Commentary Magazine


Contentions

Another Cyberattack: 24,000 Files Stolen From Pentagon Computers

Consider this a followup to yesterday’s post about the abysmal state of our cyberdefenses, and about how the last thing we should be doing is cutting the budget for electronic warfare. This morning, Deputy Defense Secretary William J. Lynn III rolled out the Pentagon’s newest new cyberstrategy (cue this post about DOD’s fixation on changing management schemes), and as part of the rollout, he related an anecdote from March.

Apparently, someone penetrated the Pentagon’s computers and transferred 24,000 files to parts unknown. Oops:

The Defense Department lost 24,000 files to “foreign intruders” in the spring in what appears to be one of the most damaging cyberattacks to date on the U.S. military, a top Pentagon official acknowledged Thursday. But Lynn said that, over the past few years, all manner of data has been stolen, some of it mundane, some of it concerning “our most sensitive systems, including aircraft avionics, surveillance technologies, satellite communications systems, and network security protocols… It is a significant concern that over the past decade, terabytes of data have been extracted by foreign intruders from corporate networks of defense companies,” Lynn said.

The article goes on to note how in 2008 malicious code penetrated classified Pentagon servers after someone stuck an infected thumb drive into their laptops. The phrase “digital beachhead” makes an appearance, as does the phrase “spread undetected.” Terrific.

In other news, the hacking group Anonymous stole 90,000 military emails and passwords from Booz Allen Hamilton last week and released them on Monday. Someone in the company forgot to lock down a server properly, and that was all it took. The concern is that those same email/password combinations will work on multiple systems – because no one ever listens to security specialists who advise against reusing passwords on multiple accounts – which would expose classified systems. Presumably that risk has been mitigated, and everyone affected has changed vulnerable passwords. But the incident begs a more fundamental question: given that this unsecured server was just sitting there on the Internet, how many “foreign intruders” got there before Anonymous did? And how long did they have to test out the emails and passwords they lifted?

I’m borrowing this analogy from a CSIS briefing paper, but if someone backed a truck into the Pentagon, smashed out all the windows, loaded the truck with 24,000 files, and then drove away – that’s something that would make the news. People would mention it. But because we don’t appreciate the extent or impact of ongoing cyberwarfare, the March incident won’t even be a blip in the news cycle. It’s positively surreal.

The only thing that’s more surreal is the suggestion we should shift resources away from cybersecurity and into entitlements, lest someone ask seniors to wait a few more months before they become eligible for Medicare. What an unmitigated disaster that would be.


Join the discussion…

Are you a subscriber? Log in to comment »

Not a subscriber? Join the discussion today, subscribe to Commentary »





Welcome to Commentary Magazine.
We hope you enjoy your visit.
As a visitor to our site, you are allowed 8 free articles this month.
This is your first of 8 free articles.

If you are already a digital subscriber, log in here »

Print subscriber? For free access to the website and iPad, register here »

To subscribe, click here to see our subscription offers »

Please note this is an advertisement skip this ad
Clearly, you have a passion for ideas.
Subscribe today for unlimited digital access to the publication that shapes the minds of the people who shape our world.
Get for just
YOU HAVE READ OF 8 FREE ARTICLES THIS MONTH.
FOR JUST
YOU HAVE READ OF 8 FREE ARTICLES THIS MONTH.
FOR JUST
Welcome to Commentary Magazine.
We hope you enjoy your visit.
As a visitor, you are allowed 8 free articles.
This is your first article.
You have read of 8 free articles this month.
YOU HAVE READ 8 OF 8
FREE ARTICLES THIS MONTH.
for full access to
CommentaryMagazine.com
INCLUDES FULL ACCESS TO:
Digital subscriber?
Print subscriber? Get free access »
Call to subscribe: 1-800-829-6270
You can also subscribe
on your computer at
CommentaryMagazine.com.
LOG IN WITH YOUR
COMMENTARY MAGAZINE ID
Don't have a CommentaryMagazine.com log in?
CREATE A COMMENTARY
LOG IN ID
Enter you email address and password below. A confirmation email will be sent to the email address that you provide.