GO
Loading...
Live at 2:30p ET
LINDSEY VONN
CNBC.com web-only interview
Downhill skier Lindsay Vonn

Inside a Cyber War Room: The Fight Against Hacking

On the front lines of the cyberwar, things look much different than U.S. military veterans are used to.

For one thing, veteran Army officers are used to having the upper hand in technology and manpower in any battle they fight. But in cyberspace, that's not always the case. Under-equipped corporate IT departments can find themselves tangling with elite Chinese army units probing every nook and cranny of the U.S. defense and industrial base.

"Unlike most of my experience in the military where I had a technical advantage, there's lots of us in the United States who don't have so much of a technical advantage," said former Army Major General David Fastabend, who is now the vice president and general manager for advanced information systems at Exelis, a defense and intelligence contracting firm. "You find you have an adversary that is adapting very, very quickly."

And that's forcing the United States to adapt quickly, too. On Monday, for the first time, the Pentagon made it clear what many in the U.S. government had only discussed obliquely before: the U.S. government is being raided by hackers working for the Chinese military.

A new Pentagon report to Congress put it directly. "China is using its computer network exploitation capability to support intelligence collection against the U.S. diplomatic, economic and defense industrial base sectors that support U.S. national defense programs," the report concluded.

"China's military continues to explore the role of military operations in cyberspace as a feature of modern warfare, and continues to develop doctrine training and exercises which emphasize information technology and operations," David Helvey, the Deputy Assistant Secretary of Defense in charge of East Asia, told reporters on Monday.

The struggle between hackers and their targets is played out every day inside defense contractors and tech firms across the country. Exelis locates its cyber war room in Rome, New York, to be near a primary U.S. military client, the Air Force Research Laboratory, which focuses on cyber threats. This week, the company allowed CNBC inside the facility to see the response in real time.

The company said it has a robust cyber defense capability in the Rome office and can both detect and respond to attacks against Exelis in the same facility, isolating each example of malware so analysts can pick it apart and see how it works.

Read More: Bitcoin Hacked: Price Stumbles After Buying Frenzy

Fastabend and his team have found that defending against such attacks is much different than defending against an enemy battalion.

In warfare, defenders have the advantage. It typically requires many more attackers to take ground away from an entrenched enemy.

Not so in cyberspace. "It is easier to attack -- the defender has some serious challenges to overcome," said Fastabend. "The cyber system is built on a system of communication, connectivity and trust. Every time we've tried to adapt this system, we've had to trade off between security and connectivity. We went the connectivity route."

At Exelis, analysts nearly constantly filter through inbound cyber attacks to isolate and understand the malware that's trying to penetrate their systems. They say they see a wide range of attempts, particularly so-called phishing attacks in which malware is hidden in otherwise ordinary-seeming emails.

And they've noticed a pattern. Those misspelled spam emails riddled with bad grammar are not sloppy English from overseas adversaries. They say they're intentional.

Exelis cyber security analyst Vernon McCandlish said attackers deliberately dumb down the wording of some email attacks specifically to weed out well-educated, sophisticated readers. In that kind of attack, the adversary is looking for unsophisticated, perhaps naive, targets inside a company.

For all that, McCandlish says the variety of inbound attacks has given him a grudging respect for the adversary he tangles with each day.

"What really surprises me about it is the creativity they come at you with," he said. "I keep using that word and I mean it. It's one of those things where we will sit there and go, 'That's really cool. It's evil, but it's cool.'"

Symbol
Price
 
Change
%Change
XLS
---

Featured

  • CNBC's senior correspondent and lead investigative reporter, Scott Cohn also appears on "NBC Nightly News with Brian Williams," "Today" and on MSNBC.

  • “Squawk on the Street” Co-Anchor

  • CNBC Washington Reporter

Investigations Inc.: Cyber Espionage

  • When a person enters information on a website, like an email or credit card, it gets stored in that company’s data base. Those web-based forms are a simple tool for users, but they are also another way hackers can exploit a company’s system. Instead of inputting a name into the website, cyber spies can put in a specially crafted text that may cause the database to execute the code instead of simply storing it, Alperovitch said. The result is a “malicious takeover of the system,” he said.

    By attacking business computer networks, hackers are accessing company secrets and confidential strategies and creating huge losses for the overall economy.

  • China is working feverishly to counteract its slowest GDP growth in recent years, and one of the ways it’s doing so, say U.S. officials, is through the theft of American corporate secrets.

  • US businesses are enduring an unprecedented onslaught of cyber invasions from foreign governments, organized crime syndicates, and hacker collectives, all seeking to steal information and disrupt services, cybersecurity experts say.

Technology

Technology Explained