Various news outlets like the New York Times are reporting that the Deputy Secretary of Defense William J. Lynn III stated that an unnamed US defense contractor's computer system had been penetrated in March and that some 24,000 files pertaining to an unnamed military system had been stolen.
Secretary Lynn's disclosure came in a speech yesterday at the National Defense University announcing the US Department of Defense Strategy for Operating in Cyberspace (PDF).
Secretary Lynn said in his speech that the US cyber strategy primarily was defensive in nature, but again reiterated that the US would not shy away from taking the initiative in defending itself. He stated that the strategy rested on five pillars, which are summarized in an American Forces Press Service story: treat cyber as a domain; employ more active defenses; support the Department of Homeland Security in protecting critical infrastructure networks; practice collective defense with allies and international partners; and reduce the advantages attackers have on the Internet.
Secretary Lynn also said in regard to cyber attacks against the US military establishment that:
"When looking across the intrusions of the last few years, some of the stolen data is mundane, like the specifications for small parts of tanks, airplanes, and submarines. But a great deal of it concerns our most sensitive systems, including aircraft avionics, surveillance technologies, satellite communications systems, and network security protocols. The cyber exploitation being perpetrated against the defense industry cuts across a wide swath of crucial military hardware, extending from missile tracking systems and satellite navigation devices to UAVs and the Joint Strike Fighter."
Secretary Lynn told reporters after his speech that the information in the 24,000 files taken in March "was data-related to systems that are being developed for the Department of Defense," reported the AFP.
The AFP story also reported Secretary Lynn as saying that the:
" '... compromised information relative to the design of military equipment' but had not 'set us back in terms of the development of the system.' "
Exactly what that statement means is a more than a bit unclear. It almost sounds as if the information taken wasn't too important.
Secretary Lynn also said he did not think the intrusion was related to the SecurID breach or related attacks around the same time.
Secretary Lynn did state, however, that that cyber attack "... was done, we think, by a foreign intelligence service."
"In other words, a nation state was behind it."
Secretary Lynn declined to state which nation state he thought it was, or what the US had done to discourage it from doing so again in the future.
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.