DOD’s ‘Swat Team of Nerds’ and the transfer of massive amounts of database to a shadowy company the day Biden took office
“A very strange thing happened on the internet the day President Joe Biden was sworn in. A shadowy company residing at a shared workspace above a Florida bank announced to the world’s computer networks that it was now managing a colossal, previously idle chunk of the internet owned by the U.S. Department of Defense,” AP reported as it continued an investigation into the mysterious transfer.
The transfer of the massive amount of data, more than double the amount of space used by the Pentagon is “The biggest thing in the history of the internet,” Doug Madory, director of internet analysis at Kentik, a network operating company said.
What seemed fishy was the timing. The report found out that the plan had been in the works since September.
The Defense digital Service talks big and claims to protect online and virtual private and classified data.
Brett Goldstein, DDS director, said they’re a “swat team of nerds.” He said to the Center for a New American Security in Washington, D.C.
A big advantage of DDS, he said, is that it reports directly to the secretary of defense.
That means the team is able to quickly answer the call if any tech issue arises. He also said that they could work on large projects rapidly when needed.
The mystery is partially solved the AP investigation found, but DOD and DDS Chief Goldstein gave illusive responses when queried. The transfer mystery was partially explained as a Pilot Project, plan to expand the IP field to attract hackers.
“What a Pentagon spokesman could not explain is why the Defense Department chose Global Resource Systems LLC, a company that seems not to have existed until September, to manage the address space,” AP tweeted.
“The military hopes to “assess, evaluate and prevent unauthorized use of DoD IP address space,” It also hopes to “identify potential vulnerabilities” as part of efforts to defend against cyber-intrusions by global adversaries, who are consistently infiltrating U.S. networks, sometimes operating from unused internet address blocks. The full AP Report is worth the read, as is the SITREP of the DDS mission from its website.
DDS Takes in a massive agenda
In addition to Covid research, the Superman DDS has also partnered with the medical community to develop COVID-19 symptoms checkers, which DOD personnel and their families can use to figure out if they need to get medical care.
Operation Warp Speed is an effort to OWS ensure that safe, effective, FDA-approved vaccines are securely researched, tested, manufactured, and distributed to the American people. OWS is a joint effort between DOD and HHS, which merges HHS’ central role in pandemic response and their relationship with the healthcare industry with DOD’s experience with large-scale operations and defensive capabilities. The goal of DDS is to protect the data.
DDS dips into “digitizing the world’s largest repository of pathological samples, paving new opportunities in computational pathology, diagnoses and biomedical research.”
Efforts of the scientific community + military aim to prevent future pandemics, including a project DDS is co-leading with the Joint Pathology Center to digitize 55M+ human tissue samples going back 100 years, Brett Goldstein Director of @DefenseDigital tweeted.
DDS is also working with the Joint Artificial Intelligence Center to advance AI and machine learning.
DDS partnered with the United States Air Force to participate in Aerospace Village at DEF CON 28. Together, hosting the 2020 Space Security Challenge, the first-ever Hack-A-Satellite CTF at DEF CON, and a series of interactive workshops on aerospace hacking.
The latest massive transfer of data and the fact that DOD provides Americans’ personal data at a cost, triggered a Bill by the members of the U.S. Senate to protect the 4th Amendment.
Another important ongoing program is the counter-unmanned aerial systems initiative, which addresses the problem of being attacked by swarms of small, hard-to-detect unmanned aircraft systems. Goldstein said that a rapid response team is on standby to fly out to remote areas should the problem arise.
Rogue Squadron is a counter-small unmanned aerial systems (C-sUAS) group within DDS. It is composed of technical experts, laser-focused on providing cutting-edge, rapid-prototyped solutions at the speed of relevance based on real-time feedback and asks of the warfighter and partner-agencies in support of national security.
Ongoing development and support include:
- Sensor Development and Integration: Small UAS consistently violate airspace around DOD installations; some installations lack reliable, comprehensive sUAS detection capability. Integrated with our cloud-based user interface (UI), our sensor helps military and federal agencies to acquire and maintain clear situational awareness in their airspace.
- Integrated User Interface: Warfighters need a UI that can detect sUAS, display results accurately, and utilize data to react and defeat sUAS threats. Access needs to be real-time, cloud-based, secure, and accessible.
- Rapid Response and Technology Consultation: Providing a centralized repository for education and development within the sUAS and C-UAS space is part of the DDS mission.
- Safe Drone Operations: Rogue Squadron sets clear standards for the safe operation of commercial-off-the-shelf drone and drone detection equipment to support warfighters.
DDS established the Hack the Pentagon program in November 2016 as the Federal Government’s first-ever bug bounty program. Following best practices from the private sector, bug bounties allow independent hackers to research and disclose security vulnerabilities on DOD assets (both external-facing websites/applications and certain sensitive internal systems), sometimes in exchange for financial reward.
Participants go through background checks and can be citizens of any country except Iran, North Korea, China, and Russia. The Air Force, Army, and other military departments and DOD agencies now use bug bounties or crowdsourced hacking assessments as an optimal way to harness the depth and breadth of technical talent across the globe to help secure DOD’s digital assets. When Hack the Pentagon began, limited companies were operating in the space and most focused on either private assessments or public assessments.
DDS stood up two IDIQs, or Indefinite Delivery Indefinite Quantity contracts, one for private bounties and one for public bounties. Since that time, the landscape has changed, and today companies work on both public and private challenges, obviating the need for a distinction. Beginning in FY 2020, DDS consolidated these separate contracts into a single multi-award IDIQ vehicle.