A cybersecurity analyst looks at code in the government's secretive malware laboratory in Idaho Falls, Idaho. The number of cyberattacks is growing, defense officials say.


WASHINGTON - The Pentagon is extending a pilot program to help protect its prime defense contractors, an effort the Obama administration can use as a model to prevent hackers and hostile nations from breaching networks and stealing sensitive data.

The move comes as cybersecurity officials warn of increasingly sophisticated cyberattacks against U.S. defense companies, including data related to critical Pentagon weapons systems and aircraft.

Officials at the Department of Homeland Security are reviewing the program, with an eye toward extending similar protections to power plants, the electric grid and other critical infrastructure.

Efforts to better harden the networks of defense contractors come as Pentagon analysts investigate a growing number of cases involving the mishandling or removal of classified data from military and corporate systems. Intrusions into defense networks are now close to 30 percent of the Pentagon's Cyber Crime Center's workload, according to senior defense officials. And they say it continues to increase.

The Pentagon's pilot program represents a key breakthrough in the Obama administration's push to make critical networks more secure by sharing intelligence with the private sector and helping companies better protect their systems. In many cases, particularly for defense contractors, the corporate systems carry data tied to sensitive U.S. government programs and weapons.

So far, the trial program involves at least 20 defense companies. It will be extended through mid-November amid ongoing discussions about how to expand it to more companies and subcontractors.

"The results this far are very promising," said William Lynn, the deputy secretary of defense who launched the program in May. "I do think it offers the potential opportunity to add a layer of protection to the most critical sectors of our infrastructure."

He said the program has been able to block hundreds of intrusions into the defense companies, including some that were very sophisticated.

Lynn, who will leave office in early October, said the Pentagon is reviewing the costs of extending the program and so far it does not seem to be prohibitive. He said the government should move as quickly as possible to expand the protections to other vital sectors.

Senior U.S. leaders have been blunt about the escalating dangers of a cyberattack, and have struggled to improve the security of federal networks while also encouraging the public and corporate America to do the same.

"Cyber actually can bring us to our knees," said Adm. Mike Mullen, chairman of the Joint Chiefs of Staff, adding that at some point the Pentagon may need to develop some type of governing structure similar to how the U.S. and allies monitor and limit nuclear weapons.

Housed near Fort Meade, Md., the Defense Cyber Crime Center employs about 100 digital examiners who sift through millions of bytes of data in the digital forensics lab. Stacks of hard drives line the shelves, and clear plastic evidence bags are filled with a vast expanse of computer technology - from cellphones and tiny flash drives to iPads, Wii consoles and Nintendo games.

The analysts dissect intrusions, malware and other attacks that have breached or tried to burrow into the defense contractors' computer systems. And while those investigations are just a small fraction of the lab's work, the number has grown steadily over the past three years. The caseload includes about 100 in the past year that involve the defense industrial base.