Cybersecurity operators at the Defense Department are “not keeping pace” with their adversaries around the globe, according to a Pentagon memo.
“This trend must be reversed if the DOD is to retain the ability to effectively assess DOD systems and train service members against realistic cyberthreats,” Maj. Adrian Rankine-Galloway, a spokesman for the department’s operational test and evaluation office, told the Daily Beast.
According to the memo, the Pentagon employs approximately 50 “red team” operators to test military systems and weapons, about one-third of the number it needs.
A significant problem is that such specialists, who pose as bad guys and simulate cyberattacks on American infrastructure and develop applicable defense mechanisms, are being lured away by higher paying jobs in the private sector. Rankine-Galloway referred to an “almost non-stop pace of events for all cyberteams,” which “limited the red teams’ ability to study the adversary’s cyberattack techniques.”
The deficiency drew the attention of 26 House members led by Jackie Speier, D-Calif., who sent a letter to Defense Secretary Ash Carter urging action.
“In addition to innovative compensation, red teams should be manned, trained, and equipped with sufficient well-qualified personnel to meet the anticipated demand,” the group wrote Tuesday. “Red teams need the tools and skills to emulate a nation-state adversary, they need certification standards to ensure proper manning at journeyman and master levels, and a comprehensive retention plan to ensure a stable workforce.
“It is critical that we not only maintain the ranks and expertise of existing DOD cyber red team personnel, but that we make significant investments in their capabilities, training, and retention,” they added.
The group pointed to the August intrusion on a server belonging to the Joint Chiefs of Staff as one area of concern. In addition to the JCS, the State Department, the White House, and the Office of Personnel Management have also been hacked in the past year. The incidents have generally been traced to the Russian and Chinese governments.
The report is the latest to corroborate a deficiency in cybersecurity efforts that defense officials have repeatedly asserted exists.
“Whether it is the Russians in the Ukraine, [the Islamic State] in the Middle East, North Koreans here in our own country or China in the South China Sea, our adversaries are merging information capabilities to achieve operational and even strategic effects,” Army Cyber Command chief Lt. Gen. Edward Cardon said in August.
Cardon added, “The question is: Can we adapt? Do we have the will to intellectually converge?”
