DoD Gates: We're always under cyberattack

DoD Gates: We're always under cyberattack

Summary: Defense Secretary Robert Gates said Tuesday that the United States is "under cyberattack virtually all the time, every day." He reacts with plans to quadruple his cyberdefense force.

TOPICS: Security
Defense Secretary Robert Gates said Tuesday that the United States is "under cyberattack virtually all the time, every day" and that the Defense Department plans to more than quadruple the number of cyber experts it employs to ward off such attacks.

In an interview for an upcoming edition of 60 Minutes, CBS News anchor Katie Couric asked Gates about the nation's cybersecurity after hackers stole specifications from a $300 billion fighter jet development program as well as other sensitive information.

In a series of spy attacks, hackers stole information about the Pentagon's F-35 Joint Strike Fighter project and the Air Force's air traffic control system, according to a Wall Street Journal report Tuesday.

The computer spies copied several terabytes of data from the Joint Strike Fighter project, the most expensive in Defense Department history, pertaining to the electronics and design systems of the aircraft, several current and former officials told the Journal.

Officials said the separate incursion into the air traffic control system could allow intruders to interfere with military aircraft.

Gates would not discuss the specifics of the attacks, but said, "I believe we still have security of the sensitive systems."

Generally, "We think we have pretty good control of our sensitive information both with respect to intelligence and equipment systems, but we, like everybody else, is under attack. Banks are under attack. Every country is under attack," Gates told Couric.

But, he said, "It's sometimes very difficult to figure out a home address on these attacks so one of the things that I am doing in the budget is significantly increasing the resources for cyber experts. We're going to more than quadruple the number of experts that we have in this area. We're devoting a lot more money to it."

The source of the espionage appears to be China, according to a former official, though the origin of any attacks could be masked. Chinese officials deny any involvement and say U.S. suspicion is the result of a "Cold War mentality."

Similar attacks have become more frequent in recent months, underscoring the increasingly heated battles taking place in cyberspace. Earlier this month, the Wall Street Journal reported that Russian and Chinese spies gained access to the U.S. electrical grid, inserting software that could disrupt the system.

In the Joint Strike Fighter attack, officials said that while spies made off with some data, the most sensitive information is stored on separate, non-networked computers. But the vulnerability lies in the Pentagon's reliance on private defense contractors, some foreign, who have less-than-secure networks. The breaches apparently took place in Turkey and another U.S. ally nation, according to the report.

While there is no U.S. agency currently dedicated solely to cybersecurity, the Obama administration is expected to propose a senior White House post to coordinate military efforts to guard against further breaches. The White House may also look to extend a $17 billion security initiative originally planned by the Bush administration.

"This is going to be an enduring problem and it is going to be a challenge not just for the Department of Defense but for the entirety of the United States," Gates said.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • This "private initiative" BS has gone too far!

    DoD contracts need security teeth in them tied to a cybernoose around the corporate CEO's necks. National security is too important to compromise.
    My God! We pay enough already so an isolated and secure network is not unreasonable.
    • The problem.....

      Is a government too big and not focused. When there is so much to control and not enough people to control it, things will fall through the cracks and your right it is way to important to compromise, but its the facts of the day with our government and I am sure the hackers have gotten into every department in the government and we will probably never know how deep they really are or have acheived to reach.

      I think way to many computers are accessable via the internet and there seems to be no point in most cases for them to be attached to the internet. Private networks would cost more, but I would rather pay for that than to compromise data all day long. And we need to setup a system to fine these companies that allow hackers to access our countries data. Another dismal fail for our great U.S. government.
      • Agreement...

        I completely agree, We don't know how far hackers can go. but, I estimate they can get into any computer that is connected into the internet. Even take movies and music as an example. No matter how encrypted they get. 5 minuites later its hacked and decoded. Same goes for any security. There will always be a backdoor or a way through security. Bottom line is, just keep private networks and servers and we'll be okay.
        • Disconnected networks safe??

          while private disconnected networks add to security, really it is not the total answer. It only means that an attacker would require inside help or a different kind of equipment. It is pretty naive to think that technology alone can keep us safe. Some of the breaches go far beyond "remote controlled" hacking.

          Blended cyber attacks where there is a combination of remote hackers and physical spies are probably much more penetrating.

          Governments, parallel governments and criminals would not abandon old proven methods. they would supplement these methods.

          The only way to gain an upper hand is actually to educate and inform more people about security (cyber and otherwise) and to train many more security experts.

          If we only knew what goes on? some of us would panic, some would fight and some would organise to handle reality.

          It must be very tricky for the FBI, the CIA or the President to decide what to share and what not to share.

          There is a point where National Security becomes anti-democratic. It seems to me that we passed that point and we are now being kept scared so that we do not question authority.
  • I love the chineese reponse. My rebuttal would be..

    why develop when you can steal it. Thats what happened with neuclear weapons. One country makes it and the others disect and steal it.

    Many chineese manufactures are doing this... heck they even do it to each other. Sneaky... very sneaky.

    Me thinks its time the pentagon looked into sneakernets.
  • China owns America...

    This is not news, China own the USA...
    • Kind of true.....

      They have massive amounts of our debt and they buy more and more every day, and we smile and cheer and think its a great thing. Saddens me really. Kind of pathetic.
      • if only governments were in charge?

        Governments are typically a couple steps behind.

        First you have the creator of the idea, then the commercial enterprises(losely legal or not) and then the government gets involved when the idea has a noticeable effect.

        By that time a significant amount of intelligence exist but the government does not have access to it.

        Criminals and comercial enterprised are able to have sharp focus. they can put all of their resources to pursue a specific goal.

        That is why the govermments of the world hire criminals and commercial enterprise when a target is moving too quickly so to speak.

        The Chinese government itself is not the ennemy you think. They have their own social revolution to contend with. They actually understand the interdependance of US and China, they know that killing this market would be suicidal. They also understand that freedom and democracy are an essential ingredient to our success.

        The contractors and criminals who feed off the governments of the world, they are the true ennemy. Their priority is instant money and profit.

        Somehow we need to raise the ethical standards. Because as long as the contractors and criminals get rated on performance alone, human nature and creativity will be harnessed to steal and disrupt.

        • good point

          Good point about the government being behind. We have to remember that both the American public and its government is behind.

          We, those in America, are the ones that are tethered by old infrastructure. They are the ones with faster, more resilient optical networks. I think Japan's is almost 100%. We need to update our physical networks as we did with our highways and dams in the 30's.

          Since WW2 wars are being won more by intelligence (on and off line) than by airspace dominance. We need to respond as we would if a spy broke into the whitehouse.
  • Change the game

    change the systems, do what hackers fear the most, stop linking systems together for simplicity but creating a large connected strike zone, and use incentives to gain other govt support against.
  • Track down the source of an 'incursion' ...

    and send in the Delta Team.

    Only this time, put their heads on pikes and publicize what happens when you break into a US military system.

    You'd only have to do it once or twice... And the Delta Team is already on stand-by.
    • Shoot a few Spammers too

      I agree - getting terrabytes of stuff isn't just a college student 'accidentally' stumbling into the site, it's a determinted attack by comitted people.

      So shoot a few.

      I think we need to round up some Spammers the same way. Either extradite, or we send in a strike team.

      Oooh Rah!

      == John ==
      • what is a spamer?

        Please define spam better.

        Currently unwanted email? The vast majority of the spam I get is obviously because of my own actions when signing-up for a newsletter or forum.

        Any mass emailing? What about communications for NPOs? When I was doing a newsletter for a community club with 40 members I ran afoul with anti-spam actions constantly. To be labeled a spammer all I had to do was email people the agenda of the next meeting.

        Like any obscenity, it is best defined as "I know it when I see it". I don't want the government in charge of prosecuting something that subjective.
  • There is no such thing as a cyber expert

    This is the Defense Department admitting a superior enemy.One cyber expert would wreak a havoc against these terrorists.
    • Agreed

      I agree totaly instead of "CYBER EXPERTS" they
      should be called "Cyber Attack Responce Personel" or C.A.R.P for short
  • RE: DoD Gates: We're always under cyberattack

    "........but we, like everybody else, is under attack.

    Is the Obama administration getting into ebonics?
  • Two words: Gross Incompetence

    The US Military and Government know damn well that it is pure idiocy to connect ANY system containing restricted information to the public Internet. Government contractors know the same -- as well as being told security requirements in no uncertain terms in their contract.

    It isn't difficult to set up a completely secure Extranet. Likewise, it isn't rocket science to set up chains of routers that would make it IMPOSSIBLE for anyone with an IP Address in a 'bad' country to gain access.

    Of course, that's only my experience after having taught (and knowing the content of) Information Assurance and Computer Network Defence (IACND-1 and IACND-2) for US Military forces in Europe for several years.

    The US is NOT an innocent victim in cyberspace -- they have THE BEST and certainly best funded cyberspies in the world. They are launching just as many attacks towards other countries as the reverse. Anyone not believing it had better take a few steps out of Mr. Roger's Neighborhood.

    Of course, the Chinese and others are perhaps a little bit 'smarter' at concealing their identities and locations -- so the retarded comment of sending in 'Delta Force' would likely result in starting world war 3 after they invade a Chinese Internet cafe.

    Sorry Spanky, America has worn out its welcome in most countries around the world -- to start sending in 'attack forces' because you're too stupid to secure your public Internet connections as well as publishing restricted information on directly-accessible servers is quite literally beyond belief.

    Better stick to searching laptops of travellers entering the country for kiddie porn and pirated music. Much softer and easier target.
    Marty R. Milette
    • Two words: Gross Incompetence

      More profits for the corporates.
    • As you say, we may be reciprocating in kind but...

      "They are launching just as many attacks towards other countries as the reverse."

      But Unlike us, is there anything to steal? Or are we just laying groundwork for future offensive/defensive actions?
      • Confidence or Overconfidence?

        "But Unlike us, is there anything to steal?"

        There is a world outside of the US.

        The Chinese are very likely be the next ones to get to the moon. I am sure the US gvt watches closely how they filter the internet, use the medias and control dissention and how their main defense projects are coming along among other things.

        India is very ambitious and changing at a pace that we have never seen. Lot's of interesting research there for sure.

        And Russia is getting back into it's old self. i am sure they've got a few defense project we would love to steal.

        Yeah, Yeah! it looks like there is plenty IP to steal in other countries too.