To deal with modern warfare's high-tech weapons and hackers, the U.S. military is taking a new approach to charm Silicon Valley startups.
It's starting to play the game more like Google. The military is launching a venture capital-type program to pump money into startups and creating a new office in the San Francisco area it calls "Defense Innovation Unit X." The "X" stands for "experimental."
U.S. Defense Secretary Ash Carter unveiled the new approach during a speech at Stanford University on Thursday.
"We need the creativity and innovation that comes from startups and small businesses," Carter said. "Right now DOD doesn't have many effective ways to harness promising technologies they come up with. We need to fix that. I don't want us to lose out on an innovative idea or capability we need because the Pentagon bureaucracy was too slow to fund something."
An "elite team" of military and civilian personnel will scout for breakthrough technologies, he said. The Defense Department will also funnel some money into the CIA's current startup-backing project, In-Q-Tel. The program will start small, with a few million dollars. If it works, the military hopes to expand it.
The defense secretary didn't say exactly how much the military intends to pour into these programs.
Carter stressed the importance of a private-public partnership, noting major recent hacks, like North Korea's cyberattack on Sony. These attacks blur the lines of business and government, because mysterious attackers target both -- and rarely get caught or stopped in time.
"This is one of the world's most complex challenges today," Carter said.
Hackers working for criminal syndicates -- along with some hackers working for the governments of China, Iran and Russia -- have been caught attacking U.S. firms and government agencies.
They've hit banks, health insurers, retailers and even the energy grid. Recently, the ex-NSA director said China has hacked every major American corporation to steal lucrative business plans. Meanwhile, the U.S. intelligence director blamed the Iranian government for hacking a casino, the Sands Las Vegas Corporation (LVS), last year.
American businesses recognize a lot is at stake, but they're wary about working closely with the federal government.
When an NSA contractor revealed the federal government was secretly vacuuming private user data from major tech companies without warrants -- or using a secret federal court to get authorization -- these firms felt betrayed. Apple (AAPL), Google (GOOGL), Facebook (FB), Microsoft (MSFT), Yahoo (YHOO) -- all these companies are currently in a tussle with the government over the privacy of their users.
Carter acknowledged that working together will require healing recent wounds.
"Now, it won't be easy. We've had tensions before and likely will again," he said, mentioning Snowden by name. "We must renew the bonds of trust and rebuild the bridge between the Pentagon and Silicon Valley."
When asked on stage how the military would overcome the negative outcry to mass surveillance, Carter said "we need to be open, and we need to adjust what we're doing."
However, he didn't note any specific changes to the way the NSA and federal law enforcement spy on the communications of Americans. Instead, he defended it.
"When we do surveillance, we do it to counter terrorism, to counter military action, to counter trafficking and other things that are heinous," he said. "We do not do it to collect people's private information."
Carter noted he's heading to a meeting with Facebook and others this week.
His comments came amid the nation's largest cybersecurity conference just a few miles north in San Francisco, where security professionals and ex-spies took a firm stand for privacy and the need to encrypt information -- keeping it out of reach even from the government.
Carter also introduced the new cybersecurity military policy. He said the military will reorganize its forces to work closer with the CIA, FBI, NSA and others over cybersecurity -- and ditch any territorial fights between agencies.
Part of that policy is also to be more transparent its own cyber capabilities "developed in the shadows," sharing what the government can do (like hack back) or what it knows about cyberattacks.
As an example, Carter revealed that earlier this year, Russian hackers broke into the Defense Department's unclassified military computer network (which still holds lots of sensitive information).
Carter said the military "quickly identified the compromise" and hunted down where the hackers were inside the computer network within 24 hours. When the security team confirmed the attack came from Russia, it kicked them out of the network.
He didn't indicate whether the hackers were independent or working for the government of Russia. But he did say these hackers got into the military computers by finding an unpatched vulnerability in software on an old system.
