Pinning hacking blame on China could be tough: CNO

WASHINGTON Thu Jun 2, 2011 6:28pm EDT

Related Video

Video

Facing a cyber threat

Fri, Jun 3 2011

Related Topics

WASHINGTON (Reuters) - Pinning the blame for a recent attack on the networks of Lockheed Martin Corp and other defense contractors on China could be difficult, the top U.S. naval officer said on Thursday

Chief of Naval Operations Admiral Gary Roughead said he had not been briefed on any finding by U.S. intelligence agencies that China was likely behind what Lockheed Martin Corp has described as a "tenacious" attack on its networks.

Experts and agencies looking into the May 21 incident have a growing suspicion that some individual or entity in China was responsible, although they note that clever hackers usually lay elaborate false trails to cover their tracks.

Roughead said it was challenging to reach definitive conclusions about where cyber attacks originated.

"Folks tend to tie a lot of the hacking activity to China, but ... my sense is that you're moving into a realm (where) you can't always say it's a state actor," Roughead told Reuters in an interview. "When people talk about attribution, I take it with a grain of salt."

Pointing to the computer on his desk, he said, "A non-state actor ... could attack somebody through my box here, and if you traced it back, you'd see it came from this office, when in point of fact, this was just a way point that somebody used."

Roughead's comment came a day after Google Inc said unknown hackers, likely from central China, tried to hack into the Gmail accounts of hundreds of users, including senior U.S. government officials.

Neither Google nor the U.S. government has said the Chinese government was behind the attacks. Google said only that the attack appeared to originate in China.

It was not immediately clear if there was any link between the Google and Lockheed attacks.

Roughead said technology issues tended to dominate public discussion about cybersecurity, but the bigger issues involved policy and regulatory responses.

Washington has said that the United States could respond to a devastating cyber attack with real-world military retaliation, but U.S. government officials say proving Beijing or other countries were responsible could be difficult.

In the end, tight security and financial sanctions or cyber countermeasures could prove to be a more powerful deterrent than military action, said one defense official, who was not authorized to speak publicly.

STRATEGY RELEASE POSTPONED

Deputy Defense Secretary William Lynn, Vice Chairman of the Joint Chiefs of Staff General James Cartwright, and General Keith Alexander, who heads U.S. Cyber Command, had planned to release a new Pentagon cyber strategy next week, but the rollout has been postponed until later this month while final details are being hammered out, two defense officials said.

The strategy will codify general principles laid out by Lynn in recent months in various speeches and an article in Foreign Affairs magazine published in October 2010, said one official, who was not authorized to speak on the record.

It will encourage international cooperation and establishment of norms and information-sharing standards to help regulate activity on global networks, the official said.

One model could be the system of compliance used by the Centers for Disease Control, said the official.

Roughead said the military was also looking at whether it should adopt a deterrence policy for cyberpolicy that mirrored the one used for nuclear weapons during the Cold War, but said no firm conclusions had been reached.

The Navy is trying to be proactive on the cyber front through creation of a separate cyber command, or Tenth Fleet, that was monitoring all Navy networks, and had created a new "Center for Cyber Security Studies" at the Naval Academy.

In addition, two courses were added to the curriculum there for non-cyber experts to help educate future Navy leaders about the risks and challenges of computer networks.

Lockheed officials said they were unaware of any new finding on who was behind the attack on its networks, repeating a statement issued last weekend, in which the company said it warded off the attack, taking aggressive actions to protect systems and data. No compromise of customer, program or employees' personal data had occurred, the company said.

(Reporting by Andrea Shalal-Esa, additional reporting by Mark Hosenball and Phil Stewart in Washington and Karen Jacobs in Atlanta, editing by Matthew Lewis)

FILED UNDER:
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.