The Washington Post is reporting that a Pentagon program that delegated control of a large portion of the Internet to a Florida company in January, just minutes before President Donald Trump left office, has ended as mysteriously as it began, with the Defense Department regaining control of 175 million IP addresses this week.
The program drew attention due to its unusual timing, beginning during a politically charged transition of federal power, as well as its massive scale.
At its peak, Global Resource Systems controlled nearly 6% of the IPv4 segment of the Internet. The Pentagon had control of the IP addresses for decades but had left them unused, despite the fact that they could be worth billions of dollars on the open market.
To add to the mystery, company registration records revealed that Global Resource Systems is connected to a Chicago address, as well as the Plantation, FL, address, and had no publicly reported federal contracts, no obvious public-facing website, and no sign on the shared office space it listed as its physical address in Plantation, Fla.
As you can see below, the company is listed, with two names attached: Paul G. Yovovich, and Terrance M. Granke.
This is definitely the company in questions because of the address information as you scroll down.
Paul G. Yovovich is also listed as Principal and Co-Founder of Lake Capital. He was found here.
STORY CONTINUES BELOW...
Terrance M. Granke could not be found anywhere, but at Lake Capital, there is a principal called Terence Gaunke. He can be found here.
The company address 676 North Michigan Avenue, Ste. 3900, Chicago, IL, is a room at the Omni Hotel.
The address of 150 South Pine Island Road, Ste. 520, Plantation, FL, is an office complex building owned by a bank.
The company also did not respond to requests for comment, and the Pentagon did not publicly announce or acknowledge the program’s existence until The Washington Post reported on it in April.
And now it’s finished. In a way.
On Tuesday, the Pentagon issued a technical announcement, visible primarily to network administrators around the world, stating that it had reclaimed control of the 175 million IP addresses and was redirecting traffic to its own servers.
The Pentagon informed The Washington Post on Friday that the pilot program, which it had previously described as a cybersecurity measure designed to detect unspecified “vulnerabilities” and “prevent unauthorized use of DoD IP address space,” had concluded.
"Internet addresses once controlled by Global Resource Systems are still leading to the same place as they have for most of the year — a computer router in Ashburn, Va., a major hub of Internet connections for government agencies and private companies" https://t.co/YoarBe1ZWv
— KarmaBeliever 😷💙🌊🇺🇸💪🏼🐕🦋 (@where_its_at_68) September 11, 2021
The Pentagon said that parts of the Internet that were previously managed by Global Resource Systems were now overseen by the Department of Defense Information Network, abbreviated DODIN and part of the United States Cyber Command, based at Fort Meade.
The IP addresses were never sold or leased to the company; they were simply assigned to it for the pilot program, which was created by the Defense Digital Service, an elite Pentagon unit that reports directly to the secretary of defense and bills itself as a “SWAT team of nerds” that solves emergency problems and conducts experimental work for the military.
At 11:57am Inauguration Day, 175million IP addresses under Pentagon control (6% of internet, worth billions) were silently rerouted to Global Resource Systems, a company formed Sept 2020 in Florida. DoD just got them all back.
I bet Trump sold it to Vlad https://t.co/a5Y1JpaEft
— AKing 🇺🇸 (@aking4democracy) September 11, 2021
“The Defense Digital Service established a plan to launch the cybersecurity pilot and then transition control of the initiative to DoD partners,” Russell Goemaere, a spokesman for the Defense Department, said in a statement to The Post. “Following the DDS pilot, shifting DoD Internet Protocol (IP) advertisement to DoD’s traditional operations and mature network security processes, maintains consistency across the DODIN. This allows for active management of the IP space and ensure the Department has the operational maneuver space necessary to maintain and improve DODIN resiliency.”
However, the Pentagon statement provided little new information about what the pilot program was doing or why it was terminated. Even as it comes more formally under Pentagon control, it is clear that its mission has been expanded.
On the unusual timing of the pilot program’s launch — which began the transfer of IP address control at 11:57 a.m. on Inauguration Day, three minutes before President Biden took office.
So many questions. Who owns Global Resource Systems? Who runs it? How many employees does it have?
Since this happened under the Trump regime, the answers to those questions are sure to be scandalous. https://t.co/VtTpTa2zwR
— James Mitchell Ⓥ🐬 (@MesMitch) September 11, 2021
Goemaere added, “The decision to launch and the scheduling of the DDS pilot effort was agnostic of administration change. The effort was planned and initiated in the Fall of 2020. It was launched in mid-January 2021 when the required infrastructure was in place. Given the opportunity, maintaining low visibility was also desirable in order to observe traffic in its current state, allowing us to identify potential vulnerabilities and assess and mitigate potential cyber threats.”
Friday, Global Resource Systems did not respond to a request for comment.
A slice of the Pentagon's internet space that was taken over by a Florida company minutes before Trump left office has been returned, but the mystery remains
175 million IP addresses
Global Resource Systems LLC, headquartered in Plantation, Floridahttps://t.co/6KqHrIrGTs
— Cyber Wizard (@DoctorWizard2) September 12, 2021
Several people in the networking world, including Doug Madory, director of Internet analysis for Kentik, a network monitoring company, have kept an eye on the program’s unusual nature.
Madory, a former Air Force officer, had come to believe in April that the program was designed to gather intelligence. By announcing control of such a large section of the Internet, particularly one that the Pentagon had been dormant for years, it was likely possible to redirect information flowing across the Internet to military networks for examination and analysis.
According to Madory, routine networking errors can make such operations profitable.
“There are a lot of networks that inadvertently leak out vulnerabilities,” he said. “I’m sure they’ve been scooping that noise up for the past few months.”
Such tactics, he added, can allow cyberspies to discover vulnerabilities in adversaries’ networks or potentially detect evidence of how adversaries are surveilling your own networks, which can help inform the development of better defenses.
Despite the official resumption of Pentagon control, Madory’s analysis of traffic flowing through the Internet addresses once controlled by Global Resource Systems still leads to the same place it has for most of the year — a computer router in Ashburn, Va., a major hub of Internet connections for government agencies and private companies.