[Infowarrior] - Contractors Vie for Plum Work, Hacking for the United States

Richard Forno rforno at infowarrior.org
Sat May 30 20:15:55 UTC 2009 


May 31, 2009
Cyberwar
Contractors Vie for Plum Work, Hacking for the United States
By CHRISTOPHER DREW and JOHN MARKOFF

http://www.nytimes.com/2009/05/31/us/31cyber.html?_r=2&partner=rss&emc=rss&pagewanted=print

MELBOURNE, Fla. — The government’s urgent push into cyberwarfare has  
set off a rush among the biggest military companies for billions of  
dollars in new defense contracts.

The exotic nature of the work, coupled with the deep recession, is  
enabling the companies to attract top young talent that once would  
have gone to Silicon Valley. And the race to develop weapons that  
defend against, or initiate, computer attacks has given rise to  
thousands of “hacker soldiers” within the Pentagon who can blend the  
new capabilities into the nation’s war planning.

Nearly all of the largest military companies — including Northrop  
Grumman, General Dynamics, Lockheed Martin and Raytheon — have major  
cyber contracts with the military and intelligence agencies.

The companies have been moving quickly to lock up the relatively small  
number of experts with the training and creativity to block the  
attacks and design countermeasures. They have been buying smaller  
firms, financing academic research and running advertisements for  
“cyberninjas” at a time when other industries are shedding workers.

The changes are manifesting themselves in highly classified  
laboratories, where computer geeks in their 20s like to joke that they  
are hackers with security clearances.

At a Raytheon facility here south of the Kennedy Space Center, a hub  
of innovation in an earlier era, rock music blares and empty cans of  
Mountain Dew pile up as engineers create tools to protect the  
Pentagon’s computers and crack into the networks of countries that  
could become adversaries. Prizes like cappuccino machines and stacks  
of cash spur them on, and a gong heralds each major breakthrough.

The young engineers represent the new face of a war that President  
Obama described Friday as “one of the most serious economic and  
national security challenges we face as a nation.” The president said  
he would appoint a senior White House official to oversee the nation’s  
cybersecurity strategies.

Computer experts say the government is behind the curve in sealing off  
its networks from threats that are growing more persistent and  
sophisticated, with thousands of intrusions each day from organized  
criminals and legions of hackers for nations including Russia and China.

“Everybody’s attacking everybody,” said Scott Chase, a 30-year-old  
computer engineer who helps run the Raytheon unit here.

Mr. Chase, who wears his hair in a ponytail, and Terry Gillette, a 53- 
year-old former rocket engineer, ran SI Government Solutions before  
selling the company to Raytheon last year as the boom in the  
military’s cyberoperations accelerated.

The operation — tucked into several unmarked buildings behind an  
insurance office and a dentist’s office — is doing some of the most  
cutting-edge work, both in identifying weaknesses in Pentagon networks  
and in creating weapons for potential attacks.

Daniel D. Allen, who oversees work on intelligence systems for  
Northrop Grumman, estimated that federal spending on computer security  
now totals $10 billion each year, including classified programs. That  
is just a fraction of the government’s spending on weapons systems.  
But industry officials expect it to rise rapidly.

The military contractors are now in the enviable position of turning  
what they learned out of necessity — protecting the sensitive Pentagon  
data that sits on their own computers — into a lucrative business that  
could replace some of the revenue lost from cancellations of  
conventional weapons systems.

Executives at Lockheed Martin, which has long been the government’s  
largest information-technology contractor, also see the demand for  
greater computer security spreading to energy and health care agencies  
and the rest of the nation’s critical infrastructure. But for now,  
most companies remain focused on the national-security arena, where  
the hottest efforts involve anticipating how an enemy might attack and  
developing the resources to strike back.

Though even the existence of research on cyberweapons was once highly  
classified, the Air Force plans this year to award the first publicly  
announced contract for developing tools to break into enemy computers.  
The companies are also teaming up to build a National Cyber Range, a  
model of the Internet for testing advanced techniques.

Military experts said Northrop Grumman and General Dynamics, which  
have long been major players in the Pentagon’s security efforts, are  
leading the push into offensive cyberwarfare, along with the Raytheon  
unit. This involves finding vulnerabilities in other countries’  
computer systems and developing software tools to exploit them, either  
to steal sensitive information or disable the networks.

Mr. Chase and Mr. Gillette said the Raytheon unit, which has about 100  
employees, grew out of a company they started with friends at Florida  
Institute of Technology that concentrated on helping software makers  
find flaws in their own products. Over the last several years, their  
focus shifted to the military and intelligence agencies, which wanted  
to use their analytic tools to detect vulnerabilities and intrusions  
previously unnoticed.

Like other contractors, the Raytheon teams set up “honey pots,” the  
equivalent of sting operations, to lure hackers into digital cul-de- 
sacs that mimic Pentagon Web sites. They then capture the attackers’  
codes and create defenses for them.

And since most of the world’s computers run on the Windows or the  
Linux systems, their work has also provided a growing window into how  
to attack foreign networks in any cyberwar.

“It takes a nonconformist to excel at what we do,” said Mr. Gillette,  
a tanned surfing aficionado who looks like a 1950s hipster in his T- 
shirts with rolled-up sleeves.

The company, which would allow interviews with other employees only on  
the condition that their last names not be used because of security  
concerns, hired one of its top young workers, Dustin, after he won two  
major hacking contests and dropped out of college. “I always approach  
it like a game, and it’s been fun,” said Dustin, now 22.

Another engineer, known as Jolly, joined Raytheon in April after  
earning a master’s degree in computer security at DePaul University in  
Chicago. “You think defense contractors, and you think bureaucracy,  
and not necessarily a lot of interesting and challenging projects,” he  
said.

The Pentagon’s interest in cyberwarfare has reached “religious  
intensity,” said Daniel T. Kuehl, a military historian at the National  
Defense University. And the changes carry through to soldiers being  
trained to defend and attack computer and wireless networks out on the  
battlefield.

That shift can be seen in the remaking of organizations like the  
Association of Old Crows, a professional group that includes  
contractors and military personnel.

The Old Crows have deep roots in what has long been known as  
electronic warfare — the use of radar and radio technologies for  
jamming and deception.

But the financing for electronic warfare had slowed recently,  
prompting the Old Crows to set up a broader information-operations  
branch last year and establish a new trade journal to focus on  
cyberwarfare.

The career of Joel Harding, the director of the group’s Information  
Operations Institute, exemplifies the increasing role that computing  
and the Internet are playing in the military.

A 20-year veteran of military intelligence, Mr. Harding shifted in  
1996 into one of the earliest commands that studied government- 
sponsored computer hacker programs. After leaving the military, he  
took a job as an analyst at SAIC, a large contractor developing  
computer applications for military and intelligence agencies.

Mr. Harding estimates that there are now 3,000 to 5,000 information  
operations specialists in the military and 50,000 to 70,000 soldiers  
involved in general computer operations. Adding specialists in  
electronic warfare, deception and other areas could bring the total  
number of information operations personnel to as many as 88,700, he  
said.

More information about the Infowarrior mailing list