Various news outlets like the New York Times are reporting that the Deputy Secretary of Defense William J. Lynn III  stated that an unnamed US defense contractor's computer system had been penetrated in March and that some 24,000 files pertaining to an unnamed military system had been stolen.

Secretary Lynn's disclosure came in a speech yesterday at the National Defense University announcing the US Department of Defense Strategy for Operating in Cyberspace (PDF).

Secretary Lynn said in his speech that the US cyber strategy primarily was defensive in nature, but again reiterated that the US would not shy away from taking the initiative in defending itself. He stated that the strategy rested on five pillars, which are summarized in an American Forces Press Service story: treat cyber as a domain; employ more active defenses; support the Department of Homeland Security in protecting critical infrastructure networks; practice collective defense with allies and international partners; and reduce the advantages attackers have on the Internet.

Secretary Lynn also said in regard to cyber attacks against the US military establishment that:

"When looking across the intrusions of the last few years, some of the stolen data is mundane, like the specifications for small parts of tanks, airplanes, and submarines.  But a great deal of it concerns our most sensitive systems, including aircraft avionics, surveillance technologies, satellite communications systems, and network security protocols.  The cyber exploitation being perpetrated against the defense industry cuts across a wide swath of crucial military hardware, extending from missile tracking systems and satellite navigation devices to UAVs and the Joint Strike Fighter."

Secretary Lynn told reporters after his speech that the information in the 24,000 files taken in March "was data-related to systems that are being developed for the Department of Defense," reported the AFP.

The AFP story also reported Secretary Lynn as saying that the:

" '... compromised information relative to the design of military equipment' but had not 'set us back in terms of the development of the system.' "

Exactly what that statement means is a more than a bit unclear. It almost sounds as if the information taken wasn't too important.

Secretary Lynn also said he did not think the intrusion was related to the SecurID breach or related attacks around the same time.

Secretary Lynn did state, however, that that cyber attack "... was done, we think, by a foreign intelligence service."

"In other words, a nation state was behind it."

Secretary Lynn declined to state which nation state he thought it was, or what the US had done to discourage it from doing so again in the future.

PHOTO: iStockphoto

The Conversation (0)

Why the Internet Needs the InterPlanetary File System

Peer-to-peer file sharing would make the Internet far more efficient

12 min read
An illustration of a series
Carl De Torres

When the COVID-19 pandemic erupted in early 2020, the world made an unprecedented shift to remote work. As a precaution, some Internet providers scaled back service levels temporarily, although that probably wasn’t necessary for countries in Asia, Europe, and North America, which were generally able to cope with the surge in demand caused by people teleworking (and binge-watching Netflix). That’s because most of their networks were overprovisioned, with more capacity than they usually need. But in countries without the same level of investment in network infrastructure, the picture was less rosy: Internet service providers (ISPs) in South Africa and Venezuela, for instance, reported significant strain.

But is overprovisioning the only way to ensure resilience? We don’t think so. To understand the alternative approach we’re championing, though, you first need to recall how the Internet works.

Keep Reading ↓Show less