Earlier this year, the Defense Science Board warned that China has attacked U.S. networks that contained information about dozens of defense weapon programs and technologies, including the Lockheed Martin F-22 Raptor (shown here) and F-35 joint strike fighter. (Glenn E. Bloore / Leading Edge Images)
WASHINGTON — The Pentagon is moving to secure unclassified contractor networks in an attempt to better safeguard U.S. intellectual know-how.
The plan — put in place by Defense Secretary Chuck Hagel on Oct. 10 — hits the streets just weeks after Iran hacked an unclassified U.S. Navy computer network.
These actions will ensure that the department provides a cohesive, comprehensive and cost-effective approach to protect priority investments and future defense capabilities while maintaining efficient business operations with our industrial partners, Hagel wrote.
Hagel’s orders include changes that span Pentagon’s acquisition, intelligence and policy directorates, as well as the military services and other DoD entities.
Specifically, Hagel ordered his subordinates to take immediate action to improve the protection of unclassified controlled technical information that resides on or passes through defense contractor systems or networks.
The new guidance issued by Hagel packs more of a punch than prior directives because it will include mandates for unclassified contractor network security. Pentagon acquisition chief Frank Kendall is instructed to propose an amendment to current regulations pertaining to the safeguarding of this technical information.
This shall include necessary policy, guidance, and rulemaking activities, to include expansion of current cybersecurity information-sharing activities and programs, Hagel wrote.
DoD already has strict rules for how contractors handle classified data.
Pentagon officials have long lamented the lack of security for technical data on contractor networks. Smaller contractors lower down in the supply chain with lesser cyber defenses are thought to be soft targets for smart attackers, and both large and small contractors are routinely bombarded by attacks.
Hagel has also ordered the stand up of a joint analysis capability to assess technical information losses and determine consequences of those losses in order to inform requirements, acquisition, programmatic, and strategic courses of action.
The services shall identify critical acquisition and technology programs requiring higher levels of protection. Michael Vickers, undersecretary for intelligence, will oversee this initiative.
Protection of contractor networks has been thrust into the spotlight numerous times in recent months. Earlier this year, the Defense Science Board warned that China has attacked U.S. networks that contained information about dozens of defense weapon programs and technologies, including the Lockheed Martin F-22 Raptor and F-35 joint strike fighter.