WASHINGTON — The Pentagon is moving toward a major expansion of its
cybersecurity force to counter increasing attacks on the nation’s
computer networks, as well as to expand offensive computer operations on
foreign adversaries, defense officials said Sunday.
The expansion would increase the Defense Department’s Cyber Command by
more than 4,000 people, up from the current 900, an American official
said. Defense officials acknowledged that a formidable challenge in the
growth of the command would be finding, training and holding onto such a
large number of qualified people.
The Pentagon “is constantly looking to recruit, train and retain world
class cyberpersonnel,” a defense official said Sunday.
“The threat is real and we need to react to it,” said William J. Lynn
III, a former deputy defense secretary who worked on the Pentagon’s
cybersecurity strategy.
As part of the expansion, officials said the Pentagon was planning three
different forces under Cyber Command: “national mission forces” to
protect computer systems that support the nation’s power grid and
critical infrastructure; “combat mission forces” to plan and execute
attacks on adversaries; and “cyber protection forces” to secure the
Pentagon’s computer systems.
The move, part of a push by Defense Secretary
Leon E. Panetta to bolster the Pentagon’s cyberoperations, was first reported on The Washington Post’s Web site.
In October, Mr. Panetta warned in dire terms that the United States was facing the possibility of a “
cyber-Pearl Harbor”
and was increasingly vulnerable to foreign computer hackers who could
dismantle the nation’s power grid, transportation system, financial
network and government. He said that “an aggressor nation” or extremist
group could cause a national catastrophe, and that he was reacting to
increasing assertiveness and technological advances by the nation’s
adversaries, which officials identified as China, Russia, Iran and
militant groups.
Defense officials said that Mr. Panetta was particularly concerned about
a computer attack last August on the state oil company Saudi Aramco,
which infected and made useless more than 30,000 computers. In October,
American intelligence officials said they were increasingly convinced
that the Saudi attacks originated in Iran. They described an emerging
shadow war of attacks and counterattacks already under way between the
United States and Iran in cyberspace.
Among American officials, suspicion has focused on the “cybercorps”
created in 2011 by Iran’s military, partly in response to American and
Israeli cyberattacks on the Iranian nuclear enrichment plan at Natanz.
There is no hard evidence, however, that the attacks were sanctioned by
the Iranian government.
The attacks emanating from Iran have inflicted only modest damage. Iran’s
cyberwarfare
capabilities are weaker than those of China and Russia, which
intelligence officials believe are the sources of a significant number
of attacks on American companies and government agencies.
The expansion of Cyber Command comes as the Pentagon is making cuts
elsewhere, including in the size of its conventional armed forces.