美网络司令部与国民警卫队打造共享恶意软件门户网(英文)

2020-06-10 智邦网

编译 致远

据fifthdomain网2020年6月9日报道,6月9日,美国网络司令部宣布,由网络司令部和国民警卫队联合创建的新门户网提供了用于共享恶意软件信息的双向接口,以更好地了解国家面临的网络威胁。

名为“赛博9线”( Cyber 9-Line)的该门户网可使各州参与的国民警卫队部队与网络司令部快速共享相关事件信息。

网络司令部的精英“网络国家任务部队”组织旨在扰乱特定国家恶意软件的行动,开展相关分析并向各州反馈情况以有效应对该事件。

这种级别的合作和反馈形式为地方、州和国防部提供了全面掌控美国及本土外所发生的威胁情况。应对重大网络事件需要整个政府、军队构建双向通信和数据共享链路,协同行动。

美国防部称,网络司令部这种“前沿防御”(defend forward)的新作战理念和模式为国防部防御网络攻击通过了明确思路,旨在威胁到达美国之前就预有准备、先发制人。

通过全天候操作运营和称为“预先搜索”(hunt forward)等其他操作方式,美国网络操作人员在网络上部署到其他国家,网络司令部利用其特有手段来洞察对手的活动,有关部门可通过共享或其他手段了解观察到的情况。

Cyber Command creates new malware sharing portal with National Guard

A new portal created by U.S. Cyber Command and the National Guard provides a two-way interface for sharing malware and gain better insights into cyber threats facing the nation, according to a June 9 release from the command.

This portal, called Cyber 9-Line, allows participating Guard units from their perspective states to quickly share incidents with Cyber Command. Cyber Command’s elite Cyber National Mission Force, which conducts operations aimed at disrupting specific nation state actors, is then able to provide analysis on the malware and offer feedback to the states to help redress the incident.

“This level of cooperation and feedback provides local, state and Department on Defense partners with a holistic view of threats occurring in the United States and abroad,” said Brig. Gen. William Hartman, commander of the Cyber National Mission Force and the lead for Cyber Command’s election security group. “Dealing with a significant cyber incident requires a whole-of-government defense, bidirectional lines on communication and data sharing enables the collective effort to defend elections.”

In recent years, the Department of Defense has been working to determine how to use its full time cyber force within Cyber Command to protect the nation from pervasive cyber threats.

U.S. Cyber Command’s new operating philosophy of “defend forward” has helped clarify how the Department of Defense can protect the United States from cyberattacks, a Pentagon official said April 23.

The command has followed a new paradigm called defend forward that seeks to preempt threats before they reach the United States. Through daily operations and other actions known as “hunt forward,” in which U.S. cyber operators deploy to other nations on their networks, Cyber Command is able to use its unique authorities to gain insights on adversary activity. Those insights can either be shared or used to take some type of action.

The Cyber 9-Line is the first step within the information exchange program set up in 2019 by the Joint Cyber Command and Control program office, under the direction the National Guard adviser to Cyber Command, leaders said.

Thus far, 12 states have completed the registration process and can benefit from DoD resources. This includes tools such as Cyber Command’s Big Data Platform, which synchronizes information and correlates it allowing forces to act on available information collected from sensors and operations.

The Big Data Platform also provides information and reports from previous threats and malware samples.

“The CNMF, via the National Guard, may enable states to quickly identify additional indicators of threats, which then states can then implement and defend themselves quicker than ever before,” Col. Samuel Kinch, the National Guard Advisor to Cyber Command, said. “That’s going to be a huge collective win for us all.”

Cyber Command said this portal was already used during an incident in Dorchester County, Maryland, which reported a ransomware attack in January.

“These relationships have been cultivated for many years via personal connections made by our Citizen-Airmen, which allows us to respond quickly,” Col. Reid Novotny, Maryland National Guard J6, said. “Knowing that the Maryland Department of IT was handling restoration and the FBI was doing investigation, the 175th Cyber Operations Group provided the connectivity to the national resources located in our backyard at USCYBERCOM through a Cyber 9-line.”

While still in its infancy, officials explained the Cyber 9-Line has already made an impact.

States in recent months have fallen victim to costly ransomware attacks in which Guard units have had to respond.

Responding to ransomware across states is a new mission for the National Guard and it doesn’t show signs of going away anytime soon.

The National Guard is considered a critical resource for the DoD’s cyber bench considering many personnel serve as cyber or IT professionals in their day jobs.


相关信息

美陆军新任计划执行官谈“泰坦”计划及联合全域指挥控制(英文)

俄先期研究基金会完成“萨尔玛”无人潜航器设计开发(英文)

美特战司令部打造6亿美元最大规模全球数据分析平台(英文)

美国防部提出最新5G实验频谱共享关键目标(英文)

美国政府问责局:美国防部网络安全缺乏整体规划(英文)

美特种作战司令部不断拓展航天业务(英文)

美国政府问责局:国防部应加强IPv6整体规划(英文)

英国BAE系统公司将为DARPA Squad X项目提供自主功能

美特战司令部设立专职机构加强软件与AI开发(英文)

美国会问责局:美福特号航母存在重大技术问题(英文)

欧防局推出智能化通用开放士兵作战体系架构(英文)