Unveiling the military’s first-ever cybersecurity strategy, Deputy Secretary of defence William Lynn admitted today that a “foreign intelligence service” stole 24,000 defence Department files from Pentagon computer systems this March. The hack — one of the largest the Pentagon has ever suffered — was data-related, Lynn said. “A great deal of it concerns our most sensitive systems, including aircraft avionics, surveillance technologies, satellite communications systems, and network security protocols.”
The cyber attack, and others like it, exposed serious vulnerabilities in U.S. cybersecurity, prompting the military to develop a strategy that lays out an offensive approach for dealing with cyber threats.
Notably, the declassified strategy does not indicate how the U.S. plans to respond to specific cyber attacks, which has been the subject of heated debate since the Pentagon announced in May that it would respond to cyber attacks with military force.
Under the new plan, the Pentagon will treat the Internet as an “operational domain” of war, thereby allowing the military to train and equip for cyber attacks as it does for physical threats.
To beef up its cyber capabilities, DoD has established U.S. Cyber Command as a sub-command of U.S. Strategic Command; under the leadership of the National Security Agency director, the new command will be responsible for coordinating cyber commands within each branch of the Armed Forces. The military will also integrate “cyber red teams” into war games, training and exercises to prepare for a range of cyber threat scenarios.
“Our responsibility is to acknowledge this new environment and adapt our security instruments to it,” Lynn said. “Far from militarizing cyberspace, our strategy of securing networks to deny the benefit of an attack will help dissuade military actors from using cyberspace for hostile purposes.”
Although data theft has thus far been the most visible cyber threat, the Pentagon’s strategy identifies other vulnerable cyber targets, including the military’s information networks and systems, mission-critical technology hardware and software made overseas, critical civilian infrastructure (i.e. power grids, transportation systems), and intellectual property.
NOW WATCH: Briefing videos
Business Insider Emails & Alerts
Site highlights each day to your inbox.