A top U.S. defense official has revealed new details about a major cyber attack in 2008, the most significant compromise of military computers known to date. The details of the attack, published this week in the bi-monthly magazine Foreign Affairs, not only outlines government efforts to counter that attack, but ongoing efforts by the U.S. military to create a broader cyber security strategy.
According to the report, which was authored by Deputy Secretary of Defense William Lynn, the attack began after an infected flash drive was inserted into a U.S. military laptop at a base in the Middle East. The malicious code on the drive spread undetected on both classified and unclassified systems establishing what Lynn describes as a digital beachhead that allowed the attackers to transfer data to servers under foreign control.
The report says the intrusion served as a wake-up call and marked a turning point in U.S. cyberdefense strategy.
It was not, however, the only successful penetration.
Attacks of U.S. military networks have increased dramatically over the past 10 years, Lynn says, and U.S. military and civilian networks are probed and scanned thousands of times every day.
David Gewirtz, a cyberterrorism advisor for the International Association for Counterterrorism and Security Professionals says Lynn's release of the report was important because it helps spread awareness about the types of threats we face. "If you think about it, the threat was started by something everybody encounters every day,a simple flash drive," he said.
Gewirtz says that publicizing such information helps keep people on the defense as well as on the offense in terms of preparing for threats. "People don't really pay attention to the fact that something as simple as an iPod could provide a degree of threat if a payload is put onto the device," he said.
Dean Cheng, a research fellow at the Heritage Foundation in Washington D.C., says the report highlights the increasing importance of maintaining an upper hand when it comes to information systems and technology.
"The point of the report is saying is that the United States understands this as well. That we are taking measures. But that any potential opponent should be under no misimpression that the United States is either unable or unwilling to contest this vital realm of national security," Cheng said.
Larry Clinton, president of the Internet Security Alliance, an organization that lobbies for corporate security interests, says the report highlights growing concern among those in the field that not enough attention is being paid to cyber security. "The amount of threat is dramatically increasing, and the response, both on the government side and to some degree even on the private sector side, has not been sufficient to match it, so I think there is a number of people who are trying to ring the alarm bell," Clinton said.
In Lynn's report, he does not say who was responsible for the attack, he only points to a foreign intelligence agency. He does add that U.S. advesaries have aquired thousands of files from U.S. networks and from the networks of U.S. allies and industry partners, including weapons blueprints, operational plans and surveillance data.
Lynn says that many militaries across the globe are developing offensive capabiities in cyber space and that more than 100 foreign intelligence organizations are trying to break into U.S. networks.
He adds that cyber threats are not only limited to military targets, and that hackers and foreign governments are increasingly able to launch sophisticated intrusions into networks that control the civilian infrastructure.
David Gewirtz says this is the case because of the growing connectivity to the Internet in the United States. "We have so much infrastructure that is tied to the internet now such as emergency response services, hospital systems, traffic control systems, power and water supply systems, that anyone of those things can be compromised in a variety of different ways," he said.
Lynn's report outlines what the military has been doing to beef up its defenses and to shift its mindset to adapt to cyber threats. He says the National Security Agency has pioneered systems that now use U.S. intelligence capabilities to automatically deploy defenses to counter intrusions to defense and intelligence networks in real time.
Earlier this year in May, the Pentagon inaugurrated the establishment of the U.S. Cyber Command, which will become fully operational in October. The command integrates cyber defense operations across the military.
Lynn also points to the importance of that making use of the private sector's innovation. He notes that for example, the iPhone, which was developed in 24 months, was created in less time than it takes the Pentagon to prepare a budget and receive congressional approval for it.