WASHINGTON - Constant cyber attacks on the US Missile Defense Agency and its key weapons programs pose as great a threat as development of intercontinental ballistic missiles by Iran and North Korea, the admiral who heads the agency said on Thursday.
Vice Admiral James Syring told a House Armed Services subcommittee that the agency had taken "inordinate" measures to defend its own networks, but he remained concerned about potential vulnerabilities among defense contractors.
The US Missile Defense Agency develops and runs a multilayered system of defenses against ballistic missile attacks by potential enemies. The system includes ground-based interceptor missiles in Alaska and California as well as high-end radar equipment to detect attacks.
Syring said the agency carried out continuous monitoring of its classified and unclassified networks, but said cyber attacks were increasingly directed against private contractors and unclassified, controlled technical information that they housed on their networks.
"What we've got to do is get them up to where we are in terms of our protection levels, and I view it as a very near-term, very real requirement across the (Ballistic Missile Defense System)," he said.
US defense officials have been increasingly vocal about escalating and constant cyber attacks originating from China, Russia and other countries.
Syring did not answer directly when asked about his knowledge of attacks on the agency's networks by China or the Chinese military, telling lawmakers he would provide fuller answers during a classified hearing.
Syring told a similar Senate hearing on Wednesday that the agency was working "hand-in-glove" with private contractors to ensure that future contracts contained the necessary cyber security requirements, protections and standards.
Deputy Defense Secretary Robert Work told Reuters this week that the Pentagon's Cyber Investment Management Board had prepared a list of top-priority weapons programs that required cyber security updates and investments.
He said the details were classified, but said some of those programs were launched years ago before cyber attacks became commonplace.