USCYBERCOM’s first public act of FWA

Secret code embedded in gold ring of logo: 9ec4c12949a4f31474f299058ce2b22a

The U.S. Cyber Command (USCYBERCOM) recently sponsored a contest with Wired.com, challenging people to figure out the code that is embedded in their official logo.  Within hours, Sean-Paul Correll of Panda Security, determined that the “secret code” was in fact the MD5 hash of the USCYBERCOM’s mission statement.

First of all, I think it was very clever, using the MD5 hash to unite the logo with the USCYBERCOM mission statement.  Such creativity is not often publicly seen in government programs.  However, I think the decision to use the MD5 hash of the mission statement falls into the realm of FWA (Fraud, Waste & Abuse).  Specifically, according to one definition by the GAO (General Accounting Office), “Waste is the extravagant, careless, or needless expenditure of DOD funds or the consumption of DOD property that results from deficient practices, systems, controls, or decisions. Waste includes improper practices not involving prosecutable fraud.”

I don’t know of many organizations, both governmental and civilian, in which mission statements do not change very often.  Using the MD5 hash of the USCYBERCOM’s mission statement, as part of the logo is potentially wasteful.  At what cost are they going to update the logo each time the mission statement changes?  The USSTRATCOM mission statement has been undergoing changes every few years, to keep up with evolving threats; it is unrealistic to think the USCYBERCOM mission is immune to changes.

Okay, so in the interest of KISS (Keep It Simple Stupid), how about using the MD5 hash of some USCYBERCOM motto instead?  Sort of like a cyber version of “Semper Fidelis.”

Sean-Paul CorrellSean-
Spread the word!