[ISN] National Defense University takes systems offline

From: InfoSec News (alerts@private)
Date: Tue Dec 19 2006 - 23:04:54 PST


http://www.fcw.com/article97160-12-19-06-Web

By Josh Rogin
Dec. 19, 2006

For the second time in two months, a major Defense Department 
educational institution has shut down its computer and e-mail systems. 
The National Defense University, located in Washington, D.C., is 
currently without Internet or e-mail while undergoing unspecified 
maintenance activities.

NDU is no longer connected to DOD networks and staff and students will 
be without service for two to four weeks, according to Dave Thomas, NDUs 
director of public affairs. Thomas declined to comment on the reasons 
for the maintenance and could not confirm or deny whether there had been 
a recent network intrusion at NDU.

I wont acknowledge one way or the other security issues with the system, 
he said.

The maintenance was scheduled to coincide with the schools semester 
break, Thomas said. This is the first time computer maintenance has 
required NDU systems to be offline for an extended period of time, he 
added.

The shutdown comes on the heels of a major network intrusion at the 
Naval War College in Newport, R.I. In November, all computer systems at 
NWC were taken offline after a hacker attack compromised the systems 
security. According to reports, one NWC professor told his students that 
Chinese hackers had taken down the entire network. DOD never confirmed 
the origin of the attack at NWC.

On Dec. 15, all NDU employees received an e-mail alerting them that NDU 
e-mail accounts would be inactive for up to one month, according to an 
NDU employee who asked not to be identified. Meanwhile, staff members at 
the institution are working from home and using personal e-mail 
accounts, the employee said.

The previous NWC attack may have identified vulnerabilities in NDUs 
system that are now being addressed, the employee said. After last 
months attack, DOD raised its Information Condition awareness level from 
Infocon5 to Infocon4, where it remains.

DODs Joint Task Force for Global Network Operations is helping NDU 
employees perform the system maintenance, said Tim Madden, spokesman for 
JTF-GNO. Madden said there was no direct connection between the incident 
at NWC and the computer shutdown at NDU.

All computer systems and networks are probed and scanned countless times 
each day, he said. To characterize any particular malicious intrusion as 
connected to any other is similar to saying a traffic accident on I-495 
in the National Capital Region is connected to a traffic accident on 
I-405 in Southern California.

NWC houses the Strategic Studies Center, which has been tasked with 
developing future strategies for fighting in cyberspace, as well as a 
new center to study Chinese military and security issues. NDU includes 
the Center for the Study of Chinese Military Affairs as part of its 
Institute for National Security Studies (INSS).

Earlier this year, the Commerce Departments Bureau of Industry and 
Security suffered a network attack that was confirmed to have originated 
from Chinese servers. After that intrusion, the bureau was forced to 
replace hundreds of computers. BIS determines technology export policies 
to countries including China.


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Tue Dec 19 2006 - 23:23:08 PST