CAC use nearly halves DOD network intrusions, Croom says

COLORADO SPRINGS, Colo. -- Although there are 6 million probes of Defense Department networks a day, successful intrusions have declined 46 percent in the past year because of a requirement that all DOD personnel log on to unclassified networks using Common Access Cards, Air Force Lt. Gen. Charles Croom, said in a speech at the AFCEA SpaceComm 2007 conference.

DOD has battled increasingly sophisticated attacks against its networks in the past year, and reconnaissance and attacks still continue 24/7, said Croom, director of the Defense Information Systems Agency and commander of the Joint Task Force for Global Network Operations.

It is essential to use CACs, which electronically verify a user’s identity, to access unclassified DOD networks because 75 percent of that traffic also moves across the public Internet, he said. Croom all but ruled out use of Outlook Web Access by remote users because of its poor security. The software’s use in DOD will require approval from a three-star general, he said.

Croom added that the number of successful socially engineered e-mail attacks against DOD users – a practice known as spear phishing – has declined 30 percent in the past year due to increased security awareness training. All department employees and contractors who use DOD networks were required to complete spear phishing awareness training as of this month.

DOD has already issued 10 million CACs to users of DOD networks, which include the National Guard, active and reserve forces, and contractors, Croom said. This accounts for 91 percent of all users on the unclassified networks. Use of CACs and public-key infrastructure tokens eliminates the need to use passwords, which Croom said is the major problem in protecting DOD networks.

Passwords can be harvested automatically by keyloggers or from notes people stick on their computers, Croom said.

When asked if the DISA and JTF-GNO plan to relax restrictions against the use of Outlook Web Access by Guard and reserve units, which do not have the infrastructure to support the use of CACs, Croom was unrelenting.

DOD networks are weapons systems that must be protected to support vital combat and logistics missions, and Guard and reserve units need to access them securely, Croom said. He suggested these units develop a virtual private network infrastructure that can support CACs.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.