Spies Steal Weapons Data form Pentagon and Defense Contractors

“In the 21st Century, bits and bytes can be as threatening as bullets and bombs,” said Deputy Defense Secretary William J. Lynn III during a speech related to a new cyber-security program the Pentagon is unveiling.  He continued, “Keystrokes originating in one country can impact the other side of the globe in the blink of an eye.” 

If one accepts the premise of Mr. Lynn’s alliterative insight, bits & bytes are equal to bullets & bombs, then it might be unsettling for one to learn that this past March, 24,000 files were extracted from the network of an undisclosed U.S. defense contractor by an unnamed (or unknown) group of cyber hackers. 

What was on those stolen files?  According to Mr. Lynn, some of the information was “mundane, like the specifications for small parts of tanks, airplanes, and submarines.  But a great deal of it concerns our most sensitive systems, including, aircraft avionics, surveillance technologies, satellite communications systems, and network security protocols.” 

And when prodded by the press to disclose further details regarding the cyber spies behind the digital infiltration, Mr. Lynn added, “It was done, we think, by a foreign intelligence service.  In other words, a nation state was behind it.”  

This is not the first time the U.S. has been the victim of a cyberattack.  Or, for that matter, the first time a nation state was implicated in a cyber attack against the U.S.  In fact, Lockheed Martin, the country’s largest defense contractor experienced a self-described “significant and tenacious” cyberattack this past May.  Allegedly, Chinese hackers were involved in this assault, which breached Martin’s internal network by exploiting their VPN access system.  The specific intelligence and information compromised in this attack has not yet been disclosed.  

“It is a significant concern that over the past decade, terabytes of data have been extracted by foreign intruders from corporate networks of defense companies,” Mr. Lynn said. 

With regards to the increasing importance of cyber security, he stated, “Our assessment is that cyber attacks will be a significant component of any future conflict, whether it involves major nations, rogue states or terrorist group.  Just as our military organizes to defend against hostile acts from land, air and sea, we must also be prepared to respond to hostile acts in cyberspace.”

The Pentagon’s new plan, “Department of Defense Strategy for Operating In Cyperspace” (DSOC) is the first comprehensive cybersecurity plan to address the interconnectedness and codependence of government agencies and their private counterparts.  The plan is based upon five initiatives:

–    Treat cyberspace as an operational domain to organize, train, and equip so that the DoD can take full advantage of cyberspace’s potential. 

–    Employ new defense operating concepts to protect DoD networks and systems.

–    Partner with other U.S. government departments and agencies and the private sector to enable a whole-of-government cybersecurity strategy.

–    Build robust relationships with U.S. allies and intentional partners to strengthen collective cybersecurity.

–    Leverage the nation’s ingenuity through an exceptional cyber workforce and rapid technological innovation.

Critics of the plan, like former senior Homeland Security Department and National Security Agency official Stewart Baker told the Washington Times that it was “not completely comforting.”  Moreover, “It’s like hearing that our nuclear-war strategy is to build more fallout shelters.  Even the ones (cyber defense systems) we hope to have tomorrow will not deter adversaries or deny them the benefits of an attack.” 

Marine Corps Gen. James Cartwright, vice chairman of the Joint Chiefs of Staff also criticized the overall defensive-minded approach the DoD has taken in the past and told a defense writers group, “We have spent 90 percent of the time focusing on building the next firewall, and only 10 percent on what we might do to keep them from attacking us.”

In the end, there may be something to that argument echoed by Daryl White, U.S. Department of the Interior, “You can’t hold firewalls and intrusion detection systems accountable.  You can only hold people accountable.”  That is to say, the key to stopping cyber spies is not by building superior networks and defense systems, it’s by taking swift and decisive action against the spies themselves.

Read More On:

Latest Reviews

Loading