The Pentagon has announced that a program that was started last January that placed the management of millions of dormant Internet addresses under the direction of a small private cybersecurity company has been ended.
The September 7 announcement said the Pentagon was resuming control of the 175 million Internet Protocol (IP) addresses that it had handed over to a little-known company just minutes before Joe Biden was sworn in as president on January 20.
First noticed primarily by network administrators and IT professionals, the announcement said the 6 percent of the Internet, known as IPv4, was no longer being managed by Global Resource Systems (GRS).
IPv4 is the fourth version of the Internet Protocol that was established in the early 1980s and, while the bulk of the IPv4 addresses have been unused for decades, it is still used to route most traffic on the Internet today.
On Friday, Russell Goemaere, a spokesperson for the US Department of Defense (DoD), told the Washington Post that the temporary transfer of the IPv4 addresses was part of a pilot cybersecurity program designed to detect “vulnerabilities” and “prevent unauthorized use of DoD IP address space.”
While he did not share details of the claimed cybersecurity threats, Goemaere told the Post that an elite Pentagon unit known as the Defense Digital Service (DDS), which reports directly to Secretary of Defense Lloyd J. Austin, had launched and run the pilot program.
Regarding the timing of the program on the eve of Biden’s inauguration, Goemaere said, “The decision to launch and the scheduling of the DDS pilot effort was agnostic of administration change. The effort was planned and initiated in the Fall of 2020. It was launched in mid-January 2021 when the required infrastructure was in place. Given the opportunity, maintaining low visibility was also desirable in order to observe traffic in its current state, allowing us to identify potential vulnerabilities and assess and mitigate potential cyber threats.”
The DoD published a profile of the special DDS unit last October that described the group as a “SWAT team of nerds” made up of 82 engineers, data scientists and computer scientists who are “working on some of the hardest problems in the Defense Department.”
In January when the IPv4 addresses were turned over to GRS, the director of DDS Brett Goldstein issued a statement saying that the pilot “will assess, evaluate and prevent unauthorized use of DoD IP address space.” However, Pentagon representatives refused to answer any questions about the involvement of GRS with their own internal resources.
According to Doug Madory, Director of Internet Analysis at Kentik, a network monitoring firm, the decision to turn over the massive number of IP addresses to GRS was unprecedented. “They are now announcing more address space than anything ever in the history of the Internet,” he told the Post. Madory added that once GRS had been awarded the program, “a fire hose of Internet traffic” was directed toward the Defense Department addresses.
Madory said that this would make it possible for the Pentagon to reroute information flowing across the Internet into military networks for examination and analysis. On Friday, Madory told the Post, “There are a lot of networks that inadvertently leak out vulnerabilities. I’m sure they’ve been scooping that noise up for the past few months.”
Finally, Madory said that his analysis of the traffic flowing through the IPv4 addresses that were under the control of GRS for the past seven months are still leading to the same location, a computer router in Ashburn, Virginia, “a major hub of Internet connections for government agencies and private companies.”
A Google search of Global Resource Systems and GRS yields a business directory listing for the company that says the firm was founded on March 22, 2006 with a head office located in Chicago and a mailing address in Plantation, Florida. A branch of the company was then founded on October 13, 2020 with an office at the same address in Plantation.
The GRS website says the company is located in Fairfax, Virginia and is, “at the forefront of providing operational, strategic, and technical security and intelligence support and solutions throughout the Federal government. GRS maintains deep domain knowledge and strong past performance in the areas of Intelligence Analysis and Operations, Cybersecurity, Security Solutions, Information Technology, Technical and Management Training and Strategic Consulting.”