The servers at ManTech International, a company that provides cybersecurity services to the U.S. government, were breached by the group on Friday and announced on the group’s Twitter account.

“ManTech has been owned,” Anonymous tweeted. “Release within 24h.”

Included in that batch of stolen information are mail spools, usernames, passwords, social security numbers, home addresses and phone numbers of over 7,000 officers, a list of hundreds of police informers and internal police academy training files, among others.

“We are providing these ManTech documents so the public can see for themselves  how their tax money is being spent,” wrote the group in their release. “But don’t you worry, the U.S. is a rich country and can afford to waste money, right?”

“Dear government and law enforcement, we are repeating this message as we have the suspicion you still do not take us seriously: We are not scared anymore and  your threats to arrest us are meaningless,” they added. “We will continue to demonstrate how  you fail at about every aspect of cybersecurity while burning hundreds of  millions of dollars that you do not even have.”

ManTech addressed the attack on its website and assured its customers that it continues to deal with the intrustion.

“Given current publicity, we wish to assure our customers, employees, shareholders and business partners that ManTech takes seriously recent reports of a cyber threat, and we responsibly and actively address all sources of information about threats to our information and assets and those of our customers,” the company stated.

Last month, Anonymous hacked into the systems at Booz Allen Hamilton and claimed they deleted four gigabytes of the firm’s source code and took 90,000 military email addresses, encrypted passwords and data related to other companies and government networks. Anonymous and Lulz Security, another prominent hacktivist group,  have said the campaign of attacks they are calling “AntiSec” is to humiliate businesses and agencies that fail to protect consumer and employee data, Andy Greenberg wrote on Forbes’ Firewall blog.

The firm said it is conducting an investigation to determine the nature and the extent of the cyber attack that involved the theft of “certain data files.”

“At this time, we do not believe that the attack extended beyond data pertaining to a learning management system for a government agency,” a release from the firm said.

Booz Allen earlier this week tweeted it typically does not comment on specific threats or actions taken against its systems. However, in the more recent statement on the corporate website, the firm said given the publicity about the incident, “we believe it is important to set out our preliminary understanding of the facts.”

The hackers said they deleted four gigabytes of the firm’s source code and took 90,000 military email addresses, encrypted passwords and data related to other companies and government networks. 

“In [Booz Allen Hamilton's] line of work you’d expect them to sail the seven proxseas with a state-of-the-art battleship, right? Well you may be as surprised as we were when we found their vessel being a puny wooden barge, the group said in a statement posted to the Pirate Bay. “We infiltrated a server on their network that basically had no security measures in place.”

Anonymous and Lulz Security have said the campaign of attacks they are calling “AntiSec” is to humiliate businesses and agencies that fail to protect consumer and employee data, Andy Greenberg wrote on Forbes’ Firewall blog.

Booz Allen tweeted yesterday that as part of its security policy, it usually does not comment on specific threats or actions taken against its systems.

The black-tie event will toast the the university’s new cybersecurity programs and provide opportunities to fund scholarships for students entering these programs.

UMUC has become a leader in cybersecurity education in the Washington, D.C, area. The university offers two master’s degrees, a bachelor’s degree, and three graduate certificates in cybersecurity and currently enrolls more than 2,000 students.

UMUC’s cybersecurity program caters to a working student population — 90 percent of its students work full time, many in mid-management and often with security clearances.

The cyber program boasts more than 100 adjunct professors, many of whom hold full-time positions in the cybersecurity field. The curriculum, itself, was designed by a panel of industry leaders led retired U.S. Air Force Lt. Gen. Harry D. Raduege, who is now chair of the Deloitte Center for Cyber Innovation.

Other cyber experts who have helped develop the curriculum by providing insight and expertise include: retired U.S. Air Force Lt. Gen. John Campbell of Iridium Communications; retired U.S. Navy Rear Adm. Betsy Hight, director of U.S. Defense Command and Control Infrastructure Practice, HP Enterprise Services; Mike McConnell, EVP, National Security Business, Booz Allen Hamilton; James F. X. Payne, SVP and general manager, National Security and Cyber Infrastructure, Telcordia Technologies, Inc.; and Bill Varner, president and COO of ManTech’s Mission, Cyber and Technology Solutions Group.

The gala will be held April 2 at the Gaylord National Resort and Convention Center in National Harbor, Md. The keynote speaker will be retired Air Force Gen. Michael V. Hayden, former director of CIA and NSA.

For more information about, visit the event’s website.

Adm. Mike McConnell

Mike McConnell, former director of national intelligence, believes the United States is not moving quickly and effectively enough to secure the nation’s networks.

Speaking at the “Cyber 1.0” conference, McConnell said prior to leaving the federal sector, he advocated for the creating of an “independent specified command” that would be responsible for securing civilian and military networks, advise which he says was ignored.

The U.S. cybersecurity posture currently provides that the military will defend DoD and intelligence networks but that the private sector, in cooperation with DHS, will be responsible for securing the .com sector, which includes financial institutions, energy and telecommunications.

McConnell, currently of Booz Allen Hamilton, advocates for a more active role of the National Security Agency, widely seen as the best in cybersecurity, and DoD. McConnell’s proposal would allow the new military command to provide “technical support” to DHS.

He believes the current laws detailing the functions and roles of the defense and intelligence communities are inadequate. McConnell says the United States needs another Sen. Goldwater figure who could help to institute change to the current laws to reflect the role the intelligence and defense communities should play in cybersecurity.

However, McConnell is not convinced this will happen anytime soon.

“What I would predict is we’re going to debate this until we have a catastrophic event,” he said.

McConnell also revealed more information about his relationship with then-President George W. Bush. He said a meeting with Bush and other administration officials led to $17.3 billion being put toward cybersecurity.

During the meeting, McConnell was initially making the case for a cyber attack relating to the war in Iraq. After several minutes of discussion, Bush approved the request and McConnell used the extra time to discuss possibly expanding cybersecurity expenditure.

“I sat there for maybe 10, 12 second and I said to myself,’ self, if you don’t do this, you will regret it for the rest of your life.’”

Bush granted McConnell permission to take one month to develop a proposal. Eventually, $18 billion was requested in funding and $17.3 billion was approved.

“I wish I’d been smart enough to ask for 40 billion,” McConnell said.

The money has been used to secure the military and government domains but has not been used to enhance security in the private sector.

“[The money] has enhanced .mil and starts down a path to protect .gov. It does nothing, zero, for .com, which is 98 percent of the problem,” McConnell said.

The four experts will face off against on another with McConnell and Zittrain arguing against the thesis and Schneier and Rotenberg arguing for it. The audience will provide questions to the panel and will also determine the winner at the end of the debate.

Robert Rosenkranz, the founder of Intelligence Squared U.S., said, “It’s the great strategic irony of the last twenty years. Our commitment to and mastery of digital technologies has in certain respects played into the hands of our enemies. Our cyber sophistication has made us vulnerable to those who look to exploit the Internet to plan for and attack America. Might we need to sacrifice openness to protect America? This and other critical questions will be considered during our debate in Washington.”

The event has received corporate underwriting from Neustar, Inc.

“It is heartening to see that the challenges and threats in the cyber security arena are now in everyday discussion and that a public debate can garner such wide interest,” said Jeff Ganek, CEO of Neustar. “We are proud to sponsor Intelligence Squared U.S. in Washington, DC – and a debate on this topic in particular – because it offers a civil and smart forum to consider one of the most critical issues of our day.”

Adm. Mike McConnell

Over the weekend, Adm. Mike McConnell, former DNI and presently heading the cyber effort at Booz Allen, published an article in The Washington Post calling for a new strategy and thought process for cybersecurity in the United States. The article highlighted a number of key strategies McConnell believes the nation should look to actions, including reverse engineering the Internet and employing both deterrence and preemption capabilities.

The New New Internet had the opportunity to ask two cybersecurity experts, with years of government service, their reactions to McConnell’s suggestions. Retired Air Force Gen. Dale Meyerrose is the current vice president and general manager for Cyberspace Solutions at Harris Corporation and previously worked under McConnell. Retired Air Force Lt. Gen. Harry Raduege is the chairman of the Deloitte Center for Cyber Innovation, a senior counselor with the Cohen Group and is the former director of DISA.

Gen. Dale Meyerrose

Gen. Dale Meyerrose:

“I think Adm. McConnell is exactly right in that if you have many of the assets in private ownership and most of the capability to do something about it in the public sector, figuring out how to get those two things to work properly is going to be the key. [Cyber] is a completely man-made domain, of which we don’t seem to have or want to have a lot of control over. Whereas the physical domains of air, land, sea and space, we have a lot easier time of dealing with than the man-made one. I think Adm. McConnell is spot on. We need to figure out how to think of these things differently than we have in the past. He is a thought leader in this area, a former boss of mine, and I think he understands this area as well as anyone around and his call for action is very appropriate.”

Lt. Gen. Harry Raduege

Lt. Gen. Harry Raduege:

“Many of the developed nations of the world are as dependent on a healthy, secure Internet as we are, so this is a multidimensional, global problem. Just as we had a triad of land, sea and airborne nuclear capabilities to deter the use of weapons of mass destruction during the Cold War, we need a cyber-triad today to deter weapons of mass disruption. We need continuing resilience throughout our network infrastructure, so that our adversaries know that they cannot cripple our national security or economy with a cyber attack.  We must solve the attribution problem, because if we don’t know who is attacking us then we cannot impose measured consequences to deter or counter them. And, we must develop offensive cyber capabilities. Our enemies have to know that we can cripple their critical networks if they threaten ours. If we set up this cyber-triad, our country’s national security and economic stability will be better protected.”

Mike McConnell

Mike McConnell, former DNI and currently heading the cyber effort at Booz Allen, is intimately acquainted with the current level of US cyber defenses. Over the weekend, McConnell wrote an article published in The Washington Post which discussed how the US could go about winning the cyber war that many experts believe we are currently losing.

“The United States is fighting a cyber-war today, and we are losing. It’s that simple,” McConnell writes. “The problem is not one of resources; even in our current fiscal straits, we can afford to upgrade our defenses. The problem is that we lack a cohesive strategy to meet this challenge.”

The United States is one of the most networked nations in the world and therefore has much to lose by having inadequate cyber defenses. Back in 2007, Estonia, also a highly networked country, had its Internet capacity crippled by a broad-sweeping cyber attack.

Recently, the Bi-Partisan Policy Center hosted Cyber ShockWave, a simulated cyber war game which demonstrated a number of the problems the US faces in the event of a massive cyber attack. The US still lacks fundamental foundations for dealing with a cyber attack against our critical infrastructure.

McConnell believes that to prepare for a cyber attack, the US should look to the Cold War example of nuclear arms. “The cyber-war mirrors the nuclear challenge in terms of the potential economic and psychological effects,” he writes.  “So, should our strategy be deterrence or preemption? The answer: both. Depending on the nature of the threat, we can deploy aspects of either approach to defend America in cyberspace.”

In order to a deterrence model to work, the US must make its intentions clear, outlining how it would respond in the event of a cyber attack. Currently, McConnell writes that the US has outlined its intentions but does not have the mechanisms in place yet nor the well outlined policy.

“The United States must also translate our intent into capabilities. We need to develop an early-warning system to monitor cyberspace, identify intrusions and locate the source of attacks with a trail of evidence that can support diplomatic, military and legal options — and we must be able to do this in milliseconds,” McConnell writes.

More importantly, the threats in cyberspace are slightly different from the nuclear debate during the Cold War. During the Cold War, the nuclear threat came from the Soviet Union. However, the current threat landscape in cyberspace includes state and non-state actors.

To deal with the threat from non-state actors, particularly terrorist organizations, McConnell recommends a preemption strategy. “We preempt such groups by degrading, interdicting and eliminating their leadership and capabilities to mount cyber-attacks, and by creating a more resilient cyberspace that can absorb attacks and quickly recover,” he writes.

McConnell also called for an increased level of cooperation between the public and private sector, to include greater information sharing. In order to build a coherent cyber strategy, McConnell would like to see experts come together to discuss the various challenges and possible solutions.

“We now need a dialogue among business, civil society and government on the challenges we face in cyberspace — spanning international law, privacy and civil liberties, security, and the architecture of the Internet. The results should shape our cybersecurity strategy,” McConnell writes.

McConnell’s article in The Washington Post can be viewed here

Mike McConnell

Cyberwar is increasingly entering into the mindset of policy makers. Earlier this month, DNI Dennis Blair outlined the cyber threat in his Annual Threat Assessment of the US Intelligence Community, saying that “The United States confronts a dangerous combination of known and unknown vulnerabilities, strong and rapidly expanding adversary capabilities, and a lack of comprehensive threat awareness.”

In a hearing on Tuesday before the Senate Commerce, Science and Transportation Committee, former DNI Mike McConnell, of Booz Allen, told legislators that “If the nation went to war today, in a cyberwar, we would lose. We’re the most vulnerable. We’re the most connected. We have the most to lose.”

McConnell also said that the US is unlikely to really secure cyberspace until a major cyber disaster occurs. “We will not mitigate this risk. We will talk about it, we will wave our hands, we’ll have a bill, but we will not mitigate this risk,” he said.

Mary Ann Davidson, CSO of Oracle Corporation, said “We need to change our collective mindset so that elements of critical cyber infrastructure are designed, developed and delivered to be secure. We do that in part by changing the educational system so that we have a cadre of people who know that critical cyber infrastructure will be attacked – and they build accordingly and defensively.”

“Too much is at stake for us to pretend that today’s outdated cybersecurity policies are up to the task of protecting our nation and economic infrastructure,” said Senator Rockefeller. “We have to do better and that means it will take a level of coordination and sophistication to outmatch our adversaries and minimize this enormous threat. It is that simple. We cannot wait for a crisis to occur, the consequences would be far too grave.”

The implementation of smart-grid technology opens up a variety of new vulnerabilities with the power grid. Foreign nations and terrorists would be capable of using cyberspace to take down the power grid throughout the United States.

The draft identifies more than 120 interfaces that will link a variety of devices and systems and classifies each based on the potential damage resulting from a possible breach. This second draft used 350 comments, which were received following the first draft. The second draft expanded the sections on vulnerability categories, privacy and the broader approach to achieving cybersecurity for the smart grid.

The vulnerability of the electric grid concerns a variety of experts. Mike McConnell, former DNI and presently with Booz Allen, views the threat to the electric grid as severe. Cyber attackers could potentially turn off the power for significant sections of the country.