America's defense agency is having trouble defending itself, as the largest-ever cyber attack on the Pentagon lent a sense of urgency to the institution's push to safeguard defense secrets and networks by bolstering cyber security.
Deputy U.S. Secretary of Defense William Lynn said that hackers stole 24,000 sensitive defense department files in a single March operation. He said that the Pentagon believes the attack came from a nation rather than a lone hacker or a group but declined to elaborate, saying only that officials had a pretty good idea of who was responsible. He added that while previous cyber attacks are believed to have emanated from Russia or China, hostile terrorist groups pose a greater threat because they would be less fearful of repercussions.
If a terrorist group gains disruptive or destructive cybertools, we have to assume they will strike with little hesitation, Lynn said in a speech at the National Defense University.
A spate of cyber attacks on various government entities, from the U.S. Senate to the Central Intelligence Agency, has led to the arrests of hackers including a 19-year-old arrested in Essex for his alleged role in the LulzSec group's believed attack on the CIA website. They have also exposed the vulnerability of the government's networks in an age of cyber warfare. At his Senate confirmation hearing last month, new U.S. Defense Secretary Leon Panetta cited a strong likelihood that the next Pearl Harbor would be a debilitating cyber attack aimed at government networks or energy grids, and he has vowed to make bolstering cyber security a priority.
Lynn added to those fears, noting that cyber attacks have already targeted secrets relating to surveillance technologies and military technology like unarmed drones. According to military's cyber command, about 250,000 potential attackers scope out the Pentagon's defenses each hour.
U.S. Marine Gen. James Cartwright, vice chairman of the Joint Chiefs of Staff, said that our networks are really our lifeblood and noted that the Pentagon's cyber warfare on strategy is focused primarily on protecting itself. If it's OK to attack me and I'm not going to do anything other than improve my defenses every time you attack me, it's difficult to deter future attacks, Cartwright said.
The Pentagon has already been working with the tech industry to construct a new set of safeguards and try to make its systems more agile and responsive. Such protections are needed especially for the many contractors the federal government employs. The Pentagon is also working on a policy to treat cyber attacks as a crime.