Which Defense Companies Will Help the US Win the Cyber War?
What a 17-fold increase in cyber attacks against American infrastructure between 2009 and 2011 might mean for the defense industry.
"Every military district of the Peoples' Liberation Army runs a competition every spring," says Alan Paller of the non-profit SANS (SysAdmin, Audit, Network, Security) Institute outside Washington, DC, "and they search for kids who might have gotten caught hacking… [We found one of the winners] hacking into the Pentagon. So they find them, they train them, and they get them into operation very, very fast."
A 2004 study by Lieutenant Christopher Brown of the Naval Postgraduate School titled “Developing a Reliable methodology for Assessing the Computer Network Operations Threat of North Korea,” reads, in part:
The KCC (Korea Computer Center) was established in 1990 by Kim Il Sung to promote computerization in the DPRK. At its inception, the KCC employed approximately 800 employees whose average age was 26. Today Kim Jong Il’s son, Kim Jong Nam -- who also heads North Korea’s intelligence service, the State Security Agency (SSA) -- heads the KCC. He is also the chairman of North Korea’s Computer Committee. In May 2001, the South Korean newspaper the Chosun Ilbo reported that Kim Jong Nam had moved the SSA’s overseas intelligence gathering unit, which operates primarily by hacking and monitoring foreign communications, into the KCC building. In 2001, the South Korean media reported that the KCC was nothing less than the command center for Pyongyang’s cyber warfare industry, masquerading as an innocuous, computer geek-filled software research facility.
Just ask Estonian defense minister Jaak Aaviksoo, who, in 2007, saw a cyber attack, allegedly originating within the Kremlin, paralyze his country’s vital infrastructure.
"All major commercial banks, telcos, media outlets, and name servers -- the phone books of the Internet -- felt the impact, and this affected the majority of the Estonian population. This was the first time that a botnet threatened the national security of an entire nation,” he told a reporter.
While White House cybersecurity czar Howard Schmidt may believe that "Cyber war is a terrible metaphor,” whether or not that happens to be the case is germane to few people other than English professors and armchair linguists. McAfee (MFE) estimates that about 120 countries are using the Internet for state-sponsored information operations, primarily espionage.
So, who are the players hoping to help fight the cyber war, which, depending on who you believe, may or may not eventually happen?
While Boeing (BA) and Lockheed Martin (LMT) have been expanding their cyber warfare capabilities for some time, Boeing derives roughly half its revenue from the civilian aviation market, which provides a bit of a cushion if military spending drops -- a luxury Lockheed Martin, which relied on government contracts for 82% of its revenue in 2011, doesn't have.
Other names, like ManTech International Corporation (MANT), a provider of cyber security for military, intelligence, and law enforcement, based in Fairfax, Virginia, seem to view their glasses as both half-empty and half-full. From ManTech's's latest 10-K:
We expect growth in revenues in 2012 as a result of our recent acquisitions and recent and anticipated contract awards in the areas of C4ISR and cyber security. However we recognize that the government has expressed its intention to decrease its budgets related to professional and technical services contracts in the coming years. Additionally, US combat troops withdrew from Iraq at the end of 2011 and the United States Secretary of Defense has announced the planned withdrawal of US combat troops from Afghanistan in 2013.
The KEYW Holding Corporation (KEYW) of Hanover, Maryland, a cyber security firm which counts the NSA and the DoD among its many (and often classified) customers, reported 2011 revenues of $191 million as compared to $108 million in FY 2010, an increase of 77%. From KEYW's latest 10-Q, filed May 1:
Although our heritage is in the signals intelligence (SIGINT) domain, through a combination of organic growth and acquisitions, we have expanded our footprint within the intelligence agency market to become a true “multi-INT” company (signals intelligence, geospatial intelligence, etc.), and we currently have active contracts with 11 of the 16 intelligence agencies. We believe our innovative solutions, understanding of intelligence and national security missions, management’s long-standing and successful customer relationships and significant management and operational capabilities position us to continue our growth.
Other, similar names in the cyber warfare sector include CACI International (CACI), Kratos Defense and Security (KTOS), and SAIC Inc. (SAI).
For all the concern that shrinking budgets and decreasing military expenditures will have on defense contractors' bottom lines, there is one additional threat from an entity that could be more dangerous than North Korea, Russia, et al: hackers.
But instead of stealing information, the black hats may be chipping away at defense industry jobs one day soon.
Conference-hopping Gen. Alexander who warned of cyber attacks on Thursday in Aspen seemed to find just the right people to combat the threat the next day in Las Vegas.
"This is the world's best cyber security community," Gen. Alexander told the attendees of the Defcon hacker conference in Las Vegas last Friday. "In this room right here is the talent our nation needs to secure cyber space....That's the real reason why I came here. To solicit your support. You have the talent. You have the expertise."
Copyright 2011 Minyanville Media, Inc. All Rights Reserved.