FCW @ 30

Hackers storm DOD networks

FCW @ 30 hackers 

In 1998 the hacker collective L0pht told Congress that it would be easy to take down the internet.

By the mid-1990s, the hacking of government computers had evolved from being mostly an illicit pastime of hobbyists to an organized crime carried out by teams of "info assassins," in the words of a Defense Department official.

On any given day, former Director of Defense Information Paul Strassmann said in 1996, DOD did not have control of five or six of its computer systems -- "the hackers do."

Large numbers of computers accessible via Milnet had also been compromised, he said at the time, including domains serving the Joint Chiefs of Staff and the Defense Logistics Agency.

Such depredations gave rise to changes in the ways agencies confronted hacking groups, including a focus on sharing information between the defense and intelligence communities and the creation of military cyber commands to put government cyber defenses on a wartime footing.

In a 1996 information-sharing effort, then-CIA director John Deutch proposed working with DOD to create an Information Warfare Technology Center staffed with 1,000 people and located at the National Security Agency at Fort Meade, Md.

The center would produce assessment tools for civilian, military and intelligence agencies "to deal with the emerging threat." Following suit, the Air Force announced plans to create a cyber command to bring the tactics of war to the cybersecurity theater, pledging "to fly and fight in air, space and cyberspace."

"Cyberspace is a domain for projecting and protecting national power for both strategic and tactical operations," Air Force Secretary Michael Wynne said in announcing the new command in November 2006.

Highlights from 30 years of FCW

Timeline: Three decades of covering federal IT's most important stories

June 1988: IRS promises nationwide electronic filing

July 1994: Hackers storm DOD networks

February 1996: Clinger-Cohen and the end of the Brooks Act

May 2000: The opening up of GPS

November 2002: The creation of DHS

March 2013: CIA commits to the cloud

Although the measures have strengthened the government's hand, the jockeying for control of the cyber commands continues. Adm. Michael Rogers, who leads both U.S. Cyber Command and NSA, told legislators in April that Cybercom should be elevated to a full unified combatant command. Some in Congress have even called for creating a separate military service to focus on cyber (something Rogers has said he opposes).

Also ongoing is the sense that cyberthreats might be outpacing defensive efforts. "I don't know whether we will face an electronic Pearl Harbor," Deutch said in 2006. "But we will have, I'm sure, some very unpleasant circumstances in this area."

Those remarks echoed through the years until June 2015, when the Office of Personnel Management revealed that it had been hit by a double breach of near-Pearl Harbor proportions: a hack that compromised 4.2 million Social Security numbers. A second hack two months later compromised 21 million SSNs.

Both intrusions were traced to China in what has become a long war for digital dominance among the superpowers.

About the Author

Paul McCloskey is senior editor of GCN. A former editor-in-chief of both GCN and FCW, McCloskey was part of Federal Computer Week's founding editorial staff.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected