Sign in to comment!

Menu
Home

MILITARY

U.S. Cybercops Caught Flat-Footed by Massive Global Cyberattack

Josh Mayeux, network defender

July 20, 2010: Josh Mayeux, network defender, works at the Air Force Space Command Network Operations & Security Center at Peterson Air Force Base in Colorado Springs, Colorado. (Reuters/Rick Wilking)

Top U.S. cybercops were surprised by revelations of an unprecedented case of cyber-espionage -- a five-year-long hacking scheme from a single "state actor" that targeted U.S. government and U.N. computers as well as defense firms and private industries.

The spying was dubbed "Operation Shady RAT" by security firm McAfee, which uncovered the hacking -- and it led to a massive loss of information that poses a huge economic threat, security experts say. 

"Even we were surprised by the enormous diversity of the victim organizations and were taken aback by the audacity of the perpetrators," wrote McAfee's vice president of threat research, Dmitri Alperovitch. 

His report claimed the spying came from a single, unnamed source widely believed to be China, but offered few details for others to verify and did not identify most of the 72 victims, 49 of which were American. And even McAfee said it was only guessing at what data was stolen. But a U.S. official familiar with cyberaffairs told FoxNews.com that the McAfee report is on target: "The report is fairly accurate. It's McAfee's report. It's pretty self-explanatory."

If accurate, the government appears to have learned of the systemic, multiyear cyberspying not from its own cyber-police but from the McAfee report, representatives from the Pentagon, the Department of Homeland Security, U. S. Cyber Command and others told FoxNews.com

"We became aware of the McAfee report I think today, which is when it was released to the press as well," said Janet Napolitano, secretary of the Department of Homeland Security, speaking Wednesday at an unrelated press conference. "We obviously will evaluate it and look at it and pursue what needs to be pursued."

The White House was briefed on the report by Alperovitch about two weeks ago, a U.S. official with knowledge of cyber issues told FoxNews.com. News of that briefing hasn't spread everywhere, however.

"We're aware of the report," White House spokesman Jay Carney said during a press briefing. "Detecting and blocking cyberintrusion is a key cybersecurity goal for this administration." But when asked exactly when the White House learned of the massive cyber-espionage ring, however, Carney replied, "I can only tell you that we are aware of it. I don't have a date for you."

Col. Rivers Johnson, the spokesman for U.S. Cyber Command at Fort Meade, told FoxNews.com the agency was doing it all it can to protect the country from cyberattacks.

"We have an active defense system in place to hunt within DoD networks and prevent infiltration. We are using all appropriate means right now as part of that active defense."

Indeed, the agency is prepared to expand its efforts if needed, Johnson said.

"We could be called upon to assist others if the President so directs," he told FoxNews.com.

Yet U.S. leadership in the growing field of cybersecurity has been a thorny issue. The country has seen dramatic turnover in leadership in the past few years, capped by the abrupt resignation of top cybercop Randy Vickers on July 22. Vickers had been director of the U.S. Computer Emergency Readiness Team, or US-CERT.

Phil Retinger, the Department of Homeland Security's head of computer crimes, quit in May of this year. In August of 2009, Melissa Hathaway, the interim White House cybersecurity czar, resigned for personal reasons. And Rod Beckstrom, the Department of Homeland Security's cyber-security chief, resigned in March of 2009.

The agency has faced a dramatic surge in cyberattacks in recent months. Secretary of Defense Bill Lynn revealed in a March speech outlining the Pentagon's new cyberstrategy that the Pentagon had recently suffered its largest ever cyberbreach -- with 24,000 data files stolen.

And earlier this year Lockheed Martin, maker of the F-35 stealth supersonic jet, revealed it was the victim of a cyber hack.

On March 16, NSA director Gen Keith Alexander who also serves as the head of the Pentagon's new Cyber Command, said that the military may not have the capacity to safeguard Pentagon networks from cyberattack.

"The Department has a shortfall of cyber force capacity to plan, operate, and defend its networks and ensure freedom of action and maneuver for our nation in cyberspace," Alexander said. "Additionally, we are still discussing across the Administration how to best defend against a 'Cyber 9/11' that affects our critical infrastructure and beyond.”

"In sum, our adversaries in cyberspace are highly capable. Our defenses -- across dot-mil and the defense industrial base (DIB) -- are not," he said.

Reporting by Jennifer Griffin

Jeremy A. Kaplan is Science and Technology editor at FoxNews.com, where he heads up coverage of gadgets, the online world, space travel, nature, the environment, and more. Prior to joining Fox, he was executive editor of PC Magazine, co-host of the Fastest Geek competition, and a founding editor of GoodCleanTech.