Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[] JDW 4.7.01 US DoD Improves Computer Network Defences -

--------------------------- ListBot Sponsor --------------------------
Start Your Own FREE Email List at

Jane's Defence Weekly
July 4, 2001

US DoD Improves Computer Network Defences

By Michael Sirak, JDW Staff Reporter, Colorado Springs, Colorado

The US Department of Defense (DoD) is refining the way it responds to attacks on its computer networks and wants to have a revised alert system in place later this year. All command echelons, under this, will possess standardised guidelines to allow them to react cohesively and uniformly to protect the DoD's critical information infrastructure.

The focus of the new alert system is to keep the DoD's networks up and running to maintain the flow of information to the warfighter while network defensive operations are carried out in the event of an attack, according to project officials.

"There is just no way that you are going to gain information superiority or information dominance on the battlefield if you are already creating a self-denial of service" by shutting down the networks when attacked, said US Air Force Lt Col John Pericas, chief of the computer network defense (CND) operations branch within the US Space Command (USSPACECOM). The command oversees the DoD's CND and computer network attack (CNA) activities.

US defence officials say the threat to DoD networks is becoming more sophisticated. A recent study by the DoD's Defense Science Board concluded that the DoD's networks remain highly vulnerable and susceptible to major disruptions, especially in the event of a deliberate state-sponsored attack. About 20 countries, such as China, are pursuing CNA capabilities, it said. Annual expenditures of around $3 billion, about $1.4 billion more than current outlays, are needed to adequately protect the US systems, the study noted.

Al Ecades, USSPACECOM intelligence analyst, told Jane's Defence Weekly that, to date, state-sponsored intrusions have focused on extracting information from the DoD's networks, while non-state- sponsored intruders have concentrated on attempts to disrupt the networks' operations. "We are under attack every day," he said, referring to lower-level hacker-type threats.

The new procedures build upon an alert system established by the DoD in 1999. One refinement, Lt Col Pericas said, is that the new guidelines establish a proactive approach, under which a state of alert, referred to as an information condition (INFOCON) level, can be increased based on intelligence warnings, before a network intrusion has been confirmed. These warning levels range from 'normal', which represents routine CND operations and low risk to the networks, to 'delta', the maximum state of CND activities. Between them lie the 'alpha', 'beta' and 'charlie' increments.

The new guidelines also clearly define the roles of the operational commanders in protecting the networks and go beyond merely recommending defensive measures and instead establish a baseline of action across the DoD for each INFOCON level, Col Pericas said.

Last week, the USSPACECOM conducted a headquarters-level, internal INFOCON exercise called 'Ambitious Immortal' to assess the operational impact of carrying out the defensive measures prescribed for each INFOCON level.

Col Pericas said the USSPACECOM will apply the lessons learned from the exercise into the final INFOCON system document, which the command expects to complete by next month. Ambitious Immortal could serve as a model for a similar DoD-wide exercise, he added.

To unsubscribe, write to infowar -
 de-unsubscribe -!
- listbot -