Saturday, July 16, 2011

24,000 data files stolen from defense contractor in massive cyber attack

Deputy Defense Secretary Bill Lynn said Thursday a massive cyber attack by a “foreign intelligence service” could force redesign of a new, developmental weapon system.

Lynn said 24,000 data files were stolen from an undisclosed defense contractor during a March intrusion. He declined to identify the weapon system or the defense contractor. He also would not discuss the identity of the “foreign intelligence service,” although he said, “We have a pretty good idea who did it.”

The discussion came during a Pentagon press conference focused on the Defense Department’s new strategy for operating in cyberspace.

Lynn was vague on how the attack might impact development of the weapon system.

“It set us back in terms of the development of the system,” he confirmed. “It compromised information relative to the design.”

Asked if redesign of at least elements of the system would be necessary, the secretary said, “We’re looking at that right now.”

The March attack is not an isolated incident, Lynn told the Pentagon press corps.

“Networks are scanned literally millions of times a year,” he said, “although the number of significant intrusions is much, much smaller. But it’s the scanning that leads to the information that feeds those intrusions. It’s on the increase and has been for the last five or six years … and that’s a troubling development.”

Lynn said the nation’s emerging cyber strategy could include traditional military retaliation, but only as a last resort.

“We would try and exhaust other options before turning to that,” he noted. “The thrust of the strategy is defensive. It is protecting the networks because those networks undergird all of our capabilities both offensive and defensive – the ability to strike, navigate, communicate.

Lynn, during a Thursday speech to the National Defense University in Washington D.C., said the objectives of cyber attacks in recent years have been relatively benign in most cases – specifications for small parts of tanks, airplanes and submarines. But much of the focus, he added, has been on more sensitive systems including aircraft avionics, surveillance technologies, satellite communications and network security protocols.

“The cyber exploitation being perpetrated against the defense industry cuts across a wide swath of our crucial military hardware,” he explained. “Current countermeasures have not stopped this outflow of sensitive information. We need to do more to guard our digital storehouses of design innovation.”

Read more:The Warner Robins Patriot - 24 000 data files stolen from defense contractor in massive cyber attack