WASHINGTON (Reuters) - The Pentagon said on Tuesday it had approved new rules that would require defense contractors to tighten their computer security procedures and to report any cyber intrusions that resulted in the loss of controlled technical information.
An amendment to defense acquisition rules published on Monday would require defense contractors to incorporate established information security standards on their unclassified networks and to report any intrusions that result in loss of technical information on those networks, a Pentagon statement said.
The statement said the rules would apply to all new contracts that use or generate unclassified but valuable technical information, such as data concerning defense system requirements, designs, engineering, production and manufacturing capabilities.
Defense contractors across the Pentagon’s supply chain have been targeted by cyber criminals seeking to steal technical data, the statement said.
The rules were changed in response to a memo by Defense Secretary Chuck Hagel on October 10 calling for tougher security measures to protect technical data, considered critical to preserving intellectual property and competitive advantage of the U.S. defense industry.
U.S. officials have estimated that foreign intruders have stolen terabytes of data from military and defense company computers over the past decade, with the loss of intellectual property and competitiveness valued at more than $1 trillion.
Reporting by David Alexander; Editing by Mohammad Zargham