WASHINGTON – A Pentagon program that delegated management of much of the Internet to a Florida company in January – just minutes before President Donald Trump left office – ended as mysteriously as it began when the Department of Defense took control of it this week 175 million IP addresses reclaimed.
The program had been put to the test because of its unusual timing, which began during a politically charged change in power by the federal government, and because of its enormous scope. At its peak, Global Resource Systems controlled nearly 6% of a section of the Internet called IPv4. The IP addresses were under the control of the Pentagon for decades but went unused, although they were potentially worth billions of dollars in the open market.
In addition, company registration records indicated that Global Resource Systems was only a few months old at the time, founded in September 2020, and had no publicly reported federal contracts, no obvious publicly available website, and no sign on the shared office space that made it as its physical Address given in Plantation, Florida. The company also didn’t respond to requests for comment, and the Pentagon didn’t announce or publicly confirm its existence until the Washington Post reported it in April.
And now it’s done. Kind of.
On Tuesday, the Pentagon made a technical announcement – mostly visible to network administrators around the world – that it would regain control of the 175 million IP addresses and redirect traffic to its own servers.
On Friday, the Pentagon told The Post that the pilot it had previously called a cybersecurity measure to identify unspecified “vulnerabilities” and “prevent unauthorized use of the DoD IP address space” had ended. Portions of the Internet that were once managed by Global Resource Systems are now monitored by the Department of Defense’s information network, known by the acronym DODIN and part of the US Cyber Command based in Fort Meade, according to the Pentagon.
The IP addresses were never sold or rented to the company, only placed under its control for the pilot program created by an elite Pentagon unit called Defense Digital Service, reporting directly to the Secretary of Defense and calling itself the “SWAT Team of Nerds.” “That solves emergency problems and performs experimental work for the military.
“The Defense Digital Service has a plan to launch the cybersecurity pilot and then transfer control of the initiative to DoD partners,” Defense Department spokesman Russell Goemaere said in a statement to The Post. “Following the DDS pilot, moving DoD Internet Protocol (IP) advertising to DoD’s traditional operations and mature network security processes will maintain consistency across DODIN. This enables active management of the IP space and ensures that the department has the necessary room for maneuver to maintain and improve DODIN resilience. “
But the Pentagon Declaration sheds little new light on what exactly the pilot program did or why it has now ended. It is clear, however, that although it comes more formally under the control of the Pentagon, its mission has been extended.
At the unusual start of the pilot program – which began with the handover of control of IP addresses at 11:57 a.m. on Inauguration Day, three minutes before President Joe Biden took office – Goemaere added, “The decision to launch and plan the DDS The pilot effort was independent of administrative changes. The measure was planned and initiated in autumn 2020. It was started in mid-January 2021 when the necessary infrastructure was in place. “
Global Resource Systems did not return a request for comment on Friday.
The unusual nature of the program has been followed by several people in the network world, including Doug Madory, director of internet analytics at Kentik, a network monitoring company.
In April Madory, a former Air Force officer, believed the program was intended to be an intelligence-gathering tool. By announcing control of so much of the Internet – especially one the Pentagon had mothballed for years – it was likely possible to redirect information flowing over the Internet to military networks for investigation and analysis.
Madory said Friday that routine network errors can make such operations fruitful.
“There are many networks that inadvertently send out vulnerabilities,” he said. “I’m sure they’ve been picking up this noise for the past few months.”
Such tactics, he added, can allow cyber spies to discover vulnerabilities in opponents’ networks or potentially uncover evidence of how opponents are monitoring your own networks to aid in better countermeasures.
Madory shared another tantalizing fact: his analysis of the traffic flowing through the Internet addresses once controlled by Global Resource Systems still leads to the same location as most of the year – a computer router in Ashburn, Virginia, a major one Hub of Internet connections for government agencies and private companies – despite the official resumption of control by the Pentagon.
Alice Crites and Paul Sonne of the Washington Post contributed to this report.