Pentagon Discloses Massive Data Theft, Lays Out New Security Strategy

A targeted attack on a defense contractor in March of this year resulted in the theft of 24,000 files by an unknown attacker, according to Defense Department officials. The attack, which officials say was the work of a foreign government, would represent one of the more serious known attacks on the department and its contractors.

In a speech Thursday in which he unveiled the Department of Defense Strategy for Operating in Cyberspace, William J. Lynn, deputy defense secretary, said that the attack was just one of thousands such intrusions that the government and its contractors suffer every year.

"The critical infrastructure the military depends upon also extends to the private companies that build the equipment and technology we use.  Their networks hold valuable information about our weapons systems and their capabilities.  The theft of design data and engineering information from within these networks undermines the technological edge we hold over potential adversaries," Lynn said in his speech.

"It is a significant concern that over the past decade, terabytes of data have been extracted by foreign intruders from corporate networks of defense companies.  In a single intrusion this March, 24,000 files were taken."

Lynn did not specify what kind of data that was stolen or who specifically the department thinks is responsible. The federal government and its contractors always have been clear targets for foreign governments and private groups looking to disrupt U.S. operations or gain some insight on defense, economic or other plans. As far back as the infamous "Cuckoo's Egg" attack in 1986--and likely long before that--foreign governments have been working to compromise sensitive systems and extract data.

In his speech, Lynn reiterated that the U.S. may well respond to cyberattacks with physical force.

"It should come as no surprise that the United States is prepared to defend itself. It would be irresponsible, and a failure of the Defense Department’s mission, to leave the nation vulnerable to a known threat. Just as our military organizes to defend against hostile acts from land, air, and sea, we must also be prepared to respond to hostile acts in cyberspace. Accordingly, the United States reserves the right, under the laws of armed conflict, to respond to serious cyber attacks with a proportional and justified military response at the time and place of our choosing," Lynn said.

As for the Defense Department's new strategy, much of it is similar to other documents that the Obama administration and the Bush administration before it have released, outlining the parameters of network defense and national security. But the new strategy goes farther in a couple of respects, including the section that spells out the department's intention to use procurement as a way to improve security and a section that lays out the DoD's plan for a continuous active defense system.

"The high point of the strategy, in terms of impact on the nation's ability to protect its networks and systems, is Initiative 5. Part of the impact of this Initiative comes from the promise of innovative recruiting and training activities. But the larger part comes from the promise of deployment of the federal procurement infrastructure to provide incentives to vendors to build safer and more defensible systems and software," said Alan Paller, director of research at The SANS Institute. "Procurement is the only major leverage the nation has -- its $75 billion IT expenditure. Leveraging that to 'persuade' companies to deliver safer systems is THE big step forward. However, the procurement Initiative works only for future systems that are touched by the procurement process."

Commenting on this Article is closed.