Virus worms into NMCI

For the first time in its short history, the Navy Marine Corps Intranet fell victim to an outside attack.

A virus, albeit a supposedly "good" one, wormed its way in-to the enterprisewide network last week, causing many users to lose e-mail and Internet connectivity.

NMCI users experienced "intermittent problems" connect-ing to outside networks, said Kevin Clarke, a spokesman for EDS, the lead vendor for the Navy's initiative to create a single network for its shore-based operations.

The network did not fully crash, and users still had access to their desktop applications, officials noted. NMCI personnel distributed a patch from secu-rity firm Symantec Corp.

"We are currently experiencing connectivity issues enteprise-wide to include e-mail, Web and shared-drive access due to a virus," said a hot line recording of the NMCI Strike Force, which is made up of Navy and contractor personnel who handle network problems.

The so-called Welchia worm roots through networks looking for the Blaster worm that debilitated so many networks last week and automatically downloads and applies the Microsoft patch. But it does so at the expense of processing speed and bandwidth.

It remains a mystery how the new worm got inside the NMCI network, according to Capt. Chris Christopher, NMCI's staff director. "We could bring the whole network down [to fix it], but we do not want to do that."

As of the morning of Aug. 21, the worm was still affecting about 5,000 computers, including those at a number of small, remote locations, Clarke said. Because of the log-on configurations at some of those facilities, the patch could not be downloaded remotely. Therefore, the Strike Force was sending people out to physically repair network infrastructure.

By Aug. 22, the network was about 95 percent operational and only cleanup remained, Christopher said. The investigation to determine how and where the worm made its way into the system is expected to take a few weeks, he said.

The slowdown is something of a blow to officials at the Navy and EDS because security has been one of the key factors in rolling out the nearly 400,000-seat network.

Until now, NMCI officials said that a virus had never successfully penetrated their network, despite more than 85,000 malicious attempts made on the system. Earlier this month, the Blaster worm affected some legacy systems, but no system moved to NMCI had been affected, a department spokesperson said at the time.

"It would be Pollyanna-ish to assume that this can't happen again, so we're going to take this as a learning experience," Christopher said. "We're going to develop lessons learned and apply those in the future."

Robert Guerra, a principal with the consulting firm Guerra, Kiviat, Flyzik and Associates Inc., said he doubts the outage will have any lasting effects on either EDS or the NMCI program.

"The history of the performance of the network is incredible," he said. "It's been up for a couple of years and this would mark the first time it's been down. The project has a responsible vendor who's done a great job at deploying a very complex network, and a very good customer in the Navy."

Guerra said he hopes people don't rush to any conclusions before the Navy can sort out what brought the network down.

"We had a power outage last week across several states and the border with Canada, but no one is looking to shut down" Con Edison, he said. "I hope this doesn't affect the program, because the Navy has decided this is the right way for the Navy to go."

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group