nettime's_roving_reporter on Mon, 19 Apr 1999 20:11:59 +0200 (CEST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> Pentagon Leaders Mull Internet Disconnect


http://www.fcw.com/pubs/fcw/1999/0419/fcw-newsdod-4-19-99.html
------------------------------------------------------------------------
APRIL 19, 1999
------------------------------------------------------------------------
DOD leaders mull Internet disconnect
BY BOB BREWIN (antenna@fcw.com)
AND DANIEL VERTON (dan_verton@fcw.com)

Hammered by relentless hacker attacks against its
unclassified network for years, the Defense Department
may back away from using the Internet, which it
invented, in favor of relying on intranet enclaves,
according to a top Army official.

Lt. Gen. William Campbell, Army director of information
systems for command, control and communications, who
last year ordered all Army World Wide Web sites shut
down pending a security review of their contents, said
last week that all military networks connected to the
Internet are "inherently vulnerable.... We don't have a
prayer or a hope of defending ourselves unless we move
large portions of the '.mil' [domain] onto a protected
network" such as an intranet not connected to the
Internet.

Campbell, speaking at a conference sponsored by the
Association of the United States Army and the
Association of Old Crows, suggested that DOD move its
electronic commerce networks and publicly accessible
Web sites to the ".com" domain, which is used by
businesses.

The vulnerability of DOD networks has captured the
attention of senior members of all four armed services
as well as DOD, Campbell said. "We would be remiss if
we left these network connections out there," he said.
"We need sufficient protection so no one can get into
our networks and damage the defense of the United
States."

To handle its most sensitive traffic, DOD uses its
Secret Internet Protocol Router Network, an
intranet-like global network. Much of DOD's day-to-day
business -- including logistics, personnel and pay --
is conducted on the Non-Classified Internet Protocol
Router Network, which is connected to the Internet and
looms as a DOD electronic Achilles' heel, Campbell
said.

"The openness of these networks makes us vulnerable to
attacks by a hostile agent," Campbell said.
"Vulnerabilities are of such a magnitude that to ignore
them would be a dereliction of duty."

Detected hacker attacks against DOD worldwide
unclassified networks occur at a rate of 250,000 a year
-- plus an untold number of undetected attacks,
according to Air Force Maj. Gen. John "Soup" Campbell,
director of the recently formed Joint Task Force for
Computer Network Defense. Speaking at the AUSA/Old
Crows conference, the Air Force's Campbell said these
attacks threaten DOD's "basic logistics systems which
run on the Internet."

Philip Loranger, a civilian Army official who works for
the Army's Campbell as chief of the service's Command
and Control Protect Division, said the number of
publicly accessible Web sites the Army operates poses a
security risk. "We still have more public Web pages
than necessary," he said.

Loranger said the Army continues to shut down Web sites
for security reasons. He recently closed to the public
the Army's information assurance Web site. "In our
zealousness to share information [with the American
public], we are disclosing targeting information" that
a terrorist or enemy state could use, Loranger said.

John Hamre, deputy secretary of Defense, sounded a
cautionary note about security vulnerabilities posed by
the information posted on DOD Web sites and the ability
of hackers to exploit the connections. But he warned
that "we are far too connected to unplug ourselves
[from the Web]."

Hamre added that the Pentagon made a mistake in turning
control of its Web activities over to its public
relations department without considering security
risks. The Pentagon has made strides in the past two
years in terms of securing its critical information
infrastructure, Hamre said. "The foundation is in
place, but it is a dramatically more complicated
problem."

Hamre believes that vendors' e-commerce practices
present a scenario ripe for exploitation.

"The best way to attack the U.S. is to become someone's
customer," he said. "They'll give you the software" to
enter sensitive systems, with few checks and balances
imposed on the distribution or use of that software.

Tactical battlefield networks under development by the
Army and Marines to support operations on future
digitized battlefields have vulnerabilities, according
to Maj. Gen. Robert Nabors, commander of the Army's
Communications-Electronics Command. Army tactical
battlefield networks, Nabors said, "do not have the
bandwidth to handle commercial [information assurance]
tools."
------------------------------------------------------------------------
Copyright 1999 FCW Government Technology Group 

---
#  distributed via nettime-l : no commercial use without permission
#  <nettime> is a closed moderated mailinglist for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@desk.nl and "info nettime-l" in the msg body
#  URL: http://www.desk.nl/~nettime/  contact: nettime-owner@desk.nl