Electronic Weapons: Defending the Biggest Cyber War Target

Archives

January 22, 2006: The U.S. Department of Defense not only invented the Internet, they are also the single largest user. That also makes the Department of Defense the most vulnerable target for Cyber War attack. For that reason, the Department of Defense is again reorganizing its Internet defenses.

The Department of Defense has over 1,500 networks, although not all are connected to the public Internet. There are two private Internets. NIPRNET is unclassified, but contained only traffic from Department of Defense users. Same with SIPRNET, but on this one, everything is encrypted, and you can discuss highly classified material, and even transmit it freely. All this is actually a source of strength. An attack on the Department of Defense networks would have to be massive if it were to do any serious damage. That's because there is no central nerve center, no "Internet headquarters" you could take out. But wargames have been conducted, to play out various types of attacks on the Department of Defense networks, and many vulnerabilities have been noted. The latest efforts attempt to plug as many of these vulnerabilities as possible. But the wargames also noted that an attack large enough to trash the Department of Defense networks, could also cause enormous damage to the Internet as a whole.

After a slow start, the Internet has become, over the last decade, a major tool for increasing productivity, and boosting morale in the American military. Once these benefits became apparent in the late 1990s, there was no going back. Thus the Department of Defense has become a major customer for anti-virus and other network protection software, and hardware. There's so much bad stuff prowling around the Internet these days, some of it controlled by foreign military and intelligence organizations, that the need to reduce the American vulnerability has been an ongoing high priority project. Part of the defense plan has been to loudly and officially forbid users from doing many common Internet tasks. For example, you cannot use your personal email account while on a Department of Defense PC (or at least most of them). No file sharing (P2P, Bit Torrent, Etc.), no unauthorized software or hardware on those machines either. And, definitely, absolutely, no forwarding of messages or files using a Department of Defense, unless authorized to do so. In other words, no playing around with your Department of Defense PC, unless you have permission to do so. Users are also getting more information on potential Internet dangers. Ignorance has proved to be a major liability in this area. So ignorance is being attacked with more education, more rules, and harsh punishments for those who break them.

The prohibitions and rules vary somewhat from service to service, and even within a service. The Department of Defense doesn't expect to eliminate all vulnerability, but to reduce it as much as possible. The next stage of the defense plan includes a lot more automated vulnerability testing, repair and updating. This is already common for many commercial users, but the Department of Defense wants to extend the process to cover just about everything.

The Department of Defense believes that every major nation on the planet has some offensive Cyber War capability, and is pretty certain that U.S. military networks have already undergone major attacks from China (probing, and collecting classified information), as well as Russia and North Korea. There are also criminal gangs, specializing in cyber crime, hacking Department of Defense networks for a fee, or just doing it on spec, planning to sell anything valuable.

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contribute. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   contribute   Close