A Pentagon cybersecurity budget outline calls for spending almost $23 billion through fiscal 2018, as efforts are expanded on initiatives from protecting computer networks to developing offensive capabilities.
The Defense Department already has proposed $4.65 billion for such programs in the fiscal year that begins Oct. 1, an 18 percent increase from the $3.94 billion budgeted this year. The five-year “cyber-expense” budget obtained by Bloomberg News calls for spending to remain elevated from past levels.
Defense Secretary Chuck Hagel this month cited “the growing threat of cyber-intrusions, some of which appear to be tied to the Chinese government and military.” His predecessor, Leon Panetta, said last year that “a cyber-attack perpetrated by nation states or violent extremist groups could be as destructive as the terrorist attack of 9/11.”
The budget outline shows “increased investment will be made in protecting critical infrastructures,” cyber-attack capabilities “for use against our adversaries and enhancing overall security of DoD networks and systems,” Harry Raduege, chairman of Deloitte LLP’s Center for Cyber Innovation in Washington, said in a statement.
Increased U.S. spending on computer security may benefit defense contractors, including SAIC Inc. and Northrop Grumman Corp., in a time when other Pentagon spending is declining, according to data compiled by Bloomberg Government.
The Pentagon plans to request $4.72 billion in fiscal 2015, declining to $4.61 billion in 2016 and $4.45 billion the next year, then rising to $4.53 billion in 2018, according to the budget document.
It calls for requesting $9.3 billion through 2018 for information-assurance systems aimed at blocking hackers and preventing disruptions of information on Pentagon computers, and $8.9 billion for cyber-operations, which include both defensive and offensive capabilities.
Among national-security documents disclosed last week, the U.K.-based Guardian newspaper reported that President Barack Obama issued a directive in October saying “Offensive Cyber Effects Operations” can provide “unique and unconventional capabilities to advance U.S. national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging.”
Developing and sustaining such offensive capabilities “may require considerable time and effort if access and tools for a specific target do not already exist,” according to the directive. It says the government should identify targets of national importantance that “can offer a favorable balance of effectiveness and risk.”
In the Air Force’s budget proposal for the coming fiscal year, the service said funds for “offensive cyberspace operations” are “needed to exploit enemy networks, telephony, integrated air defense systems, electronic warfare operations and command and control systems.”
Air Force documents indicate the service will use existing Governmentwide Acquisition Contracts, such as those known as Alliant and Encore II, to buy “a wide range of commercially available products and services that should be able to meet many requirements related to offensive cyberspace operations.”
The U.S. Cyber Command’s headquarters is projected to receive $405 million in fiscal 2015, up from $236 million proposed for 2014 and $182 million provided this year. The command would receive as much as $1.28 billion through 2018.
Army General Keith Alexander, who leads the Cyber Command, told the House Armed Services Committee in March that his organization is working to change doctrine and training so that combat commanders “‘can think, plan and integrate cyber’’ just as they would the use of air, land and sea weapons.
The command said that in fiscal 2014 it will be developing specific offensive and defensive capabilities for the U.S. Pacific and Central commands, which cover China and Iran.
The Pentagon said in its latest annual report on China’s military that it has targeted U.S. government computers with intrusions seeking sensitive data.
Iran’s developing ability to mount computer attacks will make it ‘‘a force to be reckoned with,” General William Shelton, the head of the U.S. Air Force Space Command, told reporters in January.