Cybersecurity

Hagel Wants Unclassified Sensitive Data Protected From Cyber Spying

Defense Department file photo

U.S. Defense Secretary Chuck Hagel has ordered the Defense Department to take steps to reduce cyber hackers' ability to gain access to unclassified controlled data, according to a Thursday report from the Pentagon's American Forces Press Service.

In an Oct. 10 memo laying out the new directives, Hagel said, "stolen data provides potential adversaries extraordinary insight into the United States' defense and industrial capabilities and allows them to save time and expense in developing similar capabilities."

Hagel has ordered the offices of the undersecretaries of Defense for acquisition, technology and logistics; policy; and intelligence, as well as the head Pentagon information officer, to cooperate in developing any needed alterations to department policy, recommendations and regulations in order to limit unauthorized entities from gaining access to unclassified sensitive data located on or transmitted through defense firms' computers or networks.

"Protection of this data is a high priority for the department and is critical to preserving the intellectual property and competitive capabilities of our national industrial base and the technological superiority of our fielded military systems," Hagel wrote.

The Pentagon's Defense Security Service, which works to minimize unauthorized access to U.S. weapons system details, in its fiscal 2012 report found that for the first time cyber espionage had become the favorite collection method for foreign entities seeking technical information about U.S. defense technologies.

A separate 2013 report by the Pentagon's advisory Defense Science Board concluded Chinese cyber sleuths had successfully gained access to the blueprints of a number of U.S. ballistic missile defense systems with roles in the Asia-Pacific.

The pilfering of unclassified controlled technical information has grown to become a major issue for U.S. industries, Pentagon spokeswoman Jennifer Eleza said. Among the unclassified but still-sensitive information being targeted is data on systems production, parts manufacturing, schematics, engineering, defense system requirements and concepts of operations.

The Pentagon has proposed amending its rules for acquisition and contracting, according to Eleza. The suggested changes would mandate that defense contractors include certain security protocols in their networks and report when cyber-breaches result in the theft of unclassified controlled data.

Threatwatch Alert

Credential-stealing malware

None of 20,000 patients affected were ever notified of 911 computer breach

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
// April 22