NMCI to shore up security

[InfoSec News <isn () c4i org>]

http://www.fcw.com/fcw/articles/2001/1112/web-nmci-11-14-01.asp

By Christopher J. Dorobek 
Nov. 14, 2001

Some Navy networks have virtually no protection from cyberattacks,
according to the officer who spearheads the Navy's efforts to assess
network security.

Such vulnerabilities have resulted in 40 instances of root access to
Navy systems this year, including some that took days to detect, said
Capt. Jim Newman, who leads the Navy's "Red Team," the group of 20
sailors and civilian personnel who attempt to break network defenses.

Newman said the Navy Marine Corps Intranet has proven to be much more
secure and offers some inherent security advantages.

So far this year, the Navy has tracked some 16,000 incidents where
somebody attempted to enter a Navy system. Of those, about 400 were
considered significant attempts to obtain root access the level at
which someone can access the network's functions. Of those attempts,
about 40 succeeded in gaining root access, Newman said during a Nov.
13 press briefing.

Navy officials acknowledged that although some of the service's
networks are well-protected especially those used at sea for
warfighting some of the shore networks have little or no protection.

In a typical test of the Navy's existing shore-based networks, the Red
Team can find 40,000 to 150,000 vulnerabilities in a network of about
8,000 machines, Newman said.

During the past two years, the Navy has been hardening the most
critical systems, he said, and the service has developed a multilevel
defensive system where an intruder might be able to access
less-sensitive systems but would be barred from more critical data.

Meanwhile, the Navy has started rolling out the $6.9 billion NMCI,
which Newman said will enhance the service's network security stature.
"On the shore side, NMCI is building a defensible network structure,"
he said.

During a recent similar test of the NMCI network operations centers,
the Red Team found no vulnerabilities. "That is NMCI," Newman said.

In part, NMCI will streamline the Navy's network functions by
centralizing management of the Navy's network. Currently, the scores
of Navy networks are operated independently, Newman said, and they
often have different security policies and standards. Without
standardization, adding applications or updating software can create
security vulnerabilities, he said.

NMCI also will provide users with training about the importance of
security and their role in securing the network, Newman said,
something that has not existed previously.

The centralized network also will enable the best-trained personnel to
work on the overall network.

Among the NMCI service-level agreements are security standards that
include defeating Red Team attacks on the system, said Garnet Smith, a
project manager with the Space and Naval Warfare Systems Command.

NMCI has just started to be rolled out across the Navy. The first 550
seats were recently rolled out at the Naval Air Facility, Washington,
D.C.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.