More on DoD need for network security:
Study:Military Computers Vulnerable
Filed at 4:27 p.m. EST
By The Associated Press
WASHINGTON (AP) -- Military computer and
communications systems are ''increasingly
compromised'' and vulnerable to attack by hackers and
high-tech enemies, concluded a Pentagon-sponsored
study released Monday.
Although the Defense Department is working to
improve cybersecurity, the study said technological
advances are outpacing the Pentagon's sluggish moves
to protect vital information used in today's battles.
''We're unchallenged on the muscle side of this
equation,'' said James McGroddy, chairman of the
National Research Council committee that wrote the
study. ''The problem here is the invisible enemy.''
McGroddy said command, control, computer,
communications and intelligence systems -- ''the
nervous system of the military'' -- are aging fast while
the high-tech tools to attack it are generally thought to
be improving by a factor of 10 every five years.
''What we have now, you know, will be obsolete very
soon,'' McGroddy said at a news conference.
''Cyberattacks will find the weakest point.''
The Defense Department, the report said, ''is in an
increasingly compromised position. The rate at which
information systems are being relied on outstrips the
rate at which they are being protected.''
The Pentagon, recognizing the problem after hacker
attacks on its computers and cyberwar games, in
December set up a ''network computer defense'' joint
task force of military and intelligence agencies.
Art Money, the civilian official in charge of the
Pentagon's information security, told a Senate Armed
Service Committee panel last week that the military is
working to better protect its more than 2 million
computers from outside penetration and inside attack.
The Pentagon is developing tools for ''real-time''
sensing and warning of cyberattacks and technology for
built-in protection against inadvertent or malicious
modification of data, among other steps.
''The United States now relies on information systems
to such an extent that an attack against those systems
would present a genuine threat to U.S. security,'' Money
said in prepared testimony.
In a military test at Fort Bragg, N.C., a year ago, an
Army helicopter crew strayed far off course and nearly
out of training range after its Global Positioning System
signals were blocked, Money noted. GPS is a navigation system that uses information from satellites to guide military and civilians crafts. The system also can be used to help direct high-tech bombs and missiles to their targets.
In 1997, a national security team of about 20 people, in
a cyberwar game lasting three months, gained access to
unclassified Pentagon computers, giving the team the
ability to disrupt troops movements.
In February 1998, teen-agers in the United States and
Israel attempted to break into Pentagon computers. The
intrusion was quickly detected, but it took days before
military and law enforcement officials determined it
was not an attack by a foreign government or an enemy.
The incidents prompted the Pentagon to make
cybersecurity a high priority, but the National Research
Council committee recommended the Defense
Department move far more quickly and change a
military culture that puts more emphasis on warfighting
tanks than technology.
''The troops don't take information defense seriously,''
said McGroddy, a retired senior vice president of
research at IBM.
Congress ordered the Pentagon to commission the
report in 1995. The National Research Council is an
independent organization that advises government.
___________________________
No mention of authentication issues, but you can expect that is part of what is being looked at. I only hope that DoD isn't locked into an NRID solution because of a HA-API development deal they could have cut with NRID. That could help explain why nothing has happened on this front. . . I doubt any of NRID's partners is in a position to mount this kind of systems integration. (It would also explain what kind of bait NRID could be using to get partners, given what a tiny outfit they are, and its present incompatibility with the more commercially promising BioAPI -- and why NRID would do an API for DoD for nothing.)
OT: Jean, it looks like Missouri trusts Buck a whole lot more than they trust you. |
