Feds Begin Sharing Secret Cyber-Threat Data With Private Companies

The Defense Industrial Base Cyber Pilot is sharing secret threat data with selected corporations and partner Internet service providers to improve the nation’s security posture.

by / June 22, 2011

A new pilot program in the federal government would allow the departments of Defense and Homeland Security to share classified information with defense contractors and Internet service providers to strengthen private-sector security capabilities.

Deputy Defense Secretary William J. Lynn III revealed the project during his keynote address at the Center for Strategic Decision Research’s 28th International Workshop on Global Security in Paris on June 16.

Lynn gave an overview of the Defense Industrial Base Cyber Pilot, a.k.a. DIB Cyber Pilot. Federal defense agencies have begun sharing secret threat data with selected corporations in the defense industry and partner Internet service providers. Lynn said the sharing of threat intelligence could help network administrators defend against attack and exploitation.

The DIB Cyber Pilot was established in May to bolster the American cyber-defense arsenal. According to Lynn, current efforts are slowing exploitations of U.S. defense networks but aren’t eliminating them. He added that the government wouldn’t micromanage or store the program’s private-sector communications. Lynn said the endeavor could set an example for other related industries, like the power grid or financial systems.

“By establishing a lawful and effective framework for the government to help operators of one critical infrastructure sector defend their networks, we hope the DIB Cyber Pilot can be the beginning of something bigger,” Lynn said.

Lynn noted examples of foreign entities attacking U.S. targets, like when a foreign intelligence agency used a thumb drive in 2008 to penetrate classified federal computer systems.

Lynn described three attack types of concern: network exploitation (stealing network data), which has been the most prevalent; network disruption (attackers deny access to or degrade networks); and network destruction (networks are hijacked to cause physical damage to property or individuals).

“Regrettably, however, few weapons in the history of warfare, once created, have gone unused,” Lynn said. “For this reason, we must have the capability to defend against the full range of cyber-threats.”