'Data is the new oil' -- a window into cyber forensics

A visit to Lockheed Martin's cyber forensics facility shows just how much cyber intelligence is in private hands.

Lockheed Martin's

Lockheed Martin's "Security Intelligence Center" in Gaithersburg, Md.

GAITHERSBURG, Md. -- In calling for closer collaboration with the private sector on cybersecurity, federal officials are fond of saying that the great majority of Internet infrastructure lies in private hands. Here at a high-security facility off the highway that links Washington, D.C., with Frederick, Md., is a telling example of that dependency. This is where Lockheed Martin practices the lucrative science and art of cyber forensics.

FBI officials make regular visits to Lockheed's cybersecurity facility to draw on the powerful defense contractor’s cyber threat intelligence, according to the firm.  

"Data is the new oil," Charles Croom, a vice president at Lockheed Martin Information Systems and Global Solutions, said in an April 14 media briefing. Croom didn’t coin the phrase, but it was an apt one for a firm --known primarily as a weapons supplier -- that has cast itself as a cyber juggernaut in recent years.

Cybersecurity is "a game of economics. How much do we want to put in our defense, how much do they want to put in their offense?" Croom added, referring to hackers probing Lockheed's computer networks.

Lockheed harvests an unrelenting stream of threats on its computer networks to assemble profiles of sophisticated sets of cyber actors working in concert, often with the backing of a nation-state.

At a control room known as the Security Intelligence Center, analysts monitor Lockheed networks for such threats and whittle them down to a "list of capabilities, infrastructure and tradecraft" used by a group of hackers, said Eric Hutchins, a Lockheed cybersecurity fellow. The firm shares those profiles with the FBI and the Pentagon.

According to Croom, Lockheed analysts have identified multiple advanced cyber campaigns that were unknown to federal officials. A spokesperson for cybersecurity issues at the FBI did not respond to a request for comment.

Legally, only the government can conduct offensive cyber operations. But that doesn't mean the private sector isn't playing a supporting role, given the untold amounts of data it possesses.

"We provide full-spectrum cyber capabilities to our customers … from defensive to offensive," said Deon Viergutz, vice president of cyber solutions at Lockheed Martin Information Systems and Global Solutions.

Croom, a former head of the Defense Information Systems Agency, put Lockheed's relationship with cyber offense this way: "We provide capabilities, just like we would provide a jet that drops bombs, but we don't drop the bombs."

National Security Agency Director Adm. Michael Rogers has recently called for the federal government to further develop its offensive cyber capabilities, a declaration Viergutz alluded to in his presentation. The defense industrial base, it seems, stands ready to heed the Cyber Commander's call.