The Washington Post reports: Defense official discloses cyberattack.
Now it is official: The most significant breach of U.S. military computers was caused by a flash drive inserted into a U.S. military laptop on a post in the Middle East in 2008.
* * *
"It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary."
[Deputy Defense Secretary William J.] Lynn's decision to declassify an incident that Defense officials had kept secret reflects the Pentagon's desire to raise congressional and public concern over the threats facing U.S. computer systems, experts said.
The complete Washington Post article is at the link above or here. The underlying information was declassified for a Foreign Affairs article to be released imminently.
UPDATE: The Foreign Affairs article "Defending a New Domain" is here. It includes:
Information technology enables almost everything the U.S. military does: logistical support and global command and control of forces, real-time provision of intelligence, and remote operations. Every one of these functions depends heavily on the military's global communications backbone, which consists of 15,000 networks and seven million computing devices across hundreds of installations in dozens of countries. More than 90,000 people work full time to maintain it. In less than a generation, information technology in the military has evolved from an administrative tool for enhancing office productivity into a national strategic asset in its own right. The U.S. government's digital infrastructure now gives the United States critical advantages over any adversary, but its reliance on computer networks also potentially enables adversaries to gain valuable intelligence about U.S. capabilities and operations, to impede the United States' conventional military forces, and to disrupt the U.S. economy.
* * *
The cyberthreat does not involve the existential implications ushered in by the nuclear age, but there are important similarities. Cyberattacks offer a means for potential adversaries to overcome overwhelming U.S. advantages in conventional military power and to do so in ways that are instantaneous and exceedingly hard to trace. Such attacks may not cause the mass casualties of a nuclear strike, but they could paralyze U.S. society all the same. In the long run, hackers' systematic penetration of U.S. universities and businesses could rob the United States of its intellectual property and competitive edge in the global economy.
These risks are what is driving the Pentagon to forge a new strategy for cybersecurity. The principal elements of that strategy are to develop an organizational construct for training, equipping, and commanding cyberdefense forces; to employ layered protections with a strong core of active defenses; to use military capabilities to support other departments' efforts to secure the networks that run the United States' critical infrastructure; to build collective defenses with U.S. allies; and to invest in the rapid development of additional cyberdefense capabilities. The goal of this strategy is to make cyberspace safe so that its revolutionary innovations can enhance both the United States' national security and its economic security.
For more information, see Foreign Affairs. A free registration provides access to the full-length article.
Leave a Reply