Fearful of Cyber Attacks, Military Tightens Control Over Data Networks

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.nationaldefensemagazine.org/blog/Lists/Posts/Post.aspx?ID=1367

To keep network intruders at bay, military agencies are shutting down
pathways into their information systems and centralizing the control and
management of data.

The current thinking is that by minimizing the number of points of entry
into the military’s data networks, systems can be better defended. Over the
past several years, cyber security officials have become alarmed by the
difficulty of protecting the Defense Department’s mishmash of information
systems. The scattered makeup of the information grid creates unlimited
opportunities for hackers and spies to break in, military officials
believe. They are convinced that the best way to ward off attacks is to
consolidate existing networks into fewer systems that they can more tightly
control.

The Air Force’s cyber command center so far has fused 120 network entry
points into 16 gateways. “This already has improved our ability to secure
the Air Force network, monitor traffic and provide defense in-depth,” Gen.
William L. Shelton, commander of Air Force Space Command, said earlier this
month. The command oversees cyber security programs for the entire Air
Force.

To date, he said, the Air Force has migrated approximately 90 percent of
275 potentially vulnerable sites, affecting about 580,000 users. “We’ll be
fully consolidated by the spring, and when finished, we’ll have a single
enterprise network with consistent standards ... one that we can defend,”
Shelton told a gathering of information technology executives in Northern
Virginia hosted by AFCEA, an industry association.

Merging data systems can be a daunting task for the military, as thousands
of networks over decades have popped up at individual installations, to
support each base’s missions.

With a single consolidated network, it will be easier to track illegal
activity and probe attacks, he said. Authorized users will employ a “common
access card” to enter the Air Force network from any installation. For
service members, there will be no need to establish new accounts every time
they move.

Another element of the military’s cyber defense plan is to encourage
agencies to treat data systems as if they were weapon systems, rather than
mundane information technology. “Earlier this year we made a significant
step when our chief of staff declared six of our cyber capabilities as
weapon systems,” Shelton said. “That is another big step toward
normalization.” Cyber systems, he said, are not weapons in the conventional
sense, but they need to be seen as weapons systems in order to secure
proper funding, Shelton said. “Just as the Air Force must invest in,
maintain and sustain our air assets, we’re using the standard weapon system
framework to source our cyber capabilities.     … The weapon system process
and the sustainment discipline and funding protocols that go with it will
help normalize this business.”

Efforts to realign information networks into fewer but better protected
sites are taking place across the Defense Department. The Pentagon in 2013
kicked off a new initiative to standardize its 15,000 networks under a
single “joint information environment.” The so-called JIE is a set of
security protocols that presumably would make it easier to detect
intrusions and identify unauthorized “insiders” who might be accessing a
network. Officials said the JIE will make networks more secure and save the
Defense Department billions of dollars by eliminating redundant,
overlapping systems. The massive network integration project is overseen by
the Joint Staff, U.S. Cyber Command, the Defense Information Systems Agency
and the Pentagon’s chief information officer.

Shelton said Air Force Space Command spent several months investigating the
JIE plan and its potential ramifications. “I felt it was important to look
before we leapt,” he said. Air Force Space Command will manage “control
nodes” for JIE at 10 Air Force bases.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.