Virus worms into NMCI

For the first time in its short history, the Navy Marine Corps Intranet fell victim to an outside attack.

A virus, albeit a supposedly "good" one, wormed its way in-to the enterprisewide network last week, causing many users to lose e-mail and Internet connectivity.

NMCI users experienced "intermittent problems" connect-ing to outside networks, said Kevin Clarke, a spokesman for EDS, the lead vendor for the Navy's initiative to create a single network for its shore-based operations.

The network did not fully crash, and users still had access to their desktop applications, officials noted. NMCI personnel distributed a patch from secu-rity firm Symantec Corp.

"We are currently experiencing connectivity issues enteprise-wide to include e-mail, Web and shared-drive access due to a virus," said a hot line recording of the NMCI Strike Force, which is made up of Navy and contractor personnel who handle network problems.

The so-called Welchia worm roots through networks looking for the Blaster worm that debilitated so many networks last week and automatically downloads and applies the Microsoft patch. But it does so at the expense of processing speed and bandwidth.

It remains a mystery how the new worm got inside the NMCI network, according to Capt. Chris Christopher, NMCI's staff director. "We could bring the whole network down [to fix it], but we do not want to do that."

As of the morning of Aug. 21, the worm was still affecting about 5,000 computers, including those at a number of small, remote locations, Clarke said. Because of the log-on configurations at some of those facilities, the patch could not be downloaded remotely. Therefore, the Strike Force was sending people out to physically repair network infrastructure.

By Aug. 22, the network was about 95 percent operational and only cleanup remained, Christopher said. The investigation to determine how and where the worm made its way into the system is expected to take a few weeks, he said.

The slowdown is something of a blow to officials at the Navy and EDS because security has been one of the key factors in rolling out the nearly 400,000-seat network.

Until now, NMCI officials said that a virus had never successfully penetrated their network, despite more than 85,000 malicious attempts made on the system. Earlier this month, the Blaster worm affected some legacy systems, but no system moved to NMCI had been affected, a department spokesperson said at the time.

"It would be Pollyanna-ish to assume that this can't happen again, so we're going to take this as a learning experience," Christopher said. "We're going to develop lessons learned and apply those in the future."

Robert Guerra, a principal with the consulting firm Guerra, Kiviat, Flyzik and Associates Inc., said he doubts the outage will have any lasting effects on either EDS or the NMCI program.

"The history of the performance of the network is incredible," he said. "It's been up for a couple of years and this would mark the first time it's been down. The project has a responsible vendor who's done a great job at deploying a very complex network, and a very good customer in the Navy."

Guerra said he hopes people don't rush to any conclusions before the Navy can sort out what brought the network down.

"We had a power outage last week across several states and the border with Canada, but no one is looking to shut down" Con Edison, he said. "I hope this doesn't affect the program, because the Navy has decided this is the right way for the Navy to go."

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.