WASHINGTON—Adversaries attack the U.S. Army’s computer network hundreds of thousands of times every day, according to Lt. Gen. Paul Nakasone, head of the U.S. Army Cyber Command.
Nakasone did not reveal the exact sources of these attacks, but said that the attackers employ various hacking and phishing methods in their attempts to infiltrate the Army’s network.
Neither the Pentagon nor the U.S. Cyber Command, which encompasses the U.S. Army Cyber Command, publish detailed reports regarding cyberattacks on the U.S. military. Nakasone’s comment, given at Defense One’s annual summit in Washington on July 13, offers a rare glance at the extent to which U.S. adversaries have been attempting to infiltrate the military’s critical network.
Nakasone said that one of the primary focuses of the U.S. Army Cyber Command is in vulnerability identification, which would determine the “key terrain” such as routers or servers in the Army’s computer network that need more protection. About 30 to 40 specialists inside the U.S. Army Cyber Command form such a “cyber protection team” and have been operating for three to four years, said Nakasone.
“The greatest vulnerability is the operators themselves,” said Nakasone. “Every operator on the Army network plays an important role in overall cyber security.”
One of the commonly known and often employed attack methods by hackers is to send a phishing link to the operators of the critical networks, which could trick the operators into clicking on the link and compromising the security of the network.
“We have to be right every single time. The attacker only has to be right once,” Nakasone said.
In June, China and Canada signed an agreement vowing not to conduct cyberattacks against each other aimed at stealing private sector data. The Canadian government was under public pressure to address China’s escalating espionage on Canada.
Critics noted, however, that such an agreement, even if honored by the Chinese regime, will have zero effect in preventing China from conducting cyberattacks against the Canadian government or military.
While China’s cyberespionage on American companies and thefts of technologies and industrial secrets have been well-documented, it is not known to what extent China and its People’s Liberation Army have succeeded in cyberattacks against the U.S. military network.
Chinese attacks on the U.S. government have had widespread impacts. In 2015, Chinese hackers were found to have infiltrated the U.S. Office of Personnel Management and compromised the records of 22 million Americans who worked for the U.S. government.