Defense contractors get a cyber assist from NSA
Spy agency working with Internet providers to scan for malicious code
- By Kevin McCaney
- Jun 17, 2011
Cyberattacks against government contractors have become such a threat that the National Security Agency is offering its own scanning tools to protect e-mail and other digital communications for major defense contractors, the Washington Post reports.
NSA uses sophisticated data sets to scan traffic for malicious activity, the Post reported. It began last month working with Internet providers AT&T, Verizon and CenturyLink, formerly Qwest Communications, to offer its scanning to contractors on a voluntary, trial basis, according to the article. The service is being offered to 15 contractors, including Lockheed Martin, Computer Sciences Corp., Northrop Grumman and Science Applications International Corp.
The nature of their work makes defense contractors likely targets for cyber attacks from foreign governments and other sources. Lockheed Martin and L-3 Communications, for example, recently suffered breaches. The contractors all rank among the top 20 companies providing systems integration and IT services to the government.
RSA confirms its tokens used in Lockheed hack
Ongoing storm of cyber attacks is preventable, experts say
Deputy Defense Secretary William J. Lynn III, speaking at a security conference in Paris, said the approach could eventually be applied to other companies involved in the nation’s critical infrastructure, the Post reported.
The recent spate of cyber attacks has thrown a spotlight on potential acts of cyber espionage and cyber war.
The attack on Lockheed was carried out with information on RSA Security’s SecurID tokens that was collected when RSA Security was hacked in March. The tokens also may have been used in an attack on L-3 Communications.
And although recent hacks of federal websites — including those of the CIA and Senate — were apparently the work of hactivist groups looking to draw attention without doing damage, a targeted attack against Google Gmail included the accounts of U.S. government officials.
Richard Clarke, former presidential cybersecurity advisor, wrote June 15 in the Wall Street Journal that China is systematically infiltrating the United States’ digital infrastructure and meeting little resistance in the process.
Clarke offered the Gmail, RSA and Lockheed hacks among his examples and wrote, “Cyber criminals don't hack defense contractors — they go after banks and credit cards. Despite Beijing's public denials, this attack and many others have all the hallmarks of Chinese government operations.”
Meanwhile, Brett Wahlin, a former NATO counter intelligence agent now with McAfee, told Computerworld Australia that the RSA hack bore the marks of espionage tactics he saw as an agent between 1987 to 1991.
Wahlin didn’t point the finger directly at any country, though he did say that China and North Korea would have the most to gain from hacking Lockheed, Computerworld reported.
But if U.S. leaders are feeling besieged by attacks from foreign countries or other locations, they apparently can dish it out, too.
A report by Reuters quotes the Chinese-language Liberation Army Daily saying that China needs to bolster its cyber defenses against U.S. attacks.
"The U.S. military is hastening to seize the commanding military heights on the Internet, and another Internet war is being pushed to a stormy peak," Reuters quoted the publication, China’s top military newspaper, as saying.
"Although our country has developed into an Internet great power, our Internet security defenses are still very weak,” the Liberation Army Daily stated. “So we must accelerate development of Internet battle technology and armament."
Kevin McCaney is a former editor of Defense Systems and GCN.