The Pentagon Just Gave Up 4% of The Internet for What Might Be a Honeypot

While the world was distracted with President Donald Trump leaving office on Jan. 20, an obscure Florida company discreetly announced to the world’s computer networks a startling development: It now was managing a huge unused swath of the Internet that, for several decades, had been owned by the U.S. military.

What happened next was stranger still.

The company, Global Resource Systems LLC, kept adding to its zone of control. Soon it had claimed 56 million IP addresses owned by the Pentagon. Three months later, the total was nearly 175 million. That’s almost 6 percent of a coveted traditional section of Internet real estate — called IPv4 — where such large chunks are worth billions of dollars on the open market.

The entities controlling the largest swaths of the Internet generally are telecommunications giants whose names are familiar: AT&T, China Telecom, Verizon. But now at the top of the list was Global Resource Systems — a company founded only in September that has no publicly reported federal contracts and no obvious public-facing website.

As listed in records, the company’s address in Plantation, Fla., outside Fort Lauderdale, is a shared workspace in an office building that doesn’t show Global Resource Systems on its lobby directory. A receptionist at the shared workspace said Friday that she could provide no information about the company and asked a reporter to leave. The company did not respond to requests for comment.

The Defense Department gave Florida startup Global Resource Systems control of roughly 175 million IPv4 addresses. The company started managing the long-dormant addresses on January 20th, but that number grew quickly over the next three months.

Brett Goldstein, the director for the Pentagon’s Defense Digital Service, told the Post that the move was part of a “pilot effort” to study and prevent unauthorized use of the military’s IP addresses. It would also help spot “potential vulnerabilities,” Goldstein said.

The Defense Department stressed that it still owned the IP addresses.

It’s unclear exactly what officials hope to accomplish, though, and the company itself is mysterious. GRS only established itself in September 2020, and it doesn’t even have a public website. Kentik’s Doug Madory suggested that a data flood directed at the IP addresses could help the military gather information on threats or exploits. And when some Chinese companies use similar IP address numbering schemes for their internal networks, there’s a chance some of their data could be directed to the US.

Whatever the reasoning, it could be an important move. The military might use knowledge from the pilot to prevent hostile governments or cybercriminals from hijacking dormant IP addresses. This also makes sure the US can manage the IP addresses so that it can use them if it likes, a Post source said. As odd as this move is, then, it might be important in light of the SolarWinds hack and other threats to government systems.