Cyber Command in a nutshell
No offense intended…. And I won’t describe the details here, since the original essay asked for registration to even READ it… so you have to go elsewhere to open the nutshell.
Although there are many interesting things going on today, including the new ability to make phone calls through Gmail, I think that CNET’s Elinor Mills correctly identified one of the most IMPORTANT articles of the day, an essay in Foreign Affairs entitled “Defending a New Domain: The Pentagon’s Cyberstrategy” (free registration is required to read the entire essay), by William J. Lynn III, Deputy Secretary of Defense.
The CNET article focused on a major security breach disclosed in the essay – a malware-ridden flash drive that was inserted into a laptop at a U.S. military base in the Middle East in 2008 that led to the “most significant breach of” the nation’s military computers ever. The malware uploaded itself to the U.S. Central Command network and spread undetected on both classified and unclassified computers to establish a “digital beachhead” from which data could be transferred to computers under foreign control. The previously classified incident, and the Pentagon’s counterattack, Operation Buckshot Yankee, were a wake-up call. Lynn says that the malicious code on the flash drive was placed there by a “foreign intelligence agency.” (Note added August 30, 2010: “Friend” or “Foe…?” 
)
Since Lynn’s essay in Foreign Affairs asks for registration in order to read its contents, I will not circumvent that registration requirement here. Please read the original essay if you wish to learn any specifics beyond those divulged in the CNET article.
The essay names one computer technology company (Note added October 2, 2010: Why be shy? The company that Lynn thinks the Defense Department should emulate is Microsoft! Imagine!) that Lynn thinks the Defense Department should emulate with regard to risk-mitigation strategies to detect malicious code. I disagree. I believe in “track records” and do not believe that company to be a good model (IMHO). Since Lynn’s essay quotes the Albert Einstein letter to President Franklin Roosevelt warning Roosevelt of the possible development of an atomic bomb, I will respond to that discouraging suggestion with another quote attributed to Einstein: “Insanity: doing the same thing over and over again and expecting different results.” We need to learn from our mistakes, including the ones that allowed easy propagation of the malware on that flash drive above.
Lynn also went into specifics about current cycle times for projects, and how they need to be shortened. I was AMAZED at how long they are currently, and I agree that they MUST be shortened.
(Note added August 26, 2010: Some of Lynn’s statements were very interesting to me, especially in terms of an upcoming purchase of VeriSign’s “security business” by Symantec, and in terms of the VeriSign parts left “behind.”)
I found Lynn’s background as a Senior Vice President of Government Operations and Strategy at Raytheon, and as a lobbyist for Raytheon, to be interesting, in view of Lynn’s nomination and approval (Lynn said that he would sell all of his Raytheon stock), his essay, and Raytheon’s involvement in “Perfect Citizen.”
There is a section of the essay involved with “human capital.” Since dealing with humans is perhaps the weakest skill set of those in upper management (being, generally, Myers-Briggs “Thinking-Judging” types), I would like to mention a potential weakness in the plan, so that it can be remedied, if remediation is not already underway through HIRING.
There is a theory that, for software development, you need (for want of a better description) ONE “hippy programmer” for every 10 “grunt programmers” (no offense meant to any programmers out there). The “hippy programmer” is one who is struck with flashes of creative brilliance, and the “grunt programmers” are the folks who each write 80 lines of code daily to implement that brilliance. I do not see that Lynn’s plan allows for incorporation of the “hippy programmer.” I am not one myself (nor am I a grunt ), but I have had the extreme pleasure to have worked with many of them. Many of them have long hair (or NONE! ), beards (usually not the women ), unconventional attire and/or life styles, etc., but they are the folks the Defense Department needs to “think outside of the box” in attacking defended systems, and in preparation of creative defenses against people like themselves. (I agree with essay statements about “numbers” versus “quality.”)
I do not think that you can “train” someone to be creative, or to be a creative “hacker.” (Actually, I KNOW that you can’t, but it is sometimes hard to prove to opinionated folks. ) Especially, I do not believe that you can take someone from a very regimented, homogeneous environment and “retrain” them to be a creative hacker. Please, for the good of the country, try to recruit and retain these non-mainstream individuals, EVEN if you have to introduce the flexibility of an “Apple-like” or “Netscape-like” or “Google-like” environment to do so. (By the way, many of them would become hostile if you called them “human capital” to their faces! I know that I would.)
Well, that’s about all I can say without going into specifics. Please read Elinor Mills’ article and Mr. Lynn’s excellent, deep, and vague essay. And try to read between the lines….
-Bill at
Cheshire Cat Photo™ – “Your Guide to California’s Wonderland™”
You can view higher-resolution photos (*generally* 7-30 megabytes, compressed) at the Cheshire Cat Photo™ Pro Gallery on Shutterfly™, where you can also order prints and gifts decorated with the photos of your choice from the gallery. The Cheshire Cat Photo Store on Zazzle contains a wide variety of apparel and gifts decorated with our images of California. Framed prints and prints on canvas can be ordered from our galleries on redbubble®. All locations are accessible from here. Be a “Facebook Fan” of Cheshire Cat Photo here! If you don’t see what you want or would be on our email list for updates, send us an email at info@cheshirecatphoto.com.
©2010 William F. Hackett. All Rights Reserved.
