The U.S. Defense Department plans to start a pilot program offering the military’s cyber security tools to Internet service providers for use in detecting and stopping attacks on their networks.
The Pentagon is drafting a proposal to provide the country’s top Internet service providers with tools and techniques already available to a group of defense contractors for detecting and fixing cyber attacks, defense officials told lawmakers today.
The plan seeks to use Defense Department technology “with tier-one Internet service providers and see if we can do what we do with defense contractors,” General Keith Alexander, head of the U.S. Cyber Command, told the House Armed Services Committee’s panel on emerging threats and capabilities. The program may be expanded to more Internet providers if it proves successful, he said.
The Pentagon has assembled a group of 40 defense contractors that voluntarily share with the Defense Department information on attacks on their networks, malware and suspected data thefts, under a program called the Defense Industrial Base Information Sharing Environment. In exchange, the companies get help fixing weaknesses in their computer systems.
The same approach may be applied to Internet providers during a 90-day pilot program, James Miller, the principal deputy undersecretary of defense for policy, told lawmakers. He didn’t specify any companies that may participate in the project.
The program is in a “formative, pre-liftoff stage,” Miller said in an interview after his testimony. “We are working very closely with the Department of Homeland Security on details of how to proceed.”
The Defense Department also is looking to expand the defense contractors’ group to include more suppliers and is seeking $113 million for the project over the next five years, Miller said in his prepared testimony.