The Defense Department earlier this year fought off Russian hackers who accessed an unclassified network, Defense Secretary Ashton Carter said Thursday.
Carter said the hackers discovered an old vulnerability in a legacy network that had been patched. Carter said DoD identified the compromise and had incident responders hunting down intruders within 24 hours.
“I still worry about what we don’t know because this is only one attack we found,” Carter told an audience during a speech at Stanford University in Palo Alto, Calif., part of his multi-day tour of Silicon Valley to help DoD develop better relationships with the tech sector.
Though Carter didn’t specify if the hackers were government-affiliated, he said they were associated with Russia. DoD analyzed their network activity, he said, and quickly kicked them off the network in a way that minimized their chances of returning.
Carter said DoD, in light of potential cyber attacks, is pursuing transparency to raise awareness in both the public and private sectors. Shining a bright light on such intrusions, he said, can eventually benefit everyone.
Carter’s Silicon Valley visit, overall, is focusing on three goals: improving the way the Pentagon partners with Silicon Valley and tech sectors on innovation, building critical relationships that will help drive change at DoD, and outlining what the Pentagon does, and does not do, in defense of the nation in cyberspace and why.
DoD also released a new cyber strategy on Thursday, focusing on building cyber capabilities and organizations for DoD’s three cyber missions: defending DoD networks, systems and information; defending the United States and its interests against cyber attacks of significant consequence; and providing integrated cyber capabilities to support military objectives and contingency plans (Defense Daily, April 23).