DoD: ‘Terabytes’ of data lost to cyber snooping

DoD: ‘Terabytes’ of data lost to cyber snooping

By Philip Ewing Tuesday, August 16th, 2011 4:30 pm
Posted in Cyber Security

Deputy Defense Secretary Bill Lynn is keeping up his grim drumbeat about the dangers of cyber-warfare and cyber-espionage; he told an audience at the Defense Information Systems Agency on Tuesday that cyber-snooping has cost the U.S. ‘terabytes’ of information over the past few years, and gave a few new details about the nature of what has been lost:

“It is a significant concern that over the past decade, terabytes of data have been extracted by foreign intruders from corporate networks of defense companies.  In a single intrusion this March, 24,000 files were taken,” Lynn said. “When looking across the intrusions of the last few years, some of the stolen data is mundane, like the specifications for small parts of tanks, airplanes, and submarines.  But a great deal of it concerns our most sensitive systems, including aircraft avionics, surveillance technologies, satellite communications systems, and network security protocols.”

So this means the integrity of networks themselves — what they contain, their basic functions, and users’ ability to trust their security — must be another key area of focus for the defense and intelligence worlds, Lynn said. It’s worth taking an extended look at what he said:


To date, the most prevalent cyber threat has been exploitation of our networks.  By that, I mean the theft of information and data from both government and commercial networks. On the government side, foreign intelligence services have ex-filtrated military plans and weapons systems designs.  Commercially, valuable source code and intellectual property has likewise been stolen from business and universities.  The recent intrusions in the oil and gas sector and at NASDAQ join those that occurred at Google as further, troubling instances of a widespread and serious phenomenon.

This kind of cyber exploitation does not have the dramatic impact of a conventional military attack.  But over the long term it has a deeply corrosive effect.  It blunts our edge in military technology and saps our competitiveness in the global economy.

More recently, a second threat has emerged—and that is disruption of our networks.  This is where an adversary seeks to deny or degrade the use of an important government or commercial network.  And it happened in the denial of service attacks against Estonia in 2007 and Georgia in 2008.  The effect is usually reversible.  But the resulting economic damage and loss of confidence may not be.

To this point, the disruptive attacks we have seen are relatively unsophisticated in nature, short in duration, and narrow in scope.  In the future, more capable adversaries could potentially immobilize networks on an even wider scale, for longer periods of time.

The third and most dangerous cyber threat is destruction, where cyber tools are used to cause physical damage.  This development—which marks a strategic shift in the cyber threat—is only just emerging. But when you look at what tools are available, it is clear that this capability exists.  It is possible to imagine attacks on military networks or critical infrastructure—like our transportation system and energy sector—that cause severe economic damage, physical destruction, or even loss of life.

Of course, it is possible that destructive cyber attacks will never be launched.  Regrettably, however, few weapons in the history of warfare, once created, have gone unused.  For this reason, we must have the capability to defend against the full range of cyber threats.  This is indeed the goal of the Department’s cyber strategy, and it is why we are pursuing that strategy with such urgency.

Lynn makes the ongoing cyber-crisis sound like aviation in World War I — somewhat effective, but still crude as its practitioners refine their weapons and tactics. What Lynn and other top defense officials want with DoD’s new cyber-strategy, and warnings like these, is to prepare now before cyber-combat has advanced to its equivalent of World War II. What’s to be done? Lynn said the Pentagon, its vendors, and other federal agencies will cooperate to figure out what’s next:

We realize that we must help our partners protect their networks.  Toward that end, the Department of Defense, in partnership with DHS, has established a pilot program with a handful of defense companies.  In this Defense Industrial Base—or DIB—Cyber Pilot, classified threat intelligence is shared with defense contractors or their commercial internet service providers along with the know-how to employ it in network defense.  By furnishing this threat intelligence, we are able to help strengthen these companies’ existing cyber defenses.

The government has deep awareness of certain cyber threats.  We have what some have termed a “special sauce” of malicious code signatures gathered from various intelligence efforts. Loading these signatures onto existing systems dramatically increases the effectiveness of cyber security.  In this way, the DIB Cyber Pilot builds off existing capabilities that are widely deployed through the commercial sector.

Right now about 20 companies are involved in the 90-day pilot program.  It is important to note that the pilot is voluntary for all participants, that the U.S. government is not monitoring, intercepting, or storing any private sector communications, and that the pilot has already stopped hundreds of attempted intrusions.  The pilot also appears to be cost effective. In the coming months, we will expand the pilot to the rest of the industrial base, as well as other key areas of critical infrastructure.  DISA and industry partners will be crucial to making this initiative work.

The next question is: When — and how — will we know if it has?

Join the Conversation

Thunder350 August 16th, 2011 at 5:25 pm

China is just doing what any bank lender would do. When you can’t repay your loan, they come and take your stuff as payment.

blackdog125 August 16th, 2011 at 9:08 pm

I feel like this problem is a lot bigger than our failed acquisitions program

pp_muscimol August 17th, 2011 at 12:39 am

All those decades having the best universities/institutes/industry to provide front end technology were not necessary for them, …a thousand of kids with computers could steal 50 years of innovation/information and 1 billion of their fellow citizens could copy/clone the technology in no time. Cheaper with the plus of making a huge shortcut.

Besides, now the money to the universitites/R&D is less, and the industry wants to make so much profit that shoke us dow!

USCGA73 SACERDOS August 18th, 2011 at 2:23 pm

“I told you so is” sometimes said to be the worst thing to say to somebody(seminary training for the Chaplain Corps)but now a lot of us are almost ready to say that anyway,nonetheless.…, more than statements must be made, like now, like immediately like yesterday,like yesteryear!But rest assured we are gaining on this, just not fast enough to keep us happy,but prayerfully enough to keep us safe,I trust DoD and above will continue to guard our interestsand protect our lives and infrastructure.

Cryogenik28 August 18th, 2011 at 3:42 pm

We finally wake up to the idea that someone could actually hack us and steal our secrets after the internet has been around to the public for how many years?? Those dinosaurs in the pentagon and the joint chiefs need to hang out with a younger crowd to see what is happening under their noses — not to mention all the government contractors who also failed big time. Their all probably still programming in fortran. I can’t believe one of the biggest pieces of infrastructures isn’t the highest priority. No wonder the Chinese are catching up, we do all the R & D and they do all the stealing and building. Our dominance is eroding away with moronic management and politics.

David B August 22nd, 2011 at 8:55 am

During the revolutionary war Americans fought huge British forces from behind trees and fences causing severe damage to their structured military walking in nice neat formations. The British (at that time) had the best most advanced military of its time. In Iraq and Afghanistan rebel forces are holding off the worlds most advanced military forces with cell phones and IED’s, weapons that are years behind all of our technology. When are we going to learn that all of this technology is NOT our friend, but one of our biggest foes. It is time to deny access to ANY information, but stop the willfull use of the internet and start using stand alone computers and computer systems that are hardwired to each other and do NOT allow access from the outside in any manner. This includes the Government worker, or contractor employee who wants to work at home and have access to their files at their normal office

nun August 22nd, 2011 at 5:35 pm

No, they were stealing this well in advance.

*required

NOTE: Comments are limited to 2500 characters and spaces.

By commenting on this topic you agree to the terms and conditions of our User Agreement