WASHINGTON — The Pentagon must be able to hunt cyberthreats on the private networks of defense companies in order to strengthen national cybersecurity, according to one of the leaders of the Cyber Solarium Commission.
Rep. Mike Gallagher, R-Wis., who co-chairs the commission, said in testimony before the House Armed Services Subcommittee on Intelligence and Emerging Threats and Capabilities that there must be greater visibility of these networks, in which much sensitive and classified information is kept.
“I think one of our biggest findings in the report was that while we are getting a better awareness of our own systems, we still — down to the level of some of our DoD contractors, subcontractors, all the small companies that work with the big defense primes — don’t have the level of visibility on the threat picture and the security of their networks that we need,” he said July 30.
“I just would argue that we need to figure that piece out because we just can’t be in the process of reacting to cyber intrusions after the fact. We have to identify those threats at a quicker timeline at which our adversaries can break out on networks.”
The Cyber Solarium Commission is a bipartisan organization created in the 2019 to develop a multipronged U.S. cyber strategy. The commission’s report, released in March, recommended Congress require the defense industrial base participate in threat intelligence sharing programs and threat hunting on their networks.
“Improving the detection and mitigation of adversary cyber threats to the DIB [defense industrial base] is imperative to ensuring that key military systems and functions are resilient and can be employed during times of crisis and conflict,” the report stated.
China has been accused of pilfering reams of data from the networks of defense companies, including plans for the F-35 fighter jet and sensitive data on U.S. Navy programs that, while not classified by themselves, can collectively provide vast strategic insight into Navy plans and operations, officials claim.
The commission’s report recommended that a threat-hunting program include Department of Defense threat assessment programs on DIB networks; incentives for companies to feed data collected from threat hunting to the DoD and the National Security Agency’s cybersecurity directorate; and coordination of DoD efforts with the Department of Homeland Security and the FBI.
Congress is calling for the creation of a threat-sharing model in this year’s defense authorization bill. The Senate’s version includes a provision to direct the defense secretary to establish a threat intelligence program “to share threat intelligence with, and obtain threat intelligence from, the defense industrial base.”
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.