DOD boosts IT security role

The Marines have long been known as the nation's "911" force, ready to respond to any crisis, anywhere in the world. But the advent of crises in cyberspace has given rise to a new 911 force, with the Pentagon giving computer defense a more important role in military strategy.

The Joint Task Force for Computer Network Defense (JTF-CND), which monitors and defends the Pentagon's global information networks, last week became part of the U.S. Space Command.

The Defense Department formed the JTF-CND in December 1998 as an interim solution to coordinate and direct the defense of all Pentagon computer networks and systems. The JTF-CND has become a key component in the protection of DOD networks against a rising onslaught of hacker attacks and other malicious Internet activity, such as the "Melissa" virus [FCW, April 12].

The shift marks a significant departure in the Pentagon's focus on information security by institutionalizing it as part of the mission of a major command. Moreover, by assigning the JTF-CND mission to a major warfighting command headed by a four-star general, DOD has given computer network defense the political clout it needs. Spacecom is one of nine combat commands in DOD that are led by a four-star general officer; these nine "commanders in chief" answer directly to the secretary of Defense.

Maj. Perry Nouis, a spokesman for Spacecom, said the JTF-CND transition will take "as long as necessary" and initially will include adding at least 20 officers and enlisted personnel to the roster.

While plans call for boosting the number of people involved in the JTF-CND mission to 100 during the coming year, "right now it's all coming out of [our] hide," Nouis said.

Despite the change in command structure, Nouis said the JTF-CND would remain co-located with the Defense Information Systems Agency's Global Network Operations and Security Center in Arlington, Va.

The GNOSC is DISA's command center for conducting real-time intrusion detection and cyber counterintelligence across DOD networks. The JTF-CND mission is aimed at real-time monitoring and defense of DOD's global information infrastructure.

Spacecom also becomes the beneficiary of a large-scale investment in information technology infrastructure to support the JTF-CND's headquarters and operations facility. DOD has invested $200,000 in equipment and architecture planning to support the current GNOSC.

Speaking at a recent ribbon-cutting ceremony that celebrated the JTF-CND reaching its final operational capability, Maj. Gen. John Campbell, the JTF-CND commander, called the effort to revitalize and transform old work space into the GNOSC "Herculean" in nature.

The JTF-CND has filled 22 of the 24 required positions in the GNOSC, with DISA providing key technical and equipment support.

Of the 35 personnel in the headquarters, 15 are liaison officers from the National Security Agency, the Defense Intelligence Agency, other federal law enforcement agencies and Canada.

Filled with dozens of computer work-stations, six large-screen displays and secure telephones, the GNOSC is where network management and protection come together, said Army Col. Larry Huffman, commander of the GNOSC. Through a sophisticated sensor grid and high-speed network architecture, the GNOSC provides a view into the state or health of the Defense Information Infrastructure, which supports up to 20 million telephone calls and 120 classified video teleconferencing sessions per day.

"We bring an operational focus" to computer network defense, said Army Col. Larry Frank, chief of the JTF-CND's Operations Division. "We don't fix computers," he said.

In addition, when it comes to hacker activity, the command is not too concerned about hacks of World Wide Web pages, Frank said. The command primarily focuses on attacks that have the potential to degrade the DII's ability to support

DOD's warfighting commands. "There's no operational requirement for Web pages to get information out to the public," Frank said.

The six workstations that comprise the JTF's watch station are supported by duplicate and redundant terminals providing access to the Non-Classified Internet Protocol Router Network and the Secret Internet Protocol Router Network. When the architecture is complete, the GNOSC also will have secure telephone connectivity to all of the national agencies in the Washington, D.C., area, including NSA and the National Infrastructure Protection Center.

"We spent the last nine months working on relationships here in the D.C. area," said Melissa Bohan, a spokeswoman for the JTF-CND.

Bohan said that although the JTF is only one part of the CND mission, the proximity of several national critical infrastructure protection agencies indicates that there always will be a need for some part of the JTF residing close to Washington.

Deputy secretary of Defense John Hamre called the creation of the JTF-CND an "unbelievable accomplishment." In the future, when the department looks back on today's threat of an electronic Pearl Harbor, the most important message will be "how [DOD] prepared in advance [and] that we were able to respond," Hamre said. "That's what the JTF is all about. These folks have been at war for the last six months."