The US military resorted to an unusual strategy to check security vulnerabilities in its networks, they gave up control of a major source of Internet IP addresses, and handed it over to the company is unknown.
On the day of the inauguration of President Joe Biden, a mysterious company that specializes in computer-based networks in Florida, runs a huge part of the Internet addresses that have been inactive and owned by the US Department of Defense (Pentagon), which form a large part of the Internet.
Since then, this network doubled by more than 4 times to reach 175 million addresses, which is about 1/25 of the current Internet size.
The Internet Protocol address, known in short as “IP”, is the digital identifier for any device linked to an information network that works with the Internet protocol package.
The Pentagon created these identifiers years ago but did not use them, making them vulnerable to exploitation by hackers who might have come up with a mechanism to find these addresses and use them in their attacks.
Kentik, a network operator, have learned that the Department of Defense has given Florida-based startup Global Resource Systems, to take over the Pentagon’s nearly 175 million IP addresses.
The director of the Pentagon’s Digital Defense Service, Brett Goldstein, told The Washington Post that the move was part of a “test” to study and prevent unauthorized use of the military’s IP addresses.
Goldstein said the move would also help identify “potential vulnerabilities” as part of efforts to defend against cyber breaches by global enemies, who frequently infiltrate US networks and sometimes operate through unused internet addresses.
However, it is not clear exactly what officials hope to achieve, and the very company that manages the process is shrouded in mystery. It appeared in September 2020, and does not have a public website.
Doug Madhuri, director of internet analysis at Kentik, believes that the data flow directed to IP addresses can help the military gather information about cyber threats.
Whatever the reason, it could be an important step. The military may use so much traffic through its addresses to prevent hostile governments or cyber criminals from hijacking idle IP addresses.
A security source said that this also ensures that the United States can manage IP addresses so that they can use them if desired as traps for criminals, so that they use them with the knowledge of the Pentagon to trap them in what are known as “honey traps.”
Although this move is strange, it could be significant in light of the penetration of major corporations working with the Pentagon, state companies such as Solar Winds, and other threats to government systems.
What a Pentagon spokesman couldn’t explain on Saturday was why the Defense Department chose Global Resource Systems, a company with no record of government contracts, to manage the IP address space.