Deputy Secretary of Defense William Lynn recently caused a stir in official Washington by publicly confirming that the Pentagon had suffered a massive computer breach in 2008. A foreign intelligence service successfully slipped an infected flash drive into a Central Command computer. The drive contained software that surreptitiously spread through both classified and unclassified government networks, establishing a "digital beachhead, from which data could be transferred to servers under foreign control." According to Lynn, "it was a network administrator's worst fear."
In addition to confirming the breach, Lynn previewed the Defense Department's cyber strategy, expected to be finalized by the end of the year. The strategy has several elements, including a defense in depth, with three layers: first, follow commercial best practices on security; second, deploy sensors, which map and detect intrusions; and, third, conduct "active defense." Lynn describes active defense as a system that automatically deploys defenses in real time based on intelligence warnings. According to Lynn, "part sensor, part sentry, part sharpshooter, these active defense systems represent a fundamental shift in the U.S. approach to network defense." This reference to "sharpshooters" raises questions, for it implies a more active role for the Defense Department. More at link