For the Department of Defense, President Donald Trump’s new cybersecurity strategy means additional authority to hack foreign countries. But for the cybersecurity industry, the new American doctrine could mean a lucrative payday.
A strategy document, released Sept. 20, reveals that the plan allows for more offensive cyber operations and that Defense Department leaders “will make greater use of (commercial) capabilities that can be optimized for DoD use.”
The approach could lead to increased business opportunities for cybersecurity contractors, Deon Viergutz, vice president of Lockheed Martin Cyber Solutions, one of four primary DoD cybersecurity contractors, told Fifth Domain in an email. “The President’s National Cyber Strategy and the Department of Defense Cyber Strategy further reinforce the groundswell of support for the growing cyber mission needs and requirements.”
A September report from Frost & Sullivan, a market research organization, also said the use of commercial cybersecurity tools is expected to “accelerate” in the coming years.
“For the most sensitive networks, the government is likely to use [National Security Agency]-approved equipment. But for the bulk of material the government will use off-the-self software,” said Brad Curran, an analyst at Frost & Sullivan.
For offensive equipment, Curran said it is likely the government is purchasing technologies and modifying them, but added it is difficult to know for sure because the information is classified.
A key component of the updated Defense Department cyber doctrine is the plan to “defend forward,” meaning the ability to “disrupt or halt malicious cyber activity at its source.”
In the past, the NSA has hacked digital infrastructure used by China’s People Liberation Army, “then made their way upstream and hacked into the computers from which the PLA was conducting their operations,” Ben Buchanan, an assistant teaching professor at Georgetown University wrote in a Sept. 25 blog post for the Council on Foreign Relations.
“The modern conception of defending forward gives the military authority to conduct similar kinds of operations and perhaps also the ability to interfere directly with adversary operations by manipulating their devices and infrastructure.”
Still, publicly available information provides little insight into how commercial products are already used by government cyber professionals. What is known is that government requests for information on cyber-related matters are proliferating.
In an Aug. 27 announcement, the U.S. Army’s Cyber Center of Excellence said it was searching for offensive tools that could penetrate local area networks, Bluetooth devices and cellular equipment. In addition, more than half of the new challenges or programs announced this year by the intelligence community’s investment arm, IARPA, involve machine learning or predictive analytics.