DOD Suffers E-mail Headache
The Pentagon went on the defense earlier this month, successfully thwarting an attempt to send a virus through its systems. The only damage, sources say, was an abundance of unwanted e-mail.
On Feb. 14, someone "spoofed" the Defense Technical Information Center (DTIC) header to the Defense Press Service mailing list, camouflaging the sender's address to make recipients think the message came from the Defense Department. The message had a virus attached and was sent through Pentagon computers to two mailing lists.
"Our computers caught the virus and stripped it out," said Terry Davis, manager of the Public Web Program in the Office of the Secretary of Defense. "So what went out was the original text message that was sent in the e-mail, but the virus and the attachment were both stripped."
Davis and his staff then went into the system to put safeguards in place to prevent someone else from spoofing a DTIC mailing list header. But when they brought the system back online, an unforeseen side effect became apparent.
"We didn't realize that the effect of the settings we had changed would leave the subscription list open, giving anyone the ability to post messages to the entire list," Davis said. "And we definitely underestimated how much people like to talk."
Within hours, dozens of messages were flying around as people inadvertently clicked the "reply all" button to warn of the e-mail problem and sent messages to the entire list, which contains thousands of people, including the Interceptor.
"What we want people to know is the system was not hacked, the system was not taken over, and a virus was not sent out," Davis said. "The only problem that really occurred is the people who replied to the entire list exposed themselves to thousands of other people."
After posting a Feb. 12 Web story about how DOD employees can now download, at no cost, antivirus and firewall protection solutions from McAfee Security for Consumers, the Interceptor was flooded with requests for the URL where faithful readers could go to get the freebies.
Under a licensing agreement between the Defense Information Systems Agency and Network Associates Inc., McAfee's home use portal service became available to all DOD employees Jan. 31 and includes VirusScan 7.0 Home Edition and other McAfee Security solutions. The software is the retail version of the McAfee products and can be used with Microsoft Corp. Windows 95, 98, ME, 2000 or XP.
Well, the URL was originally included in the story, but both DISA and McAfee asked the Interceptor to remove it after being bombarded by DOD users seeking the free protection. We still can't give it out, but anyone seeking more information can call DISA at (703) 607-6900.
Guidance Stalled Again
Like its two predecessors, the Army's third knowledge management1 guidance memorandum, which will focus completely on personnel issues, is being held up in the final stages of approval.
Lt. Gen. Peter Cuviello, the Army's chief information officer, said that he and Lt. Gen. John Le Moyne, the deputy chief of staff for personnel, co-signed the service's third Army Knowledge Management (AKM) guidance memo and passed it to the Army secretary and chief of staff for approval late last month.
The first two AKM guidance memos identified the service's five main knowledge management goals and ordered server and application reductions.
The third guidance document will focus exclusively on staff, Cuviello said during a speech at last month's Network Centric Warfare conference in Arlington, Va.
Ideally, the Army's leadership will sign the new memo "within a couple of weeks," he said, but now more than a month has passed and the third memo is still awaiting the necessary signatures. Compared to the second memo, which went into effect in June 2002 and took about two months to be approved, this one could still be early.
NOSC Heads East
Elsewhere in Army IT news, Cuviello said the service's Network Operations and Security Center is heading east and soon will be located at Fort Belvoir, Va. The Army center, responsible for cybersecurity planning and guidance, is currently located alongside the Network Enterprise Technology Command at Fort Huachuca, Ariz. The center is moving east to be located with the Army Computer Emergency Response Team at Fort Belvoir, he said, adding that the cross-country move should be completed by June.
"Virtual is the name of the game, but...some things you can't do virtually," Cuviello said. "Theater-level architecture for security is a technical challenge."
Intercept something? Send it to firstname.lastname@example.org.