recommended reading

Pentagon Planned to Secure Web Domains Before Syrians Hijacked Marine Corps Site


The Pentagon was in the process of hiring help to bolster the security of military website domains, just as Syrian hackers allegedly assaulted the Marine Corps’ recruitment site on Labor Day.

The Syrian Electronic Army, a pro-regime hacktivist group, on Monday apparently redirected visitors to a webpage with a message urging service members not to strike Syria.

This domain name system hack and a similar one that brought down the New York Times website Aug. 27 are not new types of threats, according to security researchers. Nor is the Pentagon’s effort to strengthen the system that points visitors to valid military sites new. But concerns are growing amid high-profile DNS hijackings by the group and new FBI warnings about cyberattacks ahead of a possible military strike against Syria. 

"Potential risks to the Department of Defense DNS infrastructure such as hackers, phishing scams or distributed denial of service attacks meant to covertly extract data require [Defense] to develop plans to improve monitoring and management of the DoD DNS, and protect it from any external vulnerabilities," states an Aug. 22 notice to contractors issued by the Defense Information Systems Agency seeking engineering support to harden the domain name system.

The DNS essentially translates alphanumeric web addresses into network location codes.

Military officials want assistance to counter raids that flood networks with paralyzing traffic -- the denial of service episodes and incursions that corrupt databases.

DISA has reached out to contractors holding Secret clearances that might be interested in reinforcing the DNS for all combatant commands, services and military agencies. Companies have until Friday to inform agency officials of their qualifications for the potential contract.

In a statement on Monday, Marine Corps officials confirmed that visitors had been directed away from the authentic website and said the real one now functions properly, according to the Wall Street Journal. No data from the site was compromised, officials said.

The fake site displayed a letter signed by the “SEA” that read, in part, “Obama is a traitor who wants to put your lives in danger to rescue al- Qaida insurgents . . . Refuse your orders and concentrate on the real reason every soldier joins their military, to defend their homeland. You're more than welcome to fight alongside our army rather than against it.”

The New York Times incident reportedly occurred after the Syrian Electronic Army tricked a reseller of domain name services into divulging the password and username that allowed access to DNS records. Using the stolen credentials, the perpetrators corrupted the data that normally would direct people who type “” to the newspaper's web content. 

Earlier DNS attacks on organizations include a 2009 takeover of Twitter's domain, allegedly by the self-dubbed Iranian Cyber Army.

The prospective Pentagon DNS security provider would install commercially available technologies onto Defense's “existing and expanding” network grid, according to the solicitation. Military officials requested information on contractors' experience with DNSSEC, or Domain Name System Security Extension -- additional Web domain coding aimed at thwarting man-in-the-middle attacks that route visitors to fraudulent sites. 

Maryland-based Quotient has been providing DISA with DNS engineering support since 2010, according to the company's website and last month’s notice. 

(Image via jcjgphotography/

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.