BreachExchange mailing list archives
Fearful of Cyber Attacks, Military Tightens Control Over Data Networks
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Mon, 30 Dec 2013 18:03:47 -0700
http://www.nationaldefensemagazine.org/blog/Lists/Posts/Post.aspx?ID=1367 To keep network intruders at bay, military agencies are shutting down pathways into their information systems and centralizing the control and management of data. The current thinking is that by minimizing the number of points of entry into the military’s data networks, systems can be better defended. Over the past several years, cyber security officials have become alarmed by the difficulty of protecting the Defense Department’s mishmash of information systems. The scattered makeup of the information grid creates unlimited opportunities for hackers and spies to break in, military officials believe. They are convinced that the best way to ward off attacks is to consolidate existing networks into fewer systems that they can more tightly control. The Air Force’s cyber command center so far has fused 120 network entry points into 16 gateways. “This already has improved our ability to secure the Air Force network, monitor traffic and provide defense in-depth,” Gen. William L. Shelton, commander of Air Force Space Command, said earlier this month. The command oversees cyber security programs for the entire Air Force. To date, he said, the Air Force has migrated approximately 90 percent of 275 potentially vulnerable sites, affecting about 580,000 users. “We’ll be fully consolidated by the spring, and when finished, we’ll have a single enterprise network with consistent standards ... one that we can defend,” Shelton told a gathering of information technology executives in Northern Virginia hosted by AFCEA, an industry association. Merging data systems can be a daunting task for the military, as thousands of networks over decades have popped up at individual installations, to support each base’s missions. With a single consolidated network, it will be easier to track illegal activity and probe attacks, he said. Authorized users will employ a “common access card” to enter the Air Force network from any installation. For service members, there will be no need to establish new accounts every time they move. Another element of the military’s cyber defense plan is to encourage agencies to treat data systems as if they were weapon systems, rather than mundane information technology. “Earlier this year we made a significant step when our chief of staff declared six of our cyber capabilities as weapon systems,” Shelton said. “That is another big step toward normalization.” Cyber systems, he said, are not weapons in the conventional sense, but they need to be seen as weapons systems in order to secure proper funding, Shelton said. “Just as the Air Force must invest in, maintain and sustain our air assets, we’re using the standard weapon system framework to source our cyber capabilities. … The weapon system process and the sustainment discipline and funding protocols that go with it will help normalize this business.” Efforts to realign information networks into fewer but better protected sites are taking place across the Defense Department. The Pentagon in 2013 kicked off a new initiative to standardize its 15,000 networks under a single “joint information environment.” The so-called JIE is a set of security protocols that presumably would make it easier to detect intrusions and identify unauthorized “insiders” who might be accessing a network. Officials said the JIE will make networks more secure and save the Defense Department billions of dollars by eliminating redundant, overlapping systems. The massive network integration project is overseen by the Joint Staff, U.S. Cyber Command, the Defense Information Systems Agency and the Pentagon’s chief information officer. Shelton said Air Force Space Command spent several months investigating the JIE plan and its potential ramifications. “I felt it was important to look before we leapt,” he said. Air Force Space Command will manage “control nodes” for JIE at 10 Air Force bases.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security offers security intelligence, risk management services and customized security solutions. The YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Current thread:
- Fearful of Cyber Attacks, Military Tightens Control Over Data Networks Audrey McNeil (Dec 31)