April 29, 2009 | Commentary on Internet And Technology, National Security and Defense

The Cyberspy Threat: Foreign Hackers Target Military

America needs to pay a heckuva a lot more attention to the cyberthreat. Now.

Sure, the Pentagon is refuting a Wall Street Journal report last week that hackers pinched loads of data on the military's newest, high-tech fighter aircraft from contractors' computer networks via the Internet.

But even if the F-35 Joint Strike Fighter program wasn't actually penetrated by cyberspies, it's still a chilling wake-up call for the United States.

The computer systems of the F-35 Lightning were penetrated "repeatedly," according to the newspaper, allowing cyber cat burglars to "copy and siphon off several terabytes of data related to design and electronic systems."

The Pentagon and the contractors are insisting that no classified information was stolen -- and that's likely the case, as classified computer systems aren't supposed to be hooked up to the Internet.

But it's definitely possible that data related to the warbird were taken, as any computer system that has a ramp onto or off the international information superhighway is vulnerable to penetration by crooks, spies or curious hackers.

Unfortunately, this isn't an isolated incident.

America and others are under constant -- and, in many cases, at this stage, totally undetectable -- attack by cyberintruders who secretly slink their way into home and office computers via the Internet.

No surprise, really: Such computer operations are hot because they're low cost, highly effective, and provide cover for the hackers, who route attacks through lots of surrogate servers across the globe and can access your hard drive without leaving fully traceable fingerprints.

Cybersoldiers, spies or other mischief-makers sponsored by malicious governments or others can launch viruses, crash networks, corrupt data, collect intelligence and spread misinformation from a laptop just about anywhere.

And the risks and costs compared with using human spies or soldiers are just about negligible -- at this point, anyway.

No wonder, then, that more than 100 countries are developing the ability to use the Web for spying or as a weapon, including China, Russia, Iran and North Korea, according to estimates by cybersecurity firms and US intelligence.

In recent years, the threat has grown from probes by amateur hackers to premeditated, government-sponsored assaults for the purposes of penetrating or affecting political, military, economic and industrial information or operations.

It's not only government and industry networks that are of interest but also such "soft targets" as Wall Street. Even such critical civilian infrastructure as the national air-traffic-control system is the cybercrosshairs.

Not long ago, it was reported the Chinese and Russians had "mapped" America's electrical power-grid networks, which would almost surely be hit with a cyberattack if there were ever a military dust-up.

Just think of the havoc and distraction the national command authorities could face if the lights were to go out across the country at the same time a conflict were to break out involving US forces.

That's scary stuff -- and just one example.

The F-35 case is just the most recent in a series of cautionary tales about our nation's slavish dependence on computers and information technology -- and the vulnerability it engenders.

Lots of countries and other bad actors see cyberspace as a strategic domain for asymmetrically undermining America's political, military, economic and cultural clout.

Government rumblings, such as Defense Secretary Robert Gates' creation of a Pentagon cybercommand, may hold some promise in protecting military networks, but the cyberthreat clearly exceeds that.

It's time for a comprehensive, implementable plan for protecting this country's critical public and private computer networks from a threat that's here and now.

Peter Brookes is senior fellow for National Security Affairs in the Davis Institute at The Heritage Foundation.

About the Author

Peter Brookes Senior Fellow, National Security Affairs
Douglas and Sarah Allison Center for Foreign and National Security Policy

First appeared in the New York Post