As part of an apparent effort to find holes in its network, the US Department of Defense has given a tiny Florida company control over about 175 million of its IP addresses, The Washington Post reported.
The company started managing the long-dormant addresses on January 20th, but that number grew quickly over the next three months.
Brett Goldstein, the director for the Pentagon’s Defense Digital Service, told the Post that the move was part of a “pilot effort” to study and prevent unauthorized use of the military’s IP addresses. It would also help spot “potential vulnerabilities,” Goldstein said.
The Defense Department stressed that it still owned the IP addresses.
It’s unclear exactly what officials hope to accomplish, though, and the company itself is mysterious. GRS only established itself in September 2020, and it doesn’t even have a public website. Kentik’s Doug Madory suggested that a data flood directed at the IP addresses could help the military gather information on threats or exploits. And when some Chinese companies use similar IP address numbering schemes for their internal networks, there’s a chance some of their data could be directed to the US.
The military might use knowledge from the pilot to prevent hostile governments or cybercriminals from hijacking dormant IP addresses. This also makes sure the US can manage the IP addresses so that it can use them if it likes, a Post source said.
