DOD net overhaul to thwart hackers

The Defense Department has started an overhaul of its global unclassified network to fight off the barrage of hacker attacks the department's systems suffer and to increase capacity to handle a huge rise in traffic to and from the Internet.

The Defense Information Systems Agency plans to redesign its Non-Classified Internet Protocol Router Network, DOD's primary entry into commercial World Wide Web sites, to take advantage of enhanced security measures and to improve overall performance.

The NIPRNET redesign, scheduled for completion in December with main network components slated for installation no later than June, will provide DOD with a network better designed to stave off hacker attacks that hit DOD systems at a rate of 250,000 a year, according to a DOD source briefed on the network plan.

Tony Montemarano, chief of Defense Information Systems Network services for DISA, said the agency is well on its way with the NIPRNET upgrade. "The equipment is purchased, and we are upgrading software loads," Montemarano said.

He said that besides providing security, the NIPRNET upgrade also will provide "protection against denial-of-service attacks.... We want to be able to guarantee the availability of the network as well as provide additional security for the users."

DISA's plans include the filtering of what DISA called "notorious" protocols routinely exploited by hackers, according to briefing slides obtained by Federal Computer Week.

The protocols include the PostOffice Protocol (POP), which allows remote users to read e-mail stored on a central server; remote-access protocols, which allow users to read their e-mail from another system; and Packet Internet Groper (Ping), which hackers use to disable networks by overloading them with a command.

According to the briefing slides, DISA plans to start filtering out these protocols by July. But the agency said it has not made any decision yet on which protocols to filter.

Montemarano declined to quantify the degree of security that the NIPRNET upgrade will provide, except to say, "It will be better...and performance will be improved considerably."

DISA is doubling the number of NIPRNET connections to the Internet because of the huge increase in traffic spurred by the development of the World Wide Web and the amount of information residing on Web sites outside NIPRNET, Montemarano said. "There is so much information out there our users want," he said.

Increasing capacity also is a security measure. The inability of NIPRNET to handle the loads imposed by Web traffic without lags or delays had resulted in numerous military commands installing Internet "backdoors" on their systems.

DISA is looking to eliminate such backdoor connections. According to the DISA briefing, no unit or command will be allowed to connect a local- or wide-area network to NIPRNET until the network goes through a formal connection approval process.

Rear Adm. John Gauss, commander of the Space and Naval Warfare Systems Command, said he believes the NIPRNET redesign offers a better security alternative than the almost total retreat from the Internet advocated by Lt. Gen. William Campbell, the Army's director of information systems for command, control, communications and computers.

"Campbell accurately addressed the threat," Gauss said, "but the thing I have to ponder is, [considering] the amount of electronic commerce we do with industry, is it viable just to disconnect from the Internet? What DISA is doing will protect DOD computing and still give us a viable means of communicating with industry."


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.