DOD braced for cyberattack

During a barrage of computer hacks by Chinese activists, Defense Department networks have been scanned more than 2 million times since the end of last week, and DOD's information warriors have been debating how best to cope with a possible denial-of-service attack.

Officials within the Defense Information Systems Agency and the Joint Task Force-Computer Network Operations worked late on April 27 fretting about and planning for a denial-of-service attack that has not materialized.

Struggling to choose the right words and avoid saying too much in a nonclassified setting, Col. Larry Huffman, director of the Global Network Operations Center within DISA, described the planning sessions.

"This [past] weekend, we were looking very close at one of the nation states that is a potential threat to the United States," Huffman said Monday during the SecurE-Gov conference in Crystal City, Va. "In fact, Friday night we were sitting with the [joint task force] and attempting to think out countermeasures to a potential denial-of-service threat, which has not materialized, thank heavens. This morning I looked at one of our tools, and I saw 2 million probes or scans from a Chinese source."

That's significant because would-be network intruders conduct scans and probes to explore potential vulnerabilities in a network.

The Global Network Operations Center houses the JTF-CNO, formed in 1998 as the Joint Task Force-Computer Network Defense. The task force took on the network-attack mission in early April, resulting in the name change.

The department's biggest network-security challenge is in coping with the gateways between the unclassified networks and the public Internet, Huffman said. He reported that an estimated 3 million customers use the unclassified networks, and 70 percent of that traffic goes to and from the Internet.

"Today, we have 13 different gateways to the Internet, and we are attempting to police all those back doors," Huffman said. He added that during the weekend, the department upgraded the size of its network "pipes," which likely will lead to another increase in demand.

DISA is working with the Defense Information Assurance Program and the Joint Staff on an initiative called the Ports and Protocol Registration "because we cannot have a firewall policy without some kind of registration capability," Huffman said.

Viruses and malicious code also present a unique problem, according to Huffman. "We see an average of about 10 new viruses a month. The problem that we have is what I call "the boy who cried wolf syndrome.' If we cried wolf for every virus, then no one would believe it's a problem. So we have to closely vet a virus when it comes out and ensure it is a significant potential danger."

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.