February3, 2007:
In the last year, the Department of Defense has started making some
serious progress on protecting it's 11 million Internet users, five million PCs
and 12,000 networks. This is the largest Internet "corporate"
operation on the planet. Department of Defense networks still get probed six
million times a day. To reduce the risks of hackers getting in, Common Access
Cards (CAC) have been issued to over 90 percent of Department of Defense
computer users. This credit card sized item contains an embedded device that
provides a more secure identification of the user of the unclassified networks
(which send some of their data over the regular Internet). Most Department of
Defense PCs have a smart card reader attached so the CAC can be used. As a
result of the CAC approach, successful intrusions of Department of Defense
systems are down 46 percent in the last year. The CACs are not a perfect
defense, nothing is. But CACs greatly reduce break-ins, and enable Internet
staff to spend more time on serious breaches.
Another
move that greatly reduced break-ins was outlawing the use of Microsofts much
compromised Outlook email program (at least for HTML email). Lots of other software is being closely
watched to make sure it is patched to deal with current threats, or too
dangerous to use at all. Most of these precautions keep out the most common
threats. Department of Defense systems are still vulnerable to determined
attacks by foreign hackers. China has been caught getting into several
Department of Defense networks in the last year. China denies all, and more
attacks are expected.