Coast Guard Rolls Out Cyber Strategy
As cyber threats grow more pervasive, the Coast Guard is investing more resources to detect and stop attacks on its networks that occur on a daily basis, said the service’s commandant June 16.
Adm. Paul Zukunft unveiled the service’s newcyber strategy during a speech at the Center for Strategic and International Studies, a Washington, D.C.-based think tank.
The new strategy — which focuses on defending the Coast Guard in cyber space, enabling operations and protecting infrastructure — will help the service respond to the rapid increase of network intrusions that target the United States, he said.
Having good work force hygiene online is critical to defending the Coast Guard’s networks, he said.
“We have very distributed work forces and our weakest leak in all of our systems is not our architecture,” he said. “The weakest link in all of this is my human resource capital.”
Every day someone within the Coast Guard falls for an online scam that launches a virus and compromises the service’s network, he said. “It is a daily occurrence in the U.S. Coast Guard where we have an internal patch that we need to apply because somebody took a short cut.”
To combat the issue, the service recently created its own internal cyber command that employs 70 specialists, most of whom are enlisted Coast Guard personnel, he said.
“Seventy people … may not sound like a lot, but they can have awareness across our full operating domain in cyber within the Coast Guard,” Zukunft said. “Daily they can look at where there potential leaks are … and then go out and fix them.”
Keeping the service’s networks clear of intrusions and hackers is critical as the Coast Guard expands its missions across the globe, he said. It currently operates on five continents.
“Just over a week ago we were able to interdict six go-fast vessels over a 36-hour period over an area the size of North America,” he said. “I was able to vector aircraft and ships … [and] interdict all six of the vessels and remove over four tons of cocaine. That would not be possible without the ability to operate in the cyber domain.”
When mariners go out to sea, and especially into international waters, Zukunft said he always encourages them to carry location beacons in case something goes amiss and they need help. But a cyber attack on the service’s network could degrade a rescue mission.
“If you’re in distress, I will find you,” Zukunft said. “But I will not find you if there is a disturbance in the cyber cloud.”
The Coast Guard also wants to protect critical infrastructure, Zukunft said. Ports have physical protections such as secure fences around the perimeter to prevent security breaches, but now there are invisible threats in the form of cyber attacks that are just as dangerous, he said.
The service worked closely with the Department of Homeland Security, U.S. Cyber Command, the FBI and the Department of Justice to draft the strategy, Zukunft said.