The Pentagon will expand its cyber security force from 900 personnel to a massive 4,900 troops and civilians over the next few years following numerous concerns over the dangerously vulnerable state of their defenses, according to US officials.
The Washington Post exposed details of the plan for the wide-scale expansion late on Sunday. An official confirmed that plans for an extremely significant expansion were underway, but remained ambiguous about the precise figure.
US Defense Secretary Leon Panetta said earlier this month that a ‘cyber Pearl Harbor’ would soon hit the US.
Whilst the Washington Post reported the official statistic to be 4,900, a US official told Reuters that the exact figures were “pre-decisional,” whilst still confirming that Cyber Command was planning an enormous increase in the number of security personnel, potentially putting it on the same level as major combatant commands.
However, there are not yet any formal plans to change Cyber Command into a ‘unified’ command in the likeness of US Strategic Command, which is currently responsible for cyber security.
Included in the expansion would be the establishment of three separate forces united under the Cyber Command banner: ‘national mission forces’ (in charge of protecting computer systems that administer the US’s power grid and critical infrastructure); ‘combat mission forces’ (in charge of planning and executing attacks on enemies); and ‘cyber protection forces’ (in charge of Pentagon computer system security).
The Pentagon will be on the lookout for “world class cyber personnel,” to recruit, a defense official told the Washington Post on Sunday. They continued to report that as the expansion takes place, the Pentagon is making many cuts elsewhere, including in the size of its conventional armed forces.
An official who was not authorized to speak publicly told Reuters that any changes would be based on strategic and operational demands, and would take in to consideration the necessity to use taxpayers’ money efficiently.
It has frequently been pointed out that the United States is in dire need of improving its cyber defenses, and particular concern has been aired over a series of attacks which destroyed the functions of over 30,000 computers at the Saudi Arabian state oil company, Saudi Aramco, in October. The decision to expand the security force was also made late last year.
The US suspected that the attacks were orchestrated in Iran, and some officials stated the deep-rooted concern that full-on cyber warfare was emerging between the two countries.
On January 18, RT reported the concerns of US General William Shelton, who described the atmosphere in Iran following the Stuxnet virus attack which targeted Iran’s Natanz uranium enrichment facility.
“It’s clear that the Natanz situation generated a reaction by them. They are going to be a force to be reckoned with, with the potential capabilities that they will develop over the years and the potential threat that will represent to the United States,” he said.
A newsletter published by the Homeland Security Department’s Industrial Control Systems Cyber Emergency Response Team, (ICS-CERT Monitor), reported earlier this month that 2012’s cyber assault statistics demonstrated a ‘terrifying’ increase. While they identified 198 incidents last year, in 2009 that number was only nine.
These attacks are directed at important US infrastructure, and have been conducted primarily against the US’s energy sector, which accounted for 40 per cent of all reported incidents. The ICS-CERT Monitor additionally stated the belief that there are only 18 to 20 people in the whole country qualified to protect the nation from such concerted attacks.