ASPEN, Colo. -- The Defense Department's second-ranking official said Thursday that the military was about to deploy roughly 4,000 people in the Pentagon's first units devoted to conducting cyberoffense and defense operations, a new mission that formalizes U.S. use of a class of weapons the Obama administration has rarely discussed in public.
"I wanted to start this fast," Deputy Defense Secretary Ashton B. Carter said at the opening of the Aspen Security Forum, an annual meeting on domestic security. Even at a time of budget cutbacks, he said, "we're spending everything we think we can spend wisely" on developing the skills to conduct and defend against cyberattacks from abroad. The New York Times is a media sponsor of the forum.
In a wide-ranging interview, Mr. Carter also said that after examining how Edward J. Snowden, a former contractor for the National Security Agency, downloaded top-secret material about U.S. surveillance programs, the Defense Department had ordered new protections against what he called "the insider threat."
First among the new procedures is a "two-man rule," based on the model of how nuclear weapons are handled, which requires two computer systems administrators to be working simultaneously when they are inside systems that contain highly classified material. No individual, he said, would be able to download the material without the other one signing off -- much as two technicians must sign off on work on warheads.
"This was a failure to defend our own networks," Mr. Carter said of the Snowden case. "It was not an outsider hacking in, but an insider." The lesson, he said, was that even systems administrators, who have wide-ranging access, must not be able to operate all by themselves.
Mr. Carter, a physicist and former Harvard professor who has worked at the Pentagon since the start of the Obama administration, blamed the problem largely on decisions made after the investigations into the intelligence failures surrounding the September 11, 2001, terrorist attacks. Those attacks were blamed in large part on the reluctance of intelligence agencies and the FBI to share information.
Now, he said, the sharing had gone too far, because the United States puts "enormous amounts of information "in one place, a practice that may be accelerated as agencies put more data into cloud systems."
That enabled Mr. Snowden, working largely from an NSA outpost in Hawaii, to download everything from details of the Prism surveillance system to the text of a secret order from the Foreign Intelligence Surveillance Court, whose rulings are supposed to stay classified.
The question of whether intelligence-sharing had gone too far -- away from traditional compartmentalization -- was debated in 2010 after the revelations by WikiLeaks, based on huge databases downloaded by Pfc. Bradley Manning. At the time, the Defense Department promised changes, including putting in alarm systems that would activate when an individual downloaded large amounts of data.
Mr. Carter strongly suggested that those changes, which also included Pentagon videos and 250,000 State Department cables, were insufficient. But his call for change is bound to raise questions about whether the government is restoring a system that, ultimately, was blamed for many of the failures to "connect the dots" before the Sept. 11 attacks, when the FBI and intelligence agencies were barely sharing critical information.
The description of the Pentagon's new cyberteams -- to be under the command of Army Gen. Keith B. Alexander, who directs the NSA as well as the U.S. Cyber Command -- was the most detailed yet of one of the military's most closely held projects. The administration recently conceded that it was developing cyberweapons. Future operations run by Cyber Command, Mr. Carter suggested, would be focused on the teams. "The teams are new, and they are in addition to the NSA workforce," he said.
Twenty-seven of the 40 new teams will focus on cyberdefenses, Gen. Alexander has said. Thirteen will be directed toward creation of new cyberweapons. Included among the documents Mr. Snowden made public was a presidential directive, signed last fall by President Barack Obama, providing guidelines for conducting both defensive and offensive operations. It reserves to the president the decision about whether to conduct cyberattacks.world - interact