WASHINGTON — The commander of the new Pentagon unit charged with protecting the military's computer networks wants to create a secure network for government computer systems and those of critical industries, such as power and water.
That strategy of walling off critical computer networks from the rest of the Internet "is probably where you're going to get to, and it makes a lot of sense," said Army Gen. Keith Alexander, who heads the recently launched U.S. Cyber Command. Alexander also directs the National Security Agency, which conducts electronic surveillance on foreign targets.
Alexander testified before the House Armed Services Committee on Thursday morning on the role of the Cyber Command in defending its networks and helping to secure those of the critical private industries.
In remarks to reporters Wednesday, he said that adequately securing the critical systems likely will require the formation of a team including the FBI, Department of Homeland Security and the Department of Defense. Each agency has its own authorities — the FBI to investigate crimes such as computer hacking, for instance. DHS is the lead agency in working with the critical sectors. The Defense Department currently has authority to defend only its own networks but may assist DHS if asked, Alexander said.
The White House is conducting a review to determine the best approach and whether it will require Congress to grant new authorities, he said.
Creating what some have called a dot-secure is not a new idea. Several companies proposed it in 2005, but it did not gain traction. The former director of national intelligence, Mike McConnell, advocated it earlier this year.
But some in industry were skeptical of the notion.
It would be impractical and "unbelievably expensive," said Joe Weiss, a cybersecurity expert for control systems in critical industries.
"It would be very difficult to try to interconnect all these different companies, including the government," Weiss said. "This isn't just one entity where you walk a wire around Potomac Electric. You have all the neighboring utilities that you need to connect to. You would also have all the other major industrial operations — and with Smart Grid, conceptually, every home-owner. This is not simple."