Pentagon ramps up cybersecurity measures for defense industry

The Defense Department is ramping up its efforts to protect sensitive and classified details of its next-generation weapons systems, amid the growing threat of cyber espionage. 

For the first time, the Pentagon will now require all defense contracting firms doing business with the department to install “established information security standards” on classified and unclassified computer networks. 

Weapons makers with Pentagon contracts will now also be required to report security breaches of their networks “that result in the loss of unclassified controlled technical information from these networks,” according to the Pentagon acquisition chief Frank Kendall. 

{mosads}”Defense contractors throughout the department’s supply chain have been targeted by cyber criminals attempting to steal unclassified technical data,” Kendall said Monday. 

The cybersecurity initiative for the defense industry is a “high priority for the department” and is vital to ensuring sensitive details involving the U.S. arsenal are not compromised,  he said in a statement issued by the Pentagon on Tuesday. 

“This is an essential step to ensure that this valuable information is protected. We cannot continue to give our potential adversaries the benefits in time and money they obtain by stealing this type of information,” he added. 

The new cybersecurity mandates are only the latest example of the department’s ongoing effort to thwart cyber espionage operations, particularly those emanating from China and its allies. 

Over the past several years, there have been “number of cases of either export control violations or potential espionage” related to the theft of sensitive U.S. military technologies by China, according to a Pentagon report issued in May. 

The report claims China is leveraging pseudo-academic and defense industry organizations, along with traditional spy craft, to obtain classified and unclassified details of the Defense Department’s top weapons programs. 

Beijing’s “network of government-affiliated companies and research institutes often enables [China] to access sensitive and dual- use technologies . . . under the guise of civilian research and development,” the Pentagon report states. 

Traditional espionage efforts by Chinese military and intelligence officials has allowed the country to “obtain key national security technologies, controlled equipment, and other materials not readily obtainable,” the Pentagon review adds. 

Sen. Joe Manchin (D-W.Va.), head of the Senate Armed Services airland subcommittee, hammered Pentagon officials on the issue in late April. 

Specifically, Manchin pressed DOD leaders in charge of the F-35 Joint Strike Fighter program on possible leaks of the next-generation fighter’s design to China. 

Prototype versions of China’s J20 and J31 fighter jets feature a number of particular design characteristics unique to the F-35, Manchin pointed out during the subpanel hearing on the fighter’s progress. 

The first J20 took flight in January 2011 flight test while the first J-31 flight test took place in October 2012, according to Helvey. 

Both aircraft are not expected to achieve any real-world combat capability until 2018, he said Monday. 

That said “if the Chinese government can produce in 22 months competitive aircraft, there had to be piracy or espionage,” Manchin said in April. 

That said, guaranteeing U.S. weapons secrets remain secret, the new cybersecurity measures remain a “high priority for the department and is critical to preserving the intellectual property and competitive capabilities of our national industrial base,” Kendall said Monday.