Amid an alleged campaign of hacking by the Chinese government, efforts are taking place to prevent the exfiltration of data and protect sensitive information that is stored in the U.S. government and the defense-industrial base.
In a memo dated Oct. 24, Secretary of Defense Jim Mattis announced the creation of the Protecting Critical Technology Task Force to safeguard critical American technology.
“Each year, American businesses lose hundreds of billions of dollars while our military superiority is challenged,” Deputy Secretary of Defense Patrick M. Shanahan said in a statement. “Together with our partners in industry, we will use every tool at our disposal to end the loss of intellectual property, technology and data critical to our national security.”
The PCTTF will report to Shanahan and Gen. Paul Selva, the vice chairman of the joint chief of staff. It includes representatives from the Central Intelligence Agency and the Defense Security Service, according to an industry official briefed on the matter.
The order comes after a string of high-profile hacks on the U.S. government and defense contractors.
Current and former U.S. intelligence officials say that China is working to hack the U.S. defense-industrial base, with a particular focus on firms that are on the lower tier of the supply chain.
“Discoveries that took years of work and millions of dollars in investment here in the United States can be stolen by computer hackers or carried out the door by an employee in a matter of minutes,” Attorney General Jeff Sessions said Nov 1. “This theft is not just wrong; it poses a grave threat to our national security.”
China has consistently denied the hacks.
The task force also comes after the Defense Federal Acquisition Regulation Supplement, the rulebook for how defense contractors work with the federal government, was recently modified to add extra cybersecurity provisions.
The rules were accelerated after recent hacks on defense contractors, according to two industry officials briefed on the matter.
“Cybersecurity has not become an ingrained norm in manufacturing, especially in small and medium-sized manufacturers,” read an October report from the Pentagon.
China “is increasingly dominating downstream value-added materials processing and associated manufacturing supply chains, both in China and increasingly in other countries,” the report said.
Pentagon and defense industry officials say that they often do not know all the companies in their supply chain, but that may change soon as a pilot program is being conducted that could trace the origin of all components, according to Lockheed Martin, a top cybersecurity contractor.
In addition, the Department of Homeland Security created a task force Oct. 30 that includes both public and private officials to manage risks to American computer and communications systems.
“Threats to the nation’s IT and communications supply chain can severely impact our national security and nearly every facet of our economy,” Homeland Security Undersecretary Christopher Krebs said in a statement.
Justin Lynch is the Associate Editor at Fifth Domain. He has written for the New Yorker, the Associated Press, Foreign Policy, the Atlantic, and others. Follow him on Twitter @just1nlynch.