Jul 16 2011

Pentagon Discloses Largest Ever Cyber Theft

Pentagon Cyber Theft(AP) WASHINGTON – The Pentagon on Thursday revealed that in the spring it suffered one of its largest losses ever of sensitive data in a cyberattack by a foreign government. It is a dramatic example of why the military is pursuing a new strategy emphasizing deeper defenses of its computer networks, collaboration with private industry and new steps to stop “malicious insiders.”

William Lynn, the deputy secretary of defense, said in a speech outlining the strategy that 24,000 files containing Pentagon data were stolen from a defense industry computer network in a single intrusion in March. He offered no details about what was taken but said the Pentagon believes the attacker was a foreign government. He didn’t say which nation.

“We have a pretty good idea” who did it, Lynn said in an interview before the speech. He would not elaborate.

Read the full Defense Department strategy (pdf)
ZDNet’s Larry Dignan on the security breach

Many cyberattacks in the past have been blamed on China or Russia. One of the Pentagon’s fears is that eventually a terrorist group, with less at stake than a foreign government, will acquire the ability to not only penetrate U.S. computer networks to steal data but to attack them in ways that damage U.S. defenses or even cause deaths.

The Pentagon has long worried about the vulnerability of its computer systems. The concern has grown as the military becomes more dependent not only on its own computers but also on those of its defense contractors, including providers of the fuel, electricity and other resources that keep the military operating globally.

Lynn said intrusions in the last few years have compromised some of the Pentagon’s most sensitive systems, including surveillance technologies and satellite communications systems. Penetrations of defense industry networks have targeted a wide swath of military hardware, including missile tracking systems and drone aircraft, he said.