Cybersecurity Pentagon Internet Mystery

This March 27, 2008, file photo, shows the Pentagon in Washington.

BOSTON — A very strange thing happened on the Internet the day President Joe Biden was sworn in. A shadowy company residing at a shared workspace above a Florida bank announced to the world’s computer networks that it was now managing a colossal, previously idle chunk of the Internet owned by the US Department of Defense.

That real estate has since more than quadrupled to 175 million addresses — about 1/25th the size of the current Internet.

“It is massive. That is the biggest thing in the history of the Internet,” said Doug Madory, director of Internet analysis at Kentik, a network operating company. It’s also more than twice the size of the Internet space actually used by the Pentagon.

After weeks of wonder by the networking community, the Pentagon has now provided a very terse explanation for what it’s doing. But it has not answered many basic questions, beginning with why it chose to entrust management of the address space to a company that seems not to have existed

until September.

The military hopes to “assess, evaluate and prevent unauthorized use of DoD IP address space,” said a statement issued Friday by Brett Goldstein, chief of the Pentagon’s Defense Digital Service, which is running the project. It also hopes to “identify potential vulnerabilities” as part of efforts to defend against cyber-intrusions by global adversaries, who are consistently infiltrating US networks, sometimes operating from unused Internet address blocks. 

The statement did not specify whether the “pilot project” would involve outside contractors.

The Pentagon periodically contends with unauthorized squatting on its space, in part because there has been a shortage of first-generation Internet addresses since 2011; they now sell at auction for upwards of $25 each. 

Madory said advertising the address space will make it easier to chase off squatters and allow the US military to “collect a massive amount of background Internet traffic for threat intelligence.” 

Some cybersecurity experts have speculated that the Pentagon may be using the newly advertised space to create “honeypots,” machines set up with vulnerabilities to draw hackers. Or it could be looking to set up dedicated infrastructure — software and servers — to scour traffic for suspect activity.

“This greatly increases the space they could monitor,” said Madory, who published a blog post on the matter Saturday.

What a Pentagon spokesman could not explain Saturday is why the Defense Department chose Global Resource Systems LLC, a company with no record of government contracts, to manage the address space. 

“As to why the DoD would have done that I’m a little mystified, same as you,” said Paul Vixie, an Internet pioneer credited with designing its naming system and the CEO of Farsight Security. 

The company did not return phone calls or emails from The Associated Press. It has no web presence, though it has the domain grscorp.com. Its name doesn’t appear on the directory of its Plantation, Florida, domicile, and a receptionist drew a blank when an AP reporter asked for a company representative at the office earlier this month. She found its name on a tenant list and suggested trying email. Records show the company has not obtained a business license in Plantation.

(0) comments

Welcome to the discussion.

Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
PLEASE TURN OFF YOUR CAPS LOCK.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article.