JULY 1994
HACKERS STORM
DOD NETWORKS
By the mid-1990s, the hacking of government computers had evolved from being mostly an illicit pastime of hobbyists to an organized crime carried out by teams of “info assassins,” in the words of a Defense Department official.
On any given day, former Director of Defense Information Paul Strassmann said in 1996, DOD did not have control of five or six of its computer systems — “the hackers do.”
Large numbers of computers acces- sible via Milnet had also been com- promised, he said, including domains serving the Joint Chiefs of Staff and the Defense Logistics Agency.
Such depredations gave rise to changes in the ways agencies con- fronted hacking groups, including a focus on sharing information between the defense and intelligence communi- ties and the creation of military cyber commands to put government cyber defenses on a wartime footing.
In a 1996 information-sharing effort, then-CIA director John Deutch pro- posed working with DOD to create an Information Warfare Technology Center staffed with 1,000 people and located at the National Security Agency at Fort Meade, Md.
The center would produce assess- ment tools for civilian, military and intelligence agencies “to deal with the emerging threat.” Following suit, the Air Force announced plans to create a cyber command to bring the tactics of war to the cybersecurity theater, pledg- ing “to fly and fight in air, space and cyberspace.”
“Cyberspace is a domain for project- ing and protecting national power for both strategic and tactical operations,” Air Force Secretary Michael Wynne said in announcing the new command in November 2006.
Although the measures have strengthened the government’s hand, the jockeying for control of the cyber commands continues. Adm. Michael Rogers, who leads both U.S. Cyber Command and NSA, told legislators in April that Cybercom should be elevated to a full unified combatant command. Some in Congress have even called for creating a separate military service to focus on cyber (something Rogers has said he opposes).
Also ongoing is the sense that cyber- threats might be outpacing defensive efforts.
“I don’t know whether we will face
an electronic Pearl Harbor,” Deutch said in 2006. “But we will have, I’m sure, some very unpleasant circumstances in this area.”
Those remarks echoed through the years until June 2015, when the Office of Personnel Management revealed that it had been hit by a double breach of near-Pearl Harbor proportions: a hack that compromised 4.2 million Social Security numbers. A second hack two months later compromised 21 million SSNs.
Both intrusions were traced to China in what has become a war for digital dominance among the superpowers. n
In 1998, members of the hacker collective L0pht testified before Congress about how easy it would be to take down the internet.
September 15, 2016
FCW.COM 17
LOPHT.COM