The race to keep pace with conventional arms development recently ran head long into the race for cyber dominance–and sustained an eye-opening set-back.
These weapons programs take years to develop and typically cost billions of dollars. But the damage goes far beyond the dollars spent on the program to date. The loss of time in the conventional arms race is perhaps the biggest area of loss and the greatest concern for Defense Department strategic planners.
The set-back involved a rather sophisticated cyber attack which occurred in the March of this year and was revealed weeks later by the Defense Department. In one of the targets of the attack some 24,000 sensitive or classified files were accessed/copied/stolen.
This breach is one of the largest acts of cyber espionage and DoD data loss ever. The compromised files were not just related to the classified weapons system, but also included specifications for avionics equipment, satellite systems, surveillance technology as well as information pertaining to network security protocols.
Those and other losses led to the DoD’s new cyber security rules that increase defenses, and support increased collaboration with private industry. These steps are said to also address the significant threat posed by malicious insiders.
Some experts have the opinion that these breaches will continue until we isolate classified systems on a private fully encrypted network that blocks all outbound traffic to the Internet.
Similar recommendations have been made for the majority of our critical infrastructure. The idea of a second U.S. only Internet has been bantered about for some time now. Maybe it is time to stop talking about it and make it a reality.
In remembrance of those who lost their lives on 9-11 as well as those who continue to suffer from the affects of the events that day.
Kevin G. Coleman is a long-time security technology executive and former Chief Strategist at Netscape. He is Senior Fellow with the Technolytics Institute, where he provides consulting services on strategic technology and security issues.