Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity

    DOD Eyes Network Revamp

    By
    Paul F. Roberts
    -
    January 16, 2006
    Share
    Facebook
    Twitter
    Linkedin

      The U.S. Militarys point man for global network operations says that a total overhaul of the governments classified and unclassified information networks may be necessary to ward off legions of hackers and adequately protect the military from crippling attacks in future conflicts.

      The Department of Defense will soon begin evaluating the security of more than 1,500 computer networks used by the DOD and the four branches of the armed services. The DOD may propose a new network architecture that emphasizes data security, according to Air Force Lt. Gen. Charles Croom, commander of the Joint Task Force-Global Network Operations, which runs all the militarys networks.

      The stark assessment comes after a sobering internal audit that turned up widespread security holes in government systems.

      A DOD “stand down” in November to assess the security of user accounts turned up thousands of dormant, unauthorized or incorrectly provisioned accounts for systems managed by the department, the four branches of the military and other related agencies, Croom told an audience of government cyber-security experts and law enforcement officials at the DOD Cyber Crime Conference here last week.

      /zimages/2/28571.gifClick here to read more about this discovery.

      Three thousand user accounts managed by the Defense Information Systems Agency, 1,500 in the U.S. Armys Korean operation and 1,200 accounts in the DODs Joint Forces Command were flagged in the audit, Croom said.

      In the last year, the military has also been embarrassed by published accounts of massive, coordinated hacks of government systems. One such attack, code-named Titan Rain by the military, is believed to be a sophisticated, round-the-clock hacking program run by the Chinese government. It is believed to have compromised computer systems at a number of high-security U.S. bases, as well as aviation software used by the Army and Air Force, according to published reports.

      The military now counts 100 nations that are capable of carrying out state-sponsored hacking of U.S. government systems, Croom said.

      Low-level attacks are also a problem. In November, FBI agents arrested a 20-year-old California man, Jeanson James Ancheta, who allegedly used a Trojan horse program called rxbot to create a network of hundreds of thousands of infected machines, including computers belonging to DISA and the Weapons Division of the U.S. Naval Air Warfare Center.

      /zimages/2/28571.gifTo read more about Ancheta and rxbot, click here.

      The changes in the threat landscape prompted soul-searching within the JTF-GNO.

      “As you know, we have a security issue with our networks,” Croom said. “We have to go back and verify that we have the right architecture and engineering for our networks.”

      The DOD is taking steps to mitigate those security issues, such as shutting off dormant or suspect accounts and closing unused communications ports on networked computers. But larger changes may be warranted, Croom said.

      For example, the DODs SIPRNet (Secret IP Router Network), which handles classified information and supports the militarys Global Command and Control System, lacks internal boundaries and security measures that limit user access to the network.

      “Its a perimeter-boundary-only network. Once youre in, youre in,” Croom said.

      Hypothetically, a hack in one part of SIPRNet—say, in Europe—could be used to interrupt operations anywhere else in the network, he said.

      “Thats something well want to correct. We want some internal boundaries,” Croom said.

      Still, the military is making progress on cyber-security, he said. The DOD simplified management of its computer networks by consolidating network operations, network defense and incident response in the JTF-GNO in June 2004. The military has also established a clear chain of command under Croom and his superior officer at the JTF-GNO, Marine Corps Gen. James Cartwright, who reports to Defense Secretary Donald Rumsfeld.

      The DOD will create a new program office within DISA that will focus on developing security policies and procedures and on technology acquisition, Croom said.

      The military also is in desperate need of automated systems for critical functions such as user provisioning, vulnerability scanning and assessment, and patching, he said. In addition, the military should invest in “end-to-end” security tools that can integrate information about different kinds of threats, rather than focus myopically on one particular threat, Croom said.

      Croom deserves credit for grasping the magnitude of the challenge facing the U.S. military, said Alan Paller, director of research at The SANS Institute, in Bethesda, Md. But developing and deploying a new networking architecture across the military could take eight years or more, he said.

      /zimages/2/28571.gifCheck out eWEEK.coms for the latest news, views and analysis of technologys impact on government and politics.

      Paul F. Roberts

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×