Hacker attacks hitting Pentagon

But NSA's methods for safeguarding data are growing obsolete

Sun Exclusive


WASHINGTON -- The number of reported attempts to penetrate Pentagon computer networks rose sharply in the past decade, from fewer than 800 in 1996 to more than 160,000 last year - thousands of them successful. At the same time, the nation's ability to safeguard sensitive data in those and other government computer systems is becoming obsolete as efforts to make improvements have faltered and stalled.

A National Security Agency program to protect secrets at the Defense Department and intelligence and other agencies is seven years behind schedule, triggering concerns that the data will be increasingly vulnerable to theft, according to intelligence officials and unclassified internal NSA documents obtained by The Sun.

When fully implemented, the program would build a new encryption system to strengthen protections on computer networks and would more effectively control the access of millions of people to government computer systems and buildings.

Launched in 1999, the program was to have been completed last year, but it fell behind in part because of differences between the NSA and the Pentagon. The NSA is trying to revamp the program, although the deadline has slid to 2012, with the most substantive security improvements planned for 2018.

An internal NSA report in April 2005 described the problem as "critical," noting that 30 percent of the agency's security equipment does not provide "adequate" protection; another 46 percent is approaching that status.

"Much of the existing cryptographic equipment is based on ... technologies that are 20-30+ years old," said the report from the agency's information security directorate. At the same time, it noted, technology for breaking into computer systems has improved, which "gives our adversaries enhanced capabilities."

Pentagon computers, in particular, are under constant attack. Recently, Chinese hackers were able to penetrate and steal data from a classified computer system serving the Joint Chiefs of Staff, according to two sources familiar with the incident. A security team spent weeks eliminating the breach and installing additional safeguards.

The Pentagon declined interview requests for two information security officials, but a spokesman said in a written statement that the NSA is continually assisting the Pentagon to "maintain best security practices" and raise the level of information security.

NSA spokesman Don Weber said in a statement that because information security is a core mission of the agency, "any speculation that we, along with our partners would leave national security systems vulnerable, is unfounded."

Among 18 current and former officials and security experts interviewed for this article, several would speak only on condition of anonymity because many details of the program are sensitive and reveal vulnerabilities in the nation's defenses.

Encryption, which is an electronic lock, is among the most important of security tools, scrambling sensitive information so that it can ride securely in communications over the Internet or phone lines, and requiring a key to decipher.

Powerful encryption is necessary for protecting information that is beamed from soldiers on the battlefield or that guards data in computers at the NSA's Fort Meade headquarters. Without updated encryption, sensitive information could be stolen by China or other countries that have regularly tried to break into U.S. government systems to steal military and intelligence secrets. There are emerging concerns about Iran's desire to do so, as well.

"This stuff is enormously important," said John P. Stenbit, the Pentagon's chief information officer until 2004. "If the keys get into the wrong hands, all kinds of bad things happen. You don't want to just let a hacker grab the key as it's going through the Internet."

The NSA report warned that "serious risks" in the Pentagon's security system jeopardize its ability to execute its missions effectively. A December 2005 NSA planning document described the program as crucial for ensuring adequate protection for all national security programs.

"It's a pretty critical thing to do right ... because the government relies on confidential communications so heavily," said Martin Roesch, founder of Sourcefire, a computer security company in Columbia, Md. "It's kind of a fundamental capability."

A growing threat

As the program, known as Key Management Infrastructure, has faltered, the potential for penetrating government computers has grown. Intelligence officials have said that as many as 100 countries pose legitimate threats to U.S. government computers and those of companies doing government work.

In the past decade, reported attempts to hack into Pentagon computers have grown 200-fold, according to the Pentagon.

Baltimore Sun Articles
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.