|Which Defense Companies Will Help the US Win the Cyber War?|
By Justin Rohrlich JUL 30, 2012 2:35 PM
What a 17-fold increase in cyber attacks against American infrastructure between 2009 and 2011 might mean for the defense industry.
MINYANVILLE ORIGINAL At last week's Aspen Security Forum, General Keith B. Alexander, head of the National Security Agency and the United States Cyber Command, spoke of a 17-fold increase in cyber attacks against American infrastructure between 2009 and 2011. (If you're not familiar with Cybercom, its mission statement, "9ec4c12949a4f31474f299058ce2b22a," is a 32-character MD5 “hash” or “message-digest” code which when translated, means:
USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.
However, according to the New York Times, which is a media sponsor of the Aspen conference, Gen. Alexander is wholly underwhelmed by our current operational readiness for such endeavors:
General Alexander said that what concerned him about the increase in foreign cyberattacks on the United States was that a growing number were aimed at “critical infrastructure,” and that the United States remained unprepared to ward off a major attack. On a scale of 1 to 10, he said, American preparedness for a large-scale cyberattack is “around a 3.” He urged passage of legislation, which may come to a vote in the next week, that would give the government new powers to defend private computer networks in the United States. The legislation has prompted a struggle as American companies try to avoid costly regulation on their networks, and some civil liberties groups express concern about the effect on privacy.
It was only about a year ago, when, at the 2011 RSA Conference -- an annual expo hosted by RSA Security, a division of the EMC Corporation (EMC) -- Deputy Defense Secretary William Lynn III said the DoD now recognized cyberspace as “a new and official warfare domain,” joining the ranks of air, land, sea, and space.
Secretary Lynn maintained that, "The threat is moving up a ladder of escalation, from exploitation to disruption to destruction,” and is fully aware that “a couple dozen talented programmers wearing flip-flops and drinking Red Bull can do a lot of damage,” and that “we have to assume that if they have the means to strike, they will do so."
Still, some believe the concern, while real, is being ginned up to unrealistic threat levels by self-interested parties.
Susan P. Crawford, a former special assistant to President Obama for science, technology, and innovation policy, maintains that, "[a]s terrestrial wars wind down, military contractors are looking for new revenue streams."
In a recent editorial in Bloomberg View, Crawford wrote: "They have become cyberwar doomsayers, banging the drums of fear and claiming that cybersecurity must be our highest priority. They are also buying tools and code that our government can use to attack other countries online."
Professor Peter Sommer of the London School of Economics, a digital forensics expert, believes, "There's quite a lot in it," but that the threat is "also extensively hyped."
As he told the BBC last year:
In terms of the involvement of the big military companies, you have to realize that they are finding it extremely difficult to sell big, heavy equipment of the sort they are used to because the type of wars that we're involved in tend to be against insurgents.
And so they are desperately looking for new product areas -- and the obvious product area, they think, is cyber warfare -- I'm not so sure about that."
And Tom Mahnken, professor of strategy at the US Naval War College, expressed his doubts that cyber warfare is even much of a threat to developed nations at all. Writing in Foreign Policy, Mahnken warned against what he terms "cyber hysteria":
Although many view cyber weapons as tools of the weak, they are likely to be most effective when wielded by the strong. That is because cyber means cannot compensate for weakness in other instruments of power. In other words, if a cyber attack by a weaker power on a stronger one fails to achieve its aim, the attacker is likely to face retaliation. In such a situation, the stronger power will possess more, and more lethal, options to retaliate -- what is known in nuclear deterrence terminology as escalation dominance. A weak power might be able to cause a stronger power some annoyance through cyber attack, but in seeking to compel an adversary through cyberwar, it would run the very real risk of devastating escalation.
Whether or not cyber warfare will be the destructive force some fear, what is certain is that other countries are pursuing it with focus.
"Every military district of the Peoples' Liberation Army runs a competition every spring," says Alan Paller of the non-profit SANS (SysAdmin, Audit, Network, Security) Institute outside Washington, DC, "and they search for kids who might have gotten caught hacking… [We found one of the winners] hacking into the Pentagon. So they find them, they train them, and they get them into operation very, very fast."
A 2004 study by Lieutenant Christopher Brown of the Naval Postgraduate School titled “Developing a Reliable methodology for Assessing the Computer Network Operations Threat of North Korea,” reads, in part:
The KCC (Korea Computer Center) was established in 1990 by Kim Il Sung to promote computerization in the DPRK. At its inception, the KCC employed approximately 800 employees whose average age was 26. Today Kim Jong Il’s son, Kim Jong Nam -- who also heads North Korea’s intelligence service, the State Security Agency (SSA) -- heads the KCC. He is also the chairman of North Korea’s Computer Committee. In May 2001, the South Korean newspaper the Chosun Ilbo reported that Kim Jong Nam had moved the SSA’s overseas intelligence gathering unit, which operates primarily by hacking and monitoring foreign communications, into the KCC building. In 2001, the South Korean media reported that the KCC was nothing less than the command center for Pyongyang’s cyber warfare industry, masquerading as an innocuous, computer geek-filled software research facility.
Just ask Estonian defense minister Jaak Aaviksoo, who, in 2007, saw a cyber attack, allegedly originating within the Kremlin, paralyze his country’s vital infrastructure.
"All major commercial banks, telcos, media outlets, and name servers -- the phone books of the Internet -- felt the impact, and this affected the majority of the Estonian population. This was the first time that a botnet threatened the national security of an entire nation,” he told a reporter.
While White House cybersecurity czar Howard Schmidt may believe that "Cyber war is a terrible metaphor,” whether or not that happens to be the case is germane to few people other than English professors and armchair linguists. McAfee (MFE) estimates that about 120 countries are using the Internet for state-sponsored information operations, primarily espionage.
So, who are the players hoping to help fight the cyber war, which, depending on who you believe, may or may not eventually happen?
While Boeing (BA) and Lockheed Martin (LMT) have been expanding their cyber warfare capabilities for some time, Boeing derives roughly half its revenue from the civilian aviation market, which provides a bit of a cushion if military spending drops -- a luxury Lockheed Martin, which relied on government contracts for 82% of its revenue in 2011, doesn't have.
Other names, like ManTech International Corporation (MANT), a provider of cyber security for military, intelligence, and law enforcement, based in Fairfax, Virginia, seem to view their glasses as both half-empty and half-full. From ManTech's's latest 10-K:
We expect growth in revenues in 2012 as a result of our recent acquisitions and recent and anticipated contract awards in the areas of C4ISR and cyber security. However we recognize that the government has expressed its intention to decrease its budgets related to professional and technical services contracts in the coming years. Additionally, US combat troops withdrew from Iraq at the end of 2011 and the United States Secretary of Defense has announced the planned withdrawal of US combat troops from Afghanistan in 2013.
The KEYW Holding Corporation (KEYW) of Hanover, Maryland, a cyber security firm which counts the NSA and the DoD among its many (and often classified) customers, reported 2011 revenues of $191 million as compared to $108 million in FY 2010, an increase of 77%. From KEYW's latest 10-Q, filed May 1:
Although our heritage is in the signals intelligence (SIGINT) domain, through a combination of organic growth and acquisitions, we have expanded our footprint within the intelligence agency market to become a true “multi-INT” company (signals intelligence, geospatial intelligence, etc.), and we currently have active contracts with 11 of the 16 intelligence agencies. We believe our innovative solutions, understanding of intelligence and national security missions, management’s long-standing and successful customer relationships and significant management and operational capabilities position us to continue our growth.
Other, similar names in the cyber warfare sector include CACI International (CACI), Kratos Defense and Security (KTOS), and SAIC Inc. (SAI).
For all the concern that shrinking budgets and decreasing military expenditures will have on defense contractors' bottom lines, there is one additional threat from an entity that could be more dangerous than North Korea, Russia, et al: hackers.
But instead of stealing information, the black hats may be chipping away at defense industry jobs one day soon.
Conference-hopping Gen. Alexander who warned of cyber attacks on Thursday in Aspen seemed to find just the right people to combat the threat the next day in Las Vegas.
"This is the world's best cyber security community," Gen. Alexander told the attendees of the Defcon hacker conference in Las Vegas last Friday. "In this room right here is the talent our nation needs to secure cyber space....That's the real reason why I came here. To solicit your support. You have the talent. You have the expertise."