Pentagon plans expansion of cyberthreat alert system

The Joint Chiefs of Staff is crafting a plan to require all military commands to create a new alert system that will track cyberthreats to Defense Department information systems.

Similar to the well-known Defense Conditions, or DEFCONs, that mark the military's status in response to traditional foreign threats, this new departmentwide program is based on a concept created by the U.S. Strategic Command (Stratcom), which directs the nation's nuclear forces.

Stratcom's system, called Information Conditions, or INFOCONs, is composed of a series of levels that are raised or lowered based on threats to the command's information technology systems. As a threat to systems increases, officials take additional protective measures, such as cutting connections to the Internet or monitoring all communications in real time. Officials at Stratcom first used the system in February when multiple DOD systems at various locations came under electronic attack.

The levels and corresponding actions that the new plan will recommend are classified, according to a Joint Chiefs spokesman. However, he said the program was designed because Stratcom recognized the need to standardize procedures for responding to threats to information systems throughout DOD. The new program, which will hold DOD systems administrators accountable for system intrusions by requiring them to put into place procedures to respond to the changing conditions, will begin this summer, the spokesman said.

Barry Collin, senior research fellow at the Stanford, Calif.-based Institute for Security and Intelligence, said the move to take the program across the commands is "the largest coordinated information technology response" in U.S. military history. Speaking from Stratcom, where command officials gathered last week to discuss the plan, Collin said assessing information conditions requires agency buy-in at every level.

"If one is under what appears to be an attack, how do you inform other agencies?" Collin asked. "A more formalized process will help us determine when there is a large-scale attack. This indicates awareness and really emphasizes the purpose of the joint command."

Duane Andrews, a former assistant secretary of Defense for command, control, communications and intelligence from the Bush administration and now a senior vice president at Science Applications International Corp., said the new program will be one of the most aggressive efforts the department has undertaken as part of its information assurance program.