DoD Cyberstrategy Unveiled; Critical Attack Revealed
Deputy Defense Secretary William J. Lynn III revealed information about this attack at a July 14 speech at the National Defense University in Washington, D.C., during which he unveiled the Pentagon’s first strategy for cyber-operations.
Officials believe the March attack was carried out by a foreign intelligence service, Lynn said, though he did not name a specific country. The files were stolen from corporate networks of defense companies, he said.
The unclassified version of the Pentagon’s strategy shows the Pentagon to be concerned with three areas of adversarial activity: the theft and exploitation of data; disruption and denial of service that affect availability of networks and access to information; and corruptive and manipulative actions that threaten to destroy or degrade networks and systems.
Theft from government and contractor computers just may be the biggest threat.
The Defense Department operates more than seven million computers over more than 15,000 networks around the world, and U.S. military networks are probed millions of times each day, according to the 13-page publicly released version of the strategy.
“Some of the stolen data is mundane, like the specifications for small parts of tanks, airplanes, and submarines,” Lynn said. “But a great deal of it concerns our most sensitive systems, including aircraft avionics, surveillance technologies, satellite communications systems and network security protocols.”
Hackers exploiting defense industry networks have targeted everything from missile tracking systems and satellite navigation to unmanned aircraft and the Joint Strike Fighter. Countermeasures taken to stop the theft of sensitive information have been unsuccessful, Lynn said.
The Pentagon is teaming up with the Department of Homeland Security to provide a handful of defense companies with more robust protection for their networks, he said. The program, called Defense Industrial Base Cyber Pilot, is an effort to share classified threat intelligence with contractors and their Internet service providers so they can better defend their networks. The initiative already has stopped intrusions, Lynn said.
The ultimate goal of the Pentagon’s new strategy for cyberspace is to prevent war, he said. And despite repeated overtures by defense officials about treating cyberspace like a battle domain, Lynn said that the strategy takes an approach that is “far from militarizing cyberspace.”
The “overriding emphasis is on denying the benefit of an attack,” he said. “Rather than rely on the threat of retaliation alone to deter attacks in cyberspace, we aim to change our adversaries’ incentives in a more fundamental way.”
The strategy will dissuade military actors from using the Internet for hostile purposes, Lynn said. Still, he made it clear that the military reserves the right to respond to a serious cyber-attack “with a proportional and justified military response at the time and place of our choosing.”
The Pentagon plans to use a mix of software, sensors and digital signatures within its networks to find and stop malicious code before it wreaks havoc with operations. Forces in each of the military services are being trained to thwart attacks. In addition, a half a billion dollars has been committed to accelerate research on advanced technologies for cyber defense.
“We imagine a time when computers innately and automatically adapt to new threats,” Lynn said.
Computer network intrusions will become a significant part of all future conflicts, whether they involve a nation, rogue state or terrorist group, he said.
In the 21st Century, Lynn said, “bits and bytes can be as threatening as bullets and bombs.”