[ISN] Army Layers Security Blankets To Guard Networks

From: InfoSec News (isnat_private)
Date: Tue May 07 2002 - 01:52:08 PDT

  • Next message: InfoSec News: "[ISN] Linux Security Week - May 6th 2002"

    By Dawn S Onley, Government Computer News
    06 May 2002, 12:43 PM CST
    Shortly after a military surveillance plane collided with a Chinese 
    fighter last April, a two-week "cyberwar" began, and U.S. Army Web 
    sites took numerous hits. 
    More than 50 Web pages were defaced by an automated attack launched by 
    supporters or agents of the People's Republic of China. The hackers 
    placed anti-American sentiments in English and Chinese characters on 
    some of the sites. 
    But most of the attacks could have been prevented if published fixes, 
    identified in Information Assurance Vulnerability Alerts, were in 
    place on the hacked machines, said Lt. Col. John Quigg, chief of the 
    Army's network security improvement program in the service's chief 
    information office. 
    An IAVA is a digital list of computer vulnerabilities. They are 
    reported monthly to the chairman of the Joint Chiefs of Staff, Quigg 
    said. The alerts are also posted on Army networks and warn of basic 
    security measures needed to ward off viruses, worms or hackers. 
    "The idea is to focus everyone's attention on the most likely attacks 
    and use scanning technology to check the computers," Quigg said. 
    "Getting these tools in place helps us to see the networks and get a 
    little more proactive in defending them."
    Since last spring, the Army has taken a serious look at how its 
    networks are secured, according to senior officials. And the scrutiny 
    has produced some insights, they said. 
    Sensitivity Filter 
    Last fall, the Army started a Web Risk Assessment Cell of about 30 
    people to identify sensitive content on public Web sites that include 
    data on Army operations. Quigg said the team, made up of contractors 
    and Army personnel, uses keyword searches to locate sensitive Army 
    information on public IP addresses. When the data is found, the team 
    decides whether to edit or remove it. 
    The Army got the idea from the Defense Department. Two years ago, DOD 
    established its own risk assessment cell to monitor Defense Web sites 
    for vulnerabilities that could compromise military operations if 
    retrieved by hackers. 
    Since Sept. 11, the critical protection of Army networks escalated 
    another notch - to the force protection level, Quigg said. System 
    administrators now brief the Army chief of staff every morning on all 
    intrusions that occur. Since the war on terrorism began, there is 
    greater emphasis on decreasing cyberthreats by adding layers of 
    For instance, each Army installation now has at least one information 
    security employee on staff. In March the Army conducted a weeklong 
    information assurance awareness campaign to educate soldiers on steps 
    to take to protect computer systems. 
    "The important issue is to make our computer users aware of the 
    procedures and security issues," said Lt. Col. Thaddeus Dmuchowski, 
    director of the Army's Information Assurance Office. "It is key that 
    everyone understand that cyberwarfare is an on-going threat." Last 
    month, the Army awarded Harris Corp. a multimillion-dollar contract to 
    protect its global networks. 
    The Melbourne, Fla., company will install its Security Threat 
    Avoidance Technology Scanner vulnerability assessment software on more 
    than 1.5 million Army systems and will provide maintenance for three 
    STAT Scanner searches for vulnerabilities in strategic and tactical 
    networks at both active and reserve units. The software shows systems 
    administrators a comprehensive analysis of vulnerabilities and risk 
    levels, Quigg said. 
    STAT Scanner works with the vulnerability alerts, Quigg added. The 
    software runs on Microsoft Windows NT, Win 2000, XP, Linux and Sun 
    Solaris platforms and can repair some vulnerabilities. 
    The efforts reduced the percentage of successful attacks, even as the 
    Army continues to see an increase in attempts by hackers to breach 
    systems. In 2000, one in every 86 attacks on Army computer networks 
    succeeded. Last year, only one attack in 149 was successful. 
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue May 07 2002 - 04:50:45 PDT