The Pentagon wants more funding to protect its computer networks from attack as Congress considers legislation to allow intelligence agencies to share information about potential threats with the private sector.
The Defense Department’s spending on so-called cyberspace operations would jump 21 percent to $4.7 billion in fiscal 2014, which begins Oct. 1. The figures are part of President Barack Obama’s budget request, released on April 10, two months after the statutory deadline.
While the budget proposal may not get much traction in Congress due to the gulf between Republicans and Democrats over taxes and spending, there is some bipartisan agreement that the Pentagon should increase its investment in priorities such as cybersecurity.
The House on April 17 is expected to debate the Cyber Intelligence Sharing and Protection Act. The bill, H.R. 624, was sponsored by Rep. Mike Rogers, R-Mich., chairman of the House Intelligence Committee, and co-sponsored by Rep. C.A. “Dutch” Ruppersberger, D-Md., the panel’s ranking member.
The legislation would allow agencies such as the Defense Department and National Security Agency to share anonymous information about cyber threats with the private sector. Like government agencies, companies from Google Inc. to Lockheed Martin Corp., the world’s largest defense contractor, have been targeted in computer attacks traced to groups in China and other countries.
Lockheed and L-3 Communications Holdings Inc. in 2011 had their networks disrupted after hackers gained codes to authenticating devices called RSA SecurID made by EMC Corp. (The tokens are also used by Military.com’s parent company, Monster Worldwide Inc.).
A Chinese espionage group since 2006 has stolen hundreds of terabytes of information from at least 141 companies across 20 major industries, including aerospace and defense, according to a February report from Mandiant, a closely held company based in Alexandria that sells information-security services.
Cyber theft is estimated to cost as much as $400 billion in economic losses a year and “many of the same vulnerabilities used to steal trade secrets can be used to attack the critical infrastructure we depend on every day,” according to a background briefing on the legislation.
The defense budget proposes increasing the department’s “investments in its cyber workforce,” Defense Secretary Chuck Hagel said during last week’s budget briefing.
The Pentagon over the next three years plans to hire more military and civilian personnel and contractors at U.S. Cyber Command. The employees will be part of regional teams in Maryland, Texas, Georgia and Hawaii.
The department is building a joint operations center for the command at Fort Meade, Maryland. Construction is slated to begin in 2014, with tenants occupying the facility in 2017.
The military will fund efforts to automatically detect vulnerabilities on classified networks, buy software that looks for suspect files, and support other operations to “detect, deter and, if directed, respond to threats,” according to an overview of the budget.
The boost in cybersecurity funding is part of a larger trend across the federal government. The Obama administration’s budget would spend more than $13 billion on such programs. That amounts to about 16 percent of the government’s $82 billion information-technology budget.