Deputy U.S. Secretary of Defense William Lynn said that hackers stole 24,000 sensitive defense department files in a single March operation.The disclosure revealed one of the most devastating data breaches suffered by the Defense Department to date and marked the latest instance of hackers successfully penetrating the Pentagon’s cyber armor to obtain sensitive information.
He added that while previous cyber attacks are believed to have emanated from Russia or China, hostile terrorist groups pose a greater threat because they would be less fearful of repercussions.
“If a terrorist group gains disruptive or destructive cybertools, we have to assume they will strike with little hesitation,” Lynn said.
Back in 2008, a foreign intelligence agency placed malicious code on a flash drive that was inserted into a military laptop connected to a network run by the U.S. Central Command. “That code spread undetected on both classified and unclassified systems,” Lynn wrote in an article published last fall in Foreign Affairs magazine.
In May, military contractor Lockheed Martin revealed that its system was infiltrated by hackers. And on Monday, hackers breached the network of defense contractor Booz Allen Hamilton, releasing what the company reports to be 90,000 military email addresses and passwords.
“Their networks hold valuable information about our weapons systems and their capabilities,” Lynn said, referring to government contractors. “The theft of design data and engineering information from within these networks undermines the technological edge we hold over potential adversaries.
U.S. Marine Gen. James Cartwright, vice chairman of the Joint Chiefs of Staff, said that “our networks are really our lifeblood” and noted that the Pentagon’s cyber warfare on strategy is focused primarily on protecting itself. “If it’s OK to attack me and I’m not going to do anything other than improve my defenses every time you attack me, it’s difficult” to deter future attacks, Cartwright said.
The Pentagon has already been working with the tech industry to construct a new set of safeguards and try to make its systems more agile and responsive. Such protections are needed especially for the many contractors the federal government employs. The Pentagon is also working on a policy to treat cyber attacks as a crime.