The Department of Defence released the unclassified version of its first cyberspace operations strategy, but the blueprint comes too late to have prevented breaches.
Outgoing Deputy Secretary William Lynn revealed during his speech to announce the strategy that the agency was victimised by a major incident in March, when foreign hackers broke into the computers of an unnamed military contractor and stole 24,000 sensitive Pentagon files.
And attacks against defence networks also have resulted in the loss of data about missile tracking systems, satellite navigation devices, unmanned surveillance drones and jet fighters, Lynn said.
An unclassified summary of the strategy, outlined how DoD operated in cyberspace - the fifth warfighting domain it said, next to land, water, air and space - and safeguarded its networks.
The report proposed increasing network resiliency and beefing up the US military's cybersecurity capabilities to ensure Defence operated in the event of a major compromise.
“The cyberthreats we face are urgent, sometimes uncertain and potentially devastating as adversaries constantly search for vulnerabilities,” Lynn said.
"Our infrastructure, logistics network and business systems are heavily computerised. With 15,000 networks and more than seven million computing devices, the [Defence Department] continues to be a target in cyberspace for malicious activity.”
Because it was an unclassified version of the plan, it did not have full details, according to reports citing Marine Corps Col. Dave Lapan. For example, It did not include offensive cyber operation plans or how the department would respond to an attack. The classified report was 40 pages long.
The unclassified portion of the strategy said the department will prepare soldiers for situations including "degraded cyberspace operations for extended periods and disruption during a mission".
To bolster the security of its networks, the department deployed a system of sensors, software and intelligence to detect and prevent intrusions and vulnerabilities in real time.
Secretary of Defence Leon Panetta said it must prepare for increased threats.
“It is critical to strengthen our cyber capabilities to address the cyberthreats we're facing,” Panetta said.
The plan emphasised the importance of partnerships with agencies such as the Department of Homeland Security, the private sector and foreign nations.
“Our success in cyberspace depends on a robust public-private partnership,” said Lynn, the Pentagon's second-highest-ranking civilian, who will vacate his post later this summer. “The defence of the military will matter little unless our civilian critical infrastructure is also able to withstand attacks.”
Last October, Defence and Homeland Security announced plans to align their cybersecurity capabilities to better protect US networks.
The agreement, signed by the recently retired US defense secretary Robert Gates and Secretary of Homeland Security Janet Napolitano, outlined a framework whereby the agencies can provide cybersecurity support to one another. It was intended to improve collaboration as the two departments carry out their respective cybersecurity missions.
And it was an effort to move past previous agency turf wars.
The Defence Department will build its roster of civilian and military personnel by creating new programs to attract skilled workers and to streamline hiring.