The Pentagon on Thursday unveiled a new cyber strategy emphasizing mostly on defensive tactics and admitted that it had suffered a major hacking attack in March in which sensitive information was stolen from one of its defense contractors.
Announcing the new strategy in an address to the National Defense University in Washington, Deputy Defense Secretary William Lynn said it was aimed at strengthening and defending U.S. military computer networks against future cyber attacks.
"In the 21st Century, bits and bytes can be as threatening as bullets and bombs. It is a significant concern that over the past decade terabytes of data have been extracted by foreign intruders from corporate networks of defense companies," Lynn said.
The new Pentagon cyber security strategy designates cyberspace as an "operational domain" like sea, air and land with the aim of preventing others from using it for hostile purposes targeting U.S. military interests.
Lynn, however, stressed that the Pentagon was "committed to protecting the peaceful use of cyberspace," and said: "Establishing robust cyber-defenses no more militarizes cyberspace than a Navy militarizes the ocean.
"Our strategy's overriding emphasis is on denying the benefit of an attack. If an attack will not have its intended effect, those who wish us harm will have less reason to target us through cyberspace in the first place.
"If there is massive damage, massive human losses, [or] significant economic damage, it would be in those circumstances that I think the President would consider all the tools that he has — economic, diplomatic and as a last resort, military," he added.
Pointing out that U.S. reliance on cyberspace stands in stark contrast to the inadequacy of its cyber-security, Lynn said Pentagon's "assessment is that cyber-attacks will be a significant component of any future conflict, whether it involves major nations, rogue states or terrorist groups."
The new strategy includes strengthening of military network security by using several layers of defense mechanisms like sensors, software and signatures that would detect and prevent hack attacks before they affect system operations. It is also aimed at defending key civilian networks of transportation and utility companies as well as financial institutions against cyber-attacks.
It also includes the introduction of new operating concepts for strengthening the capabilities of the U.S. computer network for withstanding future cyber attacks. and calls for improving co-ordination with other government agencies, defense contractors and U.S. military allies overseas.
Lynn also admitted that hackers stole about 24,000 files containing Pentagon data from some of "our most sensitive systems" in the March cyber attack. He said a foreign intelligence service was believed to have carried out that attack, but did not mention the country involved by name.
Stating that some of the stolen data were "mundane, like the specifications for small parts of tanks, airplanes, and submarines," Lynn said: "But a great deal of it concerns our most sensitive systems, including aircraft avionics, surveillance technologies, satellite communications systems, and network security protocols."
The latest cyber strategy seems to be much less aggressive in the wake of earlier statements made by the White House and the Defense Department. An international strategy statement on cyber-security issued by the White House in May had stated that the United States would "respond to hostile acts in cyberspace as we would to any other threat to our country."
The Pentagon had also warned in June that it was in the process of classifying state-sponsored cyber-attacks on its computers as acts of war. Pentagon spokesman Col. Dave Lapan said then that a "response to a cyber-incident or attack on the US would not necessarily be a cyber-response." He also indicated that all "appropriate options would be on the table" while finalizing the new cyber strategy.
The U.S. Defense Department claims that more than 100 foreign intelligence organizations have attempted to hack into American networks in recent years. The worst of such cyber-attacks against the U.S. military is said to be the one in 2008, when a malicious software on a flash drive struck computers at the U.S. Central Command.
For comments and feedback contact: editorial@rttnews.com
December 26, 2025 08:42 ET Third quarter economic growth data from some major economies including the U.S. were the main news in this holiday shortened week. GDP growth and industrial production data from the U.S. helped to boost morale, while the consumer confidence survey results were less upbeat. In Europe, the quarterly economic growth data from the U.K. drew attention, while the minutes of the Australian central bank’s latest policy session was in focus in Asia.