Security News Article Week 1
For the Military, networks are a critical line of defense
Today national security seems to be on everyone’s mind. There is not one news broadcast that fails to cover the latest news on Iraq, Bin Laden, or terrorism in general. Since the 9/11 attacks on our nation, we have become a nation fixated on national security. Our government has reorganized/created agencies i.e. Home Land Security and even declared war on terrorism. I chose this article because of the real threats we face and our apparent inability to properly mitigate threats.
In order to mitigate threats to our military network infrastructure, the DOD introduced a new battle command lexicon at a conference in early August 2006. The new battle command lexicon defines the severity of various categories of network intrusions. Categories 1 and 2 are the most critical indicating that a system has been compromised at the administrative, root level, or that an unauthorized person has gained access to “non-privilege” information. Categories 5 and 7 are the result of authorized military personnel who have installed malicious software or are in non-compliance due to their failure to install the latest security patches. Officials have reported intrusions at 15 military bases in the United States with over 60 serious hits on Army networks between the beginning of fiscal 2006 and August 5th. From October 1, 2005 and August 5, 2006 there were more that 3,400 Category 5 and over 2,700 Category 7 events. The number of Category 5 and 7 events documented proves that internal employees have a greater ability to cause harm than outside forces.
The military’s network includes commercial software products, which have components that are built all over the world including from adversarial nations. According to Craig Mundie, Microsoft chief research and strategy officer, agencies will get some help in mitigating risk by migrating to Microsoft’s Vista operating system. The Microsoft Vista is the 1st operating system to be built under plan that builds security, privacy and reliability into components. Not all military officials are convinced that Microsoft’s Vista is the answer. Thomas Reardon, chief of the intelligence division with Army Network Enterprise Technology Command/9th Army Signal Command, believes that individuals are attempting to steal non-privilege military information that will be of benefit to foreign adversaries. Reardon also believes we should be concerned about some of the places that Microsoft is getting its components that make up the Microsoft Vista operating system. Reardon is concerned that some of the computer parts and components are being manufactured in foreign countries increasing military vulnerability. According to Reardon, DOD has a working group that is looking at ways to mitigate the cyber security threats and that would expand on the National Industrial Security Program Operating manual, which is a guide that puts restrictions on classified contracts. NETCOM is working to include all work that would connect to the DOD’s Global Information Grid. Why is it that we seem to have forgotten “The History of the Trojan Horse”? We allow foreign entities to manufacture computer parts and components for systems that are vital to our security. In other words we are dragging the wooden horse into our Troy (United States) in the name of open/free trade. Why does our government seem to put national security 2nd to e-commerce/business interest? “It is national policy that we use foreign vendors if it is to the benefit of the federal government,” Reardon added. “It’s not a question that we’re going to stop using this stuff, because we cannot. We just have to mitigate the risks.” It won’t be long before our enemies take full advantage of our vulnerability.Reference:
http://www.gcn.com/cgi-bin/udt/im.display.printable?client.id=gcn&story.id=41800
back