A huge intelligence screw-up turned the government and private companies into cyberwarfare partners

Player utilities

Listen to the story.

Audio Transcript:

Marco Werman: There’s a piece of that story we just heard that might seem a little weird: Chris Doman doesn’t work for the military, or even the government. So, why did it take a military competition to discover him? Actually, government and private companies have been working together in cyberspace for years. Here to explain that is Max Rosenthal, PRI.ORG’s digital editor. What’s going on there, Max?

 

Max Rosenthal: Actually, there’s a lot going on. Private sector internet companies, defense contractors, basically anybody who’s hooked up to a computer, have been in cooperation with the military and the government for a long time. There’s a very specific moment where this started, and that was in 2007 when the government discovered that there had been a huge breach of classified information that was apparently the fault of Chinese hackers. These hackers actually hacked into the companies of the defense contractors who were building the Joint Strike Fighter, which is a huge program, other classified programs. Knowing that their networks were very poorly defended, they took the information from them. That was a huge wake-up call. Shane Harris, who’s a journalist, he just wrote a book about this called “At War,” and he describes the CEOs of all these huge defense contracting companies coming into the Pentagon and essentially being read the Riot Act. Here’s what happened.

 

Shane Harris: In 2007, it was very clear that companies were not doing a great job of protecting their networks. Certainly with these big Pentagon contractors, once they realized how bad and how pervasive the spying was, the government basically gave them an ultimatum and said that “You have to do better. This is completely unacceptable. You are now a national security risk because these are plans that you have on your systems.”

 

Werman: Now the subcontractor is the national security risk. So, how far has cooperation gone?

 

Rosenthal: It started with these kind of key companies, names that you’ve heard of -- Boeing, Lockheed Martin, the kinds of companies that build a lot of the Pentagon’s key weapon systems and do a lot of intelligence contracting. But it has gone a lot farther beyond that. Shane talks about how internet service providers, utilities companies, things that are critical parts of the national infrastructure, are part of this cooperation in a program that’s called the Defense Industrial Base Initiative. But it’s also going far beyond that. There is one program that he talked about that caught my interest, and here’s how he describes it.

 

Harris: A number of years ago, the NSA formed a secret partnership with Google, whereby Google, which has its own experience of having been hacked by China, shares information about threats on its network, its systems with the NSA. Which is really interesting, the idea that a big technology company that has a lot of visibility into networks around the world would partner in some way with an intelligence agency to sort of see “How can we work together?”

 

Werman: That was Shane Harris with The Daily Beast. Max Rosenthal, you did some reporting for this series yourself, you went to Fort Gordon in Georgia, which is becoming a big hub for cyber warfare in the army. What does the military-end of this actually look like?

 

Rosenthal: It’s actually kind of a booming time for cyber warfare, in the army in particular. They’ve just started a cyber branch of the military. So, just like you might have an infantry officer who fights with a rifle, or an artillery officer, you’re now going to have a cyber warrior, a cyber officer whose sole job is to sit at a computer and defend networks and do this sort of stuff. They’ve just created the cyber school, and that’s where I went, and I spoke to Colonel Jennifer Buckner, who’s actually a former commander of mine, she’s a military intelligence officer. So, there’s always been soldiers who are thinking about this stuff or who are doing cyber warfare, but it’s the first time they’re putting it all in one bucket, so to speak. They’re really concentrating on it as a core mission of the army.

 

Colonel Jennifer Buckner: This is the first time I really feel like I’m part of more of a meritocracy, where your utilization is probably based on what you can do and not on your rank or your position.

 

Werman: That was Colonel Jennifer Buckner. We’ll be hearing more from the colonel, as well as more on this whole issue of cyber war later in the week, right Max?

 

Rosenthal: Yes. We’re actually going to take a longer look at Fort Gordon later on in the week and this is all part of our series this week that’s part of SAFEMODE. As we’ve been talking about, that’s our reporting project about young people and international security. It’s not just on the radio. We’re going to have pieces up on PRI.ORG/SAFEMODE all week. You can sign up for our weekly SAFEMODE newsletter, and we also have a great Facebook group going right now. It’s focused on stuff like cyber security, digital activism, privacy, and a lot of people that you’re hearing on the radio or experts are in there talking to you, so we encourage everybody to go and join. That’s at PRI.ORG/SAFEMODE.

 

Werman: And don’t forget #SAFEMODE all this week. PRI.ORG’s digital editor Max Rosenthal. Thanks a lot.

 

Rosenthal: Thanks Marco.