Successful cyberattacks against DOD drop

The number of successful cyberattacks against Defense Department networks and information systems declined from about 130 in January 2005 to about 40 in January 2007, Air Force Lt. Gen. Charles Croom, director of the Defense Information Systems Agency, told a House Armed Services Committee subcommittee hearing March 28.

In testimony to the House Terrorism, Unconventional Threats and Capabilities Subcommittee, Croom said the decline in successful attacks occurred at the same time DOD deterred increasingly larger numbers of attacks and probes against its information systems.

The number of what Croom called “cyber incidents” grew from 16,000 in 2004 to 23,000 in 2005 and 30,000 in 2006, he said, in addition to cyberscans running about four times that number each year. But the majority of those probes were unsuccessful attacks, he added.

DOD has also been able to reduce the number of computers hijacked to run automated Internet attacks, Croom said. Although botnet activity on the Internet increased about 110 percent between February 2005 and December 2006, the number of DOD computers used in botnet attacks declined 61 percent in the same period, he said.

The decline in the number of attacks against DOD information systems is a result of improved computer configuration control and the use of public-key infrastructure encryption for sign-ins and log-ons to DOD computers and information systems, Croom said.

The department continues to spend heavily to protect its networks and information systems, John Grimes DOD’s chief information officer and assistant secretary of Defense for networks and information integration, said at the hearing. DOD plans to spend $2.5 billion on information assurance in fiscal 2008, Grimes said.

Featured

  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/Shutterstock.com)

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected