America's enemies recognize that cyberattacks are a low-cost way to counter U.S. military might, a government watchdog agency said Monday, recommending that the Pentagon clarify the duties and command structure of its cyber workforce.
The Government Accountability Office, in a report released Monday, said the Pentagon has made progress setting up its new U.S. Cyber Command, but must set deadlines to lay out more detailed guidelines on how its cyber workforce fits together.
"The threat to Department of Defense (DOD) computer networks is substantial and the potential for sabotage and destruction is present," said GAO.
Defense officials have acknowledged that the department's networks get attacked or probed millions of times a day — with the bulk of the activity being less serious scans. Across the government, officials are struggling to beef up their defense of federal computer systems from hackers, criminals and enemies, including other nations.
GAO said the military has laid the foundation for the operation of its new Cyber Command, which is based at Fort Meade in Maryland, alongside the secretive National Security Agency.
But the Pentagon must now develop better training programs for staff, and determine what cyber jobs civilians can do, and which operations must be done by members of the military.
And it said the Pentagon must also clarify the responsibilities of Cyber Command and lay out the structure and duties of the Army, Navy, Air Force and Marine cyber components, so the smaller units know best how to support the main command.
In a response to GAO, Robert Butler, the deputy assistant defense secretary for cyber policy, said the Pentagon is working on those issues. But he did not lay out a timeline for completion.