Pakistani officials said Kashmiri had been in the area for several days and that all those killed were from his Harakat-ul-Jihad al-Islam (HuJI) group.
Senior security officials explained that confirmation would be difficult unless Kashmiri's family or his group officially announced his death.
"According to our reports, he was present here in this area. We have information that he has been killed but no one has seen his dead body," local administration official Naimat Ullah told AFP.
Another security official said two close associates who usually travel with Kashmiri, Amir Hamza and Mohammad Usman, were killed.
Kashmiri is understood to have been in the area to discuss strategy should the Pakistani military launch an offensive in North Waziristan, as has been predicted as part of the fallout surrounding bin Laden's killing.
Anti-terrorism experts have long described Kashmiri as one of al-Qaida's main operational commanders. He reportedly escaped a U.S. drone strike in North Waziristan in late 2009.
He has been blamed for multiple attacks in Pakistan, including the two most humiliating assaults on the military - a May 22 siege on a naval air base in Karachi and in October 2009 on the national army headquarters in Rawalpindi.
Counterterrorism officials believe he was the main coordinator of a terror plot targeting Britain, France, Germany and the United States, which was apparently in the early stages when detected by intelligence agencies in 2010.
Kashmiri's family in the village of Thathi in Bhimber district, more than nine hours' drive from Muzaffarabad, the capital of Pakistani-administered Kashmir, said June 4 they had not been in contact with him for six years.
"We came to know through TV. We don't know whether he is dead or alive," his elder brother Mohammad Asghar said by telephone.
A spokesman for Pakistan's umbrella Taliban faction said Kashmiri was "alive and safe," and had not been present at the time of the strike.
In January 2010, a U.S. federal grand jury indicted him for terrorism-related offences in connection with a plot to attack Danish newspaper Jyllands-Posten following uproar over blasphemous cartoons.
Listed on U.S. and U.N. terror blacklists, Kashmiri was born in 1964 in Azad, Kashmir. He is about 6 feet tall and weighs about 200 pounds.
He has black hair and been seen with a thick beard dyed white, black, or red at various times.
He has lost sight in one eye, and often wears aviator-style sunglasses. He is missing an index finger, according to the U.S. State Department.
The June 3 drone attack was the ninth reported in Pakistan's border area with Afghanistan, branded by Washington the global headquarters of al-Qaida, since U.S. commandos killed bin Laden in the garrison city of Abbottabad on May 2.
The raid sent shockwaves through Pakistan's seemingly powerful security establishment, with its intelligence services widely accused of incompetence or complicity over the presence of bin Laden close to a military academy.

WikiLeaks: Indian army poses as obstacle to Siachen solution

There has been repeated failure to reach a solution on the Siachen dispute due to the Indian army’s resistance to giving up its territory under any condition, according to latest cables released by Wikileaks.

According to the 2006 cable classified by the Deputy Chief of Mission Geoff Pyatt, the reasons for the Indian army’s resistance are its strategic advantage over China, internal army corruption, distrust of Pakistan and a desire to keep hold of advantageous territory that thousands of Indian soldiers have died protecting.
The cable stated that every time India and Pakistan came “very close” to an agreement on the Siachen issue, the prime minister of the day would be forced to back out by the Indian defence establishment, the Congress Party hardline and opposition leaders.
When the 2006 India-Pakistan Foreign Secretary talks set up a joint mechanism for discussing counter-terrorism issues ended with rumours that Pakistan had made a concession on Siachen, observers had said that the prime minister will be significantly constrained in any part of his agenda with Pakistan in the coming months, especially in the face of significant opposition from within his own party and an emboldened BJP that viewed the joint mechanism as an opportunity to portray the Congress Party as soft on terrorism.
The cable stated that former Indian Ambassador Parthasarthy, who personally dissuaded Rajiv Gandhi from making a similar deal on Siachen in 1989, said this concession does not satisfy India’s underlying concern — that points be agreed to in advance so the Pakistani Army would be unable to simply march back in to the area and take the high peaks around the Siachen glacier that India currently controls. The cable further said:

Parthasarthy further remarked that he had discussed the issue with senior Congress Party members, who have significant sway over Sonia Gandhi and Congress Party politics, and there is “no way in hell” that they would allow India to withdraw under disadvantageous conditions.  He added that the “Prime Minister won’t get away with what he is trying to do.”  He said Musharraf’s book had convinced many in the Indian army that they cannot trust Pakistan, especially when he could blame an invasion of Indian territory on “mujahideen.”

In another cable, Ambassador David Mulford citing various obstacles to an agreement on Siachen wrote about the first obstacle:

Army Chief JJ Singh appears on the front page of the “Indian Express” seemingly fortnightly to tell readers the Army cannot support a withdrawal from Siachen.  Given India’s high degree of civilian control over the armed forces, it is improbable that Gen. Singh could repeatedly make such statements without MoD civilians giving at least tacit approval.  Whether or not this is the case, a Siachen deal is improbable while his — and the Army’s — opposition continues to circulate publicly.

On Tuesday, Pakistan and India ended a 12th round of talks over the Siachen Glacier without a hint of agreement on the modalities of a proposed demilitarisation and other key issues related to their tense standoff.
Pakistan and India decided to meet again at a mutually convenient date in Islamabad. New Delhi insisted that Islamabad must authenticate present troop position of the two sides.
While Pakistan insists on maintaining the pre-1972 troop positions, as agreed in the Simla Agreement, India wants its neighbour to authenticate the Actual Ground Position Line both on the maps as well as on the ground. Siachen is considered the “low-hanging fruit” of the India-Pakistan peace process.
                                                              

Double Leadership Hit Leaves U.S. Army Scrambling

The U.S. Army's reclamation project to fix its broken acquisition system took a major hit when it lost both Army Chief of Staff Gen. Martin Dempsey and Army acquisition chief Malcolm O'Neill in the same week, defense analysts said.

THE U.S. ARMY has been weakened by this week’s loss of acquisition chief Malcolm O’Neill, left, and Chief of Staff Gen. Martin Dempsey. (Staff file photos)

O'Neill caught many by surprise when he told his staff June 1 in an email he would resign for "personal reasons" just more than a year into the job. His resignation came two days after President Barack Obama announced his nomination of Dempsey to take over as the chairman of the Joint Chiefs of Staff just one month after he became Army chief.

"There's a very good chance the Army will take a 45-degree turn here in the fact that Dempsey and the acquisition chief are leaving at the same time. I think a lot of the directions that Dempsey put in place at [Training and Doctrine Command] and then continued in his short stint as chief are in question right now," said retired Army Lt. Gen. David Barno, who worked closely with Dempsey as an outside senior adviser when Dempsey was TRADOC commander.

Dempsey, seemingly not on the president's list to succeed Adm. Mike Mullen since he took over the Army in April, rocketed up to the top job after other potential nominees, namely Gen. James Cartwright, vice chairman to the Joint Chiefs of Staff, fell out of favor.

Losing both leaders at a time when a recent Army review of the service's acquisition system said it required "major surgery" will leave the Army looking for direction all over again.

Obama announced his nomination of Gen. Ray Odierno, head of Joint Forces Command, to take over for Dempsey at the same Memorial Day White House news conference. However, many Pentagon insiders and defense analysts struggled to come up with potential successors for O'Neill outside his key deputies, including Marilyn Freeman, deputy assistant secretary for research and technology, and Scott Fish, the Army's chief scientist.

"The silver lining in this might be that O'Neill had a time in place so it's not like there will be no adult supervision. He put together a good leadership team, but it is still a question of who will take over and whether they will follow through on his vision," said Jim Carafano, a defense analyst with the Heritage Foundation, a Washington think tank.

Dempsey's service as the head of TRADOC before taking the Army's top position allowed him to spend three years reviewing the Army from a "big picture" perspective, Barno said. By comparison, Odierno has spent his last assignments either in operational billets leading the war in Iraq or closing Joint Forces Command.

"The guy who really understands this who has been working these requirements as the TRADOC commander and now the Army chief is going to be vaulted into the chairman's position and General Odierno isn't coming from that type of background. He's been out in the operating force and the joint world," Barno said.

Odierno hasn't served in a senior Army-specific billet since 2004, when he spent three months as a special assistant to the Army vice chief of staff. Peter Singer, a defense analyst with the Brookings Institute, is eager to see what Odierno lists as his priorities and how they might match up with Dempsey's.

"There's a potential the Army will lose some momentum as they go through the leadership transition … but you really can't answer the impact until you get a sense of Odierno's priorities and operating style. A very accomplished general and commander, but there are a lot of open questions of what he is going to set as his key priorities in terms of acquisition and how he runs the process."

Although the timing is odd since Dempsey had just released his commander's intent and started to dig his heels into the job, Carafano said it might be even tougher to replace O'Neill since he's had a year in the job.

"O'Neill is a little bit more disruptive to the Army because he was moving out and had some definite ideas. He was strong on using outside advisory boards and his red teams," Carafano said.

O'Neill retired as a lieutenant general after 34 years in the Army that included a stint as director of the Ballistic Missile Defense Organization, now the Missile Defense Agency. After his Army career, he turned to industry, working for Lockheed Martin from 1996 to 2006. More recently, he served as chairman of the board on Army Science and Technology for the National Academies and the National Research Council.

Two sources said he is leaving for a health-related issue; the resignation has nothing to do with his work. The Army would not confirm if a health concern caused his resignation, however, in a recent speech, O'Neill spoke about an injury he sustained in the Vietnam War, which still plagues him today, and serves as motivation for him to help soldiers in today's fight.

"I'm still suffering the consequences of that. If I don't take my medicine every day, it's goodbye," O'Neill said.

O'Neill quickly put his mark on the Army's largest weapon programs, forming a red team to investigate the Army's Ground Combat Vehicle's (GCV) weaknesses. After soliciting bids for the vehicle, the Army withdrew its request for proposals in August 2010, revised the program's requirements to prevent cost from spiraling out of control.

Major questions remain for the program; Army Vice Chief Gen. Peter Chiarelli listed it as the service's second priority behind the Army network. The red teams, which O'Neill formed to look at GCV, questioned the urgency of the need for the vehicle in the next seven years.

"The funds that have migrated from the FCS program were driving the events and activities of the program versus a true capabilities gap," according to a Government Accountabilities Office report on the "Army's ground force modernization initiatives."

Barno said the transition in leadership will force the Army to "take another serious look" at each one of its modernization programs. When the Army looks again at the cost versus the capability the GCV provides, Barno said he's not confident the service will continue with the program.

Dempsey and O'Neill had directed industry to focus its efforts on soldier technology, dismounted operations and the squad. The Army chief wanted the Army to take a bottom-up approach versus the top-down review the service traditionally used when looking at modernization.

O'Neill also worked closely with Pentagon acquisition chief Ashton Carter on the Defense Department's drive to find efficiencies and reduce overhead costs. The Army will have the challenge of balancing the coming reset from the wars in Iraq and Afghanistan with modernization programs like the GCV while defense spending continues to shrink, Carafano said.

"The cost of resetting the force is going to be huge, so they are going to have to make some really big tradeoffs here," Barno said.

Dempsey seemed to be the perfect fit to usher the Army through this transition set up by his time at TRADOC, Barno said. However, the Army's loss is the Pentagon's gain.

"It's really unfortunate for the Army but great news for the nation because I think Dempsey is a terrific pick," Barno said.