To check for security flaws in its networks, the US military has adopted an unusual strategy: it is relinquishing control over a key internet resource. The Defense Department has given Florida startup Global Resource Systems control of roughly 175 million IPv4 addresses, according to Kentik and the Washington Post.
On January 20th, the company began managing the long-dormant addresses, but the number quickly increased over the next three months.
The Pentagon’s Defense Digital Service director, Brett Goldstein, told the Washington Post that the move was part of a “pilot effort” to study and prevent unauthorized use of the military’s IP addresses. It would also aid in the detection of “potential vulnerabilities,” according to Goldstein.
The Defense Department insisted that the IP addresses were still its property. However, it’s unclear what officials hope to achieve, and the company itself is shrouded in mystery. GRS was founded in September of 2020, and it does not yet have a public website.
A data flood directed at IP addresses, according to Kentik’s Doug Madory, could aid the military in gathering information on threats or exploits.
When some Chinese companies use similar IP address numbering schemes for their internal networks, some of their data may be sent to the United States.
Whatever the motivation, it could be a significant move. The military may be able to use the pilot’s findings to prevent hostile governments or cybercriminals from stealing dormant IP addresses.
This also ensures that the US can manage the IP addresses and use them as needed, according to a Post source. As strange as this move is, it may be crucial in light of the SolarWinds hack and other government system threats.