Are cyberattacks against DOD on the decline?

A new report says the number of attempted attacks on Defense Department computer networks seems to have decreased compared with the rate of attempts last year. However, the finding will hold only if the trend recorded in the first half of the year continues through the end of the year -- and it conflicts with statements of DOD officials who say the number of attacks and probes is on the rise.

The U.S.-China Economic and Security Review Commission reports in a draft, yet to be released, that “incidents of malicious cyber activity” declined in 2010, the  first time that's happened in this millennium, according to Wired’s Danger Room blog.

Although last year there were 71,000 incidents, the first half of this year had 30,000, according to the report.

“If the rate of malicious activity from the first half of this year continues through the end of the year,” the draft report said, “2010 could be the first year in a decade in which the quantity of logged events declines.”

The count conflicts with statements made by William Lynn, deputy defense secretary, over the past year and also with testimony from Army Lt. Gen. Keith Alexander, the newly installed commander of U.S. Cyber Command.

Alexander testified during his Senate confirmation hearing in April that he is “alarmed in the increase, especially this year” of the number of probes into DOD's computer networks.

In May, Lynn told reporters at the U.S. Strategic Command Cyber Symposium pointed to a growing and volatile cyber threat.

“The Internet doesn’t respect sovereignty,” Lynn said. “The cyber threat doesn’t track well with the history of traditional military power. We can’t predict where the threat will come from.”

Industry is also invoking the gravity of increased cyber attacks.

“There is no question we are in the midst of a cyber war,” Dmitri Alperovitch, vice president of threat research at McAfee, said in April at the RSA Security Conference in San Francisco.

It appears the public has bought into the fears. A survey by Narus, Inc., which analyzes cyber intelligence, reported Oct. 6 that 93 percent of the security professionals it queried believe cyber attacks are increasing, and 88 percent think the government is not equipped to protect itself.

Cybersecurity experts caution that the U.S.-China Commission’s report may not accurately reflect the true landscape of DOD cyber threat.

“A decline in successful intelligence events does not correlate directly into a decline in the potential for military attacks using cyber techniques,” said Jim Lewis, director and senior fellow of the Technology and Public Policy program at the Center for Strategic and International Studies. “We could be facing a greater risk of attack by sophisticated opponents even if the number of successful accessions to DOD networks has decreased.”

The commission’s report does recognize that the reduced number of threats could be attributed to an improved DOD cybersecurity stance, acknowledging that the decrease “may or may not represent a decrease in the volume of attempts to penetrate defense and military networks.”

According to Lewis, the report incorrectly correlates malicious cyber activity with risk.

“DOD might have cut down on the number of low level exploits, but we could still be seeing as many high level cyber incidents. We can't tell from this,” Lewis said.