PALM HARBOR, Fla. - Amid growing concern about hacker infiltrations into military computers, the top commander for the Department
of Defense network operations has ordered a crackdown on security.
Advertisement:
Lt. Gen. Charles Croom, commander of the Joint Task Force on Global Network Operations (JTF-GNO) and director of the Defense Information Systems Agency (DISA), last week said a sweep is under way of all Defense Department networks to uncover security holes amid a get-tough policy.
"The attacks are coming from everywhere and they're getting better," said Croom in his keynote address at the Department of
Defense Cyber Crime Conference in Palm Harbor, Fla., last week. "They're exploiting weaknesses in our detection tools."
The discovery of a botnet last November in Defense Department networks contributed to the decision to clamp down security.
Jeanson James Ancheta, 20, was arrested by the FBI for allegedly implanting and running the remotely controlled spyware inside the department and
elsewhere.
"It started on Nov. 5 with an information assurance stand-down day," Croom told the roughly 500 conference attendees. The
military stand-down - a cessation of regular activities in order to probe security problems - is ongoing as DISA attempts
to verify the tens of thousands of user accounts for Army, Navy and Air Force personnel.
No good news
So far, the results are troubling.
"Almost 20% of our accounts are unauthorized or had expired," Croom said, noting that military personnel tend to move every
two or three years and accounts are sometimes left open. The exact tally of improper accounts won't be known until March,
he said.
In addition, the military is increasingly fending off targeted phishing attempts in which attackers try to spoof victims into
giving up passwords.
Back doors left open by not properly shutting down network circuits also are of concern to Croom, who has held the top job
in Defense Department network operations since July, when he succeeded Lt. Gen. Harry Raduege. Croom said the paperwork for
circuits must be in order or the circuit will be shut down.
"Last week we closed down four circuits to users," Croom said, though not identifying the exact locations. "Now I get an e-mail
saying the paperwork will be in today." This get-tough approach is needed to put teeth into already existing policy.
A united front
The biggest changes to come may be in the next six months as the JTF-GNO, the organization set up to centralize decisions
about security and operations in the Army, Navy Air Force and Marines, evaluates a possible redesign of its two primary, global,
IP-based, military networks.
Interview: Keeping insider information inside
PortAuthority's appliance-based approach to data protection helps keep company secrets from getting out. PortAuthority President and CEO Pete Foley explains how it all works on this week's Network World Hot Seat.Watch it now
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
IT Buyer's Guide to Security Information Management
- Open Service Discover how Security Information Management and Security Event Management products have seen much improvement of late. This gear lets IT professionals automate the manual process of collecting security-specific event-log data. Learn about performance and reporting enhancements that simplify and improve this task. Get all of the details today.