Lynn did not disclose the nature of the files or who was behind the attack, according to a report in the Washington Post. “It is a significant concern that over the past decade, terabytes of data have been extracted by foreign intruders from corporate networks of defense companies,” Lynn was quoted by the newspaper as saying.
“The cyber threats we face are urgent, sometimes uncertain and potentially devastating as adversaries constantly search for vulnerabilities. Our infrastructure, logistics network and business systems are heavily computerized. With 15,000 networks and more than seven million computing devices, DoD [Department of Defense] continues to be a target in cyberspace for malicious activity”, Lynn said in a statement releasing the report.
The strategy document identifies five initiatives that the Pentagon is taking in cyberspace: treat cyberspace as an operational domain to organize, train, and equip so that DoD can take full advantage of cyberspace’s potential; employ new defense operating concepts to protect DoD networks and systems; partner with other US government departments and agencies and with the private sector to enable a “whole-of-government” cybersecurity strategy; build relationships with US allies and international parterns to strengthen collective cybersecurity; and leverage US expertise through promotion of a cyber workforce and technological innovation.
Perhaps the most controversial aspect of the strategy surfaced from an early press report based on unnamed Pentagon officials who said DOD was considering classifying a major cyberattack against US infrastructure as an act of war that could trigger a conventional military response. As one Pentagon official put it, "If you shut down our power grid, maybe we will put a missile down one of your smokestacks."
However, the unclassified version of the report released Thursday contained no such provocative statements. In the report, the Pentagon emphasizes developing defensive cyber capabilities and cooperating with other agencies and international partners in securing cyberspace.