WASHINGTON — The U.S. Defence Department is extending a pilot program to help protect its prime defence contractors, an effort the Obama administration can use as a model to prevent hackers and hostile nations from breaching networks and stealing sensitive data.
The move comes as cybersecurity officials warn of increasingly sophisticated cyberattacks against U.S. defence companies, including data related to critical Pentagon weapons systems and aircraft.
Officials at the Department of Homeland Security are reviewing the program, with an eye toward extending similar protections to power plants, the electric grid and other critical infrastructure.
Efforts to better harden the networks of defence contractors come as Pentagon analysts investigate a growing number of cases involving the mishandling or removal of classified data from military and corporate systems. Intrusions into defence networks are now close to 30 per cent of the Pentagon’s Cyber Crime Center’s workload, according to senior defence officials. And they say it continues to increase.
The Pentagon’s pilot program represents a key breakthrough in the Obama administration’s push to make critical networks more secure by sharing intelligence with the private sector and helping companies better protect their systems. In many cases, particularly for defence contractors, the corporate systems carry data tied to sensitive U.S. government programs and weapons.
So far, the trial program involves at least 20 defence companies. It will be extended through mid-November amid ongoing discussions about how to expand it to more companies and subcontractors.
“The results this far are very promising,” said William Lynn, the deputy secretary of defence who launched the program in May. “I do think it offers the potential opportunity to add a layer of protection to the most critical sectors of our infrastructure.”
He said the program has been able to block hundreds of intrusions into the defence companies, including some that were very sophisticated.
Lynn, who will leave office in early October, said the Pentagon is reviewing the costs of extending the program and so far it does not seem to be prohibitive. He said the government should move as quickly as possible to expand the protections to other vital sectors.
A senior DHS official said no decisions have been made, but any effort to extend the program — including to critical infrastructure — faces a number of challenges.
The official, who spoke on condition of anonymity because the program review is ongoing, said it would be helpful if Congress would pass legislation that explicitly says DHS is responsible for helping private sector companies protect themselves against cyberattack. Also, the legislation should say that companies can be protected from certain privacy and other laws in order to share information with the government for cybersecurity purposes, the official said.
Senior U.S. leaders have been blunt about the escalating dangers of a cyberattack, and have struggled to improve the security of federal networks while also encouraging the public and corporate America to do the same.
“Cyber actually can bring us to our knees,” said Adm. Mike Mullen, chairman of the Joint Chiefs of Staff, adding that at some point the Pentagon may need to develop some type of governing structure similar to how the U.S. and allies monitor and limit nuclear weapons.
Data compiled by the Defence Cyber Crime Center shows that the number of investigations handled by analysts there has more than tripled over the past 10 years. And a growing number of them involve defence contractors, including those participating in the pilot program.
Housed near Washington, the so-called DC3 employs about 100 digital examiners who sift through millions of bytes of data in the digital forensics lab. Stacks of hard drives line the shelves, and clear plastic evidence bags are filled with a vast expanse of computer technology — from cellphones and tiny flash drives to iPads, Wii consoles and Nintendo games.
The analysts dissect intrusions, malware and other attacks that have breached or tried to burrow into the defence contractors’ computer systems. And while those investigations are just a small fraction of the lab’s work, the number has grown steadily over the past three years.