Skip to main content

The Pentagon handed over 175m IP addresses to a company you've never heard of

Networks
(Image credit: Shutterstock)

Earlier this year, the US Department of Defense (DoD) began handing over large swaths of IP addresses to a relatively unknown company, just as the nation welcomed a change of President.

Now after months of speculation, the Pentagon has offered an explanation about its decision to hand over the IP address to Global Resource Systems (GRS) in a statement to the Washington Post.

“Defense Digital Service (DDS) authorized a pilot effort advertising DoD Internet Protocol (IP) space using Border Gateway Protocol (BGP). This pilot will assess, evaluate and prevent unauthorized use of DoD IP address space. Additionally, this pilot may identify potential vulnerabilities,” said DDS’s director, Brett Goldstein.

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

According to reports, the DDS became operational in 2015 and has conducted a number of defense-tech projects at the behest of the Pentagon.

Threat intelligence

The DoD has already handed over 175 million IP addresses to GRS, and in a follow up by Washington Post, the DoD has confirmed that it still owns the IP addresses.

While the statement ended months of speculation it only painted broad strokes about what the effort is trying to achieve. It also failed to answer why the DoD handed over the IPs to a company that seems not to have existed until September 2020 and it doesn't even have a public website.

Cybersecurity experts believe that the move is part of the DoDs efforts to defend against intrusions in light of an increase in state-sponsored attacks such as the recent SolarWinds hack.

In a blog post, Doug Madory, Director of Internet Analysis at network operating company Kentik, believes that the move perhaps helps the DoD collect a massive amount of background internet traffic for threat intelligence.

Madory believes that analyzing the flow of traffic through those IP addresses could provide operational information about the activities of malicious actors and perhaps even reveal exploitable weaknesses in computer systems. 

Via Engadget