WASHINGTON — The Pentagon is moving toward a major expansion of its cybersecurity force to counter increasing attacks on the nation’s computer networks, as well as to expand offensive computer operations on foreign adversaries, defense officials said Sunday.
The expansion would increase the Defense Department’s Cyber Command by more than 4,000 people, up from the current 900, an American official said. Defense officials acknowledged that a formidable challenge in the growth of the command would be finding, training and holding onto such a large number of qualified people.
The Pentagon “is constantly looking to recruit, train and retain world class cyberpersonnel,” a defense official said Sunday.
“The threat is real and we need to react to it,” said William J. Lynn III, a former deputy defense secretary who worked on the Pentagon’s cybersecurity strategy.
As part of the expansion, officials said the Pentagon was planning three different forces under Cyber Command: “national mission forces” to protect computer systems that support the nation’s power grid and critical infrastructure; “combat mission forces” to plan and execute attacks on adversaries; and “cyber protection forces” to secure the Pentagon’s computer systems.
The move, part of a push by Defense Secretary Leon E. Panetta to bolster the Pentagon’s cyberoperations, was first reported on The Washington Post’s Web site.
In October, Mr. Panetta warned in dire terms that the United States was facing the possibility of a “cyber-Pearl Harbor” and was increasingly vulnerable to foreign computer hackers who could dismantle the nation’s power grid, transportation system, financial network and government. He said that “an aggressor nation” or extremist group could cause a national catastrophe, and that he was reacting to increasing assertiveness and technological advances by the nation’s adversaries, which officials identified as China, Russia, Iran and militant groups.
Defense officials said that Mr. Panetta was particularly concerned about a computer attack last August on the state oil company Saudi Aramco, which infected and made useless more than 30,000 computers. In October, American intelligence officials said they were increasingly convinced that the Saudi attacks originated in Iran. They described an emerging shadow war of attacks and counterattacks already under way between the United States and Iran in cyberspace.
Among American officials, suspicion has focused on the “cybercorps” created in 2011 by Iran’s military, partly in response to American and Israeli cyberattacks on the Iranian nuclear enrichment plan at Natanz. There is no hard evidence, however, that the attacks were sanctioned by the Iranian government.
The attacks emanating from Iran have inflicted only modest damage. Iran’s cyberwarfare capabilities are weaker than those of China and Russia, which intelligence officials believe are the sources of a significant number of attacks on American companies and government agencies.
The expansion of Cyber Command comes as the Pentagon is making cuts elsewhere, including in the size of its conventional armed forces.