DOD database to fight cybercrime
The Defense Department is on the verge of completing a common database to aid the defense and intelligence communities in battling cybercrime
The Defense Department is on the verge of completing a common database to
aid the defense and intelligence communities in battling cybercrime, according
to the new commander of the Pentagon's Joint Task Force for Computer Network
Defense.
The database will enable those involved in computer emergency response
across DOD, the intelligence agencies and the FBI to share information critical
to protecting their networks against intruders.
The database is in the final stages of development and likely will be
"an operational reality" in early 2001, said Maj. Gen. James Bryan, who
commands the JTF-CND.
"Having the ability to create a common database and to share that database
allows us to take advantage of modern Web techniques in regard to management,
reporting and alerting," said Bryan, who also serves as the vice director
of the Defense Information Systems Agency.
One of the main benefits, according to Bryan, is that the department
will be able to collect data on cyberattacks or attempted attacks, categorize
them and better understand them.
"Storing them in a database that can be shared means we can profile
the threats so that we can see patterns of activity that will allow us to
do a much better job of understanding and describing what's going on and
taking the proper actions to counter it," Bryan said.
"Also, I think a shared database allows people to do what humans do
best, and that is to share ideas," he said. "The really qualified people
in this computer network warfare business are a fairly small community of
experts, and this database will provide them a forum and opportunity not
only to share data but to share ideas as well."
The database is only one of several initiatives the task force is undertaking
to build its arsenal of cyberwarfare weaponry. Others include developing
automated technologies for monitoring the network, reporting intrusion events
and improving response time.
"We've got to develop more real-time intrusion detection and ways of
reporting without becoming intrusive ourselves," Bryan said. "We're developing
technology that will allow us to automatically sense whether our firewalls
have the right configuration within them or whether the antivirus updates
are in fact up to date."
NEXT STORY: Agencies get cyberattack guidance