Are cyberattacks against DOD on the decline?

Although numbers may be down, the threat is still prominent, some experts say

A new report says the number of attempted attacks on Defense Department computer networks seems to have decreased compared with the rate of attempts last year. However, the finding will hold only if the trend recorded in the first half of the year continues through the end of the year -- and it conflicts with statements of DOD officials who say the number of attacks and probes is on the rise.

The U.S.-China Economic and Security Review Commission reports in a draft, yet to be released, that “incidents of malicious cyber activity” declined in 2010, the  first time that's happened in this millennium, according to Wired’s Danger Room blog.

Although last year there were 71,000 incidents, the first half of this year had 30,000, according to the report.

“If the rate of malicious activity from the first half of this year continues through the end of the year,” the draft report said, “2010 could be the first year in a decade in which the quantity of logged events declines.”

The count conflicts with statements made by William Lynn, deputy defense secretary, over the past year and also with testimony from Army Lt. Gen. Keith Alexander, the newly installed commander of U.S. Cyber Command.

Alexander testified during his Senate confirmation hearing in April that he is “alarmed in the increase, especially this year” of the number of probes into DOD's computer networks.

In May, Lynn told reporters at the U.S. Strategic Command Cyber Symposium pointed to a growing and volatile cyber threat.

“The Internet doesn’t respect sovereignty,” Lynn said. “The cyber threat doesn’t track well with the history of traditional military power. We can’t predict where the threat will come from.”

Industry is also invoking the gravity of increased cyber attacks.

“There is no question we are in the midst of a cyber war,” Dmitri Alperovitch, vice president of threat research at McAfee, said in April at the RSA Security Conference in San Francisco.

It appears the public has bought into the fears. A survey by Narus, Inc., which analyzes cyber intelligence, reported Oct. 6 that 93 percent of the security professionals it queried believe cyber attacks are increasing, and 88 percent think the government is not equipped to protect itself.

Cybersecurity experts caution that the U.S.-China Commission’s report may not accurately reflect the true landscape of DOD cyber threat.

“A decline in successful intelligence events does not correlate directly into a decline in the potential for military attacks using cyber techniques,” said Jim Lewis, director and senior fellow of the Technology and Public Policy program at the Center for Strategic and International Studies. “We could be facing a greater risk of attack by sophisticated opponents even if the number of successful accessions to DOD networks has decreased.”

The commission’s report does recognize that the reduced number of threats could be attributed to an improved DOD cybersecurity stance, acknowledging that the decrease “may or may not represent a decrease in the volume of attempts to penetrate defense and military networks.”

According to Lewis, the report incorrectly correlates malicious cyber activity with risk.

“DOD might have cut down on the number of low level exploits, but we could still be seeing as many high level cyber incidents. We can't tell from this,” Lewis said.

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.