By Gordon Lubold and Dustin Volz
WASHINGTON -- The Navy is hiring a new cyber chief in an attempt
to better shield its military secrets from Chinese hackers and
other nation-state thieves who have aggressively targeted naval
operations in recent years, according to Navy officials.
The new position is part of a broader effort to improve
cybersecurity in the Navy and among its private-sector industry
partners, coming after a scathing internal audit earlier this year
found that repeated compromises of national-security secrets
threatened the U.S.'s standing as the world's top military
power.
Officials plan to announce Thursday that they will appoint Aaron
Weis as the Navy's new chief information officer. Mr. Weis, now a
senior adviser for the Pentagon's chief information officer, will
lead efforts to safeguard the Navy and Marine Corps' secrets by
pushing changes on a number of fronts.
These include what officials called cultural changes to improve
basic cybersecurity practices, accountability across the Navy for
data security and improving security practices among smaller
defense contractors that conduct sensitive work but are frequently
targeted by China and other countries, like North Korea, Iran and
Russia, officials said.
China remains the primary concern, however, officials said.
"They're never going to stop," Undersecretary of the Navy Thomas
Modly said of China in an interview. "They are going to be at this
for a very long time, largely because they've been successful at
it."
Mr. Modly and other Navy officials have declined to provide
specifics about recent breaches at the Navy and its contracting
partners.
Revelations last year detailed how Chinese hackers gained access
to secret plans to build a supersonic antiship missile planned for
use by American submarines, according to officials at the time.
Chinese hackers targeted an unidentified company under contract
with the Navy's Naval Undersea Warfare Center in Newport, R.I.
Navy officials said a broader response plan to implement changes
within the Navy and Marine Corps is taking form and would surface
later this year. The hiring of Mr. Weis was a critical first step,
Mr. Modly said.
Mr. Weis will have four chiefs reporting to him, including a
chief technology officer, a chief of digital strategy, a chief data
officer and a chief information security officer, Mr. Modly
said.
Some of the weakest links in the Navy's ability to protect its
research and technology from hackers are the smaller defense firms
that perform a range of work and services for the service.
Prime contractors, such as Northrop Grumman Corp. and General
Dynamics Corp., typically have the resources to protect their
information, and rules and requirements are instilled in their
employees. But the smaller firms that contract with those firms,
and the smaller ones still, are more vulnerable, officials
said.
That presents a conundrum to the Navy which relies on those
firms, but also must find a way to hold them accountable for
safeguarding information.
"There are a lot of things we're thinking about doing that will
sort of burden share this with them," Mr. Modly said. "I think
that's probably a fair way to say it."
Research universities that develop maritime technology have been
a particular liability.
The Navy is battling what officials consider cultural issues
inside the service that have resulted in lax cybersecurity,
officials have said. Many commanders tend to see cyber defense as
ancillary to their primary responsibilities, heightening the need
for accountability as the Navy tries to rein in the problem.
As a result, the Navy will have to approach its own workforce
with a carrot-and-stick approach, Mr. Modly said, which will be
challenging given military and government personnel rules.
"But that doesn't mean we can't reward people for demonstrating
good behavior."
Navy officials initially sought to name a new assistant Navy
secretary overseeing cybersecurity who would have reported directly
to Navy Secretary Richard Spencer, other officials said. But
congressional officials balked at the plan, and the Navy settled
for a new chief information officer who answers to Mr. Spencer,
through Mr. Modly, the undersecretary of the Navy, these officials
said.
Mr. Spencer commissioned the unusual study last year and had its
conclusions released publicly to draw attention to security
matters. The Wall Street Journal first reported on the study in
March.
Afterward, President Trump, who took notice of the report,
commented to top aides that he was concerned about the threat posed
to the Navy by cyberattacks, according to an individual familiar
with the conversation.
Write to Gordon Lubold at Gordon.Lubold@wsj.com and Dustin Volz
at dustin.volz@wsj.com
(END) Dow Jones Newswires
September 26, 2019 09:27 ET (13:27 GMT)
Copyright (c) 2019 Dow Jones & Company, Inc.
Northrop Grumman (NYSE:NOC)
Historical Stock Chart
From Aug 2024 to Sep 2024
Northrop Grumman (NYSE:NOC)
Historical Stock Chart
From Sep 2023 to Sep 2024